Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Jian Zhang,Yang,Yanjiao Chen,Jing Chen,Qian Zhang

DOI: https://doi.org/10.1016/j.comnet.2017.08.019

IF: 5.493

2017-01-01

Computer Networks

Abstract:With the growing popularity of cloud storage, to guarantee the security of outsourced data becomes more and more important. In this paper, we make the first attempt to explore the intrinsic relationship between secure cloud storage and homomorphic encryption scheme, based on which we present a Generic way to design a Secure Cloud Storage protocol, denoted as G-SCS, using any homomorphic encryption scheme (HES). The proposed G-SCS is secure under a definition that satisfy the security requirement of cloud storage. To address various issues in real application scenarios, we further extend the protocol to support deterministic and randomized auditing, data dynamics (i.e., data insertion, deletion and modification), as well as third-party public auditing, while preserving the efficiency and security of the protocol. By instantiating all abstract semantics in G-SCS, we construct three concrete secure cloud storage protocols using RSA-based, Paillier-based and DGHV-based HESs, which are multiplicatively, additively and fully HESs, respectively. We conduct extensive theoretical analysis and experimental evaluations to validate the practicability of the proposed protocol.

Kamlesh Kumar Hingwe,S. Mary Saira Bhanu

DOI: https://doi.org/10.1007/978-981-10-0135-2_43

2016-03-02

Abstract:Database as a service provides services for accessing and managing customers data which provides ease of access, and the cost is less for these services. There is a possibility that the DBaaS service provider may not be trusted, and data may be stored on untrusted server. The access control mechanism can restrict users from unauthorized access, but in cloud environment access control policies are more flexible. However, an attacker can gather sensitive information for a malicious purpose by abusing the privileges as another user and so database security is compromised. The other problems associated with the DBaaS are to manage role hierarchy and secure session management for query transaction in the database. In this paper, a role-based access control for the multitenant database with role hierarchy is proposed. The query is granted with least access privileges, and a session key is used for session management. The proposed work protects data from privilege escalation and SQL injection. It uses the partial homomorphic encryption (Paillier Encryption) for the encrypting the sensitive data. If a query is to perform any operation on sensitive data, then extra permissions are required for accessing sensitive data. Data confidentiality and integrity are achieved using the role-based access control with partial homomorphic encryption.

Cryptography and Security

Ali Kartit

DOI: https://doi.org/10.48048/tis.2022.3970

2022-04-30

Trends in Sciences

Abstract:In recent years, there has been a growing demand for the adoption of cloud in healthcare to process medical data. Unfortunately, this emerging new paradigm faces several challenges, as customer data is stored on remote servers rather than on premise solutions. This is considered to be the main root cause of the major security vulnerabilities encountered in outsourced calculations. Indeed, to solve this problem we used encryption; customers should encode their sensitive data when considering adopting cloud services. One of the biggest challenges is establishing controls that completely protect secret data from insider attacks, while also supporting the computations. In addition, applying complex encryption schemes can have a negative effect on system performance. This study focuses in particular on homomorphic techniques and their main applications, as well as their limitations. Unlike traditional encryption methods, homomorphic schemes are used not only to reduce the security risks associated with cloud technology, but also to process cipher texts. However, current efforts in this area need to be further developed to strike the right balance between privacy risks and data utility. In this regard, we offer a hybrid approach that offers the possibility of quickly processing health records in a secure manner. Our main contribution is the proposal of a new method based on Hadoop MapReduce functions in conjunction with a multi-agent system to maintain data confidentiality. In addition, and to design intelligent distributed computing for efficient management of Virtual Machine (VM) workloads, we used a method based on the Bat Algorithm (BA). HIGHLIGHTS This article is about a system based on homomorphic encryption to secure medical images stored in cloud computing Its objective is to reduce the security risks associated with cloud technology, but also to process ciphertexts This system is based on the MapReduce function to benefit from parallelism during data processing and the Hadoop framework to develop and implement secure medical image processing applications in the cloud Hadoop and MapReduce are in conjunction with a multi-agent system to perform distributed data processing Our system uses a method based on the Bat (BA) algorithm to ensure efficient management of the workload of virtual machines (VMs) and thus guarantee load balancing GRAPHICAL ABSTRACT

