Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

P. Griffiths

DOI: https://doi.org/10.1136/EBN.7.4.116

2004-09-24

Evidence-Based Nursing

Abstract:Naylor MD, Brooten DA, Campbell RL, et al . Transitional care of older adults hospitalized with heart failure: a randomized, controlled trial. J Am Geriatr Soc 2004;52:675–84. [OpenUrl][1][CrossRef][2][PubMed][3][Web of Science][4] 
 Q In elderly patients admitted to hospital with heart failure (HF), does a 3 month, comprehensive, transitional care intervention reduce readmissions and improve quality of life and functioning? ### ![Graphic][5] Design: randomised controlled trial. ### ![Graphic][6] Allocation: {concealed}.* ### ![Graphic][7] Blinding: blinded {data collectors}.* ### ![Graphic][8] Follow up period: 1 year after index hospital admission. ### ![Graphic][9] Setting: 6 academic and community hospitals in Philadelphia, Pennsylvania, USA. ### ![Graphic][10] Patients: 239 English speaking patients ⩾65 years of age (mean age 76 y, 57% women) who were admitted to hospital from home with HF, alert and oriented, reachable by telephone, and residing ⩽60 miles from the admitting hospital. Exclusion criterion was end stage renal disease. ### ![Graphic][11] Intervention: advanced practice nurse (APN) transitional care (TC) (n = 118) or usual care (n = 121). APN TC comprised (1) APN training by a multidisciplinary team; (2) Quality-Cost Model of APN Transitional Care management strategies (identification of patient and caregiver goals, individualised care plans, educational and behavioural strategies, coordination and continuity of … [1]: {openurl}?query=rft.jtitle%253DJournal%2Bof%2Bthe%2BAmerican%2BGeriatrics%2BSociety%26rft.stitle%253DJ%2BAm%2BGeriatr%2BSoc%26rft.aulast%253DNaylor%26rft.auinit1%253DM.%2BD.%26rft.volume%253D52%26rft.issue%253D5%26rft.spage%253D675%26rft.epage%253D684%26rft.atitle%253DTransitional%2Bcare%2Bof%2Bolder%2Badults%2Bhospitalized%2Bwith%2Bheart%2Bfailure%253A%2Ba%2Brandomized%252C%2Bcontrolled%2Btrial.%26rft_id%253Dinfo%253Adoi%252F10.1111%252Fj.1532-5415.2004.52202.x%26rft_id%253Dinfo%253Apmid%252F15086645%26rft.genre%253Darticle%26rft_val_fmt%253Dinfo%253Aofi%252Ffmt%253Akev%253Amtx%253Ajournal%26ctx_ver%253DZ39.88-2004%26url_ver%253DZ39.88-2004%26url_ctx_fmt%253Dinfo%253Aofi%252Ffmt%253Akev%253Amtx%253Actx [2]: /lookup/external-ref?access_num=10.1111/j.1532-5415.2004.52202.x&link_type=DOI [3]: /lookup/external-ref?access_num=15086645&link_type=MED&atom=%2Febnurs%2F7%2F4%2F116.atom [4]: /lookup/external-ref?access_num=000220855300003&link_type=ISI [5]: /embed/inline-graphic-1.gif [6]: /embed/inline-graphic-2.gif [7]: /embed/inline-graphic-3.gif [8]: /embed/inline-graphic-4.gif [9]: /embed/inline-graphic-5.gif [10]: /embed/inline-graphic-6.gif [11]: /embed/inline-graphic-7.gif

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Heng Pan,Yaoyao Zhang,Jianmei Liu,Xueming Si,Zhongyuan Yao,Liang Zhao

DOI: https://doi.org/10.4018/ijdcf.329219

2023-01-01

International Journal of Digital Crime and Forensics

Abstract:In medical data sharing, the data access control authorities of the sharing entities and computing capabilities of the sharing platforms are asymmetric. This asymmetry leads to poor patient control over their data, privacy disclosure, and difficulties in tracking data sharing. This aarticle proposes a cooperation model of cloud and chain (CMCC) for the secure sharing of medical data. In the CMCC, the power equivalence of blockchain nodes limits the control authority asymmetry between doctors and patients in medical data sharing. Moreover, a cloud server is used to store medical data, and some of the node-side computations are handed over to the cloud, which addresses the asymmetric computing capability asymmetry between the cloud and ordinary nodes. Based on the CMCC, a secure medical data sharing scheme based on proxy re-encryption mechanism is proposed. This scheme realizes secure medical data sharing, especially the patient's complete control of the data. The security and performance analysis show that the proposed scheme outperforms the existing ones.

