Reference Paper - Page 89
Reference Paper - Page 89
Reference Paper - Page 89
PII: S2666-7649(23)00058-9
DOI: https://doi.org/10.1016/j.dsm.2023.12.001
Reference: DSM 82
Please cite this article as: Pradeep Kumar, K., Prathap, B.R., Thiruthuvanathan, M.M., Murthy, H., Jha
Pillai, V., Secure approach to sharing digitized medical data in a cloud environment, Data Science and
Management (2024), doi: https://doi.org/10.1016/j.dsm.2023.12.001.
This is a PDF file of an article that has undergone enhancements after acceptance, such as the addition
of a cover page and metadata, and formatting for readability, but it is not yet the definitive version of
record. This version will undergo additional copyediting, typesetting and review before it is published
in its final form, but we are providing this version to give early visibility of the article. Please note that,
during the production process, errors may be discovered which could affect the content, and all legal
disclaimers that apply to the journal pertain.
© 2023 Xi’an Jiaotong University. Publishing services by Elsevier B.V. on behalf of KeAi
Communications Co. Ltd.
TYPE OF MANUSCRIPT: Original article
A Secure Approach for Sharing Digitized Medical Data over Cloud Environment
of
(*Corresponding author: [email protected]
ro
Orcid : https://orcid.org/0000-0002-5161-4972)
-p
re
lP
na
*Corresponding author
Dr BoppuruRudra Prathap BTech MTech PhD.
ur
CHRIST UNIVERSITY,
Computer Science and Engineering,
Kengeri-Campus| Mysore Road | Bengaluru-560074.
Karnataka-State, India.
Mobile:+91-8147169001 | Tel (off) +91 80 4012 9934.
Secure Approach to Sharing Digitized Medical Data in a Cloud
Environment
Abstract: Without proper security mechanisms, medical records stored electronically can be
accessed more easily than physical files. Patient health information is scattered throughout the
hospital environment, including laboratories, pharmacies, and daily medical status reports. The
electronic format of medical reports ensures that all information is available in a single place.
However, it is difficult to store and manage large amounts of data. Dedicated servers and a data
center are needed to store and manage patient data. However, self-managed data centers are
expensive for hospitals. Storing data in a cloud is a cheaper alternative. The advantage of storing
data in a cloud is that it can be retrieved anywhere and anytime using any device connected to the
Internet. Therefore, doctors can easily access the medical history of a patient and diagnose diseases
of
according to the context. It also helps prescribe the correct medicine to a patient in an appropriate
ro
way. The systematic storage of medical records could help reduce medical errors in hospitals. The
challenge is to store medical records on a third-party cloud server while addressing privacy and
-p
security concerns. These servers are often semi-trusted. Thus, sensitive medical information must
be protected. Open access to records and modifications performed on the information in those
re
records may even cause patient fatalities. Patient-centric health- record security is a major concern.
lP
End-to-end file encryption before outsourcing data to a third-party cloud server ensures security.
This paper presents a method that is a combination of the Advanced Encryption Standard and the
elliptical curve Diffie-Hellman method designed to increase the efficiency of medical record
na
security for users. Comparisons of existing and proposed techniques are presented at the end of
the article, with a focus on the analyzing the security approaches between the elliptic curve and
ur
secret-sharing methods. This study aimed to provide a high level of security for patient health
records.
Jo
1. Introduction
Cloud computing is a conceptual and highly scalable computer service that provides end-user
applications billed by accurate usage. Cloud computing provides elastic, low-cost, scalable, and
on-demand services through the Internet. The diverse services provided include infrastructure as a
service (IaaS), software as a service (SaaS), and platform as a service (PaaS). The main advantage
of cloud computing is that users can access data from anywhere, on any device, and at any time
they want. Cloud storage provides space for storing data. Users can access the data stored in the
cloud using the Internet. Information records are stored in virtualized clusters overseen by a third
party. This provides flexibility, allowing users to access their files anywhere in the world. Google
provides unlimited data storage and rapid data access. Dropbox and SkyDrive also provide cloud
1
storage in secure public clouds. Conversely, ownCloud provides private cloud services with
greater data security. Outsourcing data to the cloud increases data availability and also reduces the
burden of managing information. However, ensuring the privacy and security of the data is a
challenge.
Records stored in the cloud can be easily retrieved anywhere and anytime using the Internet.
Medical records stored electronically can be accessed more easily than physical files. Therefore,
healthcare providers are moving toward an electronic format. However, self-managed data centers
are expensive. Therefore, it is preferable to use a cloud service to reduce costs. Safety and
confidentiality are important concerns related to cloud storage. This study focuses on the
of
aforementioned issues with cloud storage. As medical records are very sensitive, there will be
ro
major impacts if anyone gains unauthorized access to the data. For example, if allergy information
-p
or drug dosages are changed, it may even cause fatalities. Therefore, the security of medical data
is very important.
re
Third-party cloud providers are not completely trusted, with the servers where the data are
lP
stored being only semi-trusted. They are authentic but often inquisitive. While they follow the
na
protocol honestly, they do attempt to uncover secret and sensitive information. In addition, there
is a high chance of someone breaking into cloud servers that contain sensitive information, such
ur
as patient medical records. Pharmacy personnel can also obtain patient prescriptions and profit
Jo
One practical and favorable method is to encode sensitive information before outsourcing
it. This technique is called client-side encryption. The advantage of client-side encryption is that
data are encrypted in the user’s system. The encrypted data are then transferred to a cloud server.
Therefore, there is a low probability that attackers will be able to steal the data when they are being
transferred. A medical record should only be accessible to customers who are given a decryption
key, while remaining inaccessible to everyone else. The key is exchanged using an elliptical curve
Diffie-Hellman key exchange. Authorized users can access medical records for a particular use or
for training purposes.
Cloud computing provides services through the Internet anytime and anywhere. Pay-only-for-
usage is the operational agenda used. Users are not required to pay if they do not use the service.
