20172017

IEEEIEEE
7th International
7th International
Advance
Advance
Computing
Computing
Conference
Conference
(IACC)

Big Data Security in Healthcare

Survey on Frameworks and Algorithms

Sudipta Chandra, Soumya Ray, R.T.Goswami

Birla Institute of Technology, Mesra
Kolkata Campus, Kolkata, India
[email protected]
[email protected]
[email protected]

Abstract— Healthcare data is increasingly being digitized
today and the data collected today coming in from all modern
devices, has reached a significant volume all over the world. In
the US, UK and other European countries, healthcare data needs
to be secured and Patient Health Records (PHR) need to be
protected so that re-identification of patients cannot be done
from basic information. Privacy of healthcare is an important
aspect governed by Healthcare Acts (e.g. HIPAA) and hence the
data needs to be secured from falling into the wrong hands or
from being breached by malicious insiders. It is important to
secure existing healthcare big data environments due to
increasing threats of breaches and leaks from confidential data
and increased adoption of cloud technologies. In this paper the
current healthcare security scenario in big data environments
has been summarized along with challenges faced and security
issues that need attention. Some existing approaches have been
described to illustrate current and standard directions to solving
the issues. Since healthcare governance in the US has a strong
focus on security and privacy as opposed to other countries on
this day, the paper focuses on Acts and privacy practices in the
US context.
the potential to spot problems before they happen and provide
suggestions for a healthy life.
Improve effectiveness of Clinical Trials – Huge amounts of
data on potential candidates for clinical trials can be analyzed
to identify the best subjects for clinical trials.
Avoid Preventable Deaths – Constant monitoring of medical
conditions can provide alerts to take preventive action. Medical
data can be compared with existing data sets to come to
insights on whether there is a risk.
Detecting Side Effects of Drugs – Patient data and their
medical conditions over a period of time can lead to insights on
whether there are noticeable side effects to a drug.
Identifying Disease Risks from the DNA – Family history on
diseases and medical conditions can be profiled and DNA
analysis can provide insights on medical conditions a patient is
likely to encounter.

Index Terms— Healthcare, Big Data, Big Data Security, Big

Data Privacy

I. HEALTHCARE AND BIG DATA

With the increasing use of technology and collection of
healthcare related data by medical providers, the volume of
data available is increasing every day. This data can be
productively used for research and analysis. These massive
datasets can be used to generate focused knowledge and
insights using predictive analytics and BI enabling informed
decisions in the world of healthcare and hence potentially save
patients’ lives, make treatments cost-effective and improve
operational efficiency.

Applications of Big Data in Healthcare [1][2] include:
Preventing Epidemics – Big Data was used in preventing the
spread of Ebola virus in Africa by spotting population
movements and providing insights to the best areas for setting
up treatment centers and bring in movement restrictions.
Improve Quality of Life – Smartphones, apps and health
gadgets today are able to collect health data and give us
insights for improving the quality of life and take necessary
medical action when required. This is done by uploading the
collected data and compiling it with existing datasets. This has
Figure 1 Applications of Big Data
Provide Clinicians and Doctors with the ability to make Wise
Clinical Decisions – Even before studying the patient a doctor
can have the ability to know about the patient and the medical
profile compiled by analyzing huge data sets along with the
patients’ own. This can help the doctor in making informed
clinical decisions keeping in mind the predictions provided on
deep analysis of health care data.

