Authorized and Encrypted in Health Care Records Using Fine – Grained Access Control in Distributed System

Authors

  • Satish T. Pokharkar, L. K. Vishwamitra, Krushna M. Borude, Suyog S. Medhe, Sachin R. Kolase

Keywords:

User data privacy, ABE (Attribute-Based Encryption), Paillier encryption, forward security, Multi-authority, SHA Algorithm, Hashing Functions, encrypted data search, Wireless network, etc.

Abstract

today, many applications are being developed in the medical field to overcome the complexities of previous research. The digitization of healthcare is enhanced using information technology and computing, providing a variety of new technologies and medical devices. While existing systems have seen many more advances to save patients time and money, provide accurate care, and keep sensitive patient records secure, the biggest significant issue is confidentiality. To address the current security concerns in order to develop and construct the prototype model for security research work. For sensitive patient health records on database web servers. Existing efforts only data encryption can protect patient records from insider threats. First, put in place front-end security in proposed research work using Key logging techniques, second to prevent insider attacks, store users or patient’s sensitive information or data across multiple data servers or chunks, and third, and most importantly, implement a multi-authority search policy for encrypted data. In the present research work is being added to securely clearly state the format of patient data records in multiple chunks (small pieces) and to use cryptosystems because of confidentiality of a patient's medical information’s. Specifically, proposed research task benefits to use the SHA hashing technique each user to allow access to specific data records. This study investigates the proposed Role Base Access Control (RBAC) and the proposed Advanced Encryption Algorithm (AES)-256 bit encryption techniques for secure data storage and sharing for end-user strategies for securing access to the data. This work also included the implementation of a backup server strategy, which functions as an all distributed data servers use an ad hoc network data recovery for proxy storage server. We talked about the data protection for a medical database and identified which entities could and could not access the database. We discussed several encryption schemes, especially proxy re-encryption based, and signature Techniques such as the bilinear aggregate authentication protocol are examples of such strategies, that can be used to ensure data confidentiality and integrity. A secure medical database prototype was created, developed and tested to make a comparison the security performance of and insecure medical databases. Our contributions include a theoretical discussion of medical database security, the development the development of a proposed design to represent a secure medical database, and the outcomes of some studies were performed we carried out. This work shows that ensures the integrity and confidentiality of a medical database has a significant impact on performance. The prototype is relatively slow, but should have little real-world impact. If he only has to wait a second for a doctor to retrieve patient information, instead of milliseconds for an insecure the security implications of a medical database exceed the performance impact. Additionally, as part of the decryption process, by employing a re-encryption strategy, i.e. Re-encryption can be assigned to a proxy, thus spreading the computational cost. Furthermore, we showed that the prototype scales linearly, an important property when backing up large databases. From this we can conclude that it is possible to secure a medical database without trusting the database itself.

Downloads

Download data is not yet available.

References

H. Au, T. H. Yuen, J. K. Liu, W. Susilo, X. Huang, Y. Xiang, and Z. L. Jiang, “A general framework for secure sharing of personal health records in cloud system,” Journal of Computer and System Sciences, vol. 90, pp., 46-62, 2017.

Abbas, K. Bilal, L. Zhang, and S. U. Khan, “A cloud based health insurance plan recommendation system: A user centered approach, “Future Generation Computer Systems, vols. 4344, pp. 99-109, 2015.

Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, “Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption,” IEEE Transactions on Parallel and Distributed Systems, 2013, vol. 24, no. 1, pp. 131–143.

Li, “Electronic personal health records and the question of privacy,” Computers, 2013, DOI: 10.1109/MC.2013.225.

S. Chen, C. H. Liu, T. L. Chen, C. S. Chen, J. G. Bau, and T.C. Lin, “Secure Dynamic access control scheme of PHR in cloud computing,” Journal of Medical Systems, vol. 36, no. 6, pp. 4005– 4020, 2012.

Xiao and Y. Xiao, “Security and privacy in cloud computing,” IEEE Communications Surveys and Tutorials, vol. 15, no. 2, pp. 1–17, Jul. 2012.

Wu, G.-J. Ahn, and H. Hu, “Secure sharing of electronic health records in clouds,” In 8th IEEE International Conference on Collaborative Computing: Networking, Applications and Work sharing (Collaboration), 2012, pp. 711-718.

N. Khan, ML M. Kiah, S. A. Madani, M. Ali, and S. Shamshirband, “Incremental proxy re-encryption scheme for mobile cloud computing environment,” The Journal of Supercomputing, Vol. 68, No. 2, 2014, pp. 624-651.

D. C. Kaelber, A. K. Jha, D. Johnston, B. Middleton, and D. W. Bates, “A research agenda for personal health records (PHRs),” Journal of the American Medical Informatics Association, vol. 15, no. 6, 2008, pp. 729-736.

S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable and fine-grained data access control in cloud computing,” in Proceedings of the IEEE INFOCOM, March 2010, pp. 1-9

Abbas and S. U. Khan, “A Review on the State-of-the-Art Privacy Preserving Approaches in E-Health Clouds,” IEEE Journal of Biomedical and Health Informatics, vol. 18, no. 4, pp. 1431-1441, 2014.

Shamim Hossain, Ghulam Muhammad, et al. "Cloud-assisted Industrial Internet of Things (IIoT) –Enabled framework for health monitoring." 2016 evier B.V.

Ming Li, Shucheng Yu, and Wenjing Lou, “Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute based Encryption”, IEEE Transactions On Parallel and Distributed Systems 2012.

IEEE 2012 paper on “Improving the interoperability of healthcare information system through HL7 CDA and CCD standards”.

Ibrahim, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker, Cipher text-policy attribute-based threshold decryption with flexible delegation and revocation of user attributes‖2009

Privacy-preserving personal health record system using attribute-based encryption,” Master’s thesis, Worcester Polytechnic Institute, 2011.

M. Li, S. Yu, N. Cao, and W. Lou, “Authorized private keyword search over encrypted personal health records in cloud computing,” in ICDCS ’11, Jun. 2011.

S. Narayan, M. Gagn´e, and R. Safavi-Naini, “Privacy preserving PHE system using attribute-based infrastructure,” ser. CCSW ’10, 2010, pp. 47–52.

Li, S. Yu, K. Ren, and W. Lou, “Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings,” in SecureComm’10, Sept. 2010, pp. 89–106.

Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in IEEE INFOCOM’10, 2010.

Downloads

Published

12.06.2024

How to Cite

Satish T. Pokharkar. (2024). Authorized and Encrypted in Health Care Records Using Fine – Grained Access Control in Distributed System. International Journal of Intelligent Systems and Applications in Engineering, 12(4), 4558–4564. Retrieved from https://www.ijisae.org/index.php/IJISAE/article/view/7144

Issue

Vol. 12 No. 4 (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.