2
This helps organizations minimize their operational costs. It also helps minimize start-up costs for
new organizations. The main cloud services are SaaS, which is hosted in the cloud and can be
easily accessed by customers via the Internet. This increases the availability of applications and
reduces usage costs for customers. When they need an application, they pay for it. Meanwhile,
PaaS provides all of the resources required to develop an application. There is no need to buy or
install software for developing new applications. Finally, IaaS provides the hardware needed to
run an organization. This helps reduce server and rack costs, and the space required for the servers.
Processors, storage, and other fundamental computing resources are also available for a fee.
As mentioned earlier, cloud customers do not need equipment to store enormous amounts of
of
data. Thus, organizations can reduce their storage equipment and running and maintenance costs.
Cloud service providers handle data backup and disaster recovery procedures. Whenever there is
ro
a need to access the data, they can be accessed anywhere and anytime using any device connected
to the Internet.
-p
re
Data privacy and integrity are the primary issues in cloud computing. Cloud providers should
ensure the confidentiality, integrity, and availability of data. Confidentiality helps to prevent
lP
intentional or unintentional access and disclosure of data. Integrity helps reduce unauthorized
na
data reliably and in a timely manner. Authentication, authorization, and auditing are security
Jo
services for cloud data. Authentication checks and verifies the identity of a user. Authorization
grants rights and privileges to individuals. Auditing checks for periodic events to evaluate security.
It checks the system, transaction control, backup control, and datacenter security. Audit logs
contain details about transaction dates and times, which terminal initiated the transaction, and
which terminal processed the transaction. To address the challenges of protecting, broadcasting,
and controlling information, a ciphertext-policy attribute-based encryption (CP-ABE) system was
proposed by (Chinnasamy et al., 2022). However, the plaintext access policy of the existing CP-
ABE scheme may compromise user and data privacy. To overcome this issue, a novel solution was
developed that uses a hashing algorithm to conceal the access policy and a signature verification
scheme to protect against insider attacks. The proposed system was compared with the existing
CP-ABE methods in terms of computation and expression strategies.
3
(Liu et al., 2013) stated that electronic medical records (EMRs) are the best way to empower
patients to cope with their health and wellbeing. Normally, medical data are available from
different hospital departments, such as laboratories and pharmacies. However, collecting this
scattered information is challenging, and handling medical records in hospitals is difficult. Medical
record files require storage, and it is difficult to locate one file among many. Handling electronic
medical reports is easier than handling traditional physical ones. Electronic medical reports stored
in the cloud can be accessed anywhere from any device connected to the Internet. This helps
doctors easily check their patient’s medical history and provide better treatment. EMRs also
provide greater security. Backup and disaster recovery services are also available. The main
of
concern is the privacy of patients’ medical records in the cloud. Data could be leaked if an insider
in the cloud provider’s organization wishes to exploit the high value of sensitive medical records.
ro
In one famous incident, a Department of Veterans Affairs database containing the sensitive
-p
personal health information of 26.5 million military veterans, including their social security
re
numbers and health problems, was stolen by an employee.
The remainder of this paper is organized as follows. Section 2 reviews the literature on data
lP
classification, cloud services, and encryption. Section 3 explains the methodology for securing
na
medical data, and Section 4 provides an analytical understanding of cloud services and
cryptography. Section 5 provides a graphical representation of the parameters associated with the
ur
2. Literature review
In the past decade, cloud-based electronic health records (EHRs) have emerged as an essential
means of remotely accessing patient medical records. The adoption of the smart city perspective
has garnered considerable attention from researchers, particularly in the context of healthcare 4.0.
This paradigm leverages the Internet of things (IoT) and cloud computing to facilitate the delivery
of remote medical services. Healthcare 4.0 is composed of several layers that encompass medical
operations, including periodic data sensing, storage, exchange, and auditing. Sensitive medical
data present several challenges in terms of safeguarding them from unauthorized access by
hackers. The secure storage, retrieval, and distribution of patient medical data on remote storage
platforms requires the implementation of safety measures to safeguard against unauthorized access
and potential breaches of sensitive medical information. Cryptographic approaches have been
devised to safeguard the storage, transmission, and retrieval of medical data held in the cloud.
4
Investigations of cloud-based medical data sharing frequently examine aspects such as data
storage, access control, security, and privacy. Cloud storage solutions, data encryption, access
control, authentication, health information exchange (HIE), blockchain technology data de-
identification, machine learning, and artificial intelligence (AI) for data security, as well as audit
trails, are among the prevailing methodologies and strategies utilized in this field.
Electronic medical records (EMRs) serve as repositories for rehabilitative and clinical
information that is diligently entered by healthcare providers whose expertise and reliability are
held in high regard (Mahajan 2022). This technology aids the retrieval and assessment of healthcare
data. In the healthcare realm, the initial iterations of healthcare information systems (HISs) can
of
generate novel EMR models, securely retain them, and efficiently handle and restore revenue-
associated EMRs. This functionality expedites the organization of EMRs, thereby enhancing the
ro
overall efficiency of the healthcare system. An HIS can be represented in a simplified and
-p
schematic manner using a graphical user interface or online platform for organizational purposes.
re
Typically, these systems exhibit a front-end interface supported by a back-end infrastructure that
is either centralized or distributed. The need to facilitate patient transportability, both domestically
lP
and internationally, has underscored the necessity of autonomous EMR systems that possess
na
As emphasized in the literature utilizing (Dang et al., 2019, Yaqoob et al., 2019, Liu Haibing et al.,
Jo
2020, Stamatellis et al., 2020, Seh Adil Hussain, et al., 2020) the standard methodology, cloud
computing presents inherent security challenges that periodically emerge owing to insufficient
security mechanisms and noncompliance with security protocols. The confidentiality of patient
health data is a paramount concern. Privacy can be effectively safeguarded by employing
encryption techniques and implementing access limitations that preserve the integrity of data and
prevent unauthorized modifications. To comply with the HIPAA (Health Insurance Portability and
Accountability Act.) Security Rule, organizations are required to safeguard electronic health
information using data hash modification. This practice has a comprehensive impact on the entire
data chain, enhancing the accuracy and effectiveness of blockchain technology; data are readily
accessible to individuals, helping them make informed decisions and participate fully in society.
