Security System in Cloud Computing for Medical Data Usage



Similar documents
Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

Secure Data Management Scheme using One-Time Trapdoor on Cloud Storage Environment

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

NEW CRYPTOGRAPHIC CHALLENGES IN CLOUD COMPUTING ERA

Secure Role-Based Access Control on Encrypted Data in Cloud Storage using Raspberry PI

How to Encrypt in the Mobile Cloud. Yuliang Zheng ( 鄭 玉 良 ) UNC Charlotte yzheng@uncc.edu

Forward Secrecy: How to Secure SSL from Attacks by Government Agencies

DATA SECURITY IN CLOUD USING ADVANCED SECURE DE-DUPLICATION

Homomorphic Encryption Method Applied to Cloud Computing

EFFICIENT AND SECURE DATA PRESERVING IN CLOUD USING ENHANCED SECURITY

A Proposal for Authenticated Key Recovery System 1

EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE

An Efficient and Light weight Secure Framework for Applications of Cloud Environment using Identity Encryption Method

An Efficiency Keyword Search Scheme to improve user experience for Encrypted Data in Cloud

Data Security in Cloud Using Elliptic Curve Crytography

An Efficient Data Security in Cloud Computing Using the RSA Encryption Process Algorithm

Data Integrity for Secure Dynamic Cloud Storage System Using TPA

Secure File Sharing in the Cloud by Row Complete Matrix Re-encryption Method

Formal Modelling of Network Security Properties (Extended Abstract)

Cryptanalysis of Cloud based computing

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

3-6 Toward Realizing Privacy-Preserving IP-Traceback

A Secure Model for Cloud Computing Based Storage and Retrieval

A Proxy-Based Data Security Solution in Mobile Cloud

CS 758: Cryptography / Network Security

Enabling Public Auditability, Dynamic Storage Security and Integrity Verification in Cloud Storage

Homomorphic encryption and emerging technologies COSC412

Decentralized Access Control Schemes for Data Storage on Cloud

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage

Secure Key Exchange for Cloud Environment Using Cellular Automata with Triple-DES and Error-Detection

Secure and Efficient Data Retrieval Process based on Hilbert Space Filling Curve

Data Integrity by Aes Algorithm ISSN

Supporting Collaborative Video Editing Over Cloud Storage

Privacy Preservation and Secure Data Sharing in Cloud Storage

White Paper. Enhancing Website Security with Algorithm Agility

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm

SECURITY IMPROVMENTS TO THE DIFFIE-HELLMAN SCHEMES

Secure File Transfer Using USB

Security Strength of RSA and Attribute Based Encryption for Data Security in Cloud Computing

Fully homomorphic encryption equating to cloud security: An approach

ETSI TS V1.2.1 ( )

CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION

Secure and privacy-preserving DRM scheme using homomorphic encryption in cloud computing

Efficient and Robust Secure Aggregation of Encrypted Data in Wireless Sensor Networks

WIRELESS PUBLIC KEY INFRASTRUCTURE FOR MOBILE PHONES

Survey on Securing Data using Homomorphic Encryption in Cloud Computing

A Study on Secure Electronic Medical DB System in Hospital Environment

ADVANCE SECURITY TO CLOUD DATA STORAGE

Outsourcing the Decryption of ABE Ciphertexts

Review Of Secure And Privacy Preserving DRM Scheme

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

Role Based Encryption with Efficient Access Control in Cloud Storage

A REVIEW ON ENHANCING DATA SECURITY IN CLOUD COMPUTING USING RSA AND AES ALGORITHMS

Capture Resilient ElGamal Signature Protocols

AN INVESTIGATION OF THE SECURE DATA COMMUNICATION IN MEDICAL MOBILE APPLICATIONS

Verifying Correctness of Trusted data in Clouds

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

An Efficient data storage security algorithm using RSA Algorithm

Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment

Secure Data Storage in Cloud Service using RC5 Algorithm

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

The application of prime numbers to RSA encryption

MODIFIED RSA ENCRYPTION ALGORITHM IS USED IN CLOUD COMPUTING FOR DATA SECURITY

Mutual Authentication Cloud Computing Platform based on TPM

Third Party Auditing For Secure Data Storage in Cloud through Trusted Third Party Auditor Using RC5