Arthur S. Voundi Koe,Qi Chen,Juan Tang,Shan Ai,Hongyang Yan,Shiwen Zhang,Duncan S. Wong

DOI: https://doi.org/10.1002/int.23009

IF: 8.993

2022-09-09

International Journal of Intelligent Systems

Abstract:With recent advances in cloud computing, mobile devices are increasingly being used to record patient physiological parameters, and transfer them to a cloud‐based hospital information system, for access control mediation over a variety of stakeholders. In such a cloud‐based architecture, the patient must specify an access policy for a group of authorized parties towards its outsourced data. Multiauthority ciphertext‐policy attribute‐based encryption (CP‐ABE) was provided as an innovative cloud‐based access control cryptographic primitive to tackle the key escrow issue in a centralized architecture, and boost flexibility through cross‐domain attributes management. Existing works, however, still have glaring drawbacks. First, they still rely on a trusted authority to generate and distribute user secret keys. Second, they do not simultaneously provide encryption, decryption, or revocation outsourcing, resulting in high processing and communication cost for both the data sender and the data receiver. Third, they do not support both user and attribute revocation, and the integrity of ciphertext downloaded from the cloud is not always verified at the user end. As a result, this paper exploits the dummy attribute technique and introduces a novel, efficient, and secure multiauthority ciphertext‐policy ABE method for mediating access control over medical data, in the mobile cloud. The ciphertext access policy enforcement, partial ciphertext decryption, and both the user and attribute indirect revocation updates are safely outsourced to the cloud server in this study. Theoretical analysis demonstrates that our scheme is efficient and verifiable, and we prove that our construction is secure under the decisional bilinear Diffie‐Hellman assumption.

computer science, artificial intelligence

Chin-Ling Chen,Po-Tsun Huang,Yung-Yuan Deng,Hsing-Chung Chen,Yun-Ciao Wang

DOI: https://doi.org/10.1186/s13673-020-00221-1

2020-05-07

Abstract:Abstract As cloud computing technology matures, along with an increased application of distributed networks, increasingly larger amounts of data are being stored in the cloud, and are thus available for pervasive application. At the same time, current independent medical record systems tend to be inefficient, and most previous studies in this field fail to meet the security requirements of anonymity and unlinkability. Some proposed schemes are even vulnerable to malicious impersonation attacks. The scheme proposed in this study, therefore, combines public and private clouds in order to more efficiently and securely preserve and manage electronic medical records (EMR). In this paper, a new secure EMR authorization system is proposed, which uses elliptic curve encryption and public-key encryption, providing a health care system with both public and private cloud environments with a message authentication mechanism, allowing the secure sharing of medical resources. The analysis shows that the proposed scheme prevents known attacks, such as replay attacks, man-in-the-middle attacks and impersonation attacks, and provides user anonymity, unlinkability, integrity, non-repudiation, forward and backward security.

computer science, information systems

Yu Wu,Nanzhou Lin,Wei Song,Yuan Shen,Xiandi Yang,Juntao Zhang,Yan Sun

DOI: https://doi.org/10.1007/978-3-030-30952-7_36

2019-01-01

Abstract:The outsourcing storage of medical big data encrypted in the cloud can effectively alleviate the problem of privacy disclosure, but cipher text storage will lead to the inconvenience of data access, which brings new challenges to medical big data shared access. The existing flexible authorization solutions for encrypted data are mainly based on methods such as CP-ABE, which requires the data owner to define the data access strategy, while in reality, the patient is the data owner of the medical data. At the same time, the existing scheme does not support access control authorization in emergency scenarios, and in medical big data applications, when patients can not authorize data users to access cipher text medical data, it will lead to unpredictable consequences. According to the application requirements of encrypted medical big data shared service in cloud environment, an adaptive authorization access method based on attribute encryption is proposed to realize flexible and secure medical data access authorization in normal and emergency situations. Experimental results demonstrate that our scheme is efficient.

