JoonYoung Lee,Jihyeon Oh,DeokKyu Kwon,Myeonghyun Kim,Keonwoo Kim,Youngho Park

DOI: https://doi.org/10.1109/jiot.2024.3357802

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The transition from patient-centered medical services to Health 5.0, which provides medical services to all customers using smart healthcare, has led to the use of the Internet of Things (IoT) for medical diagnosis and research based on the personal health records (PHR) of service users. However, PHR contain sensitive personal information, which can cause privacy issues. Additionally, as emergencies may occur in real medical environments, multi-authority delegation must be considered. Although various methods are being studied for data sharing, they often do not meet the necessary security requirements in a real PHR sharing environment. In this study, we propose a system that uses key aggregate searchable encryption (KASE) to satisfy security requirements and leverages blockchain and smart contracts to improve data integrity, data audit records, and transparency. We also propose a method that ensures the data subject rights of PHR data owners when delegating multiple rights using attribute tokens. We conduct formal and informal security analyses to verify the robustness of the proposed system against potential adversarial attacks. Finally, a performance evaluation is conducted to verify the effectiveness of the proposed scheme.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yining Liu,Gao Liu,Chi Cheng,Zhe Xia,Jian Shen

DOI: https://doi.org/10.3837/tiis.2016.08.023

2016-01-01

KSII Transactions on Internet and Information Systems

Abstract:Patients' health data is very sensitive and the access to individual's health data should be strictly restricted. However, many data consumers may need to use the aggregated health data. For example, the insurance companies needs to use this data to setup the premium level for health insurances. Therefore, privacy-preserving data aggregation solutions for health data have both theoretical importance and application potentials. In this paper, we propose a privacy-preserving health data aggregation scheme using differential privacy. In our scheme, patients' health data are aggregated by the local healthcare center before it is used by data comsumers, and this prevents individual's data from being leaked. Moreover, compared with the existing schemes in the literature, our work enjoys two additional benefits: 1) it not only resists many well known attacks in the open wireless networks, but also achieves the resilience against the human-factor-aware differential aggregation attack; 2) no trusted third party is employed in our proposed scheme, hence it achieves the robustness property and it does not suffer the single point failure problem.

Chengzhe Lai,Hanyue Zhang,Rongxing Lu,Dong Zheng

DOI: https://doi.org/10.1109/jiot.2024.3350029

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The conflict between data privacy and sharing among healthcare institutions creates data silos, causing wasteful duplication, incomplete information, and potential hindrances to scientific research. In this paper, we present a privacy-preserving medical data sharing scheme based on cloud-assisted private set intersection (PSI) and aggregate signature technique. Firstly, we propose a novel authenticated cloud-assisted private set intersection, named AC-PSI, which can achieve client authentication and randomized processing of private data by using Diffie-Hellman-based Oblivious Pseudorandom Function (DH-OPRF) and Vector Oblivious Linear-Function Evaluation-based Oblivious Pseudorandom Function (VOLE-OPRF), respectively. Secondly, based on the AC-PSI and locally verifiable signature (LVS), we design a privacy-preserving and secure medical data sharing scheme, which can provide enhanced security features by enabling access control of computing resources and resist pre-computation attacks from external sources. Our approach has been proven through a rigorous analysis of security. Finally, through comparative analysis with the existing schemes, it is demonstrated that the proposed AC-PSI and medical data sharing scheme has low communication and computation overhead while achieving a higher level of privacy preservation and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.48550/arXiv.1904.08270

2019-04-17

Cryptography and Security

Abstract:The recent spades of cyber security attacks have compromised end users' data safety and privacy in Medical Cyber-Physical Systems (MCPS). Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted by a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as end user's smartphone and lets the end user to control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove the efficiency.