978-1-5090-1560-3/17 $31.00 © 2017 IEEE 89

DOI 10.1109/IACC.2017.25
Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on December 12,2023 at 04:13:12 UTC from IEEE Xplore. Restrictions apply.
Fraud Analysis – Healthcare claims and the associated data can
be analyzed by a Big Data System and predictions can be
provided on potential fraudulent claims in the Healthcare
Insurance Sector. This can help Health care insurance
companies save considerable money lost to fraudulent claims.
In the process healthcare providers who are part of fraud can
also be identified and appropriate legal action ensured.
Research – Big data analysis on genomic research and real time
PHR access could provide medical practitioners with informed
decisions and aid in treatment. Continuous research will result
in proactive steps being taken before problems occur, contrary
to the reactive course of treatment in place today. VPH or
Virtual Physiological Human is an emerging framework of
methods and technologies for collaborative investigation of the
human body as a single complex system. Mathematical models
for predicting the state of a biological system can be used along
with medical imaging and sensing technologies. High
dimensional big data analysis has facilitated this research and
big data technologies have empowered and strengthened VPH
approaches [3].
II. HEALTHCARE SECURITY AND PRIVACY
Figure 2 Healthcare Data Risks and Challenges
Healthcare Data in Big Data Environments today face
several challenges [4]:
x Sharing of Healthcare data can be leveraged by cloud
technologies. Healthcare data from different vendors
can be merged to analyze insights into medical
treatment and diagnosis. Sharing the data via cloud
based environments raises concerns in environments
where security practices related to healthcare are not in
place.
x Healthcare data centers today are required to follow
HIPAA certification and the guidelines and rules laid
out by HIPAA. This however does not guarantee
patient record safety as HIPAA does not lay out rules
for implementing data safety but rather is concerned
with ensuring that security policies and procedures are
in place. Also, inflow of large volume of data from
various sources results in requirement of handling the
extra burden for storage, processing power and high
speed networking.
x Healthcare industry has faced a range of attacks like
DDOS (Distributed Denial of Service), malware
90
Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on December 12,2023 at 04:13:12 UTC from IEEE Xplore. Restrictions apply.
attacks and Medical Identity Theft by insiders and
external attackers as well.
Healthcare data in the form of EHRs or PHRs are private to the
individual or the organizations dealing with them. Exposure of
healthcare data and the identification of an individual can lead
to several concerns[5][6][7]:
x Medical Identity Theft – Medical Identity Theft is the
most common form of privacy breach in Health Care
where an individual’s personal information is exposed
and thereafter impersonated for financial gain.
x Social Issues – Exposed health conditions of an
individual may lead to unwanted social situations.
x Insurance Fraud – Fictitious medical bills can be
obtained on the basis of stolen identity and insurance
claims can be submitted for financial gain.
x Incorrect treatment – if the medical information is
modified in an unwanted way, it may lead to incorrect
treatment of the patient.
x Incorrect Diagnosis – Incorrect medical information
may lead to erroneous diagnosis or inappropriate
treatment plan, potentially harming the patient’s
health.
x Health insurance treatments may get exhausted and
patients may not be able to claim further insurance.
x Employment Issues – Employers do request the
medical history of potential employees and damaged
or falsified medical information have the potential of
causing employment issues.
Patient Data Privacy is of utmost importance and is essential
that proper security practices are implemented and practiced. In
this paper some existing and suggested techniques are
discussed.
III. BIG DATA SECURITY APPROACHES IN HEALTHCARE
A. Health Care Big Data and Internet of Things
Wireless Body Area Networks or WBANs are used for
monitoring of medical condition of patients [8] [9] using tiny
sensor nodes attached or implanted to the human body. These
sensor nodes develop what is called a Wireless Sensor Network
(WSN). Biological information from the human body is sent to
a control device either attached to the human body or in the
vicinity wirelessly. The collected data is sent to remote servers
or cloud of a hospital/medical center for further analysis or
action. WBANs can be used for ECG, pulse rate, blood
pressure, blood flow, body temperature, EEG etc.
It is vital to ensure accuracy and integrity of such health
care data and hence security and privacy of WBANs must be
ensured. Security must be maintained for WBANs in: the
sensors attached to the body, remote servers where WBAN
data is pushed, communication channels. A lot of research has
been done on securing WBANs.
1) F.A. Khan et al proposed a cloud based healthcare
framework [10] for implementing WBANs using cloud