Heng Pan,Yaoyao Zhang,Xueming Si,Zhongyuan Yao,Liang Zhao

DOI: https://doi.org/10.3390/sym14122479

2022-01-01

Symmetry

Abstract:The Internet of Things (IoT) and cloud technologies have significantly facilitated healthcare. In such a context, medical data are collected by the terminals from the patients, manipulated, and stored on the cloud by hospitals (doctors). This brings asymmetry problems in medical data access control, processing, and storage between doctors and patients, which results in medical data sharing face many challenges such as privacy leakage and malicious feedback from cloud servers on queries. To solve these asymmetry problems, this paper proposes a medical data sharing scheme with cloud-chain cooperation and policy fusion in the IoT. Regarding asymmetrical access control rights, a conflict resolution and fusion algorithm that enables co-authorization of medical data by the doctor and the patient is introduced. To balance the symmetry of medical data storage and processing, a cloud-chain cooperation ciphertext retrieval method is proposed by means of two-stage joint searching from cloud servers and the blockchain, which can not only detect malicious medical data feedback from cloud servers, but also improve the data search efficiency. The security analysis showed that this scheme satisfies the confidentiality and verifiability of the retrieved information, and the feasibility of the proposed scheme was demonstrated through experiments.

Zheyi Zhang,Nanrun Zhou,Bo Sun,Santo Banerjee,Jun Mou

DOI: https://doi.org/10.1016/j.jfranklin.2024.106844

IF: 4.246

2024-04-17

Journal of the Franklin Institute

Abstract:Cloud services in the medical process have become commonplace, and the semi-trusted nature of the healthcare cloud makes security in the communication process particularly important. This paper summarizes the four major pain points in the process of collecting, storing in the cloud, and communicating information in the medical process, and proposes a multimedia medical cloud information security system. The pressure of channel transmission is reduced by compressing two-dimensional information images with compressed sensing (CS) technology. The multimedia information type conversion technology can convert multimedia information into 2D images, and the converted 2D images are merged into a multi-image cube, which realizes the "one-person-one-cube" medical information archives management mode. A chaotic multi-image encryption (MIE) based on Identity Mutual Recognition Keys (IMRKs) is designed to encrypt the cube by transmitting it to the edge cloud, which ensures security and solves the problem of unauthorized use of medical information. The 3D Positioning Fifth Generation Message-Digest (3DPMD5) tamper determination algorithm is utilized to generate 32-bit hexadecimal numbers that are transmitted back to the medical terminal to achieve cloud tamper resistance. It is able to be demonstrated from the simulation results that the system has good reconstruction results, relatively safe performance, and high encryption and decryption efficiency.

automation & control systems,engineering, electrical & electronic, multidisciplinary,mathematics, interdisciplinary applications

Ji-Jiang Yang,Jian-Qiang Li,Yu Niu

DOI: https://doi.org/10.1016/j.future.2014.06.004

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:Storing and sharing of medical data in the cloud environment, where computing resources including storage is provided by a third party service provider, raise serious concern of individual privacy for the adoption of cloud computing technologies. Existing privacy protection researches can be classified into three categories, i.e., privacy by policy, privacy by statistics, and privacy by cryptography. However, the privacy concerns and data utilization requirements on different parts of the medical data may be quite different. The solution for medical dataset sharing in the cloud should support multiple data accessing paradigms with different privacy strengths. The statistics or cryptography technology alone cannot enforce the multiple privacy demands, which blocks their application in the real-world cloud. This paper proposes a practical solution for privacy preserving medical record sharing for cloud computing. Based on the classification of the attributes of medical records, we use vertical partition of medical dataset to achieve the consideration of different parts of medical data with different privacy concerns. It mainly includes four components, i.e., (1) vertical data partition for medical data publishing, (2) data merging for medical dataset accessing, (3) integrity checking, and (4) hybrid search across plaintext and ciphertext, where the statistical analysis and cryptography are innovatively combined together to provide multiple paradigms of balance between medical data utilization and privacy protection. A prototype system for the large scale medical data access and sharing is implemented. Extensive experiments show the effectiveness of our proposed solution.