English Else

Garima Verma,Soumen Kanrar

DOI: https://doi.org/10.3233/mgs-220361

2022-05-23

Multiagent and Grid Systems

Abstract:Nowadays cloud computing has given a new paradigm of computing. Despite several benefits of cloud computing there is still a big challenge of ensuring confidentiality and integrity for sensitive information on the cloud. Therefore to address these challenges without loss of any sensitive information and privacy, we present a novel and robust model called ‘Enhanced Cloud Security using Hyper Elliptic Curve and Biometric’ (ECSHB). The model ECSHB ensures the preservation of data security, privacy, and authentication of data in a cloud environment. The proposed approach combines biometric and hyperelliptic curve cryptography (HECC) techniques to elevate the security of data accessing and resource preservations in the cloud. ECSHB provides a high level of security using less processing power, which will automatically reduce the overall cost. The efficacy of the ECSHB has been evaluated in the form of recognition rate, biometric similarity score, False Matching Ratio (FMR), and False NonMatching Ratio (FNMR). ECSHB has been validated using security threat model analysis in terms of confidentiality. The measure of collision attack, replay attack and non-repudiation is also considered in this work. The evidence of results is compared with some existing work, and the results obtained exhibit better performance in terms of data security and privacy in the cloud environment.

Reetu Gupta,Priyesh Kanungo,Nirmal Dagdee,Golla Madhu,Kshira Sagar Sahoo,N Z Jhanjhi,Mehedi Masud,Nabil Sharaf Almalki,Mohammed A AlZain

DOI: https://doi.org/10.3390/s23052617

2023-02-27

Abstract:With continuous advancements in Internet technology and the increased use of cryptographic techniques, the cloud has become the obvious choice for data sharing. Generally, the data are outsourced to cloud storage servers in encrypted form. Access control methods can be used on encrypted outsourced data to facilitate and regulate access. Multi-authority attribute-based encryption is a propitious technique to control who can access encrypted data in inter-domain applications such as sharing data between organizations, sharing data in healthcare, etc. The data owner may require the flexibility to share the data with known and unknown users. The known or closed-domain users may be internal employees of the organization, and unknown or open-domain users may be outside agencies, third-party users, etc. In the case of closed-domain users, the data owner becomes the key issuing authority, and in the case of open-domain users, various established attribute authorities perform the task of key issuance. Privacy preservation is also a crucial requirement in cloud-based data-sharing systems. This work proposes the SP-MAACS scheme, a secure and privacy-preserving multi-authority access control system for cloud-based healthcare data sharing. Both open and closed domain users are considered, and policy privacy is ensured by only disclosing the names of policy attributes. The values of the attributes are kept hidden. Characteristic comparison with similar existing schemes shows that our scheme simultaneously provides features such as multi-authority setting, expressive and flexible access policy structure, privacy preservation, and scalability. The performance analysis carried out by us shows that the decryption cost is reasonable enough. Furthermore, the scheme is demonstrated to be adaptively secure under the standard model.

Mbarek Marwan,Ali Kartit,Hassan Ouahmane

DOI: https://doi.org/10.1007/978-3-319-74500-8_75

2018-01-01

Abstract:The modern radiologists and doctors often use imaging software for a better diagnosis, and hence, to deliver improved patient care. Obviously, since digital records contain useful biological information, they are now being massively produced. Unfortunately, the maintenance and licenses required to mange an on-premise solution is a costly and time-consuming approach. To overcome this challenge, healthcare organizations implement cloud services to process medical images with the help of remote tools and facilities. In fact, cloud computing has, since its emergence, changed the way we build and develop IT services. In this new paradigm, computational resources are accessed and downloaded as needed through the Internet. The aim of this concept is to outsource computations to an external entity in order to reduce costs. In this context, the billing system of this model is based mainly on software utilization and Service-Level Agreement (SLA) contract. Despite its promising features, the adoption of this technology in healthcare domain gives rise to different problems regarding privacy and security. In this respect, we are interested in highlighting opportunities and challenges of image processing using cloud, as well as suggestions for future developments. We are particularly focused on homomorphic encryption techniques and their applications in data processing. There are only a few studies in the literature that deal with this subject. The results of the present study reveal that homomorphic encryption is a promising technique to ensure data privacy when using cloud services. However, existing schemes still have some limitations, especially computational costs.

