A High Degree of Patient Privacy in PHR Patient-Centric Model of Health Information Exchange Using Cloud Security Technique
Journal: International Journal of Science and Research (IJSR) (Vol.3, No. 12)Publication Date: 2014-12-05
Authors : Rasal Swati A.; Pawar B. V.;
Page : 2128-2130
Keywords : Personal health records; cloud computing; data privacy; fine-grained access control; attribute-based encryption;
Abstract
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Improper use of the data by the storage server or unauthorized access by outside users could be potential threats to their data. People would like to make their sensitive or private data only accessible to the authorized people with credentials they specified. Attribute-based encryption (ABE) is a promising cryptographic approach that achieves a fine-grained data access control. It provides a way of defining access policies based on different attributes of the requester, environment, or the data object. Especially, cipher text- policy attribute-based encryption (CP-ABE) enables an encryption to define the attribute set over a universe of attributes that a decryption needs to possess in order to decrypt the cipher text, and enforce it on the contents. Thus, each user with a different set of attributes is allowed to decrypt different pieces of data per the security policy. This effectively eliminates the need to rely on the data storage server for preventing unauthorized data access, which is the traditional access control approach of such as the reference monitor. A high degree of patient privacy is guaranteed simultaneously by exploiting multi authority ABE. This scheme enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of proposed scheme.
Other Latest Articles
- A Review on Privacy-Conserving Public Auditing for Shared Data in Cloud Computing, with a Focus on User Revocation
- Erection Trusted and Effective Request Services in the Cloud with RASP Data Perturbation
- Approach to Detect and Block DDOS Attack at Application Layer Using Novel Framework
- Approach to Solve NP Complete Problem Using Game Theoretic Scheduling Algorithm and Map-Reduce on Clouds
- EAACK - To Overcome from Intruders Attacks in Manet's by Providing Security Checks
Last modified: 2021-06-30 21:15:01