Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud
Cloud-based Personal Health Record systems (CB-PHR) have great potential in facilitating the management of individual health records. Security and privacy concerns are among the main obstacles for the wide adoption of CB-PHR systems. In this paper, we consider a multi-source CB-PHR system in which m...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2018-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/8258948/ |
| id |
doaj-551cb5a2f915408c9001d1e63097ddbc |
|---|---|
| record_format |
Article |
| spelling |
doaj-551cb5a2f915408c9001d1e63097ddbc2021-03-29T20:30:13ZengIEEEIEEE Access2169-35362018-01-0163809382310.1109/ACCESS.2018.27933048258948Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source CloudXin Yao0https://orcid.org/0000-0001-7165-937XYaping Lin1Qin Liu2Junwei Zhang3College of Computer Science and Electronic Engineering, Hunan University, Changsha, ChinaCollege of Computer Science and Electronic Engineering, Hunan University, Changsha, ChinaCollege of Computer Science and Electronic Engineering, Hunan University, Changsha, ChinaSchool of Cyber Engineering, Xidian University, Xi’an, ChinaCloud-based Personal Health Record systems (CB-PHR) have great potential in facilitating the management of individual health records. Security and privacy concerns are among the main obstacles for the wide adoption of CB-PHR systems. In this paper, we consider a multi-source CB-PHR system in which multiple data providers, such as hospitals and physicians are authorized by individual data owners to upload their personal health data to an untrusted public cloud. The health data are submitted in an encrypted form to ensure data security, and each data provider also submits encrypted data indexes to enable queries over the encrypted data. We propose a novel Multi-Source Order-Preserving Symmetric Encryption (MOPSE) scheme whereby the cloud can merge the encrypted data indexes from multiple data providers without knowing the index content. MOPSE enables efficient and privacy-preserving query processing in that a data user can submit a single data query, the cloud can process over the encrypted data from all related data providers without knowing the query content. We also propose an enhanced scheme, MOPSE<sup>+</sup>, to more efficiently support the data queries by hierarchical data providers. Extensive analysis and experiments over real data sets demonstrate the efficacy and efficiency of MOPSE and MOPSE<sup>+</sup>.https://ieeexplore.ieee.org/document/8258948/Authorization querycloud computingpersonal health recordprivacy-preserving query |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Xin Yao Yaping Lin Qin Liu Junwei Zhang |
| spellingShingle |
Xin Yao Yaping Lin Qin Liu Junwei Zhang Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud IEEE Access Authorization query cloud computing personal health record privacy-preserving query |
| author_facet |
Xin Yao Yaping Lin Qin Liu Junwei Zhang |
| author_sort |
Xin Yao |
| title |
Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud |
| title_short |
Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud |
| title_full |
Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud |
| title_fullStr |
Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud |
| title_full_unstemmed |
Privacy-Preserving Search Over Encrypted Personal Health Record In Multi-Source Cloud |
| title_sort |
privacy-preserving search over encrypted personal health record in multi-source cloud |
| publisher |
IEEE |
| series |
IEEE Access |
| issn |
2169-3536 |
| publishDate |
2018-01-01 |
| description |
Cloud-based Personal Health Record systems (CB-PHR) have great potential in facilitating the management of individual health records. Security and privacy concerns are among the main obstacles for the wide adoption of CB-PHR systems. In this paper, we consider a multi-source CB-PHR system in which multiple data providers, such as hospitals and physicians are authorized by individual data owners to upload their personal health data to an untrusted public cloud. The health data are submitted in an encrypted form to ensure data security, and each data provider also submits encrypted data indexes to enable queries over the encrypted data. We propose a novel Multi-Source Order-Preserving Symmetric Encryption (MOPSE) scheme whereby the cloud can merge the encrypted data indexes from multiple data providers without knowing the index content. MOPSE enables efficient and privacy-preserving query processing in that a data user can submit a single data query, the cloud can process over the encrypted data from all related data providers without knowing the query content. We also propose an enhanced scheme, MOPSE<sup>+</sup>, to more efficiently support the data queries by hierarchical data providers. Extensive analysis and experiments over real data sets demonstrate the efficacy and efficiency of MOPSE and MOPSE<sup>+</sup>. |
| topic |
Authorization query cloud computing personal health record privacy-preserving query |
| url |
https://ieeexplore.ieee.org/document/8258948/ |
| work_keys_str_mv |
AT xinyao privacypreservingsearchoverencryptedpersonalhealthrecordinmultisourcecloud AT yapinglin privacypreservingsearchoverencryptedpersonalhealthrecordinmultisourcecloud AT qinliu privacypreservingsearchoverencryptedpersonalhealthrecordinmultisourcecloud AT junweizhang privacypreservingsearchoverencryptedpersonalhealthrecordinmultisourcecloud |
| _version_ |
1724194670630666240 |