Scalable and secure sharing of personal health records in cloud computing using attribute based encryption

Authors

  • Kumar SS M.Tech.(CSE), Tirumala Engineering College, Affiliated to JNTUH, Hyderabad, Telangana, India
  • Prasad S M.Tech.(CSE), Associate Professor, Tirumala Engineering College, Affiliated to JNTUH, Hyderabad, Telangana, India
  • Parimala M M.Tech.(CSE), Associate Professor, Tirumala Engineering College, Affiliated to JNTUH, Hyderabad, Telangana, IndiaM.Tech.(CSE), Associate Professor, Tirumala Engineering College, Affiliated to JNTUH, Hyderabad, Telangana, India
  • Someswar GM B.Tech., M.S.(USA), M.C.A., Ph.D., Director General and Scientist G, Global Research Academy, Hyderabad, Telangana, India

Keywords:

Personal Health Record (PHR), Attribute Based Encryption (ABE), Fine-grained Data Access Control, Break- glass, PUD - public domains, PSD - personal domains, AA - attribute authority, MA-ABE - multi-authority ABE, KP-ABE - key policy ABE

Abstract

Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients‟ control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this research paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient‟s PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.

References

. User Interfaces in C#: Windows Forms and Custom Controls by Matthew MacDonald.

. Applied Microsoft® .NET Framework Programming (Pro-Developer) by Jeffrey Richter.

. Practical .Net2 and C#2: Harness the Platform, the Language, and the Framework by Patrick Smacchia.

. Data Communications and Networking, by Behrouz A Forouzan.

. Computer Networking: A Top-Down Approach, by James F. Kurose.

. Operating System Concepts, by Abraham Silberschatz.

. M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katz, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia,

“Above the clouds: A berkeley view of cloud computing,” University of California, Berkeley, Tech. Rep. USB-EECS-2009-28, Feb 2009.

. “The apache cassandra project,”http://cassandra.apache.org/.

. L. Lamport, “The part-time parliament,” ACM Transactions on Computer Systems, vol. 16, pp. 133–169, 1998.

. N. Bonvin, T. G. Papaioannou, and K. Aberer, “Cost-efficient and differentiated data availability guarantees in data clouds,” in Proc.

of the ICDE, Long Beach, CA, USA, 2010.

. O. Regev and N. Nisan, “The popcorn market. online markets for computational resources,” Decision Support Systems, vol. 28, no. 1-2, pp. 177 – 189, 2000.

. A. Helsinger and T. Wright, “Cougaar: A robust configurable multi agent platform,” in Proc. of the IEEE Aerospace Conference, 2005.

. J. Brunelle, P. Hurst, J. Huth, L. Kang, C. Ng, D. C. Parkes, M. Seltzer, J. Shank, and S. Youssef, “Egg: an extensible and economics inspired open grid computing platform,” in Proc. of the GECON, Singapore, May 2006.

. J. Norris, K. Coleman, A. Fox, and G. Candea, “Oncall: Defeating spikes with a free-market application cluster,” in Proc. of the International Conference on Autonomic Computing, New York, NY, USA, May 2004.

. C. Pautasso, T. Heinis, and G. Alonso, “Autonomic resource provisioning for software business processes,” Information and Software

Technology, vol. 49, pp. 65–80, 2007.

. A. Dan, D. Davis, R. Kearney, A. Keller, R. King, D. Kuebler, H. Ludwig, M. Polan, M. Spreitzer, and A. Youssef, “Web services on

demand: Wsla-driven automated management,” IBM Syst. J., vol. 43, no. 1, pp. 136–158, 2004.

Downloads

Published

2024-02-26

How to Cite

Kumar, S. S., Prasad, S., Parimala, M., & Someswar, G. (2024). Scalable and secure sharing of personal health records in cloud computing using attribute based encryption. COMPUSOFT: An International Journal of Advanced Computer Technology, 5(06), 2175–2182. Retrieved from https://ijact.in/index.php/j/article/view/378

Issue

Section

Original Research Article

Similar Articles

<< < 1 2 3 4 5 6 7 8 9 10 > >> 

You may also start an advanced similarity search for this article.