computing, wherein patient data stored on the cloud is
protected using dynamic reconstruction of metadata [11].
Combination of biometric values is used to generate keys for
encryption, thus ensuring randomness.
2) Han et al proposed another scheme for data
confidentiality for cloud based WBANs wherein they
suggested a cryptosystem having multi valued and ambiguous
properties [12]. This was achieved using multi valued encoding
rules. In addition, the data communication between the cloud
and WBANs is attempted to secure efficiently.
B. Health Care Big Data and Cloud
Cloud computing today is used extensively for Health
Information Systems and processing of healthcare data [13].
Advances in Omics fields (genomics, proteomics and
metabolomics) aims in collecting and characterizing pools of
biological molecules and their structure, function and
dynamics. This generates considerable amount of data to be
stored and processed. Predictive analytics using text and data
mining algorithms requires a growing demand for dynamic and
scalable resources which the cloud computing environment is
able to provide. An additional benefit of the cloud computing
environment is that resources can be used temporarily as
required on a Pay as you use basis with the ability of buying
processing power and storage on-demand. Cloud computing is
also using for biomedical information sharing.
Cloud computing along with Big Data technologies has
found use in Medical Imaging, public health and patients’ self-
service applications, hospital management and Clinical
Information Systems. It is imperative that with the growing use
of cloud computing technologies in healthcare, security and
privacy of healthcare data in the cloud needs to be preserved
along with securing the cloud computing infrastructure itself.
x Xiao et al introduced the concept of Accountable
MapReduce [15][16] wherein each node is held
accountable for their behavior. A group of auditor
nodes perform accountability tests (A-tests) which
check each node and identify malicious nodes in real
time. This framework is applicable to Map Reduce
solutions on the cloud and hence can help secure
health care data processing.
x Samanthula et al in their paper on “k-Nearest
Neighbor Classification over Semantically Secure
91
Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on December 12,2023 at 04:13:12 UTC from IEEE Xplore. Restrictions apply.
Encrypted Relational Data”[16] proposed a
methodology to run data mining classification
algorithms on encrypted data. This is relevant for
healthcare data mining on the cloud or for health care
data outsourced for mining, wherein the data has to be
in encrypted form to ensure privacy and traditional
privacy preserving techniques do not apply. To
illustrate Data Mining over encrypted data (DMED)
secure k-NN classifier was used which has been
termed as PPkNN or Privacy Preserving k-NN[16].
x Using Attribute Based Encryption, Yang et al.
proposed an outsourced policy updating method for
Big Data Systems in the cloud [17].
x A Sticky Policy Framework [18] was proposed by Li
et al. which suggested an implementation independent
meta-model for security policies. A loose-couple
binding approach is suggested where data fragments
are stored separately from sticky policies. This allows
definition of fine-grained security access. Fine grained
security access may be used to define different levels
of access groups access to only what they need to see
e.g. patient data can be accessible only to doctors and
nurses only. Inside the patient data, some information
may be for the eyes of doctors only.
x Waziri et al. have used fully homomorphic encryption
to suggest a cryptographic model[19] for Big Data
Analytics in the cloud thereby addressing concerns on
Confidentiality and Privacy. Techniques for
implementation and concepts on cryptographic
solutions for Big Data in the cloud have been
discussed.
C. Securing Patient Health Records in Big Data and Cloud
Environments
Health care today revolves around the data presented by
Electronic Health Records (EHR) which integrates all health
related aspects and findings of an individual. Because of the
sensitive nature of this information and its potential to cause
harm if disclosed, EHRs (or PHRs - Patient Health Records),
should be access controlled and strict security and privacy
enforced in maintenance. Since health records need to be
transferred via internet, stored in the cloud, exposed to vendors,
and made part of data analytics they need to be privacy
controlled to secure the identity of the individual. While
transferring over the internet, transmission encryption is not
considered sufficient and the need arises to encrypt the
documents as well to protect from hackers and unauthorized
access [20].
x Slamanig et al. in their paper[20] have suggested
unlinkability and anonymity as the preliminary
criteria in health care data privacy. Unlinkability
denotes that relation between data existing in the
system should not be identifiable by mere
observation. Anonymity is the state of not being
identifiable within a set of items which have been
defined as the anonymity set. The paper also discusses
 the risks of using plaintext portals which store data