Ming Li,Shucheng Yu,Yao Zheng,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2012.97

IF: 5.3

2013-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.

Jialu Hao,Wenjuan Tang,Cheng Huang,Jian Liu,Huimei Wang,Ming Xian

DOI: https://doi.org/10.1109/tetc.2021.3052377

2022-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:Cloud-assisted Internet of Medical Things (IoMT) is becoming an emerging paradigm in the healthcare domain, which involves collection, storage and usage of the medical data. Considering the confidentiality and accessibility of the outsourced data, secure and fine-grained data sharing is a crucial requirement for the patients. Attribute-based encryption (ABE) is a promising solution to deal with this issue, but considering its property of each attribute sharing with multiple users, how to flexibly and efficiently update access privileges of certain users without affecting others is still a serious challenge. In this article, we propose a secure and fine-grained data sharing scheme with flexible user access privilege update in cloud-assisted IoMT environment. Specifically, we take ABE as the basic building block, and utilize proxy re-encryption and key blinding techniques to empower the cloud server to re-encrypt the ciphertext affected by revocation and update keys for unrevoked users. In addition, adding attributes for users to extend their access rights is realized only based on few key components stored in cloud without entirely re-computing and re-issuing keys for them. As a result, the patients are able to flexibly and efficiently share their data and manage users’ privileges. Formal proof and detailed performance evaluation demonstrate the security and efficiency of the proposed scheme.

Jingwei Liu,Yue Fan,Rong Sun,Lei Liu,Celimuge Wu,Shahid Mumtaz

DOI: https://doi.org/10.1109/jiot.2023.3287636

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Due to the massive applications of Internet of Things (IoT) and the prevalence of wearable devices, e-healthcare systems are widely deployed in medical institutions. As a significant carrier of medical data, electronic medical record (EMR) is convenient to be stored and retrieved, which greatly simplifies the experience of medical treatment and cuts down the trivial work of paramedics. However, EMRs usually include much sensitive information such as patients’ identification numbers or home addresses that may be easily captured by unauthorized doctors and cloud servers. Based on this concern, e-healthcare systems can make use of attribute-based encryption (ABE) to protect private information while achieving fine-grained access control of encrypted EMRs. Whereas, most ABE schemes do not support both policy hiding and keyword search. To address the above issues, we propose an inner product searchable encryption scheme with multi-keyword search (MK-IPSE) based on blockchain to provide full privacy preservation and efficient ciphertext retrieval for EMRs. Inner product encryption (IPE) can not only specify access permissions such that only users with matched attributes can get the target files, but also support access policy hiding. Besides, the proposed scheme combines searchable encryption (SE) and federated blockchain (FB) to implement efficient and stable multi-keyword search. Compared with the existing schemes, MK-IPSE shows better performance on computation and storage. Additionally, security analysis demonstrates that our scheme can resist IND-CKA and collusion attacks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Lu Liu,Jingchao Sun,Jianqiang Li,Rong Li,Juan Li,Xi Meng,Huifang Li,Jijiang Yang

DOI: https://doi.org/10.1109/SmartCity.2015.205

2015-01-01

Abstract:With the development of healthcare industry, healthcare informatization provides great potential for the health-care improvement. The cloud computing platform, which is an important infrastructure for the inter( intra)-organization collaboration, provides a shared storage space to the medical data sharing. For the privacy protection of medical data, sensitive data has to be encrypted before being transmitted to the cloud, which makes it more challenging to use these data in the cloud. For strengthening the utilization of encrypted cloud data, various encrypted search technologies are widely studied. However, these existing searchable encryption schemes may not enforce users' demands well. This paper proposes a privacy enhanced search approach for cloud-based medical data sharing. The proposed solution implements a hybrid search approach, where the search process is conducted across plaintext and ciphertext. Moreover, the enhanced access control can ensure the privacy protection of cloud data. The empirical experiments illustrate the effectiveness of our solution.