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

C P Gupta,Iti Sharma

DOI: https://doi.org/10.1109/nof.2013.6724526

2013-10-01

Abstract:With single computer's computation power not sufficing., need for sharing resources to manipulate and manage data through clouds is increasing rapidly. Hence., it is favorable to delegate computations or store data with a third party., the cloud provider. However., delegating data to third party poses the risks of data disclosure during computation. The problem can be addressed by carrying out computation without decrypting the encrypted data. The results are also obtained encrypted and can be decrypted at the user side. This requires modifying functions in such a way that they are still executable while privacy is ensured or to search an encrypted database. Homomorphic encryption provides security to cloud consumer data while preserving system usability. We propose a symmetric key homomorphic encryption scheme based on matrix operations with primitives that make it easily adaptable for different needs in various cloud computing scenarios.

Mehedi Masud,Gurjot Singh Gaba,Karanjeet Choudhary,Roobaea Alroobaea,M Shamim Hossain

DOI: https://doi.org/10.1007/s12083-021-01162-x

Abstract:Traditional healthcare services have transitioned into modern healthcare services where doctors remotely diagnose the patients. Cloud computing plays a significant role in this change by providing easy access to patients' medical records to all stakeholders, such as doctors, nurses, patients, life insurance agents, etc. Cloud services are scalable, cost-effective, and offer a broad range of mobile access to patients' electronic health record (EHR). Despite the cloud's enormous benefits like real-time data access, patients' EHR security and privacy are major concerns. Since the information about patients' health is highly sensitive and crucial, sharing it over the unsecured wireless medium brings many security challenges such as eavesdropping, modifications, etc. Considering the security needs of remote healthcare, this paper proposes a robust and lightweight, secure access scheme for cloud-based E-healthcare services. The proposed scheme addresses the potential threats to E-healthcare by providing a secure interface to stakeholders and prohibiting unauthorized users from accessing information stored in the cloud. The scheme makes use of multiple keys formed through the key derivation function (KDF) to ensure end-to-end ciphering of information for preventing misuse. The rights to access the cloud services are provided based on the identity and the association between stakeholders, thus ensuring privacy. Due to its simplicity and robustness, the proposed scheme is the best fit for protecting data security and privacy in cloud-based E-healthcare services.

Saja J. Mohammed,Dujan B. Taha

DOI: https://doi.org/10.12928/telkomnika.v19i4.16875

2021-08-01

TELKOMNIKA (Telecommunication Computing Electronics and Control)

Abstract:“Cloud computing” is a new technology that revolutionized the world of communications and information technologies. It collects a large number of possibilities, facilities, and developments, and uses the combining of various earlier inventions into something new and compelling. Despite all features of cloud computing, it faces big challenges in preserving data confidentiality and privacy. It has been subjected to numerous attacks and security breaches that have prompted people to hesitate to adopt it. This article provided comprehensive literature on the cloud computing concepts with a primary focus on the cloud computing security field, its top threats, and the protection against each one of them. Data security/privacy in the cloud environment is also discussed and homomorphic encryption (HE) was highlighted as a popular technique used to preserve the privacy of sensitive data in many applications of cloud computing. The article aimed to provide an adequate overview of both researchers and practitioners already working in the field of cloud computing security, and for those new in the field who are not yet fully equipped to understand the detailed and complex technical aspects of cloud computing.

