Role-based policy to maintain privacy of patient health records in cloud

Role-based policy to maintain privacy of patient health records in cloud

Modern healthcare system collects health information from health assisted gadgets of different sources and stores them in the cloud storage servers as an electronic record called the patients health records (PHR) and ensures the availability whenever and wherever needed. An important issue in this c...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:The Journal of supercomputing 2019-09, Vol.75 (9), p.5866-5881
Hauptverfasser: Tembhare, Akshay, Sibi Chakkaravarthy, S., Sangeetha, D., Vaidehi, V., Venkata Rathnam, M.
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Cloud computing
Compilers
Complexity
Computer Science
Data storage
Encryption
Health
Information storage
Interpreters
Performance evaluation
Privacy
Processor Architectures
Programming Languages
Provisioning
Roles
Servers
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 5881
container_issue 9
container_start_page 5866
container_title The Journal of supercomputing
container_volume 75
creator Tembhare, Akshay
Sibi Chakkaravarthy, S.
Sangeetha, D.
Vaidehi, V.
Venkata Rathnam, M.
description Modern healthcare system collects health information from health assisted gadgets of different sources and stores them in the cloud storage servers as an electronic record called the patients health records (PHR) and ensures the availability whenever and wherever needed. An important issue in this centralized cloud storage is the loss of privacy and security of sensitive PHR. Existing and the most recent solutions on privacy and security provisioning are purely based on role-based access control (RBAC). However, these RBAC schemes suffer from role explosion due to the increasing number of different roles. Furthermore, managing all those roles in order to provide proper access permissions can become a complex problem. Dynamic segregation of duty relations reduces the number of potential permissions that can be made available to a user by placing constraints on the users by assigning a set of roles. In order to address the above stated problem, this paper proposes a hybrid framework called MediTrust. The proposed MediTrust combines two schemes namely RBAC and attribute-based encryption (ABE) and works on semantic database, ensuring the accessibility of patient data for different access controls. The patient data are encrypted at the provider side before outsourcing it to the cloud server and then it is decrypted again at the user end after being downloaded from the cloud server. The general information of the patient collected as PHR is stored in a separate cloud server, and the medical reports are stored separately in yet another cloud server. A second-step security control is provided using CAPTCHA which is mainly used as a security check to ensure that only human users can log in to the MediTrust. A third-step security control is also provided in which one key is shared to user’s registered mobile number and another key is shared to user’s e-mail id. In MediTrust, combination of these two keys is required to decrypt the PHR. Further, ABE polices and access control security mechanisms for privacy preservation have been validated on PHR using Amazon AWS EC2 CA. Performance evaluation results show that the proposed MediTrust is better than existing work in terms of time complexity and computational overhead.
doi_str_mv 10.1007/s11227-019-02887-6
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2296716599</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2296716599</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-98858dae3731a7f0631226e591d9a38416461b59ea437753a9f8de3e6d2e08ca3</originalsourceid><addsrcrecordid>eNp9UEtLAzEQDqJgrf4BTwHP0Tw2r6MUtUJBED2HdHfWbtlu1iQV-u-NXcGbh2Fg-F7zIXTN6C2jVN8lxjjXhDJLKDdGE3WCZkxqQWhlqlM0o5ZTYmTFz9FFSltKaSW0mKHla-iBrH2CBo-h7-oDzgHvfDfkMniM3Zcvt9Di0ecOhow34Pu8wRHqEJuEC6juw765RGet7xNc_e45en98eFssyerl6XlxvyK1YDYTa4w0jYdizrxuqRIluAJpWWO9MBVTlWJracGXfFoKb1vTgADVcKCm9mKObibdMYbPPaTstmEfh2LpOLdKMyWtLSg-oeoYUorQuvLJzseDY9T9NOamxlxpzB0bc6qQxERKBTx8QPyT_of1DTl6bUQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2296716599</pqid></control><display><type>article</type><title>Role-based policy to maintain privacy of patient health records in cloud</title><source>Springer Nature - Complete Springer Journals</source><creator>Tembhare, Akshay ; Sibi Chakkaravarthy, S. ; Sangeetha, D. ; Vaidehi, V. ; Venkata Rathnam, M.