Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Linchen Liu,Ruyan Liu,Zhiying Lv,Ding Huang,Xing Liu

DOI: https://doi.org/10.1016/j.heliyon.2023.e23575

IF: 3.776

2023-12-09

Heliyon

Abstract:In the period of big data, the Medical Internet of Things (MIoT) serves as a critical technology for modern medical data collection. Through medical devices and sensors, it enables real-time collection of a large amount of patients' physiological parameters and health data. However, these data are often generated in a high-speed, large-scale, and diverse manner, requiring integration with traditional medical systems, which further exacerbates the phenomenon of scattered and heterogeneous medical data. Additionally, the privacy and security requirements for the devices and sensor data involved in the MIoT are more stringent. Therefore, when designing a medical data sharing mechanism, the data privacy protection capability of the mechanism must be fully considered. This paper proposes an alliance chain medical data sharing mechanism based on a dual-chain structure to achieve secure sharing of medical data among entities such as medical institutions, research institutions, and cloud privacy centers, and at the same time provide privacy protection functions to achieve a balanced combination of privacy protection capability and data accessibility of medical data. First, a knowledge technology based on ciphertext policy attribute encryption with zero-knowledge concise non-interactive argumentation is used, combined with the data sharing structure of the federation chain, to ensure the integrity and privacy-protecting capability of medical data. Second, the approach employs certificate-based signing and proxy re-encryption technology, ensuring that entities can decrypt and verify medical data at the cloud privacy center using this methodology, consequently addressing the confidentiality concerns surrounding medical data. Third, an efficient and secure key identity-based encryption protocol is used to ensure the legitimacy of user identity and improve the security of medical data. Finally, the theoretical and practical performance analysis proves that the mechanism is feasible and efficient compared with other existing mechanisms.

Yongxiang Kuang,Bin Jiang,Xuerong Cui,Shibao Li,Yongxin Liu,Houbing Song

DOI: https://doi.org/10.1109/jiot.2024.3366889

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:With the development of Internet of Medical Things(IOMT), a lot of medical data are stored and released for both scientific research and practical applications. Accurate medical data is very valuable, but it also brings a huge risk of privacy leakage. Moreover, improving the privacy of data often leads to the reduction of data validity. Privacy and effectiveness are in conflict, and their balance is a typical multi-objective optimization problem (MOP). In this paper, we try to use differential privacy to disturb medical data to protect personal privacy. We propose the Environment Switching Algorithm (ESA) based on evolutionary learning to solve this MOP. ESA has excellent performance, which can ensure convergence speed and optimization performance at the same time. The result of optimization is a pareto front (PF) of huge scale, which includes solutions with different characteristics. We put forward a method of double clustering to select the appropriate solution from PF. Based on the above, we conclude the whole method as Flexible Differential Privacy Algorithm based on Evolutionary Learning (FDPEL). FDPEL can realize flexible differential privacy for medical data, while ensuring data privacy and data validity. FDPEL is suitable for privacy protection of medical data of different scales, which makes it have a practical applications value.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hao Ren,Hongwei Li,Xiaohui Liang,Shibo He,Yuanshun Dai,Lian Zhao

DOI: https://doi.org/10.3390/s16091463

IF: 3.9

2016-01-01

Sensors

Abstract:With the rapid growth of the health data scale, the limited storage and computation resources of wireless body area sensor networks (WBANs) is becoming a barrier to their development. Therefore, outsourcing the encrypted health data to the cloud has been an appealing strategy. However, date aggregation will become difficult. Some recently-proposed schemes try to address this problem. However, there are still some functions and privacy issues that are not discussed. In this paper, we propose a privacy-enhanced and multifunctional health data aggregation scheme (PMHA-DP) under differential privacy. Specifically, we achieve a new aggregation function, weighted average (WAAS), and design a privacy-enhanced aggregation scheme (PAAS) to protect the aggregated data from cloud servers. Besides, a histogram aggregation scheme with high accuracy is proposed. PMHA-DP supports fault tolerance while preserving data privacy. The performance evaluation shows that the proposal leads to less communication overhead than the existing one.

