Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption

Abstract: Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme

A systematic literature review of cloud computing in eHealth

Cloud computing in eHealth is an emerging area for only few years. There needs to identify the state of the art and pinpoint challenges and possible directions for researchers and applications developers. Based on this need, we have conducted a systematic review of cloud computing in eHealth. We searched ACM Digital Library, IEEE Xplore, Inspec, ISI Web of Science and Springer as well as relevant open-access journals for relevant articles. A total of 237 studies were first searched, of which 44 papers met the Include Criteria. The studies identified three types of studied areas about cloud computing in eHealth, namely (1) cloud-based eHealth framework design (n=13); (2) applications of cloud computing (n=17); and (3) security or privacy control mechanisms of healthcare data in the cloud (n=14). Most of the studies in the review were about designs and concept-proof. Only very few studies have evaluated their research in the real world, which may indicate that the application of cloud computing in eHealth is still very immature. However, our presented review could pinpoint that a hybrid cloud platform with mixed access control and security protection mechanisms will be a main research area for developing citizen centred home-based healthcare applications

IMPROVING PRIVACY IN SHARING OF PERSONAL HEALTH DATA STORAGE ON CLOUD

PHRs grant patients access to a wide range of health information sources, best medical practices and health knowledge. In patient centric secure sharing, patients will create, manage and control their personal health data from one place using the web. In cloud computing, it is attractive for the health record service providers to shift their patients data applications and storage into the cloud, in order to like the flexible resources and diminish the operational cost, but by storing health records in the cloud, the patients be unable to find physical control to their personal health data, which makes it required for each patient to encrypt the data prior to uploading to the cloud servers. Under encryption, it is difficult to achieve fine-grained access control to personal health data in a scalable and well-organized way. Existing cryptographic enforced access control schemes are mostly designed for the single-owner scenarios. In this, suggest a patient-centric frame work and a suite of mechanism for data access control to PHRs stored in semi-trusted servers. To allow fine-grained and scalable access control for PHRs, control attribute based encryption (ABE) techniques to encrypt every patients data. Different from earlier works in protected data outsourcing, center on the multiple data owner scenario, and separate the user in the system into multiple security domains that really decreases the key managing complexity for owners and users. In this way, a high degree of patient privacy is assured concurrently by developing multi-authority ABE

Integrated, reliable and cloud-based personal health record: a scoping review.

Personal Health Records (PHR) emerge as an alternative to integrate patient’s health information to give a global view of patients' status. However, integration is not a trivial feature when dealing with a variety electronic health systems from healthcare centers. Access to PHR sensitive information must comply with privacy policies defined by the patient. Architecture PHR design should be in accordance to these, and take advantage of nowadays technology. Cloud computing is a current technology that provides scalability, ubiquity, and elasticity features. This paper presents a scoping review related to PHR systems that achieve three characteristics: integrated, reliable and cloud-based. We found 101 articles that addressed thosecharacteristics. We identified four main research topics: proposal/developed systems, PHR recommendations for development, system integration and standards, and security and privacy. Integration is tackled with HL7 CDA standard. Information reliability is based in ABE security-privacy mechanism. Cloud-based technology access is achieved via SOA.CONACYT - Consejo Nacional de Ciencia y TecnologíaPROCIENCI

Access of Encrypted Personal Record in Cloud

Personal record is a data, which is collected and stored in cloud computing to gain cost benefit and better access control. In maintaining Personal Record, cloud computing plays an important role, since minor organizations are not affordable to keep own servers to maintain the personal record for cost and security aims. Providing availability to various stake holders become a deadly process in isolated individual servers with encryption technology. Cloud ensures that personal record availability to the necessary user at any point of time. In any country, there is a law which governs to maintain privacy of special records, and hence maintaining recodes in cloud are subjected to privacy concerns and high risk of getting exploited. There are various encryption schemes to provide personal records security and privacy in Cloud computing. Extensive logical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme. DOI: 10.17762/ijritcc2321-8169.15016

Multi - owner Secure Data Sharing in Cloud Computing Environment

Data sharing in the cloud is a technique that allows users to conveniently access data over the cloud. The data owner outsources their data in the cloud due to cost reduction and the great conveniences provided by cloud services. Data owner is not able to control over their data, because cloud service provider is a third party provider.  The main crisis with data sharing in the cloud is the privacy and security issues. Various techniques are available to support user privacy and secure data sharing. This paper focus on various schemes to deal with secure data sharing such as Data sharing with forward security, secure data sharing for dynamic groups, Attribute based data sharing, encrypted data sharing and Shared Authority Based Privacy-Preserving Authentication Protocol for access control of outsourced data

Fog based Secure Framework for Personal Health Records Systems

The rapid development of personal health records (PHR) systems enables an individual to collect, create, store and share his PHR to authorized entities. Health care systems within the smart city environment require a patient to share his PRH data with a multitude of institutions' repositories located in the cloud. The cloud computing paradigm cannot meet such a massive transformative healthcare systems due to drawbacks including network latency, scalability and bandwidth. Fog computing relieves the burden of conventional cloud computing by availing intermediate fog nodes between the end users and the remote servers. Aiming at a massive demand of PHR data within a ubiquitous smart city, we propose a secure and fog assisted framework for PHR systems to address security, access control and privacy concerns. Built under a fog-based architecture, the proposed framework makes use of efficient key exchange protocol coupled with ciphertext attribute based encryption (CP-ABE) to guarantee confidentiality and fine-grained access control within the system respectively. We also make use of digital signature combined with CP-ABE to ensure the system authentication and users privacy. We provide the analysis of the proposed framework in terms of security and performance.Comment: 12 pages (CMC Journal, Tech Science Press

Health Access Broker: Secure, Patient-Controlled Management of Personal Health Records in the Cloud

Secure and privacy-preserving management of Personal Health Records (PHRs) has proved to be a major challenge in modern healthcare. Current solutions generally do not offer patients a choice in where the data is actually stored and also rely on at least one fully trusted element that patients must also trust with their data. In this work, we present the Health Access Broker (HAB), a patient-controlled service for secure PHR sharing that (a) does not impose a specific storage location (uniquely for a PHR system), and (b) does not assume any of its components to be fully secure against adversarial threats. Instead, HAB introduces a novel auditing and intrusion-detection mechanism where its workflow is securely logged and continuously inspected to provide auditability of data access and quickly detect any intrusions.Comment: Copy of the paper accepted at 13th International Conference on Computational Intelligence in Security for Information Systems (CISIS