Guangquan Xu,Chen Qi,Wenyu Dong,Lixiao Gong,Shaoying Liu,Si Chen,Jian Liu,Xi Zheng

DOI: https://doi.org/10.1109/jbhi.2022.3203577

IF: 7.7

2023-02-01

IEEE Journal of Biomedical and Health Informatics

Abstract:With the increasing penetration of the Internet of things (IoT) into people's lives, the limitations of traditional medical systems are emerging. First, the typical way of handling sensitive information can easily lead to privacy disclosure. Second, the medical system is relatively isolated. It is difficult for one medical system to share data with another, and the scope of users' activities is limited within the system boundary. To solve these two problems, we propose a new privacy-preserving medical data-sharing scheme by introducing the authorization mechanism and attribute-based encryption (ABE) based on blockchain, which breaks system boundaries and realizes data sharing among several medical institutions. ABE is used to realize scalable access control. In addition, doctors can share their knowledge to diagnose users by introducing many-to-many matching, which means that patients' health data can be represented by multiple keywords and doctors' expertise can be represented by multiple interests. We provide the correctness and security analysis of our scheme and implement a prototype tool on Ethereum. The experimental results show that our scheme solves the contradiction between the privacy preservation of medical data and the necessity of data sharing.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Wenjuan Tang,Ju Ren,Kun Deng,Yaoxue Zhang

DOI: https://doi.org/10.1109/jiot.2019.2923261

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:With rapid development of e-healthcare systems, patients that are equipped with resource-limited e-healthcare devices (Internet of Things) generate huge amount of health data for health management. These health data possess significant medical value when aggregated from these distributed devices. However, efficient health data aggregation poses several security and privacy issues such as confidentiality disclosure and differential attacks, as well as patients may be reluctant to contribute their health data for aggregation. In this paper, we propose a privacy-preserving heath data aggregation scheme that securely collects health data from multiple sources and guarantee fair incentives for contributing patients. Specifically, we employ signature techniques to keep fair incentives for patients. Meanwhile, we add noises into the health data for differential privacy. Furthermore, we combine Boneh-Goh-Nissim cryptosystem and Shamir's secret sharing to keep data obliviousness security and fault tolerance. Security and privacy discussions show that our scheme can resist differential attacks, tolerate healthcare centers failures, and keep fair incentives for patients. Performance evaluations demonstrate cost-efficient computation, communication and storage overhead.

Ji-Jiang Yang,Jian-Qiang Li,Yu Niu

DOI: https://doi.org/10.1016/j.future.2014.06.004

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:Storing and sharing of medical data in the cloud environment, where computing resources including storage is provided by a third party service provider, raise serious concern of individual privacy for the adoption of cloud computing technologies. Existing privacy protection researches can be classified into three categories, i.e., privacy by policy, privacy by statistics, and privacy by cryptography. However, the privacy concerns and data utilization requirements on different parts of the medical data may be quite different. The solution for medical dataset sharing in the cloud should support multiple data accessing paradigms with different privacy strengths. The statistics or cryptography technology alone cannot enforce the multiple privacy demands, which blocks their application in the real-world cloud. This paper proposes a practical solution for privacy preserving medical record sharing for cloud computing. Based on the classification of the attributes of medical records, we use vertical partition of medical dataset to achieve the consideration of different parts of medical data with different privacy concerns. It mainly includes four components, i.e., (1) vertical data partition for medical data publishing, (2) data merging for medical dataset accessing, (3) integrity checking, and (4) hybrid search across plaintext and ciphertext, where the statistical analysis and cryptography are innovatively combined together to provide multiple paradigms of balance between medical data utilization and privacy protection. A prototype system for the large scale medical data access and sharing is implemented. Extensive experiments show the effectiveness of our proposed solution.

Lianhai Wang,Lingyun Meng,Fengkai Liu,Wei Shao,Kunlun Fu,Shujiang Xu,Shuhui Zhang

DOI: https://doi.org/10.1155/2022/3670107

IF: 1.968

2022-10-02

Security and Communication Networks

Abstract:With the rapid development and application of artificial intelligence technology, medical data play an increasingly important role in the medical field. However, there are privacy protection and data ownership issues in the process of data sharing, which brings difficulties to machine learning and data mining. On the one hand, for fear that they may risk being held accountable by users or even breaking the law due to these issues, healthcare providers are reluctant to share medical data. On the other hand, users are also reluctant to share medical data due to the possibility of privacy disclosure in the data sharing process. To improve the security and privacy of shared medical data, we propose a user-centered medical data sharing scheme for privacy-preserving machine learning. Our solution combines blockchain and a trusted execution environment to ensure that adversaries cannot steal the ownership and control of user data during sharing. A blockchain-based noninteractive key sharing scheme is proposed that allows only the users and the TEE to decrypt the shared data. At the same time, we design an auditing mechanism to facilitate users to audit the sharing process. The security analysis shows that the scheme ensures the privacy and security of user data during storage and sharing. We have completed simulation experiments to demonstrate the effectiveness and efficiency of our scheme.