</creator><creatorcontrib>Tembhare, Akshay ; Sibi Chakkaravarthy, S. ; Sangeetha, D. ; Vaidehi, V. ; Venkata Rathnam, M.</creatorcontrib><description>Modern healthcare system collects health information from health assisted gadgets of different sources and stores them in the cloud storage servers as an electronic record called the patients health records (PHR) and ensures the availability whenever and wherever needed. An important issue in this centralized cloud storage is the loss of privacy and security of sensitive PHR. Existing and the most recent solutions on privacy and security provisioning are purely based on role-based access control (RBAC). However, these RBAC schemes suffer from role explosion due to the increasing number of different roles. Furthermore, managing all those roles in order to provide proper access permissions can become a complex problem. Dynamic segregation of duty relations reduces the number of potential permissions that can be made available to a user by placing constraints on the users by assigning a set of roles. In order to address the above stated problem, this paper proposes a hybrid framework called MediTrust. The proposed MediTrust combines two schemes namely RBAC and attribute-based encryption (ABE) and works on semantic database, ensuring the accessibility of patient data for different access controls. The patient data are encrypted at the provider side before outsourcing it to the cloud server and then it is decrypted again at the user end after being downloaded from the cloud server. The general information of the patient collected as PHR is stored in a separate cloud server, and the medical reports are stored separately in yet another cloud server. A second-step security control is provided using CAPTCHA which is mainly used as a security check to ensure that only human users can log in to the MediTrust. A third-step security control is also provided in which one key is shared to user’s registered mobile number and another key is shared to user’s e-mail id. In MediTrust, combination of these two keys is required to decrypt the PHR. Further, ABE polices and access control security mechanisms for privacy preservation have been validated on PHR using Amazon AWS EC2 CA. Performance evaluation results show that the proposed MediTrust is better than existing work in terms of time complexity and computational overhead.</description><identifier>ISSN: 0920-8542</identifier><identifier>EISSN: 1573-0484</identifier><identifier>DOI: 10.1007/s11227-019-02887-6</identifier><language>eng</language><publisher>New York: Springer US</publisher><subject>Access control ; Cloud computing ; Compilers ; Complexity ; Computer Science ; Data storage ; Encryption ; Health ; Information storage ; Interpreters ; Performance evaluation ; Privacy ; Processor Architectures ; Programming Languages ; Provisioning ; Roles ; Servers</subject><ispartof>The Journal of supercomputing, 2019-09, Vol.75 (9), p.5866-5881</ispartof><rights>Springer Science+Business Media, LLC, part of Springer Nature 2019</rights><rights>Copyright Springer Nature B.V. 2019</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-98858dae3731a7f0631226e591d9a38416461b59ea437753a9f8de3e6d2e08ca3</citedby><cites>FETCH-LOGICAL-c319t-98858dae3731a7f0631226e591d9a38416461b59ea437753a9f8de3e6d2e08ca3</cites><orcidid>0000-0001-7778-0453</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s11227-019-02887-6$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s11227-019-02887-6$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,776,780,27903,27904,41467,42536,51298</link.rule.ids></links><search><creatorcontrib>Tembhare, Akshay</creatorcontrib><creatorcontrib>Sibi Chakkaravarthy, S.</creatorcontrib><creatorcontrib>Sangeetha, D.</creatorcontrib><creatorcontrib>Vaidehi, V.</creatorcontrib><creatorcontrib>Venkata Rathnam, M.