Jinpeng Wang,Xiaohui Li

DOI: https://doi.org/10.3390/electronics12020307

IF: 2.9

2023-01-07

Electronics

Abstract:As big data and data mining technology advance, research on the collection and analysis of medical data on the internet of medical things (IoMT) has gained increasing attention. Medical institutions often collect users' signs and symptoms from their devices for analysis. However, the process of data collection may pose a risk of privacy leakage without a trusted third party. To address this issue, we propose a medical data collection based on local differential privacy and Count Sketch (MDLDP). The algorithm first uses a random sampling technique to select only one symptom for perturbation by a single user. The perturbed data is then uploaded using Count Sketch. The third-party aggregates the user-submitted data to estimate the frequencies of the symptoms and the mean extent of their occurrence. This paper theoretically demonstrates that the designed algorithm satisfies local differential privacy and unbiased estimation. We also evaluated the algorithm experimentally with existing algorithms on a real medical dataset. The results show that the MDLDP algorithm has good utility for key-value type medical data collection statistics in the IoMT.

engineering, electrical & electronic,computer science, information systems,physics, applied

Lina Ni,Peng Huang,Yongshan Wei,Minglei Shu,Jinquan Zhang

DOI: https://doi.org/10.1155/2021/8967819

2021-11-22

Wireless Communications and Mobile Computing

Abstract:With the proliferation of intelligent services and applications authorized by artificial intelligence, the Internet of Things has penetrated into many aspects of our daily lives, and the medical field is no exception. The medical Internet of Things (MIoT) can be applied to wearable devices, remote diagnosis, mobile medical treatment, and remote monitoring. There is a large amount of medical information in the databases of various medical institutions. Nevertheless, due to the particularity of medical data, it is extremely related to personal privacy, and the data cannot be shared, resulting in data islands. Federated learning (FL), as a distributed collaborative artificial intelligence method, provides a solution. However, FL also involves multiple security and privacy issues. This paper proposes an adaptive Differential Privacy Federated Learning Medical IoT (DPFL-MIoT) model. Specifically, when the user updates the model locally, we propose a differential privacy federated learning deep neural network with adaptive gradient descent (DPFLAGD-DNN) algorithm, which can adaptively add noise to the model parameters according to the characteristics and gradient of the training data. Since privacy leaks often occur in downlink, we present differential privacy federated learning (DP-FL) algorithm where adaptive noise is added to the parameters when the server distributes the parameters. Our method effectively reduces the addition of unnecessary noise, and at the same time, the model has a good effect. Experimental results on real-world data show that our proposed algorithm can effectively protect data privacy.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yan-Ping Wang,Xiao-Fen Wang,Hong-Ning Dai,Xiao-Song Zhang,Yu Su,Muhammad Imran,Nidal Nasser

DOI: https://doi.org/10.1109/globecom48099.2022.10000912

2022-01-01

Abstract:As a rapidly growing subset of the Internet of Thing (IoT), the cloud-based Internet of Medical Thing (IoMT) has been widely applied in remote healthcare industries, which allows the physicians to monitor patients' body parameters remotely to offer continuous and timely healthcare. These healthcare parameters usually contain sensitive information, such as heart rates, glucose levels and etc., and the exposure of them may pose serious threats to the patients' health and lives. To guarantee security and privacy, many IoMT data sharing schemes have been proposed. However, most of these schemes either exhibit a one-to-one data sharing structure or fail to protect the patients' privacy. Since the data usually needs to be shared to different physicians, patients may want to be assisted without revealing their identities. To meet these requirements in healthcare systems, we propose a multi-receiver secure healthcare data sharing scheme, in which the patients are allowed to share their IoMT data to multiple physicians simultaneously for a multidisciplinary treatment, and the conditional anonymity is achieved where data source authentication is provided without revealing the patient's identity. When the patient health condition is abnormal, the hospital can correctly and quickly trace the patient's identity and inform him/her immediately. Our scheme is formally proved to achieve multiple security properties including confidentiality, unforgeability and anonymity. Simulation results demonstrate that the proposed scheme is efficient and practical.

WeiKang Liu,Yanchun Zhang,Hong Yang,Qinxue Meng

DOI: https://doi.org/10.1007/s40745-023-00475-3

2023-06-10

Abstract:Machine learning methods promote the sustainable development of wise information technology of medicine (WITMED), and a variety of medical data brings high value and convenience to medical analysis. However, the applications of medical data have also been confronted with the risk of privacy leakage that is hard to avoid, especially when conducting correlation analysis or data sharing among multiple institutions. Data security and privacy preservation have recently played an essential role in the field of secure and private medical data analysis, where many differential privacy strategies are applied to medical data publishing and mining. In this paper, we survey research work on the applications of differential privacy for medical data analysis, discussing the necessity of medical privacy-preserving, the advantages of differential privacy, and their applications to typical medical data, such as genomic data and wearable device data. Furthermore, we discuss the challenges and potential future research directions for differential privacy in medical applications.

