Ijctt v8p101

Page 1

International Journal of Computer Trends and Technology (IJCTT) – volume 8 number 1– Feb 2014

Secure Health Information Exchanging in Cluster Computing Satish Garigipati1, Manoj Kumar Gottimukala2 1

2

CSE, MRCET, India Assistant Professor, CSE, MRCET, India

Abstract--Cloud computing has emerged as a technology that exhibits new model of computing. It has become a solution for individuals and organizations for outsourcing data. The cloud services are rendered in pay per use fashion that gets rid of the need for capital investment. Enterprises that need huge storage facility such as a data centre are moving their data to cloud storage service. With respect to health care domain huge amount of data is being produced every day. Out of the Personal Health Records (PHRs) is the model that contains patients’ health related information. This kind of data is very huge and needs to be outsourced. This data is very sensitive when compared with data of other domains. It is essential that the data is controlled by patients or the owners. Thus patient centric storage and retrieval has become a requirement. In order to achieve this with good security measure PHR of a patient is encrypted before that is outsourced to cloud. However, there are many concerns in people about cloud computing and its security especially. For this reason secure and scalable solution is required. Recently Li et al. proposed a solution to this problem. There scheme is named “Multi-Authority Attribute Based Encryption” which will encrypt the data based on attributes before being outsourced. This scheme is scalable and provides sharing of data simultaneously for multiple users. In this paper we implement the scheme proposed by Li et al. and our experimental results reveal that the scheme is very effective and can be used in the real world.

Index Terms –Cloud computing, attribute based encryption, PHR, storage security

I.

INTRODUCTION

In health care domain the data is modelled in the form of PHR (Personal Health Record) which facilitates the patient centric way of storing and retrieval of data. With this model patients are given full control over their PHRs and they can share it selectively to friends and relatives. Moreover they can give access to the users based on the attributes. It does mean that the PHR owner will have the provision to share data with constraints. PHR owner can determine the privileges that are granted to

ISSN: 2231-2803

friends or relatives while providing access to the data. Cloud computing has become a good solution for outsourcing such data. Many techniques came into existence recently in order to outsource data to cloud, especially PHR data [2], [1]. The existing frameworks to share PHR could not address all the security problems that might arise. More over patient centric mechanisms were not satisfactory. In order to ensure it, some regulations came into existence. For instance HIPPA is an example for healthcare regulations [3]. The data which is in the form of PHR are very sensitive as they contain patients’ information. Therefore integrity of such data and the access to all eligible groups of people without compromising security is a challenging task. There was an incident in the history which reports that 26.5 billion records of military veterans were lost [4]. Access control which is fine grained is very essential for controlling PHRs. Such data is essentially stored in a distributed environment. The fine grained access control is very important as the servers who store data are considered semi – trusted. The best solution to this is to secure PHRs before sending them to cloud. The cloud data owner has to be making certain decisions pertaining to encryption and other techniques. The owner of PHR encrypts it before outsourcing to cloud. Later on the people who have rights to access such data can obtain it and use it as per the privileges on various parts of the data. Not only in granting rights to other users is the job of PHR owner but he can also revoke the privileges that have been granted for any reasons [5]. PHR owners are many and they can grant access to their data based on the attributes and they are encrypted. This is known as attributed based encryption where cryptographic primitives are used for achieving this [7], [6]. The users of PHRs can gain permissions from PHR owners in order to gain access to the required data. There is another way of accessing PHRs. The use of CA (Certified Authority) with good key management scheme can be used in order to provide parallel access to PHR records. This paper is based on the Attributed Based Encryption (ABE) which is used to encrypt data before outsourcing it. The fined grained access control is based on the attributes and certain privileges. However, the emergency staffs is granted break-glass security in

http://www.ijcttjournal.org

Page1

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.