Corporate data breaches have a detrimental effect on a company’s reputation and erode the trust
of its partners. The potential consequences of competition-induced intellectual property damage
5
include product outsourcing, financial discoveries, events, and forensics. The exposure of all client
data in the cloud can be attributed to misconfigurations resulting from the shared nature of the
facilities. Designing a cloud-computing security architecture resilient to cyberattacks poses
significant challenges. Many organizations assume that cloud migration involves the
straightforward transfer of IT and security systems without considering the potential risks to the
data. The uncertainty surrounding shared security facilitates the exploitation of critical accounts
by malicious actors. Criminals may obtain unauthorized access to these accounts by exploiting
sensitive data, vulnerabilities in cloud systems, and stolen signals. The unauthorized acquisition
of internal emails occurs through several means, including attacks on business assets, the use of
of
rogue servers, and employees keeping sensitive material on unprotected devices and programs.
Suppliers are responsible for constructing user applications and application programming
ro
interfaces (APIs) that facilitate cloud service management and communication, sometimes without
-p
adequate security measures. The security of APIs directly impacts the availability of cloud services
re
and the potential for data breaches.
Numerous entities have endeavored to foster cooperation between public and commercial HIEs
lP
in the marketplace (Yakti et al., 2015, Martinez et al., 2018, & Zhu et al., 2023). The State Health
na
Information Exchange Cooperative Agreement Program, also known as the State HIE Program,
was created under the Health Information Technology for Economic and Clinical Health Act. In
ur
addition, the Markle Foundation formed three working groups to facilitate collaboration between
Jo
public and private HIE initiatives. The Strategic Health Information Exchange Collaboration
oversees more than 70 HIEs. Another notable example is New York’s eHealth. While studies have
conceptually examined the existence of multiple HIEs in the market, so far no one has constructed
a quantitative model to forecast the behavior of such exchanges. Numerous quantitative studies
have examined sustainability within the HIE business. The HIE market was depicted using game-
theoretic models, whose players included HIE suppliers and HCP(Health Care Provider).
The use of AI and blockchain technology is prevalent in several domains, accompanied by a
growing emphasis on data security and privacy (Liu et.al, 2014, Yang 2020, & Zhang et.al
2022).Examples such as Anthropic’s Constitutional AI, SingularityNET’s decentralized AI, and
ChainLink’s decentralized Oracle exemplify the amalgamation of AI with blockchain technology,
resulting in enhanced efficacy, heightened security, and improved transparency in data processing.
Blockchain technology facilitates the storage and recording of model parameters, training data,
6
inputs, and outputs, thereby ensuring audit transparency and accountability. This study focuses on
enhancing system stability and scalability by facilitating decentralized cooperation and services
among AI models using blockchain networks. Decentralized systems facilitate the establishment
of safe pathways to access external AI models and data, thereby empowering blockchain networks
to accumulate reliable and trustworthy information. Blockchain-based incentives and tokens were
implemented to cultivate trust and motivation among AI model developers and consumers.
Numerous studies have been conducted on privacy protection in blockchains, focusing on topics
such as zero-knowledge proofs, ring signatures, and homomorphic encryption.
Despite the broad adoption of AI, additional layers of security must be implemented to
of
guarantee the confidentiality of sensitive personal information, such as prescriptions for
medications (Seh Adil Hussain, et al., 2020, Zhang et al., 2023).One illustration of how language
ro
analysis and perception models are continuously being developed and improved is ChatGPT. Other
-p
examples of AI include data processing, autonomous vehicles, and automatic picture recognition.
re
To train models, new approaches to deep learning rely on vast volumes of data that are both easily
accessible and readily available. However, it is possible that the data being processed contain
lP
sensitive information such as prescriptions for medical treatment. The protection of sensitive
na
information is a key concern that has been raised in the application of AI. A few examples of the
types of private data that fall under this umbrella are medical information, behavioral patterns, and
ur
financial assets. Academics and individuals working in the business sector have raised concerns
Jo
about the potentially detrimental consequences of unethical data utilization for customers.
Multiple-machine learning offers the advantages of encrypted homomorphic communication and
safe multiparty computing. Most AI privacy protection systems use two primary strategies: secure
multiparty computation and differential privacy. Both strategies are described in detail below.
The popularity of AI technology has increased; however, ensuring the protection of sensitive
personal data, such as prescriptions, requires the deployment of additional security measures.
Language analysis and perception models, such as ChatGPT, are undergoing ongoing research and
modifications (Alshehri 2023). Recent approaches include smart healthcare and Computational
Intelligence and Neuroscience’s deep learning blockchain model (Lin X et al. 2019, Chang et.al
2021, Wang 2022). (Suresh et.al 2019) proposed user-based encryption, in which the files to be
shared with the user are encrypted based on attributes related to that user and shared with them.
For example, if we want to share a record with Doctor X of the general medicine department of
7
Hospital A, we can set attributes such as “if name = Doctor X and Department = General Medicine
and Hospital = Hospital A”. This is not full end-to-end file encryption, and is thus less secure.
When a user requires an attribute, it encrypts the attribute and sends the encrypted trait to the
customer. This helps with the secure sharing of data from the cloud. However, key management
scalability, active strategy updates, and efficient on-demand withdrawals were not addressed by
the author. This is suitable for multiple-owner files and reduces the key escrow problem. This is
because a full file is not encrypted using a single key.
(Wu et al. 2012) focused on sharing selected portions of health records with users, rather than
the entire file. A hierarchical structure was provided for electronic healthcare reports. This
of
structure contained field and group nodes. The field nodes represented the leaves of the
hierarchical structure. The relative field nodes were grouped to form group nodes. It was easy for
ro
users to share only valid fields, but it was difficult to handle each attribute separately. The
-p
administrator had full control over the data, while the users did not have full control over their
re
data. Therefore, authentication and access control had to be performed separately. Authentication
granted a legitimate user access to the system, and access control ensured that the user accessed
lP
only authorized portions of the system. (Suresh et al. 2019) proposed cloud-based private health
na
records as patient-centric health repositories. The personal health record (PHR) was considered as
a single file, which was outsourced to the cloud using any of the symmetric encryption standards,
ur
such as the advanced encryption standard (AES) and Data Encryption Standard (DES). In
Jo
symmetric encryption, a single key is used for the encryption and decryption processes. This key
maintains the security of the system. If an attacker obtains a key, he/she can decrypt the entire file.