A Secure Index Management Scheme for Providing Data Sharing in Cloud Storage

AN EFFICIENT AUDIT SERVICE OUTSOURCING FOR DATA IN TEGRITY IN CLOUDS

A Road Map on Security Deliverables for Mobile Cloud Application

Enhance data security of private cloud using encryption scheme with RBAC

Data Grid Privacy and Secure Storage Service in Cloud Computing

Keywords: Authentication, Third party audit, cloud storage, cloud service provider, Access control.

Cloudifile Getting Started

PRIVACY ASSURED IMAGE STACK MANAGEMENT SERVICE IN CLOUD

Privacy Patterns in Public Clouds

Analysis of Privacy-Preserving Element Reduction of Multiset

Public Auditing for Shared Data in the Cloud by Using AES

SSL BEST PRACTICES OVERVIEW

SURVEY ON: CLOUD DATA RETRIEVAL FOR MULTIKEYWORD BASED ON DATA MINING TECHNOLOGY

A SOFTWARE COMPARISON OF RSA AND ECC

Data Security Using Reliable Re-Encryption in Unreliable Cloud

IMPLEMENTATION OF NETWORK SECURITY MODEL IN CLOUD COMPUTING USING ENCRYPTION TECHNIQUE

Message Authentication Code

Data Outsourcing based on Secure Association Rule Mining Processes

SECURE RE-ENCRYPTION IN UNRELIABLE CLOUD USINGSYNCHRONOUS CLOCK

HTTPS is Fast and Hassle-free with CloudFlare

Scalable and secure sharing of data in cloud computing using attribute based encryption

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Hey! Cross Check on Computation in Cloud

Implementation of Role Based Access Control on Encrypted Data in Hybrid Cloud

Keywords-- Cloud computing, Encryption, Data integrity, Third Party Auditor (TPA), RC5 Algorithm, privacypreserving,

Associate Prof. Dr. Victor Onomza Waziri

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Privacy, Security and Cloud

Efficient Integrity Checking Technique for Securing Client Data in Cloud Computing

Cryptography for the Cloud

A Robust Multimedia Contents Distribution over IP based Mobile Networks

Transcription:

, pp.27-31 http://dx.doi.org/10.14257/astl.2013.38.06 Security System in Cloud Computing for Medical Data Usage Maya Louk 1, Hyotaek Lim 2, Hoon Jae Lee 3 1 Department of Ubiquitous IT, Graduate School of Dongseo University, Sasang-Gu, Busan 617-716, Korea mayalouk@gmail.com 2 Division of Computer and Engineering Dongseo University Sasang-Gu, Busan 617-716, Korea htlim@gdsu.dongseo.ac.kr 3 Division of Computer and Engineering Dongseo University Sasang-Gu, Busan 617-716, Korea hjlee@dongseo.ac.kr Abstract. This Paper briefly sketches out the usage of security system in Mobile Cloud Computing which is including the monitoring, recording, tracking and giving notification to the user. For encryption-decryption will use Elliptic Curve Cryptography (ECC). The functionality of re-encryption "tag" and "mark" for data access system for every legal user. It suggests the cloud computing based on encryption and decryption services with functional reencryption which the encrypted medical data could be accessed and decryption from anywhere by whomever that has the ability to access according to the access policy. This paper proposed the discussion of the idea of medical usage of the cloud computing and the security accessing data by people who has been authorized according to the access policy. Keywords: Cryptography, Functional Re-Encryption, Medical Data, Mobile Cloud Computing, Tag and Mark, 1 Introduction Medical data of a patient is a sensitive data which also has to be shared with another person who has the authorization to analyze and process the data. This idea covers not only patients who are located in the big city with flashy hospital and bunch of specialists but also for every needy persons who have only access to equipment limited small hospital and lack the specialist who can analyze the medical data and give proper feedback. With this design system, the administration of the hospital or nurse will help the patient to record all data that they need and put all the patient s data into the cloud computing, and the specialist doctor wherever the doctor is, who has the authorized access into the cloud computing could read the data, process, and access the data and send back his suggestion to the cloud so that the hospital administration will do the instruction that the specialist has suggested. 2 Security for Medical Data ISSN: 2287-1233 ASTL Copyright 2013 SERSC