without encryption and hence are vulnerable to
attacks from insiders and hackers. For encrypted
portals, which encrypt the health data it is important
to secure the cryptographic key on the servers as
insiders may be able to get access to it. This can be
done by using a Public Key Infrastructure (PKI) and
is encrypted using the public key of the person to
whom access is granted. In addition, pseudonymized
portals can be used wherein encryption is done for the
content and the meta-data as well. Health records are
also subject to disclosure in cases EHRs are exposed
to several groups of people e.g. potential employers,
insurance companies etc.
x Gunamalai et al. propose a method of security and
privacy of Personal Medical Records and DICOM
images in the Cloud environment [21]. DICOM
(Digital Imaging and Communication in Medicine) is
a standard for medical imaging and also addresses
distribution and viewing of medical images. The goal
is to enable multiple healthcare centers to access
patients’ data for treatment in a secure way. The
scheme undetectably embeds private patient data like
name and unique identification number in the medical
images. Access Control is done via two-way
authentication which is a combination of username
password validation and a dynamic key sent to a
handheld device or email. To protect data in the cloud
servers, Column Based Encryption (CBE) is used
which enables selective sharing of data among
healthcare centers.
x E. Srimathi et al propose a method of ensuring
privacy of healthcare records in Big Data using
Dynamic Map Reduce [6]. Their work is related to
providing anonymizing techniques for securing
scalable Big Data. They use a two-step approach
using Dynamic Map Reduce framework [22] and the
LKC privacy model [23]. Dynamic Map Reduce is a
concept enabling dynamic allocation of idle slots with
no running tasks. This optimization involves 2
techniques namely: Dynamic Hadoop Slot Allocation
(DHSA) – Unused map or reduce slots can be used
interchangeably to improve performance. Speculative
Execution Performance Balancing (SEPB) –
Speculative execution is used to detect lagging tasks.
The LKC privacy model involves l-diversity to
prevent linking Quasi Identifier (QID) attributes for
re-identification.
D. Health Care and Big Data Analytics
A robust decision making system in the healthcare industry
requires sharing of not only Electronic Health Records but also
of running predictive algorithms to detect trends in treatment,
diagnosis and other research areas. The main obstacles in
sharing the EHRs are patient privacy and the sensitivity of
medical information contained in them.
92
Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on December 12,2023 at 04:13:12 UTC from IEEE Xplore. Restrictions apply.
x Yan Li et al. proposed a distributed ensemble (family
of distribution of random variables) approach for
mining healthcare data under privacy constraints [24].
Each participating facility accessing the data needs to
build their own model to learn the distribution of their
own data. Thereafter they share the knowledge
acquired knowledge on their data as decision models.
Hence the patient level sensitive data is not shared
thus preserving privacy.
x Noman Mohammed et al. in their paper on Secure and
private management of healthcare databases for data
mining [25] suggested a framework which uses
“semantically-secure” encryption schemes to encrypt
data bases being outsourced. Their framework enables
querying the data using a “differentially-private”
query interface supporting SQL queries and complex
data mining tasks.
Analytical processing done on data should not expose personal
data for users or granular details that would lead analysts to
trace back the data to the original details. Data mining and
predictive analytics techniques need to implement privacy
preserving techniques e.g. masking sensitive data and other
anonymization techniques. Privacy Preserving Data Mining
and Analytics is a technique explored today by many
researchers to solve this issue.
x Agrawal et al suggested an approach related to
Privacy Preserving Data mining for building
classifiers using training data [26]. The data on which
classifiers are built are not same as the original, while
being different from the original in distribution and
values. A novel reconstruction procedure was
suggested to estimate the distribution of original data
from the training data provided. Classifiers for the
data mining can be built using this and the accuracy of
these classifiers were shown to be comparable to
classifiers built using the actual data. Since the actual
data is not used to build classifiers in this case,
privacy of sensitive user information can be
preserved. The basic approach is to let users provide
data with random noise added to it. 2 methods for
modifying values are considered – by discretizing
values into mutually exclusive classes and by
modifying values using a function of random values
with uniform or Gaussian distribution.
x Lindell et al proposed an approach on Privacy
Preserving Data Mining considering 2 parties
attempting to run data mining with a union of their
respective databases[27]. The intention was to not