In this system, a PHR record was considered a single file. All patient information was provided in
the file. The PHR owner (patient) had to choose how to encode their information and allow the
user to obtain admission to each file. A PHR file should only be obtainable to a user who is given
the conforming decryption key, while remaining confidential to other users. (Alarood et al. 2023)
proposed a secure and efficient medical image-sharing scheme in a cloud-computing environment
to address security and privacy concerns related to medical images. The proposed scheme used a
combination of encryption and steganography techniques to ensure the confidentiality and integrity
of medical images shared over the cloud. The scheme also reduced communication overhead by
allowing authorized users to access images directly from the cloud without involving a private
cloud. A study conducted by (Mehrtak et al. 2021) focused on analyzing security problems using
8
cloud computing and potential fixes. Pertinent studies from the Scopus, PubMed, Science Direct,
and Web of Science databases were evaluated using a systematic review methodology. According
to a previous review, the main issues with cloud security are data security, availability, integrity,
information confidentiality, and network security. API, data encryption, and authentication have
been suggested as security measures for cloud infrastructure. The report also emphasized how the
public, shared, and virtualized aspects of the cloud-computing paradigm could raise security
issues. To address these issues, creative solutions must be created and cloud security concerns
should be clearly understood by all users. (Pai et al. 2021) proposed a standard secure EHR
framework to be established by means of standard medicinal vocabulary and coding principles.
of
The execution of the EHR framework for the Indian health scheme will advance the workflow of
health facilities. EHR at all levels of healthcare organizations allow for well-organized and
ro
continuous care for patients. (Jain et al. 2022) discussed the potential of blockchain technology to
-p
secure data transmissions in the field of telemedicine. Telemedicine, which involves the remote
re
delivery of healthcare services through telecommunications, has numerous benefits owing to the
blockchain’s key features of decentralization, immutability, and encryption. However, innovative
lP
techniques are needed to ensure the secure and authenticated transfer of data in this digital era.
na
are mostly related to cryptographically imposed admission control for subcontracted data and
Jo
ABE. To enhance the scalability of the above methods, one-to-many encryption approaches such
as ABE can be used.
EHR can now be safely shared between patients and healthcare providers thanks to the
blockchain technology proposed by (Chinnasamy et al. 2022 & 2023). Smart contracts are used in
the proposed access control system to manage access permissions and guarantee quick and
accurate EHR data flows. The effectiveness of the system in detecting and preventing unauthorized
access to e-health systems was determined using an Ethereum blockchain on an AWS cloud to
protect patient privacy and ensure computer security. The proposed system represents a substantial
advancement in the effective administration of e-health data in portable computing and will be
helpful for various intelligent healthcare systems.
According to the literature, handling each node and user is difficult. Numerous nodes and users
may have numerous attributes that must be considered. In addition, in some studies, the
9
administrator had full control over patient information. Patients should be the ones with complete
control of their medical records.
3. Methodology
The system introduced in this research provides secure storage for sensitive medical data in a
public cloud. The patient owns the file or record. The owner has full control over the data, to
guarantee a high degree of patient data privacy. In case of an emergency, the emergency
department is able to access the medical records if the user allows it.
This system has two main types of users. The first user is the data owner. In the proposed
system, we consider patients to be file owners. The owners can upload files to the cloud server.
of
The second type is a user trying to access files on the cloud server. These users include doctors,
ro
hospital staff, research students, insurance companies, or emergency departments. They can access
-p
files once granted permission. Insurance companies can access only files with the file type set as
“insurance info” when the file is uploaded to the server. In addition, emergency departments can
re
access files if allowed. The patient has the ability to upload a file to the server and grant access to
lP
the emergency department. While uploading the file, the user can choose the file type.
The files are encrypted using AES client-side encryption. The AES key is shared via an
na
elliptical curve Diffie-Hellman equation. This makes the file more secure. When a user attempts
ur
to download a file, they have to enter the AES decryption key. The encrypted AES key is stored
in the database, decrypted using the RSA(Rivest, Shamir, Adleman) private key stored in the user’s
Jo
personal folder, and compared with the key entered by the user. If they match, the user is allowed
to download the decrypted file to access the data. Otherwise, the files cannot be downloaded.
3.1 Architecture
There are two main entities in this system: the data/file owners and the users of the data.
Fig.1 shows the overall system architecture, where the data owner uploads the files to the cloud
server. Users can access the files from the server. Only a data owner can upload a file to a server.
Others can download the files for use. Files are made available to users based on certain criteria,
e.g., only files available to the emergency department are visible to users with the type “emergency
department.” Users with the type “insurance company” can only access files with insurance info.
10
Owner
of
ro
Cloud Server – Data Center
-p
re
lP
na
The data owner/patient uploads the files to the cloud server. Users who want to use a file can access
it anywhere and anytime using appropriate communication.
3.2 Data owner architecture
The data are encrypted before being uploaded to the cloud server. The following encryption
mechanism is used: The file can be encrypted using the AES or any other symmetric key
encryption. A session key is used to encrypt the files. The session key can be encrypted using RSA
to secure its distribution. This provides total integrity, confidentiality, and authentication in
accordance with cybersecurity standards. Fig.2 depicts the data owner architecture. The data owner
encrypts the file before uploading it to the server. This is called client-side encryption. The
encrypted file is synchronized with the third-party cloud server.
11
Owner
of
ro
Cloud Server – Data Center
-p
re
lP
Encrypt File
na
ur
Jo
The file owner uploads the encrypted files to the cloud server. When the user tries to access
the file by clicking the download button, it decrypts the file using a session key. The session key
is encrypted using the consumer’s RSA public key. The encrypted public key is then sent to the
user. The user can decrypt the key using their private key. The user can enter the session key to
decrypt the file. If it matches, the file is opened. Otherwise, the user is not permitted access to the
file.