computer science, information systems,telecommunications

Fasee Ullah,Izhar Ullah,Atif Khan,M Irfan Uddin,Hashem Alyami,Wael Alosaimi

DOI: https://doi.org/10.1155/2020/8824907

2020-11-28

Abstract:There is a need to develop an effective data preservation scheme with minimal information loss when the patient's data are shared in public interest for different research activities. Prior studies have devised different approaches for data preservation in healthcare domains; however, there is still room for improvement in the design of an elegant data preservation approach. With that motivation behind, this study has proposed a medical healthcare-IoTs-based infrastructure with restricted access. The infrastructure comprises two algorithms. The first algorithm protects the sensitivity information of a patient with quantifying minimum information loss during the anonymization process. The algorithm has also designed the access polices comprising the public access, doctor access, and the nurse access, to access the sensitivity information of a patient based on the clustering concept. The second suggested algorithm is K-anonymity privacy preservation based on local coding, which is based on cell suppression. This algorithm utilizes a mapping method to classify the data into different regions in such a manner that the data of the same group are placed in the same region. The benefit of using local coding is to restrict third-party users, such as doctors and nurses, when trying to insert incorrect values in order to access real patient data. Efficiency of the proposed algorithm is evaluated against the state-of-the-art algorithm by performing extensive simulations. Simulation results demonstrate benefits of the proposed algorithms in terms of efficient cluster formation in minimum time, minimum information loss, and execution time for data dissemination.

Felix Nikolaus Wirth,Thierry Meurers,Marco Johns,Fabian Prasser

DOI: https://doi.org/10.1186/s12911-021-01602-x

IF: 3.298

2021-08-12

BMC Medical Informatics and Decision Making

Abstract:Abstract Background Data sharing is considered a crucial part of modern medical research. Unfortunately, despite its advantages, it often faces obstacles, especially data privacy challenges. As a result, various approaches and infrastructures have been developed that aim to ensure that patients and research participants remain anonymous when data is shared. However, privacy protection typically comes at a cost, e.g. restrictions regarding the types of analyses that can be performed on shared data. What is lacking is a systematization making the trade-offs taken by different approaches transparent. The aim of the work described in this paper was to develop a systematization for the degree of privacy protection provided and the trade-offs taken by different data sharing methods. Based on this contribution, we categorized popular data sharing approaches and identified research gaps by analyzing combinations of promising properties and features that are not yet supported by existing approaches. Methods The systematization consists of different axes. Three axes relate to privacy protection aspects and were adopted from the popular Five Safes Framework: (1) safe data, addressing privacy at the input level, (2) safe settings, addressing privacy during shared processing, and (3) safe outputs, addressing privacy protection of analysis results. Three additional axes address the usefulness of approaches: (4) support for de-duplication, to enable the reconciliation of data belonging to the same individuals, (5) flexibility, to be able to adapt to different data analysis requirements, and (6) scalability, to maintain performance with increasing complexity of shared data or common analysis processes. Results Using the systematization, we identified three different categories of approaches: distributed data analyses, which exchange anonymous aggregated data, secure multi-party computation protocols, which exchange encrypted data, and data enclaves, which store pooled individual-level data in secure environments for access for analysis purposes. We identified important research gaps, including a lack of approaches enabling the de-duplication of horizontally distributed data or providing a high degree of flexibility. Conclusions There are fundamental differences between different data sharing approaches and several gaps in their functionality that may be interesting to investigate in future work. Our systematization can make the properties of privacy-preserving data sharing infrastructures more transparent and support decision makers and regulatory authorities with a better understanding of the trade-offs taken.

medical informatics

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.1109/jbhi.2020.2973467

IF: 7.7

2020-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The recent spades of cyber attacks have compromised end-users' data security and privacy in Medical Cyber-Physical Systems (MCPS) in the era of Health 4.0. Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end-users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety, and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted of a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as the end-users' smartphone and lets the end-user control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove efficiency.

