Scalable and secure sharing of personal health records in cloud computing using attribute based encryption
Download as docx, pdf0 likes557 views
The document discusses a patient-centric framework for secure sharing of personal health records (PHRs) using attribute-based encryption (ABE) in cloud computing. It addresses challenges such as key management, dynamic policy updates, and user revocation while improving on existing systems by introducing multiauthority ABE. The proposed system enhances security, privacy, and efficiency in managing PHRs, enabling fine-grained access control across multiple user domains.
Scalable and secure sharing of personal health records in cloud computing using attribute based encryption
- 1. Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption ABSTRACT: Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients’ control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient’s PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting
- 2. multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme. EXISTING SYSTEM: A PHR service allows a patient to create, manage, and control her personal health data in one place through the web, which has made the storage, retrieval, and sharing of the medical information more efficient. Especially, each patient is promised the full control of her medical records and can share her health data with a wide range of users, including healthcare providers, family members or friends. While it is exciting to have convenient PHR services for everyone, there are many security and privacy risks which could impede its wide adoption. DISADVANTAGES OF EXISTING SYSTEM: The complexities per encryption, key generation, and decryption are only linear with the number of attributes involved. However, to integrate ABE into a large- scale PHR system, important issues such as key management scalability, dynamic
- 3. policy updates, and efficient on-demand revocation are nontrivial to solve, and remain largely open up-to-date. PROPOSED SYSTEM: Compared with the preliminary version of this paper, there are several main additional contributions: 1) we clarify and extend our usage of MA-ABE in the public domain, and formally show how and which types of user-defined file access policies are realized. 2) We clarify the proposed revocable MA-ABE scheme, and provide a formal security proof for it. 3) We carry out both real-world experiments and simulations to evaluate the performance of the proposed solution in this paper. ADVANTAGES OF PROPOSED SYSTEM: We propose a novel ABE-based framework for patient-centric secure sharing of PHRs in cloud computing environments, under the multiowner settings. To address the key management challenges, we conceptually divide the users in the system two types of domains, namely public and personal into domain. In the public domain, we use multiauthority ABE (MA-ABE) to improve the security and avoid key escrow problem. Each attribute authority (AA) in it
- 4. governs a disjoint subset of user role attributes, while none of them alone is able to control the security of the whole system. We propose mechanisms for key distribution and encryption so that PHR owners can specify personalized fine-grained role-based access policies during file encryption. In the personal domain, owners directly assign access privileges for personal users and encrypt a PHR file under its data attributes. We provide a thorough analysis of the complexity and scalability of our proposed secure PHR sharing solution, in terms of multiple metrics in computation, communication, storage, and key management. We also compare our scheme to several previous ones in complexity, scalability and security.
- 5. SYSTEM ARCHITECTURE: Fig-1 The proposed framework for patient-centric, secure and scalable PHR sharing on semitrusted storage under multiowner settings.
- 6. Fig- 2 The attribute hierarchy of files—leaf nodes are atomic file categories while internal nodes are compound categories. Dark boxes are the categories that a PSD’s data readers have access to. SYSTEM CONFIGURATION:- HARDWARE CONFIGURATION:- Processor - Pentium –IV Speed - 1.1 Ghz
- 7. RAM - 256 MB(min) Hard Disk - 20 GB Key Board - Standard Windows Keyboard Mouse - Two or Three Button Mouse Monitor - SVGA SOFTWARE CONFIGURATION:- Operating System : Windows XP Programming Language : JAVA Java Version : JDK 1.6 & above. REFERENCE: Ming Li, Member, IEEE, Shucheng Yu, Member, IEEE, Yao Zheng, Student Member, IEEE, Kui Ren, Senior Member, IEEE, and Wenjing Lou, Senior Member, IEEE-―Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption‖-IEEE TRANSACTIONS ON
- 8. PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 24, NO. 1, JANUARY 2013