12
Fig.3 shows the system operation from the user’s viewpoint. When users log into the system,
they first see a list of the files shared with them. If they want to access files from this list, they can
download them using a decryption key. The decryption key is evaluated using the key stored in a
data store. If both keys match, the user can decrypt and download the file. Otherwise, they cannot
access the files.
of
USER
ro
-p
Cloud Server – Data Center
re
lP
na
Session Key
ur
Encrypt File
Jo
Hash Key
Hash
13
The AES was created by the US National Institute of Standards and Technology in 2001 to
encrypt electronic data. It is a proven security mechanism in the context of data protection. This
project’s differential contribution lies in adding an additional layer of privacy related to a matching
criterion during the decryption of the key for document access.
This matching criterion for the encryption-decryption keys is rooted in the secret-sharing
mechanism of computer security (Gasser et al. 2023). Cloud storage is secured with this secret-
sharing mechanism; however, the proposed approach combines the AES with a matching share
scenario, which is novel. In a piece of secret information or digital data, the key is divided into “n”
number of shares during the encryption process. To access the key, which is encrypted with “n”
of
number of shares, one should have at least “k” out of “n.” Less than “k” keys will not help in
revealing the key, which is the secret information. A three-share mechanism is employed in which
ro
a user must possess at least two shares to reveal the key. This approach helps maintain the integrity
-p
of the stored data. In this manner, we provide an additional layer of security with added AES on
re
the client side, which is a differential contribution associated with related works in data security.
3.4.1. Major contributions
lP
This study proposes a secure method for sharing digitized medical data in a cloud setting. The
na
novelty of this study is that it provides full end-to-end file encryption using the AES client-side
encryption method, thereby ensuring the security of medical records stored in the cloud. Only
ur
authorized users can access and download files by meeting certain requirements, and the owner
Jo
can transfer the key using the elliptical curve Diffie-Hellman key exchange technique. The
adoption of digital signatures and MD5 hashing techniques can further improve system security.
According to an examination of security approaches, the proposed solution has a lower algorithmic
complexity than its counterparts, making it a better security scheme.
14
Elliptic curves: ECDH uses elliptic curves, which are mathematical structures defined by the
following equation: y2 = x3 + ax + b. These curves have certain mathematical properties that make
them suitable for cryptographic purposes. The curve parameters “a” and “b” determine the shape
of the curve, and the curve is defined over a specific finite field.
Public and private keys: Each party (Anne and Ben) generates a pair of keys for ECDH. The key
pair consists of a private key (random number) and the corresponding public key (point on the
elliptic curve derived from the private key).
Key generation:
• Anne generates her private key, denoted as “a,” and computes her public key, “A,” by multiplying
of
the base point (a predefined point on the curve), “G,” by her private key: A = a * G.
• Ben generates his private key, denoted as “b,” and computes his public key “B” using the same
ro
process: B = b * G.
Key exchange:
-p
re
• Anne and Ben exchange public keys (A and B) over public channels. Because the public key is
derived from the private key, and the mathematical operations are computationally difficult to
lP
reverse, it is infeasible for an eavesdropper to determine the private key from the public key.
na
Calculation:
Anne takes Ben’s public key “B” and multiplies it by her private key “a”: S = a * B.
ur
Ben takes Anne’s public key “A” and multiplies it by his private key “b”: S = b * A.
Jo
Because of the properties of elliptical curves, both operations yield the same point on the curve,
which serves as their shared secret, “S.”
ECDH is a key exchange protocol that does not provide encryption by itself. It is combined with
the AES, which is a widely used symmetric encryption algorithm designed to provide secure and
efficient data encryption and decryption. The AES operates on fixed-size blocks of data (128 bits)
and supports key lengths of 128, 192, or 256 bits.
3.5.2. Secret sharing
Secret sharing is a cryptographic technique that involves dividing a sensitive piece of
information (a secret) into multiple shares such that no single share reveals any information about
the secret; however, a predefined subset of shares can be combined to reconstruct the original
secret. This technique ensures that no single entity has full access to the secret, thereby enhancing
security and preventing unauthorized access.
15
Step 1: Initiation
• A secret-sharing scheme starts with a secret that must be protected. This secret can be any piece
of information such as a cryptographic key or password.
Step 2: Factors
• Parameters are chosen, including the total number of shares, “n,” that will be generated and the
minimum number of shares, “k,” required to reconstruct the secret. “n” is typically greater than or
equal to “k.”
Step 3: Shares
• The secret-sharing process, “g,” generates “n” shares from the original secret. Each share is a piece
of
of data that is seemingly random and has no apparent relationship to the original secret.
• These shares are distributed to different parties, called “shareholders” or “participants.” No
ro
individual shares should provide any information regarding the original secret.
Step 4: Circulation
-p
re
• Each share is provided to a different participant. Distribution can be performed in various ways,
such as physical distribution, secure communication channels, or digital signatures.
lP
Step 5: Restoration
na
• To reconstruct the original secret information, a minimum of “k” shares must be combined. This
process is typically performed by using a predefined reconstruction algorithm.
ur
• When “k” or more shareholders collaborate and pool their shares, they can employ the
Jo
There are a wide variety of cloud-based encryption mechanisms; however, few have been
observed in numerous applications. Table 1 provides a summary of these encryption mechanisms
with brief descriptions, followed by their advantages and disadvantages.
16
Homomorphic Encryption Enables computation Privacy-preserving Computationally intensive.
[Lee Yongwoo et al. 2023] on encrypted data. computation. Limited practical use cases.
Proxy Re-encryption Transforms data Controlled data sharing Requires trust in proxy
[Lin Zhongyun, et al 2021] between encryption without exposing keys. server. Increased
keys. complexity.
Secret Sharing Splits encryption keys Enhanced security Coordination required for
[Kumar K P et al.2019] among parties. against key compromise. key reconstruction.
Attribute-based Encryption Encrypts based on Flexible access control Complex setup and
[Ge Chunpeng, et al 2021] attributes or conditions. based on attributes. management.