Anees Ara,Mznah Al-Rodhaan,Yuan Tian,Abdullah Al-Dhelaan

DOI: https://doi.org/10.1109/access.2017.2716439

IF: 3.9

2017-01-01

IEEE Access

Abstract:Due to advancements in the development of wireless medical sensing devices and wireless communication technologies, the wireless body area network (WBAN) has become an eminent part of e-healthcare systems. WBAN uses medical sensors to continuously monitor and collect the physiological parameters of a patient's health and send them to a remote medical server through a portable digital assistance (PDA)/mobile. Due to limitations in communication, such as power, storage, and the computational capabilities of sensors, data aggregation techniques are used to reduce the communication overhead in real-time data transmission in WBAN. However, since the WBAN transmits sensitive health data, data security and data privacy are a major concern. In this paper, we propose a secure privacy-preserving data aggregation (SPPDA) scheme based on bilinear pairing for remote health monitoring systems to improve data aggregation efficiency and data privacy. Our proposed SPPDA scheme utilizes the homomorphic property of the bilinear ElGamal cryptosystem to perform privacy-preserving secure computation and combines it with the aggregate signature scheme, enabling data authenticity/integrity in the WBAN. The proposed SPPDA scheme is proved to be semantically secure under the decisional bilinear Diffie-Hellman assumption. Security analysis demonstrates that our proposed scheme preserves data confidentiality, data authenticity, and data privacy; it also resists passive eavesdropping and replay attacks. A performance evaluation based on simulation results and a comparison of computational cost with related schemes show that data aggregation and batch verification at the PDA significantly reduce communication and transmission overhead and support efficient computation at the remote server.

Haiping Huang,Peng Zhu,Fu Xiao,Xiang Sun,Qinglong Huang

DOI: https://doi.org/10.1016/j.cose.2020.102010

Abstract:How to alleviate the contradiction between the patient's privacy and the research or commercial demands of health data has become the challenging problem of intelligent medical system with the exponential increase of medical data. In this paper, a blockchain-based privacy-preserving scheme is proposed, which realizes secure sharing of medical data between several entities involved patients, research institutions and semi-trusted cloud servers. And meanwhile, it achieves the data availability and consistency between patients and research institutions, where zero-knowledge proof is employed to verify whether the patient's medical data meets the specific requirements proposed by research institutions without revealing patients' privacy, and then the proxy re-encryption technology is adopted to ensure that research institutions can decrypt the intermediary ciphertext. In addition, this proposal can execute distributed consensus based on PBFT algorithm for transactions between patients and research institutions according to the prearranged terms. Theoretical analysis shows the proposed scheme can satisfy security and privacy requirements such as confidentiality, integrity and availability, as well as performance evaluation demonstrates it is feasible and efficient in contrast with other typical schemes.

Sejong Lee,Jaehyeon Kim,Yongseok Kwon,Teasung Kim,Sunghyun Cho

DOI: https://doi.org/10.2196/29108

2022-03-22

Abstract:Background: With the increasing sophistication of the medical industry, various advanced medical services such as medical artificial intelligence, telemedicine, and personalized health care services have emerged. The demand for medical data is also rapidly increasing today because advanced medical services use medical data such as user data and electronic medical records (EMRs) to provide services. As a result, health care institutions and medical practitioners are researching various mechanisms and tools to feed medical data into their systems seamlessly. However, medical data contain sensitive personal information of patients. Therefore, ensuring security while meeting the demand for medical data is a very important problem in the information age for which a solution is required. Objective: Our goal is to design a blockchain-based decentralized patient information exchange (PIE) system that can safely and efficiently share EMRs. The proposed system preserves patients' privacy in the EMRs through a medical information exchange process that includes data encryption and access control. Methods: We propose a blockchain-based EMR-sharing system that allows patients to manage their EMRs scattered across multiple hospitals and share them with other users. Our PIE system protects the patient's EMR from security threats such as counterfeiting and privacy attacks during data sharing. In addition, it provides scalability by using distributed data-sharing methods to quickly share an EMR, regardless of its size or type. We implemented simulation models using Hyperledger Fabric, an open source blockchain framework. Results: We performed a simulation of the EMR-sharing process and compared it with previous works on blockchain-based medical systems to check the proposed system's performance. During the simulation, we found that it takes an average of 0.01014 (SD 0.0028) seconds to download 1 MB of EMR in our proposed PIE system. Moreover, it has been confirmed that data can be freely shared with other users regardless of the size or format of the data to be transmitted through the distributed data-sharing technique using the InterPlanetary File System. We conducted a security analysis to check whether the proposed security mechanism can effectively protect users of the EMR-sharing system from security threats such as data forgery or unauthorized access, and we found that the distributed ledger structure and re-encryption-based data encryption method can effectively protect users' EMRs from forgery and privacy leak threats and provide data integrity. Conclusions: Blockchain is a distributed ledger technology that provides data integrity to enable patient-centered health information exchange and access control. PIE systems integrate and manage fragmented patient EMRs through blockchain and protect users from security threats during the data exchange process among users. To increase safety and efficiency in the EMR-sharing process, we used access control using security levels, data encryption based on re-encryption, and a distributed data-sharing scheme.