Wenjuan Tang,Ju Ren,Kun Deng,Yaoxue Zhang

DOI: https://doi.org/10.1109/jiot.2019.2923261

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:With rapid development of e-healthcare systems, patients that are equipped with resource-limited e-healthcare devices (Internet of Things) generate huge amount of health data for health management. These health data possess significant medical value when aggregated from these distributed devices. However, efficient health data aggregation poses several security and privacy issues such as confidentiality disclosure and differential attacks, as well as patients may be reluctant to contribute their health data for aggregation. In this paper, we propose a privacy-preserving heath data aggregation scheme that securely collects health data from multiple sources and guarantee fair incentives for contributing patients. Specifically, we employ signature techniques to keep fair incentives for patients. Meanwhile, we add noises into the health data for differential privacy. Furthermore, we combine Boneh-Goh-Nissim cryptosystem and Shamir's secret sharing to keep data obliviousness security and fault tolerance. Security and privacy discussions show that our scheme can resist differential attacks, tolerate healthcare centers failures, and keep fair incentives for patients. Performance evaluations demonstrate cost-efficient computation, communication and storage overhead.

Kai Fan,Wei Jiang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/tii.2018.2794996

IF: 12.3

2018-01-01

IEEE Transactions on Industrial Informatics

Abstract:Traditional medical privacy data are at a serious risk of disclosure, and many related cases have occurred over the years. For example, personal medical privacy data can be easily leaked to insurance companies, which not only compromises the privacy of individuals, but also hinders the healthy development of the medical industry. With the continuous improvement of cloud computing and big data technologies, the Internet of Things technology has been rapidly developed. Radio frequency identification (RFID) is one of the core technologies of the Internet of Things. The application of the RFID system to the medical system can effectively solve this problem of medical privacy. RFID tags in the system can collect useful information and conduct data exchange and processing with a back-end server through the reader. The whole process of information interaction is mainly in the form of ciphertext. In the context of the Internet of Things, the paper presents a lightweight RFID medical privacy protection scheme. The scheme ensures security privacy of the collected data via secure authentication. The security analysis and evaluation of the scheme indicate that the protocol can effectively prevent the risk of medical privacy data being easily leaked.

Ruijin Wang,Jinshan Lai,Zhiyang Zhang,Xiong Li,Pandi Vijayakumar,Marimuthu Karuppiah

DOI: https://doi.org/10.1109/JBHI.2022.3157725

Abstract:Edge intelligent computing is widely used in the fields, such as the Internet of Medical Things (IoMT), which has advantages, including high data processing efficiency, strong real-time performance and low network delay. However, there are many problems including privacy disclosure, limited calculation force, as well as scheduling and coordination issues. Federated learning can greatly improves training efficiency. However, due to the sensitive nature of the healthcare data, the aforementioned approach of transferring the patient's data to the servers may create serious security and privacy issues. Therefore, this article proposes a Privacy Protection Scheme for Federated Learning under Edge Computing (PPFLEC). First of all, we propose a lightweight privacy protection protocol based on a shared secret and weight mask, which is based on a random mask scheme of secret sharing. It is more accurate and efficient than,homomorphic encryption. It can not only protect gradient privacy without losing model accuracy, but also resist equipment dropping and collusion attacks between devices. Second, we design an algorithm based on a digital signature and hash function, which achieves the integrity and consistency of the message, as well as resisting replay attacks. Finally, we propose a periodic average training strategy, compared with differential privacy to prove that our scheme is 40 % faster in efficiency than in deferential privacy. Meanwhile, compared with federated learning, we can achieve the same efficiency under the condition of ensuring safety. Therefore, our scheme can work well in unstable edge computing environments such as smart healthcare.