Xiaohui Yang,Wenjie Li,Kai Fan

DOI: https://doi.org/10.1007/s12083-022-01387-4

2022-09-25

Abstract:With the development of digital healthcare, sharing electronic medical record data has become an indispensable part of improving medical conditions. Aiming at the centralized power caused by the single attribute authority in current CP-ABE schemes and the problem that cloud servers are curious and even malicious, we design a revocable CP-ABE EHR sharing scheme with multiple authorities (MA-RABE) in blockchain. In this solution, a group of authorities complete user attribute distribution, key generation and user management through secret sharing and transactions. Besides, we innovatively implemented a distributed one-way anonymous key agreement so that other participants cannot obtain useful information from the fully hidden policy embedded in the ciphertext. Taking into account the computational overhead of a large number of bilinear operations in the decryption process, the solution also supports the cloud server to pre-decrypt the ciphertext, and the data user only needs to perform exponentiation operation once to obtain the plaintext from the pre-decryption result. Theoretical analysis and performance evaluation show that the scheme has reliable security and lower user revocation and ciphertext update overhead.

computer science, information systems,telecommunications

Sujoy Roy,Jeet Agrawal,Alok Kumar,Udai Pratap Rao

DOI: https://doi.org/10.1007/s10586-024-04283-z

2024-02-21

Cluster Computing

Abstract:The modern medical system is convergence of cutting-edge technologies and advancements in the healthcare environment. In the modern medical system, the storage of electronic health records is generally leased out to third-party cloud service providers (CSPs). But, CSPs cannot be entirely relied upon due to the potential security and privacy issues. This article presents Multi-Authority and Hierarchical Attribute-Based Encryption Scheme (MH-ABE) scheme to promote secure information sharing and protect patient's privacy. The utilization of CP-ABE in conjunction with multiple Attribute Authorities within the proposed MH-ABE scheme presents a scalable and fine-grained approach to data access control. The proposed MH-ABE scheme incorporates the utilization of a Hierarchical Access Tree to effectively encrypt numerous files concurrently, hence reducing the computational and storage cost. The proposed scheme has also been evaluated using a comparative analysis with existing schemes, emphasizing the assessment of computational and storage costs. The findings of this analysis demonstrate improved performance and efficiency of the proposed ciphertext policy based encryption scheme. The proposed MH-ABE scheme incorporates features such as policy hiding and revocation, and it exhibits resilience against attacks, including collusion resistance, Indistinguishability under chosen-plaintext attack and forward secrecy.

computer science, information systems, theory & methods

Jie Zhao,Yifeng Zheng,Hejiao Huang,Jing Wang,Xiaojun Zhang,Daojing He

DOI: https://doi.org/10.1016/j.sysarc.2023.102860

IF: 5.836

2023-03-23

Journal of Systems Architecture

Abstract:Cloud-assisted medical cyber–physical systems (MCPSs) leverage the power of cloud computing for scalable storage and management of outsourced medical data. Based on the crucial outsouced medical data, guardians could know patient's health condition timely, doctors can make accurate diagnoses of patients, and medical research centers could also conduct medical big data analysis. However, medical data is highly sensitive and demands strong protection. Meanwhile, the integrity of outsourced medical data is vulnerable to hardware failures, software bugs or human errors. To date, a large number of data privacy-preserving integrity auditing schemes have been presented, but most of them suffer from the burden of complex public key certificate management or the key escrow problem of identity-based cryptography. In this paper, we propose a lightweight certificateless privacy-preserving integrity verification scheme (LCPPIV) with conditional anonymity for cloud-assisted MCPSs by developing an elliptic-curve digital signature and a key exchange mechanism, which can achieve the functionalities of medical data privacy protection, integrity verification of outsourced medical data, conditional anonymity, batch auditing, and secure compensation mechanism, simultaneously. Theoretical security analysis demonstrates that our scheme is provably secure in the random oracle model, with resistance to the public key replacement attack, malicious-but-passive-KGC attack, and response auditing proofs forgery. The performance evaluations indicate that LCPPIV is much more practical for cloud-assisted MCPSs compared with state-of-art data auditing schemes.