reveal unnecessary information. They used decision
tree learning and the ID3 algorithm to propose an
efficient approach. No party involved here learned
more than the output itself.
x Quasi-identifiers are attributes that can be used to
uniquely identify individuals by linking to external
data. To counter this security issue the concept of k-
anonimity [28] was introduced. In this method data is
generalized or suppressed to reduce granularity. If a
 record k in a dataset is indistinguishable from at least identifiable information which are
k − 1 other records with respect to every set of quasi- part of electronic health records. A
identifier attributes, the dataset can be called k- patient’s medical record cannot be
anonymous. It was shown however that k-anonimity legally disclosed without the
is not fool proof when it comes to data privacy as it written authorization of the patient.
All medical providers and others
can be subjected to attacks like “Homogeneity attack” seeking to access or maintaining
when there is Homogeneity of sensitive attributes and health records in the US need to be
“Background knowledge attack” wherein background HIPAA compliant.
knowledge on the individual is helpful in The Privacy Rule of HIPAA
identification. A. Machanavajjhala et al. suggested l- addresses the use and disclosure of
diversity[29] to protect against the privacy issues that a patient‘s protected health
may be encountered when using k-anonymity. To do information by healthcare plans,
medical providers, and
so, the concept of intra-group diversity of sensitive clearinghouses, also referred as ―
values is promoted within the anonymization covered entities. The Security Rule
scheme[30]. of HIPAA requires covered entities
x Reza Shokri et al. In their paper on Privacy preserving to ensure implementation of
deep learning[31] discussed about a framework to administrative safeguards in the
preserve privacy of user data in deep learning neural form of policies and personnel,
physical safeguards to information
networks. Their system enables 2 parties to jointly infrastructure, and technical
learn neural network models without exposing the safeguards to monitor and control
original datasets. This was achieved by sharing of intra and inter organizational
selected model parameters during training. As information access. [32]
specified in the paper – “this parameter sharing, PPACA or Patient Protection and Affordable
interleaved with local parameter updates during Obama Care or Care Act (PPACA) commonly
stochastic gradient descent, allows participants to ACA called Affordable Care Act or
Obama Care was enacted in 2010.
benefit from other participants’ models without
The act is meant to help hospitals
explicit sharing of training inputs” [31]. and primary physicians transform
their practices financially,
IV. CONCLUSION technologically, and clinically to
While Big Data technologies are improving day by day this drive better health outcomes, lower
also means that the volume of data along with the rate at which costs, and improve their methods
of distribution and accessibility.
data is flowing into enterprises today is increasing. There is a
The Affordable Care Act was
need to secure sensitive health care data from adversaries and intended to increase health
malicious software – both to maintain integrity of the data and insurance quality and affordability.
privacy of sensitive information. The security challenges It introduced mechanisms
highlighted must therefore be dealt with and new novel including mandates, subsidies and
security approaches need to come up that can be adapted to insurance exchanges. The law
Health Care Big Data. While software security goes long back requires insurers to accept all
applicants, cover a specific list of
in computation history, not all techniques are suitable in the
conditions and charge the same
health care context. The success of security techniques in rates regardless of pre-existing
protecting data and the ability of sharing data without privacy conditions or sex [33].
concerns will determine the potential of Health Care Data
adaptation to cloud based environments in the coming days.
VI. APPENDIX B - HEALTHCARE TERMINOLOGIES
V. APPENDIX A – HEALTHCARE ACTS
Terminology Description
EHR A digitized version of the patient’s medical
Country Healthcare Act Description record. An EHR can contain a patient’s medical
US Medicare National social insurance program history, diagnoses, medications, treatment plans,
in the US administered by the US immunization dates, allergies, radiology images,
federal government. Provides and laboratory and test results and also allow
health insurance to Americans access to evidence-based tools that providers can
aged 65 and above, and to people use to make decisions about a patient’s care.
of all younger age with some PHR PHRs contain similar information as EHRs with
disabilities. the addition that PHRs are needed to empower
HIPAA The Health Insurance Portability patients, and to provide them with the ability to
and Accountability Act of 1996 check their records for any inconsistencies and
(HIPAA). Includes rules for medical errors regardless of location.
releasing and sharing individually