Han Qiu,Meikang Qiu,Meiqin Liu,Gerard Memmi

DOI: https://doi.org/10.48550/arXiv.1904.08270

2019-04-17

Cryptography and Security

Abstract:The recent spades of cyber security attacks have compromised end users' data safety and privacy in Medical Cyber-Physical Systems (MCPS). Traditional standard encryption algorithms for data protection are designed based on a viewpoint of system architecture rather than a viewpoint of end users. As such encryption algorithms are transferring the protection on the data to the protection on the keys, data safety and privacy will be compromised once the key is exposed. In this paper, we propose a secure data storage and sharing method consisted by a selective encryption algorithm combined with fragmentation and dispersion to protect the data safety and privacy even when both transmission media (e.g. cloud servers) and keys are compromised. This method is based on a user-centric design that protects the data on a trusted device such as end user's smartphone and lets the end user to control the access for data sharing. We also evaluate the performance of the algorithm on a smartphone platform to prove the efficiency.

Liming Fang,Changchun Yin,Juncen Zhu,Chunpeng Ge,M. Tanveer,Alireza Jolfaei,Zehong Cao

DOI: https://doi.org/10.1145/3408322

2021-01-21

Abstract:In virtue of advances in smart networks and the cloud computing paradigm, smart healthcare is transforming. However, there are still challenges, such as storing sensitive data in untrusted and controlled infrastructure and ensuring the secure transmission of medical data, among others. The rapid development of watermarking provides opportunities for smart healthcare. In this article, we propose a new data-sharing framework and a data access control mechanism. The applications are submitted by the doctors, and the data is processed in the medical data center of the hospital, stored in semi-trusted servers to support the selective sharing of electronic medical records from different medical institutions between different doctors. Our approach ensures that privacy concerns are taken into account when processing requests for access to patients’ medical information. For accountability, after data is modified or leaked, both patients and doctors must add digital watermarks associated with their identification when uploading data. Extensive analytical and experimental results are presented that show the security and efficiency of our proposed scheme.

Guangquan Xu,Chen Qi,Wenyu Dong,Lixiao Gong,Shaoying Liu,Si Chen,Jian Liu,Xi Zheng

DOI: https://doi.org/10.1109/jbhi.2022.3203577

IF: 7.7

2023-02-01

IEEE Journal of Biomedical and Health Informatics

Abstract:With the increasing penetration of the Internet of things (IoT) into people's lives, the limitations of traditional medical systems are emerging. First, the typical way of handling sensitive information can easily lead to privacy disclosure. Second, the medical system is relatively isolated. It is difficult for one medical system to share data with another, and the scope of users' activities is limited within the system boundary. To solve these two problems, we propose a new privacy-preserving medical data-sharing scheme by introducing the authorization mechanism and attribute-based encryption (ABE) based on blockchain, which breaks system boundaries and realizes data sharing among several medical institutions. ABE is used to realize scalable access control. In addition, doctors can share their knowledge to diagnose users by introducing many-to-many matching, which means that patients' health data can be represented by multiple keywords and doctors' expertise can be represented by multiple interests. We provide the correctness and security analysis of our scheme and implement a prototype tool on Ethereum. The experimental results show that our scheme solves the contradiction between the privacy preservation of medical data and the necessity of data sharing.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Wenjuan Tang,Kuan Zhang,Ju Ren,Yaoxue Zhang,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/glocom.2017.8254989

2017-01-01

Abstract:With the advancements of electronic medical equipment, e-healthcare system becomes a promising paradigm to continuously monitor health conditions and remotely diagnose phenomena. Meanwhile, it generates a large volume of health data and poses several security challenges, such as access control and privacy leakage. In this paper, we propose a lightweight and privacy- preserving fog-assisted information sharing scheme (PFHD) for health big data. Specifically, we integrate fog computing into e-healthcare system to pre-process the raw health data and improve the efficiency of health data analysis. Furthermore, to prevent privacy leakage, we design a hierarchical attribute-based encryption method by encrypting the profile and health data with different access policies. In addition, we reduce the computation cost on devices by offloading health data encryption from devices to fog servers. Security discussions show that PFHD can achieve fine- grained health data sharing with privacy preservation. Performance evaluations demonstrate the efficiency of PFHD, especially in terms of encryption computation and storage costs.