MATLAB 2021b was used to train and validate the network. The initial modelling of the
of
network was performed using an Intel Core i5 8250U 1.8 GHz with 8 GB of RAM and an NVIDIA
ro
GeForce MX150 with 4 GB of memory. The training, testing, and validation of the network with
-p
benchmarked datasets were performed using Intel Xeon E3-based workstations, an NVIDIA
GeForce GTX graphics card, and 32 GB of RAM. IBM’s SPSS was used for data visualization
re
related to the experiments. Important aspects involved in the experimental setup and configuration
lP
(1) The Python programming language was chosen, and library cryptography was used to set
up the development environment.
ur
(2) Parameters for ECDH and AES such as key length, curve type, encryption mode, and
Jo
17
(1) Test cases were created to validate the correctness and security of the combined AES and
ECDH implementation. Various inputs, key pairs, and scenarios were tested.
Keys: Both parties generate their own ECDH key pairs: private and corresponding public
keys.
Exchange: Both parties exchange their ECDH public keys securely through either a secure
communication channel or a trusted intermediary.
Shared-secret derivation (ECDH): Each party combines their private key with the public key
of the other party to compute a shared secret using an ECDH key exchange algorithm.
of
Processing: The shared secret derived from the ECDH is used as input for a key derivation
ro
function (KDF) to create a symmetric encryption key for the AES.
Encryption and decryption (AES):
Sender:
-p
re
i. Encrypts the plaintext data using the derived AES key and encryption mode (e.g.,
lP
AES-GCM).
ii. Generates an initialization vector (IV), if needed, via the chosen encryption mode.
iii. Sends the encrypted cipher text and IV to receiver.
na
Receiver:
ur
i. Computes the same shared secret using the private key and receives the ECDH public
key.
Jo
ii. Uses the same KDF to derive the symmetric AES key.
iii. Decrypts the received ciphertext using the derived AES key and IV, if applicable.
4. Descriptive Study
Public clouds such as SkyDrive or Google Drive store unencrypted files on a server. Anyone
who hacks the server can access the files. In addition, a file shared with any user is unencrypted.
Therefore, hackers can access them. Servers with highly sensitive information have a higher
probability of being hacked. In addition, data can be accessed during a data transfer. Public clouds
use only username and password security. If a hacker breaks a user’s password, they can access
the files shared with that user. This is not secure enough for highly confidential files such as
18
medical data. If anyone changes sensitive information such as allergy information, it could threaten
that patient’s life. Therefore, storing unencrypted medical files on third-party servers is unsafe.
In this study, the files were encrypted using the AES client-side encryption technique before
they were uploaded to the server. The AES uses a full-file encryption technique to ensure the
security of sensitive files. The AES encryption/decryption key is shared with the user using the
ECDH key exchange technique. This ensures that the key is not hacked by anyone when it is sent
to the user. When a user attempts to download a file, it asks them to enter the decryption key. The
key entered by the user can be verified using the keys available in the database. If both keys match,
it decrypts the file using that key and permits the user to access the file. This is more secure than
of
the existing public clouds. If a hacker obtains the user’s login information, they can access the
ro
encrypted file but cannot read its contents; a decryption key is required to decrypt and read the
-p
information stored in the file. re
In this system, the patient owns the file. Patients can upload their records to a cloud server. Other
users can only download the files as they lack the permission to upload files. Patients can share a
lP
file with the emergency department using the “add to emergency” link. However, other users do
not have permission to use this feature. This provides greater security for sensitive medical data.
na
As for the time taken to upload the file to the server, as the file size increases the file uploading
time increases. Thus, the performance time does not improve. However, the security increases.
ur
Table 2 provides a comparison of the time required to upload unencrypted and encrypted files to
a cloud server. Encrypted files are larger than unencrypted ones and thus require more time to
Jo
upload. Fig.4 shows a graph generated using Table 2 for visual representation.
19
File Comparision
3.5
1.5
0.5
0
Unencrypted File Encrypted File
of
FIle Type
ro
Fig.4. Comparison between Unencrypted and Encrypted files
-p
re
Table 3 provides a comparison of the time taken to upload unencrypted and encrypted files to
lP
different cloud service providers, such as ownCloud, Google Drive, SkyDrive, Box, and Dropbox;
the same files were uploaded to all cloud services for evaluation purposes. Fig.5 shows a graph
na
20
Comparison between different Cloud Services
14
12
12
10 9 9 9
Time in sec 8
8
6 5 5
4 3 3
2
2
0
OwnCloud Google drive SkyDrive Box Dropbox
Cloud Name
of
Unencrypted File Encrypted File
ro
Fig.5. Comparison between different Cloud Services.
In this section, the results obtained using the developed software tool are briefly discussed. Three
na
parameters were considered in the experiments. The dataset reflected in this regard was purely the
value generated by running the software for a specific period. Real-world data could also be used
ur
in future works.
Jo
Table 4 presents the descriptive statistics of the variables considered, namely “Patient_Id” and
“TimeStamp.” A sample size of 500 was used for these variables in association with another
dependent variable called “Medical Records,” which had values of A = Sensitive, B = Very
Sensitive, and C = Moderately Sensitive. IBM’s SPSS data analytics tool was used to generate
appropriate statistical data and visualize specific parameters.
Statistic Statistic Statistic Statistic Statistic Statistic Std. Error Statistic Std. Error
Patient_Id 500 1242 4306 2832.44 886.245 -.113 .109 -1.122 .218
21
TimeStamp 500 0:00:03 23:57:20 12:04:56 7:01:14 -.025 .109 -1.230 .218
Valid N 500 - - - - - - - -
(listwise)
The categorical variable “Medical Records” had an association with respect to the other two
variables, as shown in Fig.6 and Fig.7. The collection and distribution of the data were the same,
with a sample size of approximately 500.
of
ro
-p
re
lP
na
ur
Jo
22
of
ro
Fig.7: Association of three variables in a grouped scatter dot representation
-p
Fig.8 and Fig.9 show the results of the analysis using the histogram population pyramid. The
re
patient IDs were considered in brackets from 1000 to 5000. The timestamp value was in the
lP
HH:MM:SS format. Their associations with the number of occurrences are shown in the figures.