93

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on December 12,2023 at 04:13:12 UTC from IEEE Xplore. Restrictions apply.
 REFERENCES IEEE Transactions on Parallel and Distributed Systems, vol. PP,
no. 99, pp. 1–1, 2014.
[1] J. D. Halamka, “Using Big Data to Make Wiser Medical
Decisions,” Harvard Business Review, 2015. [Online]. [18] J. Gao, S. Li, T. Zhang, J. Gao, and Y. Park, “A Sticky Policy
Available: https://hbr.org/2015/12/using-big-data-to-make- Framework for Big Data Security,” no. October, pp. 130–137,
wiser-medical-decisions. 2015.
[2] B. Marr, “How Big Data Is Changing Healthcare,” Forbes, [19] V. O. Waziri, J. K. Alhassan, I. Ismaila, and M. N. Dogonyaro,
2015. [Online]. Available: http://onforb.es/1bfRQ0b. “Big Data Analytics and Data Security in the Cloud via Fully
Homomorphic Encryption,” International Journal of Computer,
[3] M. Viceconti, P. Hunter, and R. Hose, “Big Data , Big
Electrical, Automation, Control and Information Engineering,
Knowledge : Big Data for Personalized Healthcare,” IEEE
vol. 9, no. 3, pp. 744–753, 2015.
Journal of Biomedical and Health Informatics, vol. 19, no. 4, pp.
1209–1215, Jul. 2015. [20] D. Slamanig and C. Stingl, “Privacy aspects of eHealth,” in
ARES 2008 - 3rd International Conference on Availability,
[4] H. Kupwade Patil and R. Seshadri, “Big Data Security and
Security, and Reliability, Proceedings, 2008, pp. 1226–1233.
Privacy Issues in Healthcare,” in 2014 IEEE International
Congress on Big Data, 2014, pp. 762–765. [21] C. Gunamalai and S. Sivasubramanian, “A NOVEL METHOD
OF SECURITY AND PRIVACY FOR PERSONAL MEDICAL
[5] W. C. Figg and H. J. Kam, “Medical Information Security,”
RECORD AND DICOM IMAGES IN CLOUD
International Journal of Security, vol. 5, no. 1, pp. 22–34, 2011.
COMPUTING,” ARPN Journal of Engineering and Applied
[6] E. Srimathi and K. A. Apoorva, “Preserving Identity Privacy of Sciences, vol. 10, no. 10, pp. 4635–4638, 2015.
Healthcare Records in Big Data Publishing Using Dynamic
[22] S. Tang, B. S. Lee, and B. He, “DynamicMR: A dynamic slot
MR,” International Journal of Advanced Research in Computer
allocation optimization framework for mapreduce clusters,”
Science and Software Engineering, vol. 5, no. 4, pp. 968–973,
IEEE Transactions on Cloud Computing, vol. 2, no. 3, pp. 333–
2015.
347, 2014.
[7] W. Gillette and T. B. Patrick, “Medical identity theft: an
[23] N. Mohammed, B. C. M. Fung, P. C. K. Hung, and C.-K. Lee,
emerging problem for informatics.,” AMIA Annual Symposium
“Centralized and Distributed Anonymization for High-
proceedings AMIA Symposium AMIA Symposium, p. 964,
Dimensional Healthcare Data,” ACM Transactions on
2007.
Knowledge Discovery from Data, vol. 4, no. 4, pp. 1–33, 2010.
[8] J. Y. Khan and M. R. Yuce, “Wireless Body Area Network
[24] Y. Li, C. Bai, and C. K. Reddy, “A distributed ensemble
(WBAN) for Medical Applications,” in New Developments in
approach for mining healthcare data under privacy constraints,”
Biomedical Engineering, Online Edi., InTech, 2010, pp. 591–
Information Sciences, vol. 330, no. 330, pp. 245–259, 2015.
628.
[25] N. Mohammed, S. Barouti, D. Alhadidi, and R. Chen, “Secure
[9] A. Tewari, “Security and Privacy in E-Healthcare Monitoring
and private management of healthcare databases for data