Kundan Munjal,Rekha Bhatia

DOI: https://doi.org/10.1007/s40747-022-00756-z

IF: 6.7

2022-05-03

Complex & Intelligent Systems

Abstract:Abstract Cloud computing and cloud storage have contributed to a big shift in data processing and its use. Availability and accessibility of resources with the reduction of substantial work is one of the main reasons for the cloud revolution. With this cloud computing revolution, outsourcing applications are in great demand. The client uses the service by uploading their data to the cloud and finally gets the result by processing it. It benefits users greatly, but it also exposes sensitive data to third-party service providers. In the healthcare industry, patient health records are digital records of a patient’s medical history kept by hospitals or health care providers. Patient health records are stored in data centers for storage and processing. Before doing computations on data, traditional encryption techniques decrypt the data in their original form. As a result, sensitive medical information is lost. Homomorphic encryption can protect sensitive information by allowing data to be processed in an encrypted form such that only encrypted data is accessible to service providers. In this paper, an attempt is made to present a systematic review of homomorphic cryptosystems with its categorization and evolution over time. In addition, this paper also includes a review of homomorphic cryptosystem contributions in healthcare.

computer science, artificial intelligence

Arthur S. Voundi Koe,Qi Chen,Juan Tang,Shan Ai,Hongyang Yan,Shiwen Zhang,Duncan S. Wong

DOI: https://doi.org/10.1002/int.23009

IF: 8.993

2022-09-09

International Journal of Intelligent Systems

Abstract:With recent advances in cloud computing, mobile devices are increasingly being used to record patient physiological parameters, and transfer them to a cloud‐based hospital information system, for access control mediation over a variety of stakeholders. In such a cloud‐based architecture, the patient must specify an access policy for a group of authorized parties towards its outsourced data. Multiauthority ciphertext‐policy attribute‐based encryption (CP‐ABE) was provided as an innovative cloud‐based access control cryptographic primitive to tackle the key escrow issue in a centralized architecture, and boost flexibility through cross‐domain attributes management. Existing works, however, still have glaring drawbacks. First, they still rely on a trusted authority to generate and distribute user secret keys. Second, they do not simultaneously provide encryption, decryption, or revocation outsourcing, resulting in high processing and communication cost for both the data sender and the data receiver. Third, they do not support both user and attribute revocation, and the integrity of ciphertext downloaded from the cloud is not always verified at the user end. As a result, this paper exploits the dummy attribute technique and introduces a novel, efficient, and secure multiauthority ciphertext‐policy ABE method for mediating access control over medical data, in the mobile cloud. The ciphertext access policy enforcement, partial ciphertext decryption, and both the user and attribute indirect revocation updates are safely outsourced to the cloud server in this study. Theoretical analysis demonstrates that our scheme is efficient and verifiable, and we prove that our construction is secure under the decisional bilinear Diffie‐Hellman assumption.

computer science, artificial intelligence

Naresh Sammeta,Latha Parthiban

DOI: https://doi.org/10.1142/s0219467822400034

2021-10-06

International Journal of Image and Graphics

Abstract:Recent healthcare systems are defined as highly complex and expensive. But it can be decreased with enhanced electronic health records (EHR) management, using blockchain technology. The healthcare sector in today’s world needs to address two major issues, namely data ownership and data security. Therefore, blockchain technology is employed to access and distribute the EHRs. With this motivation, this paper presents novel data ownership and secure medical data transmission model using optimal multiple key-based homomorphic encryption (MHE) with Hyperledger blockchain (OMHE-HBC). The presented OMHE-HBC model enables the patients to access their own data, provide permission to hospital authorities, revoke permission from hospital authorities, and permit emergency contacts. The proposed model involves the MHE technique to securely transmit the data to the cloud and prevent unauthorized access to it. Besides, the optimal key generation process in the MHE technique takes place using a hosted cuckoo optimization (HCO) algorithm. In addition, the proposed model enables sharing of EHRs by the use of multi-channel HBC, which makes use of one blockchain to save patient visits and another one for the medical institutions in recoding links that point to EHRs stored in external systems. A complete set of experiments were carried out in order to validate the performance of the suggested model, and the results were analyzed under many aspects. A comprehensive comparison of results analysis reveals that the suggested model outperforms the other techniques.

