6,937 research outputs found
IMPROVING PRIVACY IN SHARING OF PERSONAL HEALTH DATA STORAGE ON CLOUD
PHRs grant patients access to a wide range of health information sources, best medical practices and health knowledge. In patient centric secure sharing, patients will create, manage and control their personal health data from one place using the web. In cloud computing, it is attractive for the health record service providers to shift their patients data applications and storage into the cloud, in order to like the flexible resources and diminish the operational cost, but by storing health records in the cloud, the patients be unable to find physical control to their personal health data, which makes it required for each patient to encrypt the data prior to uploading to the cloud servers. Under encryption, it is difficult to achieve fine-grained access control to personal health data in a scalable and well-organized way. Existing cryptographic enforced access control schemes are mostly designed for the single-owner scenarios. In this, suggest a patient-centric frame work and a suite of mechanism for data access control to PHRs stored in semi-trusted servers. To allow fine-grained and scalable access control for PHRs, control attribute based encryption (ABE) techniques to encrypt every patients data. Different from earlier works in protected data outsourcing, center on the multiple data owner scenario, and separate the user in the system into multiple security domains that really decreases the key managing complexity for owners and users. In this way, a high degree of patient privacy is assured concurrently by developing multi-authority ABE
Fog based Secure Framework for Personal Health Records Systems
The rapid development of personal health records (PHR) systems enables an
individual to collect, create, store and share his PHR to authorized entities.
Health care systems within the smart city environment require a patient to
share his PRH data with a multitude of institutions' repositories located in
the cloud. The cloud computing paradigm cannot meet such a massive
transformative healthcare systems due to drawbacks including network latency,
scalability and bandwidth. Fog computing relieves the burden of conventional
cloud computing by availing intermediate fog nodes between the end users and
the remote servers. Aiming at a massive demand of PHR data within a ubiquitous
smart city, we propose a secure and fog assisted framework for PHR systems to
address security, access control and privacy concerns. Built under a fog-based
architecture, the proposed framework makes use of efficient key exchange
protocol coupled with ciphertext attribute based encryption (CP-ABE) to
guarantee confidentiality and fine-grained access control within the system
respectively. We also make use of digital signature combined with CP-ABE to
ensure the system authentication and users privacy. We provide the analysis of
the proposed framework in terms of security and performance.Comment: 12 pages (CMC Journal, Tech Science Press
CamFlow: Managed Data-sharing for Cloud Services
A model of cloud services is emerging whereby a few trusted providers manage
the underlying hardware and communications whereas many companies build on this
infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS
applications. From the start, strong isolation between cloud tenants was seen
to be of paramount importance, provided first by virtual machines (VM) and
later by containers, which share the operating system (OS) kernel. Increasingly
it is the case that applications also require facilities to effect isolation
and protection of data managed by those applications. They also require
flexible data sharing with other applications, often across the traditional
cloud-isolation boundaries; for example, when government provides many related
services for its citizens on a common platform. Similar considerations apply to
the end-users of applications. But in particular, the incorporation of cloud
services within `Internet of Things' architectures is driving the requirements
for both protection and cross-application data sharing.
These concerns relate to the management of data. Traditional access control
is application and principal/role specific, applied at policy enforcement
points, after which there is no subsequent control over where data flows; a
crucial issue once data has left its owner's control by cloud-hosted
applications and within cloud-services. Information Flow Control (IFC), in
addition, offers system-wide, end-to-end, flow control based on the properties
of the data. We discuss the potential of cloud-deployed IFC for enforcing
owners' dataflow policy with regard to protection and sharing, as well as
safeguarding against malicious or buggy software. In addition, the audit log
associated with IFC provides transparency, giving configurable system-wide
visibility over data flows. [...]Comment: 14 pages, 8 figure
User-centric Privacy Engineering for the Internet of Things
User privacy concerns are widely regarded as a key obstacle to the success of
modern smart cyber-physical systems. In this paper, we analyse, through an
example, some of the requirements that future data collection architectures of
these systems should implement to provide effective privacy protection for
users. Then, we give an example of how these requirements can be implemented in
a smart home scenario. Our example architecture allows the user to balance the
privacy risks with the potential benefits and take a practical decision
determining the extent of the sharing. Based on this example architecture, we
identify a number of challenges that must be addressed by future data
processing systems in order to achieve effective privacy management for smart
cyber-physical systems.Comment: 12 Page
Access of Encrypted Personal Record in Cloud
Personal record is a data, which is collected and stored in cloud computing to gain cost benefit and better access control. In maintaining Personal Record, cloud computing plays an important role, since minor organizations are not affordable to keep own servers to maintain the personal record for cost and security aims. Providing availability to various stake holders become a deadly process in isolated individual servers with encryption technology. Cloud ensures that personal record availability to the necessary user at any point of time. In any country, there is a law which governs to maintain privacy of special records, and hence maintaining recodes in cloud are subjected to privacy concerns and high risk of getting exploited. There are various encryption schemes to provide personal records security and privacy in Cloud computing. Extensive logical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.
DOI: 10.17762/ijritcc2321-8169.15016
- …