Protecting Medical Data Stored in Public Clouds

Nikos Fotiou, George Xylomenos

Abstract

Public Clouds offer a convenient way for storing and sharing large amounts of medical data. Nevertheless, using a shared infrastructure raises significant security and privacy concerns. Even if the data are encrypted, the data owner should share some information with the Cloud provider, in order to enable the latter to perform access control; given the high sensitivity of medical data, even such limited information may jeopardize enduser privacy. In this paper we employ an access control delegation scheme to enable the users themselves to perform access control on their data, which are stored in a public Cloud. To selectively provide access to these data without sacrificing their confidentiality we rely on encryption: our system encrypts data before storing them in the Cloud and applies proxy re-encryption so as to encrypt data separately for each (authorized) user.

References

  1. Akinyele, J., Garman, C., Miers, I., Pagano, M., Rushanan, M., Green, M., and Rubin, A. (2013). Charm: a framework for rapidly prototyping cryptosystems. Journal of Cryptographic Engineering, 3(2):111-128.
  2. Boneh, D., Boyen, X., and Goh, E.-J. (2005). Hierarchical identity based encryption with constant size ciphertext. In Cramer, R., editor, Advances in Cryptology EUROCRYPT 2005, volume 3494 of Lecture Notes in Computer Science, pages 440-456. Springer Berlin Heidelberg.
  3. Fabian, B., Ermakova, T., and Junghanns, P. (2015). Collaborative and secure sharing of healthcare data in multiclouds. Information Systems, 48:132 - 150.
  4. Fotiou, N., Machas, A., Polyzos, G. C., and Xylomenos, G. (2015). Access control as a service for the cloud. Journal of Internet Services and Applications, 6(1):1- 15.
  5. Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 7806, pages 89-98, New York, NY, USA. ACM.
  6. Green, M. and Ateniese, G. (2007). Identity-based proxy reencryption. In Katz, J. and Yung, M., editors, Applied Cryptography and Network Security, volume 4521 of Lecture Notes in Computer Science, pages 288-306. Springer Berlin Heidelberg.
  7. Li, M., Yu, S., Zheng, Y., Ren, K., and Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. Parallel and Distributed Systems, IEEE Transactions on, 24(1):131-143.
  8. Liu, J., Huang, X., and Liu, J. K. (2015). Secure sharing of personal health records in cloud computing: Ciphertext-policy attribute-based signcryption. Future Generation Computer Systems, 52:67 - 76. Special Section: Cloud Computing: Security, Privacy and Practice.
  9. Löhr, H., Sadeghi, A.-R., and Winandy, M. (2010). Securing the e-health cloud. In Proceedings of the 1st ACM International Health Informatics Symposium, IHI 7810, pages 220-229, New York, NY, USA. ACM.
  10. Son, J., Kim, J.-D., Na, H.-S., and Baik, D.-K. (2015). Dynamic access control model for privacy preserving personalized healthcare in cloud environment. Technology and Health Care, 24(s1):S123-S129.
  11. Thilakanathan, D., Chen, S., Nepal, S., Calvo, R., and Alem, L. (2014). A platform for secure monitoring and sharing of generic health data in the cloud. Future Generation Computer Systems, 35:102 - 113. Special Section: Integration of Cloud Computing and Body Sensor Networks; Guest Editors: Giancarlo Fortino and Mukaddim Pathan.
  12. Wu, R., Ahn, G.-J., and Hu, H. (2012). Secure sharing of electronic health records in clouds. In Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2012 8th International Conference on, pages 711-718.
Download


Paper Citation


in Harvard Style

Fotiou N. and Xylomenos G. (2016). Protecting Medical Data Stored in Public Clouds . In Proceedings of the International Conference on Information and Communication Technologies for Ageing Well and e-Health - Volume 1: ICT4AWE, (ICT4AGEINGWELL 2016) ISBN 978-989-758-180-9, pages 127-132. DOI: 10.5220/0005912801270132


in Bibtex Style

@conference{ict4awe16,
author={Nikos Fotiou and George Xylomenos},
title={Protecting Medical Data Stored in Public Clouds},
booktitle={Proceedings of the International Conference on Information and Communication Technologies for Ageing Well and e-Health - Volume 1: ICT4AWE, (ICT4AGEINGWELL 2016)},
year={2016},
pages={127-132},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005912801270132},
isbn={978-989-758-180-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Information and Communication Technologies for Ageing Well and e-Health - Volume 1: ICT4AWE, (ICT4AGEINGWELL 2016)
TI - Protecting Medical Data Stored in Public Clouds
SN - 978-989-758-180-9
AU - Fotiou N.
AU - Xylomenos G.
PY - 2016
SP - 127
EP - 132
DO - 10.5220/0005912801270132