Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
The Journal of Supercomputing
Published in: The Journal of Supercomputing 9/2019

06-06-2019

Role-based policy to maintain privacy of patient health records in cloud

Authors: Akshay Tembhare, S. Sibi Chakkaravarthy, D. Sangeetha, V. Vaidehi, M. Venkata Rathnam

Published in: The Journal of Supercomputing | Issue 9/2019

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Modern healthcare system collects health information from health assisted gadgets of different sources and stores them in the cloud storage servers as an electronic record called the patients health records (PHR) and ensures the availability whenever and wherever needed. An important issue in this centralized cloud storage is the loss of privacy and security of sensitive PHR. Existing and the most recent solutions on privacy and security provisioning are purely based on role-based access control (RBAC). However, these RBAC schemes suffer from role explosion due to the increasing number of different roles. Furthermore, managing all those roles in order to provide proper access permissions can become a complex problem. Dynamic segregation of duty relations reduces the number of potential permissions that can be made available to a user by placing constraints on the users by assigning a set of roles. In order to address the above stated problem, this paper proposes a hybrid framework called MediTrust. The proposed MediTrust combines two schemes namely RBAC and attribute-based encryption (ABE) and works on semantic database, ensuring the accessibility of patient data for different access controls. The patient data are encrypted at the provider side before outsourcing it to the cloud server and then it is decrypted again at the user end after being downloaded from the cloud server. The general information of the patient collected as PHR is stored in a separate cloud server, and the medical reports are stored separately in yet another cloud server. A second-step security control is provided using CAPTCHA which is mainly used as a security check to ensure that only human users can log in to the MediTrust. A third-step security control is also provided in which one key is shared to user’s registered mobile number and another key is shared to user’s e-mail id. In MediTrust, combination of these two keys is required to decrypt the PHR. Further, ABE polices and access control security mechanisms for privacy preservation have been validated on PHR using Amazon AWS EC2 CA. Performance evaluation results show that the proposed MediTrust is better than existing work in terms of time complexity and computational overhead.
previous article Novel probabilistic resource migration algorithm for cross-cloud live migration of virtual machines in public cloud
next article Modeling method of internet public information data mining based on probabilistic topic model