Tao Li,Xiaojun Ye,Jianmin Wang

DOI: https://doi.org/10.1145/2430475.2430493

2012-01-01

Abstract:To achieve a trustworthy cloud data service, there is a need to both provide the right services from a security engineering perspective, as well as to allows specific types of computations to be carried out on encrypted cloud data. However, traditional encryption solutions can't be used to process outsourcing encrypted data hosting to an untrusted cloud provider. A novel encryption scheme, called fully homomorphic encryption (FHE), could afford the circuit ability over encrypted data without decrypting it. In this paper, we deliver a universal construction framework for fully homomorphic encryption schemes. At first, this framework initializes a somewhat homomorphic encryption scheme based on the concept of metric space in abstract algebra which encodes the plaintext into a offset vector and generates a ciphertext by adding the offset vector to a random eigenvector in the metric space. As an abelian group, the ring is closed under addition and multiplication, this abstract algebra assume the metric space could forma ring and the eigenvectors belong to an ideal of this ring, then this framework could achieve homomorphism by having the scheme live in rings. We also deduce some well-known fully homomorphic schemes from the construction framework, and propose a prototype with an FHE encryption proxy to solve confidentiality problems in cloud systems. At last, we show the performance of FHE with some experiments, and speed the performance of fully homomorphic encryption up with cloud computing (parallel computing, distribute computing, etc.). We also discuss some opening issues and directions for future fully homomorphic encryption researches.

Qiong Liu,Feng Zhou,Han Chen

DOI: https://doi.org/10.1016/j.phycom.2024.102295

IF: 2.379

2024-02-01

Physical Communication

Abstract:Background Cloud computing offers considerable flexibility and financial savings to data owners for outsourcing their complicated data management systems from local sites to the commercial public cloud. Methods However, an effective encryption scheme is needed to protect the private medical data of the user in the cloud without leaking it. Therefore, in this paper an efficient Deoxyribonucleic Acid Homomorphic Encryption algorithm (DNA-HE) has been proposed to encrypt and store the medical images in the cloud securely. Initially, the data is mapped to DNA sequences and then encrypted using homomorphic encryption. The key for the homomorphic algorithm is generated using Rider Optimization Technique which ensures security. It acts as a double encryption technique. The same procedure tends to decrypt the encrypted data. Results The efficiency of the proposed technique is assessed employing several parameters such as execution time, encryption time, and decryption time. The experimental results shows that the proposed DNA-HE system reduces encryption time of 10 %, 20 %, and 35 % than OHE, HE and ECC algorithms.

telecommunications,engineering, electrical & electronic

Ming Li,Shucheng Yu,Yao Zheng,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2012.97

IF: 5.3

2013-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.

Priyanka Kumari Bhansali,Dilendra Hiran,Hemant Kothari,Kamal Gulati

DOI: https://doi.org/10.1108/ijpcc-02-2022-0041

2022-05-18

International Journal of Pervasive Computing and Communications

Abstract:Purpose The purpose of this paper Computing is a recent emerging cloud model that affords clients limitless facilities, lowers the rate of customer storing and computation and progresses the ease of use, leading to a surge in the number of enterprises and individuals storing data in the cloud. Cloud services are used by various organizations (education, medical and commercial) to store their data. In the health-care industry, for example, patient medical data is outsourced to a cloud server. Instead of relying onmedical service providers, clients can access theirmedical data over the cloud. Design/methodology/approach This section explains the proposed cloud-based health-care system for secure data storage and access control called hash-based ciphertext policy attribute-based encryption with signature (hCP-ABES). It provides access control with finer granularity, security, authentication and user confidentiality of medical data. It enhances ciphertext-policy attribute-based encryption (CP-ABE) with hashing, encryption and signature. The proposed architecture includes protection mechanisms to guarantee that health-care and medical information can be securely exchanged between health systems via the cloud. Figure 2 depicts the proposed work's architectural design. Findings For health-care-related applications, safe contact with common documents hosted on a cloud server is becoming increasingly important. However, there are numerous constraints to designing an effective and safe data access method, including cloud server performance, a high number of data users and various security requirements. This work adds hashing and signature to the classic CP-ABE technique. It protects the confidentiality of health-care data while also allowing for fine-grained access control. According to an analysis of security needs, this work fulfills the privacy and integrity of health information using federated learning. Originality/value The Internet of Things (IoT) technology and smart diagnostic implants have enhanced health-care systems by allowing for remote access and screening of patients' health issues at any time and from any location. Medical IoT devices monitor patients' health status and combine this information into medical records, which are then transferred to the cloud and viewed by health providers for decision-making. However, when it comes to information transfer, the security and secrecy of electronic health records become a major concern. This work offers effective data storage and access control for a smart healthcare system to protect confidentiality. CP-ABE ensures data confidentiality and also allows control on data access at a finer level. Furthermore, it allows owners to set up a dynamic patients health data sharing policy under the cloud layer. hCP-ABES proposed fine-grained data access, security, authentication and user privacy of medical data. This paper enhances CP-ABE with hashing, encryption and signature. The proposed method has been evaluated, and the results signify that the proposed hCP-ABES is feasible compared to other access control schemes using federated learning.

