Abstract
Healthcare is among the sectors showing efforts in adopting cloud computing to its services considering the provided cost reduction and healthcare process efficiency. However, outsourcing patient’s sensitive data increases the concerns regarding security, privacy, and integrity of healthcare data. Therefore, there is a need for building a trust relationship between patients and e-health systems. In this paper, we propose a privacy-preserving framework, called Hybrid and Secure Data Sharing Architecture (HSDSA), to secure data storage in e-health systems. Our approach improves security in healthcare by maintaining the privacy and confidentiality of sensitive data and preventing threats. In fact, in the upload phase, Multi-cloud environment is used to store Rivest–Shamir–Adleman (RSA) encrypted medical records. We adopt a Shamir’s secret sharing approach for the distribution of shares to different independent cloud providers. In the retrieval phase, the reconstruction operation is based on the (t, n) strategy. To check the requester identity and to prove the hash possession, we used a zero-knowledge cryptography algorithm, namely the Schnorr algorithm. The patient has a total control over the generation and management of the decryption keys using Diffie-Hellman algorithm without relying on a trusted authority.
Highlights
We present a Hybrid and Secure Data Sharing Architecture (HSDSA), for secure and privacy-preserving storing and sharing of patient’s sensitive data in a Multi-cloud environment without relying on a trusted third party
We will give an overview of the HSDSA framework in which we focus on the context of medical data storage, share and retrieval
The Data Owner (DO) makes sure that the Data Requester (DR) is an authorised requester and that he possesses the encrypted version of the Electronic Health Records (EHR) (R ), the DR and the DO try to establish a session using Diffie-Hellman (DH) algorithm to exchange decryption key securely
Summary
Cloud computing is a new promising technology that leverages the user from the burden of hardware maintenance and offers dynamically flexible and scalable computational resources accessible from any place where a network is available. One of the key concepts of this model is to store data on different cloud server providers where an insider is not able to reconstruct the original data from a single share [1]. In this context, several solutions have been proposed in the literature to ensure secure multi-cloud storage in e-health systems [2–5]. We present a Hybrid and Secure Data Sharing Architecture (HSDSA), for secure and privacy-preserving storing and sharing of patient’s sensitive data in a Multi-cloud environment without relying on a trusted third party. To download an EHR, HSDSA recovers its shares using an outsourcing reconstruction operation based on the (t, n) strategy.
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call