These results were gathered using simulated values; the results may vary when applied to real-
na
world patient records in a hospital infrastructure. Other random variables could also be
ur
Fig.8: Analysis between TimeStamp and Medical Records with their frequencies
23
of
ro
-p
re
Fig.9: Analysis between Patient_Id and Medical Records with their frequencies
lP
na
method: patient_id, timestamps, and medical records (scale variable). The security levels of the
Jo
medical records were sensitive, moderately sensitive, and extremely sensitive. We have already
outlined the access control context of users/owners downloading medical records across
timestamps and patient_id. In our simulation, all levels of data had a similar pattern of access,
except for extremely sensitive data, where the security aspect played a crucial role. All of these
results were associated with the proposed method for securing medical records over the cloud. As
the collected data belonged to patients, some personal information was not shown, with only
generic information being floated as per the requirements of the problem statement.
The method of dividing sensitive data into “n” no. of transparencies is related to the secret-sharing
approach. Here, the time complexities associated with Big O notation for secret sharing and
24
elliptical curve cryptography are discussed. Table 5 depicts the complexities of secret sharing and
elliptic curves with regard to Big O notation, referring to the descriptions.
of
Key Derivation for Depends on encryption scheme O (1) - Constant time key
Encryption used. derivation.
ro
Encryption (AES) Depends on the encryption O (1) - Constant time for
algorithm used. symmetric encryption.
-p
Decryption (AES) Depends on the decryption O (1) - Constant time for
algorithm used. symmetric decryption.
re
*AES-Advanced Encryption Standard
lP
Key generation, share distribution, reconstruction, and key derivation for encryption were
considered in relation to the complexity parameters.
na
Cloud computing security refers to the set of technologies and policies used to protect data
Jo
stored in a cloud. It combines the disciplines of computer security, network security, and
information security and has the primary objective of protecting data and information in the cloud
from unauthorized access or theft. The cloud security of medical records is of utmost importance
to ensure the confidentiality, integrity, and availability of sensitive patient information. Fig.10
shows the chain of managerial implications related to cloud security activities, beginning with
compliance with the rules and regulations and ending with regular updates and patch management
to remove any bugs present in the system.
25
of
ro
Fig.10: Chain of Managerial Implications Related to Cloud Security
-p
Administrators or managers in healthcare organizations must consider several key managerial
re
implications regarding the cloud security of medical records. The various aspects considered in
lP
Users or administrators should stay informed about relevant regulations such as HIPAA in the
United States and the General Data Protection Regulation in the European Union. They must
Jo
ensure that cloud solutions and practices align with these regulations to avoid legal consequences.
Cloud service providers should demonstrate compliance by maintaining a log of all data processing
activities. They should apply appropriate personal and organizational measures. Noncompliant
organizations face severe punishment for data breaches, including a fine of 20 million euros or up
to 4% of their annual worldwide turnover.
Regular risk assessments should be conducted to identify potential vulnerabilities and threats
to cloud-based medical records. A risk mitigation strategy that includes contingency plans and
incident response protocols should be developed. Cloud security requires a multilayered approach,
beginning with the physical infrastructure and extending to applications and data running on the
cloud. The physical infrastructure includes a data center, network infrastructure, computers, and
26
storage. Next, the application layer protects applications that run on the cloud, such as web
applications, mobile applications, API security, and the security of the application development
process. The final layer is the data layer, in which the data stored in the cloud are protected. This
layer features data encryption, backup, and recovery methods. Strong encryption protocols must
be implemented for data, both in transit and at rest. This ensures that the data remain unreadable
even if unauthorized access occurs. Strict access control policies must be enforced to limit access
to medical records to authorized personnel only. The implementation of role-based access control
and multifactor authentication can enhance security. Identity and access management is the most
commonly used security measure in cloud computing, and includes the management of user
of
accounts, authentication, and authorization. This ensures that only authorized users can access the
data and resources in the cloud.
ro
-p
5.2.3 Incident response plan and regular audits
re
Cloud service providers should develop a well-defined incident response plan that outlines the
steps to be taken in case of a security breach. These include communication protocols, legal
lP
requirements, and remediation measures. Continuous monitoring and auditing of the cloud
na
infrastructure and data access should be implemented. Security information and event management
systems can be used to promptly detect and respond to suspicious activities. Distributed denial-of-
ur
service (DDoS) attacks pose significant risks to cloud customers and providers, including
Jo
reputational damage and exposure of customer data. DDoS refers to the deployment of a large
number of Internet bots to attack a single server, network, or application with an overwhelming
number of requests, packets, or messages, thereby denying service to legitimate users such as
employees or customers. To prevent such attacks, the provider must have a battle plan and reliable
DDoS prevention and mitigation solutions. The provider needs an integrated security strategy to
protect all levels of infrastructure. Integrated security strategies include the development of a
denial-of-service response plan, a secure network infrastructure, and the maintenance of a strong
network architecture. Threat detection is one of the most efficient methods of preventing such
attacks. Denial of service can occur in multiple forms, and it is critical to recognize its visual
indications. A dramatic slowdown in network performance or an increase in the number of spam
emails can be a sign of intrusion.
27
5.2.4 Data backup and recovery
Regular backups of medical records should be maintained to ensure data availability in case of
data loss or system failure. Data recovery processes should be periodically tested to verify their
effectiveness. Sensitive data at rest face several threats that can cause data leakage. A self-
encrypting drive is a hard drive that contains internal circuits that encrypt and decrypt all data
automatically and uses an authentication procedure when the host system is powered on.
Encryption key management is crucial for data-in-rest encryption, and it is highly recommended
to maintain control of all keys, store keys externally, and maintain transparent encryption for users.
The goal of secure data deletion encryption is to protect data against expert attackers that might
of
recover securely deleted data. If the attacker has a backup version of the deleted encrypted data,
ro
the system admin and users must guarantee that the corresponding decoding key is also strictly
-p
deleted to prevent the attacker from decoding the data thereafter.
re
5.2.5 Regular updates and patch management
lP
Software security patch management refers to the process of applying patches to security
vulnerabilities present in software products and systems deployed in an organization’s IT
na
to stay up to date with security patches and updates for both cloud infrastructure and applications
Jo
Responsible people must prioritize cloud security for medical records to protect patient
privacy, maintain regulatory compliance, and uphold the trust of patients and stakeholders.