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now
Literature
1.
Aiswarya R, Divya R, Sangeetha D, Vaidehi V (2013) Harnessing healthcare data security in cloud. ICRTIT
2.
Logeswari G, Sangeetha D, Vaidehi V (2014) A cost effective clustering based anonymization approach for storing PHR’s in cloud. In: International Conference on Recent Trends in Information Technology
3.
Sweeney L (2002) k-Anonymity: a model for protecting privacy. Int J Uncertain Fuzziness Knowl Based Syst 10(5):557–570MathSciNetCrossRef
4.
Terrovitis M, Mamoulis N, Kalnis P (2008) Privacy-preserving anonymization of set-valued data. In: Proc. International Conference on Very Large Data Bases (VLDB), pp 115–125CrossRef
5.
Wong RC-W, Fu AW-C, Wang K, Pei J (2007) Minimality attack in privacy preserving data publishing. In: Proc. International Conference on Very Large Data Bases (VLDB), pp 543–554
6.
7.
Xhafa F, Qassem T, Moore P (2014) Collaboration through patient data access and sharing in the cloud. In: IEEE Journal of Selected Topics in Signal Processing, vol 4, no. 7
8.
Chen R, Mu Y, Yang G, Guo F, Wang X (2016) Dual-server public-key encryption with keyword search for secure cloud storage. IEEE Trans 4
9.
Cui B, Liu Z, Wang L (2016) Key-aggregate searchable encryption (KASE) for group data sharing via cloud storage. IEEE Trans Comput 65(8)MathSciNetCrossRef
10.
Zhou J, Cao Z, Dong X, Lin X (2015) Privacy-preserving protocol for cloud-assisted e-healthcare systems. IEEE J Sel Top Signal Process 9(7)
11.
Salih RM, Lilien LT (2015) Protecting users’ privacy in healthcare cloud computing with APB-TTP
12.
Ming Li, Shucheng Yu, Member, IEEE, Yao Zheng, Kui Ren, and Wenjing Lou (2013) Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. IEEE 2013
13.
Vijayapriya M, Malathi (2013) On demand security for personal health record in cloud computing using encryption and decryption cryptography. Volume 3, Issue 9
14.
Zhou J, Cao Z, Dong X, Lin X (2015) PPDM: a privacy-preserving protocol for cloud-assisted e-healthcare systems. IEEE
15.
Liu X, Zhang Y, Wang B, Yan J (2013) Mona: secure multi-owner data sharing for dynamic groups in the cloud. IEEE Trans Parallel Distrib Syst 24(6):1182–1191CrossRef
16.
Li M, Yu S, Ren K, Lou W (2010) Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Proc. Sixth Int’l ICST Conf. Security and Privacy in Comm. Networks (Secure Comm’10)
17.
Sahai, Waters B (2015) Fuzzy identity-based encryption in Proc. Eurocrypt 457–473
18.
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute based encryption. In: Proc. IEEE Symp. Security Privacy, pp 321–334
19.
Ostrovsky R, Sahai A, Waters B (2007) Attribute-based encryption with non-monotonic access structures. In: Proc. ACM Conference on Computing, Communication and Security, pp 195–203
20.
Cheung L, Newport C (2007) Provably secure ciphertext policy ABE. In: Proc. ACM Conference on computing, Communication Security, pp 456–465
21.
Goyal V, Jain A, Pandey O, Sahai A (2008) Bounded ciphertext policy attribute-based encryption. In: Proc. ICALP, pp 579–591
22.
Liang X, Cao Z, Lin H, Xing D (2009) Provably secure and efficient bounded cipher text policy attribute based encryption. In Proc. ASIACCs, pp 343–352
23.
Chase M (2007) Multi-authority attribute based encryption. In: Proc. TCC, LNCS 4329, pp 515–534
24.
Goyal BV, Kumar V (2008) Identity-based encryption with efficient revocation. In Proc. of ACM Conference on Computing, Communication and Security, pp 9–112
25.
Chen N, Gerla M, Huang D, Hong X (2010) Secure, selective group broadcast in vehicular networks using dynamic attribute based encryption. In: Proc. Ad Hoc Network Workshop, pp 1–8
26.
Pirretti M, Traynor P, McDaniel P, Waters B (2006) Secure attribute based systems. In: Proc. ACM Conference on Computing, Communication, and Security, pp 417–426
Metadata
Title
Role-based policy to maintain privacy of patient health records in cloud
Authors
Akshay Tembhare
S. Sibi Chakkaravarthy
D. Sangeetha
V. Vaidehi
M. Venkata Rathnam
Publication date
06-06-2019
Publisher
Springer US
Published in
The Journal of Supercomputing / Issue 9/2019
Print ISSN: 0920-8542
Electronic ISSN: 1573-0484
DOI
https://doi.org/10.1007/s11227-019-02887-6

Other articles of this Issue 9/2019

The Journal of Supercomputing 9/2019 Go to the issue

OriginalPaper

Research on SVM environment performance of parallel computing based on large data set of machine learning

OriginalPaper

Application of improved distributed naive Bayesian algorithms in text classification

OriginalPaper

A greedy constructing tree algorithm for shortest path in perpetual wireless recharging wireless sensor network

OriginalPaper

Landmark community approximate optimal path query with pure linguistic attributes

OriginalPaper

An interval-based multi-objective artificial bee colony algorithm for solving the web service composition under uncertain QoS

OriginalPaper

A novel design of fault-tolerant RAM cell in quantum-dot cellular automata with physical verification

Premium Partner

    Image Credits