Shaopeng Guan,Youliang Cao,Yuan Zhang

DOI: https://doi.org/10.1109/jiot.2024.3487154

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Data privacy preservation and secure sharing are key technical challenges faced by smart wearable healthcare IoT systems. Blockchain technology enables privacy preservation for medical data through encryption. However, conventional data encryption hampers data analysis and sharing, and decrypted data still carries the risk of leakage. Homomorphic encryption is a technique that allows computation directly on encrypted data without decryption, thus reducing the risk of data leakage during sharing. In this paper, we propose a blockchain-based privacy preservation and sharing scheme for healthcare IoT data. First, we use an improved homomorphic encryption technique to encrypt and process electronic health records (EHRs), optimizing the modular exponentiation process with a fast exponentiation algorithm, enabling users to efficiently perform data computation and analysis while keeping the data encrypted. Second, we employ symmetric searchable encryption (SSE) to encrypt homomorphic keys and user identity information, and use a Bloom filter as the mapping structure between data keywords and unique identifiers. This approach enhances search efficiency while preserving data privacy, allowing for secure search and analysis on ciphertext. Finally, smart contracts are designed to implement access control during the data-sharing process, increasing the security and transparency of data sharing. Experimental results show that the proposed homomorphic encryption scheme reduces the encryption and decryption time by an average of 34% under different key sizes, while the optimized SSE technique keeps ciphertext retrieval time at a constant level. The proposed scheme provides an effective solution for secure and efficient data analysis and retrieval, ensuring privacy preservation for the secure use and sharing of medical data.

Mingyue Wang,Yu Guo,Chen Zhang,Cong Wang,Hejiao Huang,Xiaohua Jia

DOI: https://doi.org/10.1109/tsc.2021.3114719

IF: 11.019

2021-01-01

IEEE Transactions on Services Computing

Abstract:Electronic Health Record (EHR) and its privacy have attracted widespread attention with the development of the healthcare industry in recent years. As locking medical data in a single healthcare center causes information isolation, healthcare centers are motivated to build medical data sharing systems. However, existing systems highly rely on the trusted centralized servers, which are vulnerable to distributed denial of service (DDoS) attacks and the single point of failure. Moreover, it is a non-trivial matter to authorize multiple users to search and access EHR in a privacy-preserving manner. In this article, we propose MedShare, a decentralized framework for secure EHR sharing. Our design utilizes the smart contract technique of blockchain to establish a trusted platform for healthcare centers to share their encrypted EHR. Considering that fine-grained access control is essential in practical EHR sharing service, we devise a constant-size attribute-based encryption (ABE) scheme, where the access policy is embedded in search result on the blockchain. Besides, we propose an efficient scheme that enables authorized MedShare users to perform multi-keyword boolean search operations over encrypted EHR. We formally analyze the security strengths and implement the system prototype on Ethereum. Evaluation results demonstrate that MedShare is efficient for EHR sharing.

