iaetsd-scalable and secure sharing of personal health

8/10/2019 Iaetsd-scalable and Secure Sharing of Personal Health

1/6


2/6

to target the various malicious behaviourswhich lead to exposure to the PHI.

The main concern is about privacy ofpatients, personal health data and to find

which user could gain access to the medical

records stored in a cloud server. The famousincident, department of Veterans Affairscontaining sensitive database PHI of 26.5

million military veterans, including theirhealth problems and social security numberswas theft by an employee who take the datahome without authorization [13]. We ensurethe privacy control over their own PHRs, it isessential to have fine-grained data access

control mechanisms that work with maytrusted servers. Then we can skip to a new

encryption pattern namely Attribute BasedEncryption (ABE). In this ABE it attributesthe users data to selects the access policies. Itallows a patient to share their own PHRamong a group of users by encrypting the fileunder a set of attributes, need to knowcomplete information of users. The scope ofresult the number of attributes is to determinethe complexities in the encryption technique,

security key generation, and decryption. TheMulti Authority Attribute Based Encryptionscheme is used to provide the multiple

authority based access mechanism. The aimof this Patient Centric Privacy often disagrees

with the scalability and reliability in PHRsystem. Only the authorized users can access

the PHR system for personal use orprofessional purpose. We are referring abouttwo categories as personal and professionalusers respectively.

2. RELATED WORK

This article is more related to operate incryptographically enforced control access foroutsourced data and attribute based onencryption data. To improve the scalability ofthe above result, one-to-many encryptionmethods such as ABE can be utilized. The

basic property of ABE is preventing againstthe user collusion.

A.Trusted Authority:

Multiple operations used ABE to realize finegrained access outsourced data control. Each

patient EHR files are encrypted by using abroadcast variant of CP-ABE that allowsdirectly. Here several communicationdrawbacks of the above mentionedoperations. Mainly they are usually

pretending the use of a single trusted authority

in the system. Not only may create a loadbottleneck but also it suffers from the securitykey problems. The attribute managementtasks also include certification of all usersattributes and generating secret keys.

B. Revocable Attributed basedEncryption:This scheme is a well-known challenging

problem to invoke users or attributesefficiently and on-demand in ABE. Mainlythis technique is done by the authority

broadcasting periodic key updates tounrevoked users frequently, and which doesnot get complete forward/backward securityand efficiency is less.

In this paper for uniform security, weare proposing framework of patients centricsharing of PHR in several domain, severalauthority PHR system with several users. Itcaptures framework application-level ofrequirements for both public and personal useof patients PHRs and it distributed users truston multiple authorities are better reflectsactuality.

3. IMPLEMENTATION

a. Requirements:

The most important task is to achieve patient-centric PHR sharing. That means, the patient

should contain the fundamental control overtheir own health record. It also determineswhich users should have access to theirmedical data. The user control write/readaccess and revocation are two main security

purposes for any type of electronic healthrecord system. The write access control iscontrolled by the person to prevent in PHR

173

INTERNATIONAL CONFERENCE ON CURRENT INNOVATIONS IN ENGINEERING AND TECHNOLOGY

INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT

ISBN: 378 - 26 - 138420 -

www.iaetsd.in


3/6

context entitles by the unauthorized users toget access on the record and to modifying it.

b. Framework:

The purpose of our framework is to provide

security of patient-centric PHR access andefficient key management at the same time. If

users attribute is not valid, then the user isunable to access future PHR files using thatattribute. The PHR data should support usersfrom the personal domain as well as publicdomain. The public domain may have morenumber of users who may be in huge amountand unpredictable, system should be highlyscalable in terms of complexity in keymanagement system communication,computation and storage. The owners

endeavour in managing users and keys shouldbe minimized to enjoy usability. By usingattribute based encryption we can encrypt

personal health records self-protective that isthey can access only authorized users even ona semi trusted server.