Fig.1. The security system for medical usage. According to figure 1, when intruders try to illegally see and steal the data, the intruders must jailbreak the security system beforehand. Thus the system will record the attempt and track it down and send the notification to the user using this method, the user will know the who, when, how and where the intruders attempt to attack the system The security system consists of: a. Security system: authentication: when a user wants to log in into the system, the system will send one time password into the user mobile phone via short message system (SMS). The data saved in the cloud storage will be encrypted under "tag" name. If the data is meant for the doctor, it will be saved under "doctor's tag." The security algorithm for encryption and decryption purpose can be any security schemes. For the purpose of this paper, we will be using ECC for the encryption-decryption. We observed the following advantages: The Elliptic Curve Cryptography (ECC) is the public key primitive that is increasingly important as to RSA. Another advantage of ECC is that it's having a shorter key length than RSA. For example, ECC- 160 is similar to RSA-1024, and ECC-224 is similar to RSA-2028. So we can say that ECC has a shorter key length than RSA [12]. b. Recording, monitoring, and tracking: all these systems merge into one in cloud computing. The record of all activities is ongoing progress so every move that is made, who made it, where, who and when it happened can be tracked down. All these progress will be reported to the authoritative user through mobile phone application. 3 Re-encryption for Medical data Re-encyrption data is used to tag and mark data that wanted to be saved in cloud storage. Tag names will be given to all data according to all particular users. Any person that is not tagged will be unable to access the data since no authorization is given. Functional re-encryption is an expressive generalization of re- 28 Copyright 2013 SERSC

encryption. Transform ciphertext of messages or data with tag T with PKA into ciphertext of data with PK determined by the F (T). Functional re encryption functionality is parameterized by a policy function F : D = [n] (i.e, F has domain D and has n possible outputs) chosen from some class of functions, an input public key pk, and n output public keys. [1] Case 1: (there are only 2 users, the patient (W) and the specialist Doctor (P)) Patient W has PKA = g a and SK A = a besides that Specialist Doctor P has PK B = g b and SK B = b; Data send to the cloud (uploading) X = Enc (g a, M), which M is the plain data; Data download from the cloud (downloading) Y = Enc (g b, M), which M is the plain data and the plain data will be decrypted under PK B and SK B. Reencryption from key g a to key g b can be done with the re-encryption key g b/a Case 2: multiuser to access one patient (W) data with different purpose and different file. Some file may not be meant to be read and accessed by another user. Patient W has PK A = g ai and SK A = a i, α i which i is the tag name for certain user may access the data, let assume that formula F (0) = F (0) and F (1) = F (1), so on. Then, Specialist Doctor P has PK 0 = g b0 and SK 0 = b 0, Nurse O has PK 1 = g b1 and SK 1 = b 1, Pharmacist T has PK 2 = g b2 and SK 2 =b 2, Researcher Doctor U has PK 3 = g b3 and SK 3 = b 3, and so on. Send data to the cloud (uploading) X = Enc (g ai, M), which M is the plain data encrypt message M with tag i with key g a. Data download from the cloud (downloading) Y = Enc (g b0(i), M), which M is the plain data, the data decrypted under the PK i = and SK i. The input encryption scheme is as follows: I-Gen (1 λ,1 d ): Pick random vectors a 1,,a d from Zq d that are linearly independent. We also generate crs, a common reference string (abbreviated CRS) for the NIZK proof system. Output pk = (crs, g, g a1,, g ad ), and sk = (a 1,.,a d ). We remark that the public key pk can be viewed as being made up of d public keys pk i = (g,g ai ) of a simpler scheme. I-Enc(pk, I, ε, [d], m): To encrypt a message m ε M, with identity i ε [d], choose random exponents r and r from Zq, and compute: o C = g rai ; D = g r m o C = g r ai ; D = g r o π, a proof that these values are correctly formed, i.e. that they correspond to one of the vectors g ai contained in the public key. Output the ciphertext (E, E, π) where E = (C, D) and E = (C, D ). Looking ahead, we remark that E looks like an encryption of message m under pki, while E looks like an encryption of 1 G under pk i. E is primarily used by the re-encryption program for input re-randomization, and is not required if the encryption scheme is used stand-alone without the functional re-encryption program. I-Dec (sk, (E, E )): If any of the components of the ciphertext E is 1 G or if the proof π does not verify, output τ. Ignore E, π subsequently, and parse E as (C,D). Check that for some i ε [d] and m ε M, D (C1/ ai ) -1 = (m,..,m). If yes, output (i, m). [1] The output encryption scheme is as follows: Copyright 2013 SERSC 29