computer science, software engineering, hardware & architecture

Xuejiao Liu,Yingjie Xia,Wei Yang,Fengli Yang

DOI: https://doi.org/10.1016/j.neucom.2016.06.100

IF: 6

2018-01-01

Neurocomputing

Abstract:Information seeking is becoming an indispensable activity in daily life, especially in the medical cloud. Body Area Network (BAN) is becoming more and more popular with respect to the development and popularity of mobile devices. People are starting to back up the medical data to cloud, make data accessible by the doctors from almost anywhere using mobile terminals. In this paper, we present an efficient and secure fine-grained access control scheme which not only achieves authorized users to access the records in cloud storage, but also supports a small set of physicians to write on the records. In order to improve the efficiency, we put forward a novel technique called match-then-decrypt, which is used to perform the decryption test without decryption. Also, the scheme outsources bilinear pairing operations to a gateway without revealing the data content, and thus largely eliminates this overhead for users to a great extent. The performance assessments demonstrate the efficiency of our proposed solution in terms of computation, communication, and storage.

Chang Xu,Ningning Wang,Liehuang Zhu,Kashif Sharif,Chuan Zhang

DOI: https://doi.org/10.1109/jiot.2019.2917186

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:The integration of wearable wireless devices and cloud computing in e-health systems has significantly improved their effectiveness and availability. Patients can upload their personal health information (PHI) files to the cloud, from where the health service providers (HSPs) can obtain appropriate information to determine the health state. This system not only reduces the costs associated to healthcare but also provides timely diagnosis to save lives. However, a number of privacy concerns arise while sharing sensitive information. In this paper, we propose a novel privacy-preserving patient health information sharing scheme, which allows HSPs to access and search PHI files in a secure yet efficient manner. We make use of the searchable encryption technique with keyword range search and multikey-word search. The proposed privacy-preserving equality test protocol allows different types of numeric comparison searches on encrypted data. We also use a variant of bloom filter and message authentication code to classify PHI files, filter false data, and check integrity of search results. The simulations on real-world and synthetic data show the feasibility and efficiency of the system, and security analysis proves the privacy-preservation properties.

Chengzhe Lai,Hanyue Zhang,Rongxing Lu,Dong Zheng

DOI: https://doi.org/10.1109/jiot.2024.3350029

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The conflict between data privacy and sharing among healthcare institutions creates data silos, causing wasteful duplication, incomplete information, and potential hindrances to scientific research. In this paper, we present a privacy-preserving medical data sharing scheme based on cloud-assisted private set intersection (PSI) and aggregate signature technique. Firstly, we propose a novel authenticated cloud-assisted private set intersection, named AC-PSI, which can achieve client authentication and randomized processing of private data by using Diffie-Hellman-based Oblivious Pseudorandom Function (DH-OPRF) and Vector Oblivious Linear-Function Evaluation-based Oblivious Pseudorandom Function (VOLE-OPRF), respectively. Secondly, based on the AC-PSI and locally verifiable signature (LVS), we design a privacy-preserving and secure medical data sharing scheme, which can provide enhanced security features by enabling access control of computing resources and resist pre-computation attacks from external sources. Our approach has been proven through a rigorous analysis of security. Finally, through comparative analysis with the existing schemes, it is demonstrated that the proposed AC-PSI and medical data sharing scheme has low communication and computation overhead while achieving a higher level of privacy preservation and security.

computer science, information systems,telecommunications,engineering, electrical & electronic