A COMPREHENSIVE APPROACH TO SECURE PERSONAL HEALTH RECORD SHARING IN CLOUD ENVIRONMENTS
Man, hon Liu , Department of Computing, The Hong Kong Polytechnic University, Hong KongAbstract
The rapid advancement of cloud computing technology has revolutionized the healthcare industry, offering unprecedented opportunities for the storage, sharing, and management of personal health records (PHRs). However, the transition to cloud-based systems also introduces significant security and privacy challenges, particularly concerning the sensitive nature of health data. This paper presents a comprehensive approach to secure sharing of PHRs in cloud environments, addressing the multifaceted issues of data confidentiality, integrity, and access control.
Our framework integrates advanced cryptographic techniques, robust access control mechanisms, and efficient data management strategies to ensure the secure handling of PHRs. The primary components of the framework include a hybrid encryption scheme, role-based access control (RBAC), and secure data storage protocols. The hybrid encryption scheme leverages the strengths of both symmetric and asymmetric encryption to protect data at rest and in transit, ensuring that only authorized users can access and modify the records. The RBAC model enforces stringent access policies based on user roles and responsibilities, preventing unauthorized access and ensuring that users can only perform actions pertinent to their roles.
To enhance data integrity and auditability, our framework incorporates blockchain technology to create an immutable ledger of all access and modification activities. This ensures transparency and accountability, allowing patients and healthcare providers to trace any changes made to the records. Additionally, we implement secure key management practices to safeguard encryption keys, including periodic key rotation and secure key distribution methods.
Our approach also addresses the usability and scalability aspects of secure PHR sharing. We propose a user-friendly interface that simplifies the management of access permissions, enabling patients to easily share their records with healthcare providers, family members, or researchers without compromising security. The framework is designed to be scalable, accommodating the growing volume of health data and the increasing number of users in a cloud environment.
To evaluate the effectiveness of our proposed framework, we conducted extensive simulations and performance analyses. The results demonstrate that our approach provides a high level of security without significantly impacting system performance. The hybrid encryption scheme ensures robust protection against unauthorized access, while the RBAC model effectively manages access rights and minimizes the risk of data breaches. The integration of blockchain technology enhances data integrity and accountability, providing a transparent and tamper-proof record of all activities.
In conclusion, this paper presents a comprehensive and effective framework for secure sharing of personal health records in cloud environments. By combining advanced cryptographic techniques, robust access control mechanisms, and innovative data management strategies, our approach addresses the critical security and privacy challenges associated with cloud-based PHR systems.
This framework not only ensures the confidentiality, integrity, and availability of health data but also enhances patient trust and promotes the widespread adoption of cloud technology in the healthcare sector. Future work will focus on further optimizing the framework's performance and exploring additional features such as machine learning-based anomaly detection to enhance security measures.
Our comprehensive approach demonstrates the potential of integrating cutting-edge technologies to create a secure, efficient, and user-friendly environment for managing personal health records in the cloud. By addressing the inherent security challenges and providing a robust solution, this framework paves the way for a more secure and efficient healthcare system, ultimately improving patient outcomes and fostering innovation in the healthcare industry.
Keywords
Secure sharing, personal health records, cloud systems
References
Akinyele, J., Lehmann, C., Green, M., Pagano, M., Peterson, Z., & Rubin, A. (2010). Self- Protecting Electronic Medical Records Using Attribute-Based Encryption. Cryptology ePrint archive, report 2010/565.
Ateniese, G., Fu, K., Green, M., & Hohenberger, S. (2005). Improved proxy re-encryption schemes with applications to secure distributed storage. In NDSS. The Internet Society.
Attrapadung, N., & Yamada, S. (2015). Duality in ABE: converting attribute-based encryption for dual predicate and dual policy via computational encodings. In CT-RSA 2015 (Vol. 9048, pp. 87–105). Springer.
Beimel, A. (1996). Secure Schemes for Secret Sharing and Key Distribution (PhD thesis). Israel Institute of Technology, Israel.
Blaze, M., Bleumer, G., & Strauss, M. (1998). Divertible protocols and atomic proxy cryptography. In EUROCRYPT (Vol. 1403, pp. 127–144). Springer.
Boneh, D., Lynn, B., & Shacham, H. (2001). Short signatures from the Weil pairing. In
ASIACRYPT (Vol. 2248, pp. 514–532). Springer.
Canetti, R., & Hohenberger, S. (2007). Chosen-ciphertext secure proxy re-encryption. In
CCS'07 (pp. 185–194). ACM.
Chase, M. (2007). Multi-authority attribute based encryption. In S.P. Vadhan (Ed.), TCC 2007 (Vol. 4392, pp. 515–534). Springer.
Chase, M., & Chow, S.S.M. (2009). Improving privacy and security in multi-authority attribute-based encryption. In CCS 2009 (pp. 121–130). ACM.
Deng, H., Wu, Q., Qin, B., Susilo, W., Liu, J.K., & Shi, W. (2015). Asymmetric cross- cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. In ASIACCS (pp. 393–404). ACM.
Deng, H., Wu, Q., Qin, B., Susilo, W., Liu, J.K., & Shi, W. (2015). Asymmetric cross- cryptosystem re-encryption applicable to efficient and secure mobile access to outsourced data. In F. Bao, S. Miller, J. Zhou, G. Ahn (Eds.), Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, ASIA CCS'15 (pp. 393–404). ACM.
Garg, S., Gentry, C., Halevi, S., Sahai, A., & Waters, B. (2013). Attribute-based encryption for circuits from multilinear maps. In CRYPTO 2013 (Vol. 8043, pp. 479–499). Springer.
Han, J., Susilo, W., Mu, Y., & Yan, J. (2012). Privacy-preserving decentralized key-policy attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 23(11), 2150–2162.
Hohenberger, S., & Waters, B. (2014). Online/offline attribute-based encryption. In Public- Key Cryptography (Vol. 8383, pp. 293–310). Springer.
Article Statistics
Downloads
Copyright License
Copyright (c) 2024 Man, hon Liu
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Copyright and Ethics:
- Authors are responsible for obtaining permission to use any copyrighted materials included in their manuscript.
- Authors are also responsible for ensuring that their research was conducted in an ethical manner and in compliance with institutional and national guidelines for the care and use of animals or human subjects.
- By submitting a manuscript to International Journal of Computer Science & Information System (IJCSIS), authors agree to transfer copyright to the journal if the manuscript is accepted for publication.