O-Gen (1 λ ): Pick â Zq. Let pk = hâ and sk = â O-Enc(pk, m): To encrypt a message m ε M Ċ G, o Choose random n umber r Zq. o Compute Ŷ = (h â ) r and Ŵ = h r. o Output the ciphertext as [Ŝ,Ĝ] : = [e(g, Ŷ), e(g, Ŵ). e(m, h)] O-Dec(sk = â, (Ŝ,Ĝ)): The decryption algorithm does the following: o Compute Ő = Ĝ. Ŝ 1/ â o For each m ε M, test if e(m,h) = Ő. If so, output m and halt. (Note that if e(m,h) are precomputed for all m ε M, then this step can be implemented with a table lookup.) [1] 4 Conclusion & Future Work Further questions that have to be asked concerning this work are: Can access policy: be obtained for lower class of access policies? Arbitrary access policies: is that possible to access and to make the arbitrary access policies?, Ciphertext size: can we obtain smaller cipher texts?. All questions must be reviewed to improve this system in securing data. Future work is how to implement it and can we outsource arbitrary multi-party computations securely to the cloud? Thinking about adding possibilities of arbitrary functions. - Arbitrary Code Execution is an ability to execute any task of computations to targeted computer, in this case is Cloud Computing. Furthermore, how is that every process could be done in the cloud computing without cloud provider employee learn about it. Future work of this paper is an implementation of the cloud computing which is using Amazon EC2 and the mobile application is using android device. We are working on the implementation for the security syste m (Encryption and Decryption ) using ECC and re encryption method for accessing multiuser in the mobile application which is using Amazon EC2 as the cloud computing system. Acknowledgments. This research was supported by Basic Science Research Program through the National Research Foundation of Korea(NRF) funded by the Ministry of Education, Science and Technology. (grant number: 2013-071188). And it also supported by the BB21 project of Busan Metropolitan City. References 1. Chandran, Nishanth, Melissa Chase, and Vinod Vaikuntanathan. "Functional re- encryption and collusion-resistant obfuscation." Theory of Cryptography. Springer Berlin Heidelberg, 2012. 404-421. 30 Copyright 2013 SERSC

2. Benaloh, Josh, et al. "Patient controlled encryption: ensuring privacy of electronic medical records." Proceedings of the 2009 ACM workshop on Cloud computing security. ACM, 2009. 3. Kulkarni, Gurudatt, et al. "A security aspects in cloud computing." Software Engineering and Service Science) ICSESS, ( 2012 IEE E 3rd International Conference on. IEE,E 2012. Copyright 2013 SERSC 31

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information