IMPROVING PRIVACY IN SHARING OF PERSONAL HEALTH DATA STORAGE ON CLOUD

PHRs grant patients access to a wide range of health information sources, best medical practices and health knowledge. In patient centric secure sharing, patients will create, manage and control their personal health data from one place using the web. In cloud computing, it is attractive for the health record service providers to shift their patients data applications and storage into the cloud, in order to like the flexible resources and diminish the operational cost, but by storing health records in the cloud, the patients be unable to find physical control to their personal health data, which makes it required for each patient to encrypt the data prior to uploading to the cloud servers. Under encryption, it is difficult to achieve fine-grained access control to personal health data in a scalable and well-organized way. Existing cryptographic enforced access control schemes are mostly designed for the single-owner scenarios. In this, suggest a patient-centric frame work and a suite of mechanism for data access control to PHRs stored in semi-trusted servers. To allow fine-grained and scalable access control for PHRs, control attribute based encryption (ABE) techniques to encrypt every patients data. Different from earlier works in protected data outsourcing, center on the multiple data owner scenario, and separate the user in the system into multiple security domains that really decreases the key managing complexity for owners and users. In this way, a high degree of patient privacy is assured concurrently by developing multi-authority ABE

Fog based Secure Framework for Personal Health Records Systems

The rapid development of personal health records (PHR) systems enables an individual to collect, create, store and share his PHR to authorized entities. Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions' repositories located in the cloud. The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency, scalability and bandwidth. Fog computing relieves the burden of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers. Aiming at a massive demand of PHR data within a ubiquitous smart city, we propose a secure and fog assisted framework for PHR systems to address security, access control and privacy concerns. Built under a fog-based architecture, the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption (CP-ABE) to guarantee confidentiality and fine-grained access control within the system respectively. We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy. We provide the analysis of the proposed framework in terms of security and performance.Comment: 12 pages (CMC Journal, Tech Science Press

CamFlow: Managed Data-sharing for Cloud Services

A model of cloud services is emerging whereby a few trusted providers manage the underlying hardware and communications whereas many companies build on this infrastructure to offer higher level, cloud-hosted PaaS services and/or SaaS applications. From the start, strong isolation between cloud tenants was seen to be of paramount importance, provided first by virtual machines (VM) and later by containers, which share the operating system (OS) kernel. Increasingly it is the case that applications also require facilities to effect isolation and protection of data managed by those applications. They also require flexible data sharing with other applications, often across the traditional cloud-isolation boundaries; for example, when government provides many related services for its citizens on a common platform. Similar considerations apply to the end-users of applications. But in particular, the incorporation of cloud services within `Internet of Things' architectures is driving the requirements for both protection and cross-application data sharing. These concerns relate to the management of data. Traditional access control is application and principal/role specific, applied at policy enforcement points, after which there is no subsequent control over where data flows; a crucial issue once data has left its owner's control by cloud-hosted applications and within cloud-services. Information Flow Control (IFC), in addition, offers system-wide, end-to-end, flow control based on the properties of the data. We discuss the potential of cloud-deployed IFC for enforcing owners' dataflow policy with regard to protection and sharing, as well as safeguarding against malicious or buggy software. In addition, the audit log associated with IFC provides transparency, giving configurable system-wide visibility over data flows. [...]Comment: 14 pages, 8 figure

User-centric Privacy Engineering for the Internet of Things

User privacy concerns are widely regarded as a key obstacle to the success of modern smart cyber-physical systems. In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users. Then, we give an example of how these requirements can be implemented in a smart home scenario. Our example architecture allows the user to balance the privacy risks with the potential benefits and take a practical decision determining the extent of the sharing. Based on this example architecture, we identify a number of challenges that must be addressed by future data processing systems in order to achieve effective privacy management for smart cyber-physical systems.Comment: 12 Page

Access of Encrypted Personal Record in Cloud

Personal record is a data, which is collected and stored in cloud computing to gain cost benefit and better access control. In maintaining Personal Record, cloud computing plays an important role, since minor organizations are not affordable to keep own servers to maintain the personal record for cost and security aims. Providing availability to various stake holders become a deadly process in isolated individual servers with encryption technology. Cloud ensures that personal record availability to the necessary user at any point of time. In any country, there is a law which governs to maintain privacy of special records, and hence maintaining recodes in cloud are subjected to privacy concerns and high risk of getting exploited. There are various encryption schemes to provide personal records security and privacy in Cloud computing. Extensive logical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme. DOI: 10.17762/ijritcc2321-8169.15016