</creatorcontrib><title>Role-based policy to maintain privacy of patient health records in cloud</title><title>The Journal of supercomputing</title><addtitle>J Supercomput</addtitle><description>Modern healthcare system collects health information from health assisted gadgets of different sources and stores them in the cloud storage servers as an electronic record called the patients health records (PHR) and ensures the availability whenever and wherever needed. An important issue in this centralized cloud storage is the loss of privacy and security of sensitive PHR. Existing and the most recent solutions on privacy and security provisioning are purely based on role-based access control (RBAC). However, these RBAC schemes suffer from role explosion due to the increasing number of different roles. Furthermore, managing all those roles in order to provide proper access permissions can become a complex problem. Dynamic segregation of duty relations reduces the number of potential permissions that can be made available to a user by placing constraints on the users by assigning a set of roles. In order to address the above stated problem, this paper proposes a hybrid framework called MediTrust. The proposed MediTrust combines two schemes namely RBAC and attribute-based encryption (ABE) and works on semantic database, ensuring the accessibility of patient data for different access controls. The patient data are encrypted at the provider side before outsourcing it to the cloud server and then it is decrypted again at the user end after being downloaded from the cloud server. The general information of the patient collected as PHR is stored in a separate cloud server, and the medical reports are stored separately in yet another cloud server. A second-step security control is provided using CAPTCHA which is mainly used as a security check to ensure that only human users can log in to the MediTrust. A third-step security control is also provided in which one key is shared to user’s registered mobile number and another key is shared to user’s e-mail id. In MediTrust, combination of these two keys is required to decrypt the PHR. Further, ABE polices and access control security mechanisms for privacy preservation have been validated on PHR using Amazon AWS EC2 CA. Performance evaluation results show that the proposed MediTrust is better than existing work in terms of time complexity and computational overhead.</description><subject>Access control</subject><subject>Cloud computing</subject><subject>Compilers</subject><subject>Complexity</subject><subject>Computer Science</subject><subject>Data storage</subject><subject>Encryption</subject><subject>Health</subject><subject>Information storage</subject><subject>Interpreters</subject><subject>Performance evaluation</subject><subject>Privacy</subject><subject>Processor Architectures</subject><subject>Programming Languages</subject><subject>Provisioning</subject><subject>Roles</subject><subject>Servers</subject><issn>0920-8542</issn><issn>1573-0484</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><recordid>eNp9UEtLAzEQDqJgrf4BTwHP0Tw2r6MUtUJBED2HdHfWbtlu1iQV-u-NXcGbh2Fg-F7zIXTN6C2jVN8lxjjXhDJLKDdGE3WCZkxqQWhlqlM0o5ZTYmTFz9FFSltKaSW0mKHla-iBrH2CBo-h7-oDzgHvfDfkMniM3Zcvt9Di0ecOhow34Pu8wRHqEJuEC6juw765RGet7xNc_e45en98eFssyerl6XlxvyK1YDYTa4w0jYdizrxuqRIluAJpWWO9MBVTlWJracGXfFoKb1vTgADVcKCm9mKObibdMYbPPaTstmEfh2LpOLdKMyWtLSg-oeoYUorQuvLJzseDY9T9NOamxlxpzB0bc6qQxERKBTx8QPyT_of1DTl6bUQ</recordid><startdate>20190901</startdate><enddate>20190901</enddate><creator>Tembhare, Akshay</creator><creator>Sibi Chakkaravarthy, S.</creator><creator>Sangeetha, D.</creator><creator>Vaidehi, V.</creator><creator>Venkata Rathnam, M.</creator><general>Springer US</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0001-7778-0453</orcidid></search><sort><creationdate>20190901</creationdate><title>Role-based policy to maintain privacy of patient health records in cloud</title><author>Tembhare, Akshay ; Sibi Chakkaravarthy, S. ; Sangeetha, D. ; Vaidehi, V. ; Venkata Rathnam, M.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-98858dae3731a7f0631226e591d9a38416461b59ea437753a9f8de3e6d2e08ca3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Access control</topic><topic>Cloud computing</topic><topic>Compilers</topic><topic>Complexity</topic><topic>Computer Science</topic><topic>Data storage</topic><topic>Encryption</topic><topic>Health</topic><topic>Information storage</topic><topic>Interpreters</topic><topic>Performance evaluation</topic><topic>Privacy</topic><topic>Processor Architectures</topic><topic>Programming Languages</topic><topic>Provisioning</topic><topic>Roles</topic><topic>Servers</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Tembhare, Akshay</creatorcontrib><creatorcontrib>Sibi Chakkaravarthy, S.