Fig.1: Framework for PHR sharing

c. Architecture of implementation:

The below Fig.1 depicts the architecture ofproposed system for secure sharing of thepatient medical records. The system split theusers into two security domains namely,

public domains (PUDs) and personal domains(PSDs) according to the different users data

access needs. The PUDs consist of users whogrant access based on their professional roles,

such as doctors, nurses, medical researchersand insurance agents. For each PSD, the users

are personally associated with a data owner(such as family members or close friends),

and they grant accesses to personal healthrecords based on access rights assigned by the

owner. Here we consider Data owner whoown the personal health record, data reader aswho can read the encrypted patient medicalrecord. In PSD, the owner uses key-policy

attributed based on encryption and generatessecret key for their PSD users and in PUD theowner used multi-authority attribute basedencryption is preferred. Secret Key for PUDusers are produced by Multiple authority (Forthis project we consider SpecializationAuthority and Patient Medical Authority)depending on both profession and

specialization.

Fig.2: Architecture of patients medicalrecord sharing

174



ISBN: 378 - 26 - 138420 -

www.iaetsd.in


4/6

4. TECHNIQUES

a. Attribute Based Encryption

The database security is provided by usingAttribute Based Encryption techniques. In this

the sensitive information is shared and storedin the cloud provider; it is needed to encryptcipher text which is classified by set ofattributes. The private key is associated withaccess make to control with cipher text a useris able to decrypt. Here we are using AttributeBased Encryption (ABE) as the principalencryption primitive. By using ABE access

policies are declared based on the attributes ofuser data, which make possible to selectivelyshare her/his PHR among a set of users toencrypting the file under a set of attributes,

without a need of complete users. Thecomplexity per encryption, security keygeneration, and decryption are only linearwith multi number of attributes are included.When we integrate ABE into a large scale ofPHR system, the important dispute such asdynamic policy updates, key management andscalability, and an efficient on demandrevocation are non-retrieval to solve.

b. Multi-Authority ABE

A Multi-Authority ABE system is includedwith k attribute authorities and one centralcontrol. The value dk is assigned to everyattribute authority. In this proposed systemwe can use the following algorithms:

The random algorithm is run by thecentral authority or some other trustedsecurity. It takes input as a security parameterand outputs as a public key and secret key

pair for each of the attribute authorities andalso outputs as a system public key and

master secret key, which is used for centralauthority.

Attribute Key Generation: A randomalgorithm is run by an attribute authority. Thesecret key is to take as an input for securityauthority and the authoritys value dk, ausers GID, and a set of attributes in the

authoritys domain and output secret key forthe user.

Central Key Generation:A central authoritycan be used be run by a random algorithm. It

takes the master key as an input and a users

GID and outputs secret key for user.

Encryption: This technique can be run by asender. Take a set of attributes as an input foreach authority, and the system public key.The outputs are in the form of cipher text.

Decryption: This mechanism can be done bya receiver. Takes input as a cipher text, whichwas encrypted under a set of decryption keysfor attribute set.

By using this ABE and MA-ABE it

will increase the system scalability, there aresome restriction in building PHR system. TheABE does not handle it efficiently. In thatscenario one may regard with the help ofattributes based broadcast encryption.

5. SECURITY MODEL OF THE

PROPOSED SYSTEM

i. Data confidentiality:

This research plan reveals the data about each

user to access on the PHR among one another.The different sets of documents are authorized

by the users to read the document.

ii. User Access PrivilegeConfidentiality:

The system does not disclose the rights fromone person to another. This ensures the user toaccess strong confidentiality. And also itmaintains both public domain and privatedomain. Secure Sharing of Personal Health

Records System designer maintain PersonalHealth Records with various user access

points. These data values are managed under athird party cloud provider system. The cloud

provider will provide security for the data.Multiple modules can be provided by this

system.

175



ISBN: 378 - 26 - 138420 -

www.iaetsd.in


5/6

Data owner is designed to manage thepatient details. With multiple attributecollections the PHR is maintained. Access

permission to different authorities can beassigned by data header.

Cloud provider module is used to store thePHR values. The encrypted PHR is uploadedby the data header to the cloud provider.Patients can access data and also maintainedunder the cloud provider.

