Abstract
Cloud based Personal health record (PHR) is an emerging cloud based platform for exchanging a person’s health information in a secure manner. There occur many security issues when records of the data owners are outsourced through the third party cloud providers. The health records which are sensitive must be stored and retrieved through a secure source without any loss in the data. Nevertheless sharing and searching of the data is the key aspect, but when it is outsourced undeniably it is a cumbersome task. It may lead to unveil the sensitive information and so the records may become vulnerable to the hackers. In this report, we have suggested a novel access control structure called as user usage based encryption constructed on the searchable attribute based encryption to guarantee the data protection. Usage is mapped as credential with a time frame to every private attribute. The data user can decipher a fortified attribute only if there is a match between the credentials associated with the attribute. Using the feature extraction algorithm the searchable encryption scheme enables a consistent routing of encrypted attributes. Multi-Credential routing is applied to strengthen the confidentiality of the fragile records. We allow the data user to perpetuate the credentials according to their usage criteria also the user receives the keys as labels along with the credentials. The data owner will be able to associate each enciphered attribute with a set of credentials. Before beginning the encryption scheme we apply the singular value decomposition algorithm to the unutilized or less used attributes to reduce the attribute set. Additionally the data user confidentiality pitfalls are tackled using the semantic clustering of data user. To preserve the data user confidentiality reliable overlay privacy preserving protocol is designed. We manifest a complete security analysis so that our recommended system dominates the up to date approaches in terms of communication and ciphering cost.
Similar content being viewed by others
References
Chen, Y., Paxson, V., Katz, R.H.: What’s new about cloud computing security?, Technical Report UCB/EECS-2010-5, Electrical Engineering and Computer Sciences, University of California at Berkeley (2010)
Cloud computing security. http://en.wikipedia.org/wiki/Cloud- computing-security
Microsoft, Microsoft health vault. http://www.healthvault.com
Google Inc, Google health. https://www.google.com/health
California, Confidentiality of Medical Information Act (CMIA). www.leginfo.ca.gov/cgi-bin/displaycode?section=civ-group=00001-01000
104th United States Congress, Health Insurance Portability and Accountability Act of 1996 (HIPPA). http://aspe.hhs.gov/admnsimp/pl104191.htm (1996)
Lohr, H., Sadeghi, A.-R., Winandy, M.: Securing the e-health cloud. In: Proceedings of the 1st ACM International Health Informatics Symposium, ser. IHI ’ vol. 10, pp. 220–229 (2010)
Ibraimi, L., Asim, M., Petkovic, M.: Secure management of personal health records by applying attribute-based encryption. In Technical Report, University of Twente (2009)
Liu, P., Wang, J., Ma, H., Nie, H.: Efficient verifiable public key encryption with keyword search based on KP-ABE. In: Proceedings 2014 Ninth International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), pp. 584–589. IEEE (2014)
Yau, W., Phan, R. Heng, S., Goi, B.: Proxy re-encryption with keyword search, new definitions and algorithms. In: Proceedings International Conferences on Security Technology, Disaster Recovery and Business Continuity, Jeju Island, Korea, vol. 122, pp. 149–160. 13–15 December 2010
Jiang, X.: Asymmetric principal component and discriminant analyses for pattern classification. IEEE Trans. Pattern Anal. Mach. Intell. 31(5), 931–937 (2009)
Zhang, Z., Zhao, M., Chow, T.W.S.: Binary-and multi-class group sparse canonical correlation analysis for feature extraction and classification. IEEE Trans. Knowl. Eng. 25(10), 2192–2205 (2013)
Garcia, E.K., Feldman, S., Gupta, M.R., Srivastava, S.: Completely lazy learning. IEEE Trans. Knowl. Data Eng. 22(9), 1274–1285 (2010)
Jiang, Y., Hayashi, I., Wang, S.: Knowledge acquisition method based on singular value decomposition for human motion analysis. IEEE Trans. Knowl. Data Eng. 26(12), 3038–3050 (2014)
Karakoyunlu, D., Gurkaynak, F.K., Sunar, B., Leblebici, Y.: Efficient side-channel-aware implementations of elliptic curve cryptosystems over prime fields. IET Inf. Secur. 4(1), 30–43 (2010)
Florence, L., Suresh, D.: Cloud security and DES algorithm a review. In: International Journal of Computational Intelligence and Informatics, vol. 5, No. 2 (September 2015)