Kirtirajsinh Zala,Hiren Kumar Thakkar,Rajendrasinh Jadeja,Neel H Dholakia,Ketan Kotecha,Deepak Kumar Jain,Madhu Shukla

DOI: https://doi.org/10.1155/2022/3804553

2022-08-18

Abstract:Traditional healthcare services have changed into modern ones in which doctors can diagnose patients from a distance. All stakeholders, including patients, ward boy, life insurance agents, physicians, and others, have easy access to patients' medical records due to cloud computing. The cloud's services are very cost-effective and scalable, and provide various mobile access options for a patient's electronic health records (EHRs). EHR privacy and security are critical concerns despite the many benefits of the cloud. Patient health information is extremely sensitive and important, and sending it over an unencrypted wireless media raises a number of security hazards. This study suggests an innovative and secure access system for cloud-based electronic healthcare services storing patient health records in a third-party cloud service provider. The research considers the remote healthcare requirements for maintaining patient information integrity, confidentiality, and security. There will be fewer attacks on e-healthcare records now that stakeholders will have a safe interface and data on the cloud will not be accessible to them. End-to-end encryption is ensured by using multiple keys generated by the key conclusion function (KCF), and access to cloud services is granted based on a person's identity and the relationship between the parties involved, which protects their personal information that is the methodology used in the proposed scheme. The proposed scheme is best suited for cloud-based e-healthcare services because of its simplicity and robustness. Using different Amazon EC2 hosting options, we examine how well our cloud-based web application service works when the number of requests linearly increases. The performance of our web application service that runs in the cloud is based on how many requests it can handle per second while keeping its response time constant. The proposed secure access scheme for cloud-based web applications was compared to the Ethereum blockchain platform, which uses internet of things (IoT) devices in terms of execution time, throughput, and latency.

Maya Anderson,Gidon Gershinsky,Eliot Salant,Salvador Garcia

2023-12-03

Abstract:Regulated industries, such as Healthcare and Finance, are starting to move parts of their data and workloads to the public cloud. However, they are still reluctant to trust the public cloud with their most sensitive records, and hence leave them in their premises, leveraging the hybrid cloud architecture. We address the security and performance challenges of big data analytics using a hybrid cloud in a real-life use case from a hospital. In this use case, the hospital collects sensitive patient data and wants to run analytics on it in order to lower antibiotics resistance, a significant challenge in healthcare. We show that it is possible to run large-scale analytics on data that is securely stored in the public cloud encrypted using Apache Parquet Modular Encryption (PME), without significant performance losses even if the secret encryption keys are stored on-premises. PME is a standard mechanism for data encryption and key management, not specific to any public cloud, and therefore helps prevent vendor lock-in. It also provides privacy and integrity guarantees, and enables granular access control to the data. We also present an innovation in PME for lowering the performance hit incurred by calls to the Key Management Service. Our solution therefore enables protecting large amounts of sensitive data in hybrid clouds and still allows to efficiently gain valuable insights from it.

Cryptography and Security