Guangjun Wu,Shupeng Wang,Zhaolong Ning,Jun Li records,Jun Li

DOI: https://doi.org/10.1109/jiot.2021.3138104

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Recently, the rapid developments in the Internet of Medical Things (IoMT) enable smart devices to generate and transmit massive personal electronic medical records (EMRs). However, there are many sensitive attributes in an EMR, which could be accessed by external or internal unauthorized users for malicious purposes. In this article, we present a triple subject purpose-based access control (TS-PBAC) model, which is compatible with a blockchain-enabled reliable transaction network, and design an individual-centric security and privacy-preserving mechanism for access control with different purposes and roles in IoMT scenarios. Specifically, we design hierarchical purpose tree (HPT) and related policies to guarantee the legality of an external user with different purposes. To improve the privacy for sensitive attributes against an internal attacker, we design a local differential privacy (LDP)-based policy and role-based access control scheme in an edge computing paradigm to grant fine-granularity rights for authorized users. In addition, we introduce mutual evaluation metrics to evaluate data quality from a patient-and-medical-service level in an open anonymous network, only using logs kept in the blockchain. We test our approach by real-world EMRs with 100000 patients. The experimental results show that the proposed privacy-preserving scheme can better protect patient’s privacy than traditional access control policies in IoMT environments, and can make reliable and stable access control decisions between data publishers and data requesters with different purposes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ji-Jiang Yang,Jian-Qiang Li,Yu Niu

DOI: https://doi.org/10.1016/j.future.2014.06.004

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:Storing and sharing of medical data in the cloud environment, where computing resources including storage is provided by a third party service provider, raise serious concern of individual privacy for the adoption of cloud computing technologies. Existing privacy protection researches can be classified into three categories, i.e., privacy by policy, privacy by statistics, and privacy by cryptography. However, the privacy concerns and data utilization requirements on different parts of the medical data may be quite different. The solution for medical dataset sharing in the cloud should support multiple data accessing paradigms with different privacy strengths. The statistics or cryptography technology alone cannot enforce the multiple privacy demands, which blocks their application in the real-world cloud. This paper proposes a practical solution for privacy preserving medical record sharing for cloud computing. Based on the classification of the attributes of medical records, we use vertical partition of medical dataset to achieve the consideration of different parts of medical data with different privacy concerns. It mainly includes four components, i.e., (1) vertical data partition for medical data publishing, (2) data merging for medical dataset accessing, (3) integrity checking, and (4) hybrid search across plaintext and ciphertext, where the statistical analysis and cryptography are innovatively combined together to provide multiple paradigms of balance between medical data utilization and privacy protection. A prototype system for the large scale medical data access and sharing is implemented. Extensive experiments show the effectiveness of our proposed solution.

Heng Pan,Yaoyao Zhang,Xueming Si,Zhongyuan Yao,Liang Zhao

DOI: https://doi.org/10.3390/sym14122479

2022-01-01

Symmetry

Abstract:The Internet of Things (IoT) and cloud technologies have significantly facilitated healthcare. In such a context, medical data are collected by the terminals from the patients, manipulated, and stored on the cloud by hospitals (doctors). This brings asymmetry problems in medical data access control, processing, and storage between doctors and patients, which results in medical data sharing face many challenges such as privacy leakage and malicious feedback from cloud servers on queries. To solve these asymmetry problems, this paper proposes a medical data sharing scheme with cloud-chain cooperation and policy fusion in the IoT. Regarding asymmetrical access control rights, a conflict resolution and fusion algorithm that enables co-authorization of medical data by the doctor and the patient is introduced. To balance the symmetry of medical data storage and processing, a cloud-chain cooperation ciphertext retrieval method is proposed by means of two-stage joint searching from cloud servers and the blockchain, which can not only detect malicious medical data feedback from cloud servers, but also improve the data search efficiency. The security analysis showed that this scheme satisfies the confidentiality and verifiability of the retrieved information, and the feasibility of the proposed scheme was demonstrated through experiments.

Siqi Zhang,Xiaohui Li

DOI: https://doi.org/10.1038/s41598-022-19544-3

IF: 4.6

2022-09-23

Scientific Reports

Abstract:The advent of the era of big data promotes the further development of medicine, and data release is an important step in it. The existing medical data release methods mostly use the k-anonymity model as the basis for data protection. With the advancement of technology, anonymous models are progressively less resistant to consistency attacks and background knowledge attacks. In order to better protect the private information of patients, this paper makes two major contributions: (1) The method of calculating the correlation between attributes is used to ensure the validity of the data after the data is released; (2) On the basis of the previous step, combined with the difference privacy-preserving model and tree model, this paper proposes an attribute association-based differential privacy classification tree data publishing method (ACDP-Tree). In this paper, simulation experiments are carried out on real medical data sets. The experimental results show that the algorithm ensures the validity and availability of the data to a certain extent while ensuring that the patient's privacy is not leaked.

multidisciplinary sciences