</creatorcontrib><creatorcontrib>Sangeetha, D.</creatorcontrib><creatorcontrib>Vaidehi, V.</creatorcontrib><creatorcontrib>Venkata Rathnam, M.</creatorcontrib><collection>CrossRef</collection><jtitle>The Journal of supercomputing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Tembhare, Akshay</au><au>Sibi Chakkaravarthy, S.</au><au>Sangeetha, D.</au><au>Vaidehi, V.</au><au>Venkata Rathnam, M.</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Role-based policy to maintain privacy of patient health records in cloud</atitle><jtitle>The Journal of supercomputing</jtitle><stitle>J Supercomput</stitle><date>2019-09-01</date><risdate>2019</risdate><volume>75</volume><issue>9</issue><spage>5866</spage><epage>5881</epage><pages>5866-5881</pages><issn>0920-8542</issn><eissn>1573-0484</eissn><abstract>Modern healthcare system collects health information from health assisted gadgets of different sources and stores them in the cloud storage servers as an electronic record called the patients health records (PHR) and ensures the availability whenever and wherever needed. An important issue in this centralized cloud storage is the loss of privacy and security of sensitive PHR. Existing and the most recent solutions on privacy and security provisioning are purely based on role-based access control (RBAC). However, these RBAC schemes suffer from role explosion due to the increasing number of different roles. Furthermore, managing all those roles in order to provide proper access permissions can become a complex problem. Dynamic segregation of duty relations reduces the number of potential permissions that can be made available to a user by placing constraints on the users by assigning a set of roles. In order to address the above stated problem, this paper proposes a hybrid framework called MediTrust. The proposed MediTrust combines two schemes namely RBAC and attribute-based encryption (ABE) and works on semantic database, ensuring the accessibility of patient data for different access controls. The patient data are encrypted at the provider side before outsourcing it to the cloud server and then it is decrypted again at the user end after being downloaded from the cloud server. The general information of the patient collected as PHR is stored in a separate cloud server, and the medical reports are stored separately in yet another cloud server. A second-step security control is provided using CAPTCHA which is mainly used as a security check to ensure that only human users can log in to the MediTrust. A third-step security control is also provided in which one key is shared to user’s registered mobile number and another key is shared to user’s e-mail id. In MediTrust, combination of these two keys is required to decrypt the PHR. Further, ABE polices and access control security mechanisms for privacy preservation have been validated on PHR using Amazon AWS EC2 CA. Performance evaluation results show that the proposed MediTrust is better than existing work in terms of time complexity and computational overhead.</abstract><cop>New York</cop><pub>Springer US</pub><doi>10.1007/s11227-019-02887-6</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0001-7778-0453</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0920-8542
ispartof The Journal of supercomputing, 2019-09, Vol.75 (9), p.5866-5881
issn 0920-8542
1573-0484
language eng
recordid cdi_proquest_journals_2296716599
source Springer Nature - Complete Springer Journals
subjects Access control
Cloud computing
Compilers
Complexity
Computer Science
Data storage
Encryption
Health
Information storage
Interpreters
Performance evaluation
Privacy
Processor Architectures
Programming Languages
Provisioning
Roles
Servers
title Role-based policy to maintain privacy of patient health records in cloud
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-21T20%3A00%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Role-based%20policy%20to%20maintain%20privacy%20of%20patient%20health%20records%20in%20cloud&rft.jtitle=The%20Journal%20of%20supercomputing&rft.au=Tembhare,%20Akshay&rft.date=2019-09-01&rft.volume=75&rft.issue=9&rft.spage=5866&rft.epage=5881&rft.pages=5866-5881&rft.issn=0920-8542&rft.eissn=1573-0484&rft_id=info:doi/10.1007/s11227-019-02887-6&rft_dat=%3Cproquest_cross%3E2296716599%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2296716599&rft_id=info:pmid/&rfr_iscdi=true