computer science, information systems, software engineering

Chanying Huang,Kedong Yan,Songjie Wei,Dong Hoon Lee

DOI: https://doi.org/10.1109/pic.2017.8359554

2017-01-01

Abstract:Personal Health Records (PHR) is patient-centric healthcare system, which allows patients to control who can get access to their health records and which section of the record can be accessed. Hot issues such as access control, patients control degree, and privacy protection, etc. are still the challenging concerns while designing a secure PHR system.In this paper, we propose dsPPS, a secure integrated PHR framework(from health data collection to health data sharing) that meets patients' full control of their PHR and sufficient privacy preservation. Specifically, dsPPS provides two schemes: Biometric-Based secure health data Collection (BBC) scheme and Attribute-Based health record Accessing (ABA) scheme. While BBC scheme enables patients to collect their scattered health data from multiple typical health systems securely and efficiently, the ABA scheme allows users (health systems) access to the PHR server with their sensitive attributes being protected. Comprehensive analysis is conducted to show the security of dsPPS against typical attacks. In addition, experiments in both smart phone and PC (Intel) platforms demonstrate that dsPPS produces reasonable performance in terms of storage, communication and computational overheads.

Changsheng Zhao,Wei Song,Zhiyong Peng

DOI: https://doi.org/10.1007/978-3-031-25201-3_17

2023-01-01

Abstract:Over the past few years, we have witnessed that the big data analysis technologies based on machine learning and deep learning have brought great change to medical research. The medical data is a special kind of sensitive data, which is contributed by multiple users. For example, the prescriptions are generated by doctors but also contain the patients’ symptoms and history of diseases. However, the existing data sharing solutions focus on protecting the privacy of the single data owner while ignoring the privacy belonging to multiple owners. In this paper, we first identify this problem and propose a novel secure medical data sharing scheme based on the Chinese remainder theorem to protect the privacy of multiple owners in the medical data. To better support the scenario of medical data sharing, we implement the proposed scheme over a medical blockchain system to build a medical data sharing prototype, and dynamically manage two kinds of subscribers based on logical key hierarchy. The performance analysis validates the security and efficiency of the proposed method for the data sharing scenario of medical data from multiple owners.

Yilong Yang,Quan Zu,Peng Liu,Defang Ouyang,Xiaoshan Li

DOI: https://doi.org/10.7150/ijbs.24617

2018-06-07

Abstract:This paper takes up the problem of medical resource sharing through MicroService architecture without compromising patient privacy. To achieve this goal, we suggest refactoring the legacy EHR systems into autonomous MicroServices communicating by the unified techniques such as RESTFul web service. This lets us handle clinical data queries directly and far more efficiently for both internal and external queries. The novelty of the proposed approach lies in avoiding the data de-identification process often used as a means of preserving patient privacy. The implemented toolkit combines software engineering technologies such as Java EE, RESTful web services, JSON Web Tokens to allow exchanging medical data in an unidentifiable XML and JSON format as well as restricting users to the need-to-know principle. Our technique also inhibits retrospective processing of data such as attacks by an adversary on a medical dataset using advanced computational methods to reveal Protected Health Information (PHI). The approach is validated on an endoscopic reporting application based on openEHR and MST standards. From the usability perspective, the approach can be used to query datasets by clinical researchers, governmental or non-governmental organizations in monitoring health care and medical record services to improve quality of care and treatment.

Software Engineering

Liming Fang,Changchun Yin,Juncen Zhu,Chunpeng Ge,M. Tanveer,Alireza Jolfaei,Zehong Cao

DOI: https://doi.org/10.1145/3408322

2021-01-21

Abstract:In virtue of advances in smart networks and the cloud computing paradigm, smart healthcare is transforming. However, there are still challenges, such as storing sensitive data in untrusted and controlled infrastructure and ensuring the secure transmission of medical data, among others. The rapid development of watermarking provides opportunities for smart healthcare. In this article, we propose a new data-sharing framework and a data access control mechanism. The applications are submitted by the doctors, and the data is processed in the medical data center of the hospital, stored in semi-trusted servers to support the selective sharing of electronic medical records from different medical institutions between different doctors. Our approach ensures that privacy concerns are taken into account when processing requests for access to patients’ medical information. For accountability, after data is modified or leaked, both patients and doctors must add digital watermarks associated with their identification when uploading data. Extensive analytical and experimental results are presented that show the security and efficiency of our proposed scheme.