Shamir, A.: How to share a secret, 3rd\(\sim \)Ed. Commun. ACM 22(11), 612–613 (1979)
Shamir, A.: Identity-based cryptosystems and signature schemes, In: Proceedings of CRYPTO 84 on Advances in cryptology, pp. 47–53, Springer, New York (1985)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, pp. 213–229. Springer, New York (2001)
Boneh, D., Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. In: Advances in Cryptology–Euro crypt, vol. 3027 of LNCS, pp. 223–238. Springer, New York (2004)
Sahai, A., Waters, B.: Fuzzy identity based encryption. In: Advances in Cryptology-Euro crypt, vol. 3494 of LNCS, pp. 457–473. Springer, New York (2005)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM Conference on Computer and Communications Security. pp. 89–98 (2006)
Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM’10 (2010)
Adida, B.: Special topics in cryptography, instructors, Ran Canetti and Ron Rivest Lecture 25, Pairing-Based Cryptography
Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Cryptology, vol. 6571, pp. 53–70 (2011)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption, In: IEEE Symposium on Security and Privacy, pp. 321–334 (2007)
Chase, M.: Multi-authority attribute-based encryption, In: The Fourth Theory of Cryptography Conference (TCC 2007) (2007)
Chase, M., Chow, S.S.: Improving privacy and security in multi-authority attribute-based encryption. In: CCS ’09, 2009 pp. 121–130
Müller, S., Katzenbeisser, S., Eckert, C.: Distributed attribute based encryption. In: ICISC, pp. 20–36 (2008)
Müller, S., Katzenbeisser, S., Eckert, C.: On multi-authority cipher text policy attribute based encryption. Bull. Korean Math. Soc. 46(4), 803–819 (2009)
Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted personal health records in cloud computing. In: ICDCS ’11 (June 2011)
Zheng, Q., Xu, S., Ateniese, G.: VABKS, verifiable attribute-based keyword search over outsourced encrypted data. In: IEEE INFOCOM 2014-IEEE, 2014. www.ieeexplore.ieee.org/ (2014)
Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi keyword ranked search over encrypted cloud data. In: IEEE INFOCOM (2011)
Sun, W., Yu, S., Lou, W., Hou, Y.T.: Verifiable attribute-based keyword search with fine-grained owner-enforced search authorization. In: In the cloud- IEEE Transactions on 2016. www.ieeexplore.ieee.org/ (2016)
Yau, W., Phan, R., Heng, S., Goi, B.: Keyword guessing attacks on secure searchable public key encryption schemes with a designated tester. Int. J. Comput. Math. 90(2), 2581–2587 (2013)
Yau, W., Phan, R., Heng, S., Goi, B.: Security models for delegated keyword searching within encrypted contents. J. Internet Serv. Appl. 3(2), 233–241 (2012)
Fang, L., Susilo, W., Ge, C., Wang, J.: Public key encryption with keyword search secure against keyword guessing attacks without random oracle. Inf. Sci. 238, 221–241 (2013)
Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. In: IEEE Transactions on Parallel and Distributed Systems, vol. 99, no. PrePrints (2010)
Lewis, D.D.: Feature Selection and feature extraction for text categorization. www.aclweb.org/anthology/H92-1041
Li, M., Lin, D.: The adjacency graphs of LFSRs with primitive-like characteristic polynomials. IEEE Trans. Inf. Theor. 63(2), 1325–1335 (2017)
Jahid, S., Mittal, P., Borisov, N.: Easier, Encryption-based access control in social networks with efficient revocation. In: ASIACCS, Hong Kong (March 2011)
Hu, C., Liu, P.: An enhanced searchable public key encryption scheme with a designated tester and its extensions. J. Comput. 7(3), 716–723 (2012)
Liu, Q., Wang, G., Wu, J.: Time-based proxy re-encryption scheme for secure data sharing in a cloud environment. Inf. Sci. 258, 355–370 (2014)
Acknowledgements
I would like to thank THE LORD MY SAVIOR for guiding and showering HIS blessings throughout my life. I take immense pleasure in thanking my guide Dr. M. Lilly Florence for rendering her valuable knowledge and guidance. I would like to thank my husband for his love and support. I would like to thank my parents and my son for their patience and care. I would like to thank all my well wishers who always stand by my side and guiding me throughout my research.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Florence, M.L., Suresh, D. Enhanced secure sharing of PHR’s in cloud using user usage based attribute based encryption and signature with keyword search. Cluster Comput 22 (Suppl 6), 13119–13130 (2019). https://doi.org/10.1007/s10586-017-1276-7
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10586-017-1276-7