Key management isone of the main tasksto plan and control key values for variousauthorities. The owner of the data will updatethe key values. This dynamic policy is basedon key management scheme.

Patients are accessed by the client module.

This system uses the personal andprofessional access pattern. Accessclassification is used to provide multipleattributes. Clients access to log maintains tothe user request information to processauditing.

6. CONCLUSION

This PHR system fights against the securityattackers and hackers. The secure data sharingis used to protect the information from

unauthorized user. We have proposed a novelapproach for existing PHR system providinghigh security using Attribute BasedEncryption which plays main role, becausethese are the unique competition, and it isdifficult to hack. The ABE model increasesand operates with MAABE.

7. REFERENCES

[1] H. Lo hr, A.-R. Sadeghi, and M.Winandy, Securing the E-Health Cloud,

Proc. First ACM Intl Health InformaticsSymp. (IHI 10), pp. 220-229, 2010.

[2] M. Li, S. Yu, N. Cao, and W. Lou,Authorized Private Keyword Search overEncrypted Personal Health Records in CloudComputing, Proc. 31st Intl Conf.Distributed Computing Systems (ICDCS 11),June 2011.

[3] M. Li, S. Yu, K. Ren, and W. Lou,Securing Personal Health Records in CloudComputing: Patient-Centric and Fine-GrainedData Access Control in Multi-OwnerSettings, Proc. Sixth IntlICSTConf.SecurityandPrivacyinComm.Netw

orks (SecureComm10), pp. 89-106, Sept.2010.

[4] M. Chase and S.S. Chow, ImprovingPrivacy and Security in Multi-AuthorityAttribute-Based Encryption, Proc. 16thACM Conf. Computer and Comm. Security(CCS 09), pp. 121-130, 2009.

[5] M. Li, S. Yu, N. Cao, and W. Lou,Authorized Private Keyword Search overEncrypted Personal Health Records in Cloud

Computing, Proc. 31st Intl Conf.Distributed Computing Systems (ICDCS 11),June 2011.

[6] J. Benaloh, M. Chase, E. Horvitz, and K.Lauter, Patient Controlled Encryption:Ensuring Privacy of Electronic MedicalRecords, Proc. ACM Workshop CloudComputing Security (CCSW 09), pp. 103-114, 2009.

[7] S. Yu, C. Wang, K. Ren, and W. Lou,Achieving Secure, Scalable, and Fine-

Grained Data Access Control in CloudComputing, Proc. IEEE INFOCOM 10,2010.

[8] V. Goyal, O. Pandey, A. Sahai, and B.

Waters, Attribute-Based Encryption forFine-Grained Access Control of Encrypted

Data, Proc. 13th ACM Conf. Computer andComm. Security (CCS 06), pp. 89-98, 2006.

[9] S. Narayan, M. Gagne, and R. Safavi-Naini, Privacy preserving EHR system using

attribute-based infrastructure, ser. CCSW10, 2010, pp. 4752.

[10] J. Hur and D.K. Noh, Attribute-BasedAccess Control with Efficient Revocation inData Outsourcing Systems, IEEE Trans.Parallel and Distributed Systems, vol. 22, no.7, pp. 1214-1221, July 2011.

176



ISBN: 378 - 26 - 138420 -

www.iaetsd.in


6/6

[11] S. Jahid, P. Mittal, and N. Borisov,Easier: Encryption-Based Access Control inSocial Networks with Efficient Revocation,Proc. ACM Symp. Information, Computerand Comm. Security (ASIACCS), Mar. 2011.

[12] S. Ruj, A. Nayak, and I. Stojmenovic,DACC: Distributed Access Control inClouds, Proc. IEEE 10th Intl Conf. Trust,Security and Privacy in Computing andComm. (TrustCom), 2011.

[13] At Risk of Exposure - in the Push forElectronic Medical Records, Concern IsGrowing About How Well Privacy Can BeSafe- guarded,http://articles.latimes.com/2006/jun/26/health/he-privacy26, 2006.

177



ISBN: 378 - 26 - 138420 -

www.iaetsd.in

iaetsd-scalable and secure sharing of personal health

Documents