Collaboration between IT and security teams is essential for implementing and maintaining
effective security measures in the cloud environments of healthcare organizations.
6. Conclusion
The proposed system ensures greater security for sensitive medical files stored in the cloud. It
provides full end-to-end file encryption using an AES client-side encryption algorithm. The files
are made available to users of the system based on the specified criteria. For instance, emergency
28
departments can only access files to which they are granted access; they cannot view or download
other files. After a user downloads a file, they can request a key to open it. If the user is a valid
user, then the owner shares the key using the ECDH key exchange technique. A user who enters
the correct key can decrypt the file. This ensures full security of the file and key. Attackers who
break into the server cannot read the file’s contents. No one can identify the key while transferring
it to the user. This makes it more secure. In the future, it may be possible to add a digital signature
and MD5 hashing mechanism to ensure greater security of the files. The size of the file increases
when it is encrypted; therefore, the time taken to upload an encrypted file is longer than that of an
unencrypted one. The addition of a compression mechanism to reduce the size of encrypted files
of
is a possibility. This encryption process will help reduce the upload time of patients’ medical
records.
ro
-p
Limitations of the study re
This study had certain limitations because we only considered the simulation data produced by our
tool, and we were not able to calculate the exact measures of complexity using existing approaches.
lP
The authors are working on real-world data, which will be part of a future work.
na
Acknowledgements
ur
The authors would like to thank Christ University, Bangalore, for providing support in using the
High-Performance Laboratory to obtain our results. We would also like to thank all of the
Jo
researchers working in medical and health fields who played a key role in creating human-specific
drugs that save lives.
REFERENCES
1. Alarood, A. A et al., (2023). Secure medical image transmission using deep neural network in e‐
health applications. Healthc Technol Lett. , 10(4), 87-98.
2. Alshehri, M. (2023). Blockchain-assisted cyber security in medical things using artificial
intelligence. Electronic Research Archive, 31(2), 708-728.
3. Chang, Y., Fang, C., & Sun, W. (2021). A blockchain-based federated learning method for smart
healthcare. Computational Intelligence and Neuroscience, 2021.
4. Chinnasamy, P., & Deepalakshmi, P. (2022). HCAC-EHR: hybrid cryptographic access control for
secure EHR retrieval in healthcare cloud. J Ambient Intell Human Comput, 1-19.
5. Chinnasamy, P. et al., (2023). Smart Contract-Enabled Secure Sharing of Health Data for a Mobile
Cloud-Based E-Health System. Appl. Sci., 13(6), 3970.
29
6. Dang, L. M et al (2019). A survey on internet of things and cloud computing for healthcare.
Electronics, 8(7), 768.
7. Ebinazer, S. E., Savarimuthu, N., & Bhanu, S. M. S. (2023). A hybrid encryption for secure data
deduplication the cloud. Int. J. Cloud Comput., 12(2-4), 295-307.
8. Gasser, L., & Aad, I. (2023). Disk, File and Database Encryption. Trends in Data Protection and
Encryption Technologies, 201.
9. Ge, C et al., (2021). Revocable attribute-based encryption with data integrity in clouds. IEEE
Transactions on Dependable and Secure Computing, 19(5), 2864-2872.
10. Jain, N., Gupta, V., & Dass, P. (2022). Blockchain: A novel paradigm for secured data transmission
in telemedicine. Wearable telemedicine technology for the healthcare industry (pp. 33-52).
Academic Press.
11. Kumar, K. P., & Cherukuri, R. C. (2019). Secure provenance-based communication using visual
encryption. Int. J. Innov. Comput. Appl., 10(3-4), 194-206.
12. Lee, Y. et al., (2023, April). Efficient FHEW bootstrapping with small evaluation keys, and
of
applications to threshold homomorphic encryption. Annual International Conference on the Theory
and Applications of Cryptographic Techniques (pp. 227-256). Cham: Springer Nature Switzerland.
ro
13. Lin, X. et al., (2019). Making knowledge tradable in edge-AI enabled IoT: A consortium
blockchain-based efficient and incentive approach. IEEE Transactions on Industrial Informatics,
15(12), 6367-6378.
-p
14. Lin, Z. et al., (2023). Generalized Autonomous Path Proxy Re-Encryption Scheme to Support
re
Branch Functionality. IEEE Transactions on Information Forensics and Security, 18, 5387-5400.
15. Liu, J. K., Au, M. H., Susilo, W., & Zhou, J. (2013). Linkable ring signature with unconditional
lP
17. Mahajan, H. B. (2022). Emergence of healthcare 4.0 and blockchain into secure cloud-based
electronic health records systems: solutions, challenges, and future roadmap. Wireless Pers
ur
30
27. Yakti, S. (2015). A game-theoretic approach to optimization of pricing policies for healthcare
information exchange network using genetic algorithm. State University of New York at
Binghamton.
28. Yang, X., & Li, W. (2020). A zero-knowledge-proof-based digital identity management scheme in
blockchain. Computers & Security, 99, 102050.
29. Yaqoob, T., Abbas, H., & Atiquzzaman, M. (2019). Security vulnerabilities, attacks,
countermeasures, and regulations of networked medical devices—A review. IEEE
Communications Surveys & Tutorials, 21(4), 3723-3768.
30. Zhang, S. et al., (2022, December). AuthROS: Secure Data Sharing Among Robot Operating
Systems Based on Ethereum. 2022 IEEE 22nd International Conference on Software Quality,
Reliability and Security (QRS), 147-156.
31. Zhang, Y., Li, S., Shi, Y., Zhou, N., Xu, Y., & Xu, K. (2023). Secure Multi-partyθ-join Algorithms
Toward Data Federation. International Journal of Software & Informatics,13(1), 117-137.
of
ro
-p
re
lP
na
ur
Jo
31
Conflict of interest
The authors would like to confirm that there was no funding received for the above work.
of
ro
-p
re
lP
na
ur
Jo