with WBAN : A Critical Review,” International Journal of
mining,” in Proceedings - IEEE Symposium on Computer-
Computer Applications, vol. 136, no. 11, pp. 37–42, 2016.
Based Medical Systems, 2015, vol. 2015-July, pp. 191–196.
[10] F. A. Khan, A. Ali, H. Abbas, and N. A. H. Haldar, “A cloud-
[26] R. Agrawal and R. Srikant, “Privacy-preserving data mining,”
based healthcare framework for security and patients’ data
Proceedings of the 2000 ACM SIGMOD international
privacy using wireless body area networks,” Procedia Computer
conference on Management of data - SIGMOD ’00, vol. 29, no.
Science, vol. 34, pp. 511–517, 2014.
2, pp. 439–450, 2000.
[11] A. Waqar, A. Raza, H. Abbas, and M. Khurram Khan, “A
[27] Y. Lindell and B. Pinkas, “Privacy-preserving Data Mining,”
framework for preservation of cloud users data privacy using
Crypto ’00, vol. 29, pp. 36–54, 2000.
dynamic reconstruction of metadata,” Journal of Network and
Computer Applications, vol. 36, no. 1, pp. 235–248, 2013. [28] P. Samarati and L. Sweeney, “Protecting Privacy when
Disclosing Information: k-Anonymity and its Enforcement
[12] N. D. Han, L. Han, D. M. Tuan, H. P. In, and M. Jo, “A scheme
Through Generalization and Suppresion.,” Proc of the IEEE
for data confidentiality in Cloud-assisted Wireless Body Area
Symposium on Research in Security and Privacy, pp. 384–393,
Networks,” Information Sciences, vol. 284, pp. 157–166, 2014.
1998.
[13] L. Griebel, H.-U. Prokosch, F. Köpcke, D. Toddenroth, J.
[29] A. Machanavajjhala, D. Kifer, J. Gehrke, and M.
Christoph, I. Leb, I. Engel, and M. Sedlmayr, “A scoping review
Venkitasubramaniam, “L -diversity,” ACM Transactions on
of cloud computing in healthcare.,” BMC medical informatics
Knowledge Discovery from Data, vol. 1, no. 1, p. 3–es, 2007.
and decision making, vol. 15, p. 17, 2015.
[30] C. C. Aggarwal and P. S. Yu, “A General Survey of Privacy-
[14] Z. Xiao and Y. Xiao, “Achieving Accountable MapReduce in
Preserving Data Mining Models and Algorithms,” in Privacy-
cloud computing,” Future Generation Computer Systems, vol.
preserving data mining, Springer US, 2008, pp. 11–52.
30, pp. 1–13, 2014.
[31] R. Shokri and V. Shmatikov, “Privacy-Preserving Deep
[15] H. Ulusoy, M. Kantarcioglu, E. Pattuk, and L. Kagal,
Learning,” Proceedings of the 22nd ACM SIGSAC Conference
“AccountableMR: Toward accountable MapReduce systems,” in
on Computer and Communications Security - CCS ’15, pp.
2015 IEEE International Conference on Big Data (Big Data),
1310–1321, 2015.
2015, pp. 451–460.
[32] A. Appari and M. E. Johnson, “Information security and privacy
[16] B. K. Samanthula, Y. Elmehdwi, and W. Jiang, “K-nearest
in healthcare: current state of research,” International Journal of
neighbor classification over semantically secure encrypted
Internet and Enterprise Management, vol. 6, no. 4, p. 279, 2010.
relational data,” IEEE Transactions on Knowledge and Data
Engineering, vol. 27, no. 5, pp. 1261–1273, 2015. [33] “Patient Protection and Affordable Care Act,” Wikipedia.
[Online]. [Accessed: 20-Aug-2016].
[17] K. Yang, X. Jia, and K. Ren, “Secure and Verifiable Policy
Update Outsourcing for Big Data Access Control in the Cloud,”

94

Authorized licensed use limited to: UNIVERSITY PUTRA MALAYSIA. Downloaded on December 12,2023 at 04:13:12 UTC from IEEE Xplore. Restrictions apply.