Вы находитесь на странице: 1из 10

GJESR RESEARCH PAPER VOL.

1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X



Virtu and Foi
1
www.iiece.org
SCALABLE AND SECURE SHARING OF PERSONAL
HEALTH RECORD MAINTENANCE USING ADVANCED
ENCRYPTION STANDARD (AES)

*
Kabilan N
Department of Computer Science & Engineering,
Coimbatore Institute of Engineering and Technology (CIET),
Coimbatore, TamilNadu, India.
Email- kabilanstreet@gmail.com

ABSTRACT: Personal health record (PHR) is an emerging patient-centric model of health information
exchange. There have been wide privacy concerns as personal health information could be exposed to
unauthorized access. In this project, an Advanced Encryption Standard (AES) scheme capable of handling
multiple authorities is employed to protect PHR from unauthorized access. The AES scheme is based on
the attributes stored in the PHR. In this scheme, the set of recipients defined by the encrypting party can
decrypt a corresponding cipher text. This scheme overcomes the demerits in the existing encryption
scheme. In a multi-authority AES scheme, multiple attribute-authorities monitor different sets of
attributes and issue corresponding decryption keys to users. Encryptors assure that a receiver obtain
keys for appropriate attributes from each authority before decrypting a message. Thus, the project
provides security to the data stored in PHR, using AES with increased performance and reliability.

Keywords: Personal health records, Access control, Advanced Encryption Standard, Attribute-based
Encryption, and Secure Sharing.


1. INTRODUCTION
In recent years, personal health record (PHR)
has emerged as a patient-centric model of health
information exchange. A PHR service allows a
patient to create, manage, and control her
personal health data in one place through the
web, which has made the storage, retrieval, and
sharing of the medical information more
efficient. Especially, each patient is promised the
full control of her medical records and can share
her health data with a wide range of users,
including health care providers, family members
or friends. Due to the high cost of building and
maintaining specialized data centres, many PHR
services are outsourced to or provided by third-
party service providers such as Microsoft Health
Vault. While it is exciting to have convenient
PHR services for everyone, there are many
security and privacy risks which could impede
its wide adoption. The main concern is about
whether the patients could actually control the
sharing of their sensitive personal health
information (PHI), especially when they are
stored on a third-party server which people may
not fully trust. On the one hand, although there

exists healthcare regulations such as HIPAA
which is recently amended to incorporate
business associates, service providers are
usually not covered entities. On the other hand,
due to the high value of the sensitive personal
health information (PHI), the third-party storage
servers are often the targets of various
malicious behaviours which may lead to
exposure of the PHI. As a famous incident, a
Department of Veterans Affairs database
containing sensitive PHI of 26.5 million military
veterans, including their social security numbers
and health problems was stolen by an employee
who took the data home without authorization.
To ensure patient-centric privacy control over
their own PHRs, it is essential to have data
access control mechanisms that work with
servers. A feasible and promising approach
would be to encrypt the data before outsourcing.
Basically, the PHR owner herself should decide
how to encrypt her files and to allow which set
of users to obtain access to each file. A PHR file
should only be available to the users who are
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
2
given the corresponding decryption key, while
remain confidential to the rest of users.


Fig.1: Architecture of Patient Health Record Sharing
However, the goal of patient-centric privacy is
often in conflict with scalability in a PHR system.
The authorized users may either need to access
the PHR for personal use or professional
purposes. Examples of the former are family
member and friends, while the latter can be
medical doctors, pharmacists, and researchers,
etc. Let refer to the two categories of users as
personal and professional users, respectively.
The latter has potentially large scale, should
each owner directly responsible for managing
all the professional users, will easily be
overwhelmed by the key management overhead.
In addition, since those users access requests
are generally unpredictable, it is difficult for an
owner to determine a list of them. Letting each
user obtain keys from every owner whose PHR
wants to read would limit the accessibility since
patients are not always online. In order to
protect the personal health data stored on a
trusted server, by adopting Advanced
Encryption Standard (AES) as the main
encryption primitive. Using AES, encrypting the
information is done based on the number of
rounds involved. Each round includes functions
such as Sub Bytes, Shift Rows, Mix Columns and
Add Round Keys. For decrypting the
information, a set of reverse round keys are
used.


2. AES Technique
AES technique is a specification for an
encryption of electronic data. It uses
substitution and permutation network. This
technique uses block size as 128 bits and key
size as 128,192 or 256 bits. Key size used for
AES cipher determines the number of
repetitions of transformation rounds that
convert the plain text into cipher text. Numbers
of cycles of repetitions are
10 cycles represents 128 bits key.
12 cycles represents 192 bits key.
14 cycles represents 256 bits key.
Advanced Encryption Standard uses an
algorithm starts with a random number, in
which the key and data encrypted with it are
scrambled through four rounds of mathematical
processes. The key that is used to encrypt the
information must also the same to decrypt it.
Four rounds are
SubBytes
ShiftRows
MixColumns and
Add Round Key

GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
3

Fig.2: Structure of AES
Each round has several processing steps, each
containing four similar but different stages. A set
of reverse round key is used to get plain text
from cipher text.
The first three functions of an AES round are
designed to thwart cryptanalysis via the
methods of confusion and diffusion. The
fourth function actually encrypts the data.
Claude Shannon described the concepts of
confusion and diffusion in his seminal 1949
paper, Communication Theory of Secrecy
Systems:
Two methods suggest themselves for
frustrating a statistical analysis. These
We may call the methods of diffusion and
confusion.10
Diffusion means patterns in the plaintext are
dispersed in the ciphertext. Confusion means the
relationship between the plaintext and the
ciphertext is obscured.
A simpler way to view the AES function order is:
Scramble each byte (SubBytes).
Scramble each row (ShiftRows).
Scramble each column (MixColumns).
Encrypt (AddRoundKey).
A term associated with AES is the State, an
intermediate cipher,11 or the ciphertext before
the final round has been applied. AES formats
plaintext into 16 byte (128-bit) blocks, and
treats each block as a 4x4 State array. It then
performs four operations in each round. The
arrays contains row and column information
used in the operations, especially MixColumns()
and Shiftrows().
SubBytes()
SubBytes() adds confusion by
processing each byte through an S-Box. An S-Box
is a substitution table, where one byte is
substituted for another, based on a substitution
algorithm.
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
4
Here is the AES Substitution Table:

Fig.3: SubBytes
To complete an S-Box operation on an example
string of ABC, take the hexadecimal Value of
each byte. ASCII A == hex 0x42, B == 0x43
and C == 0x44. Look up the first (left) hex digit
in the S-Box column and the second in the S-Box
row. 0x42 becomes 0x2c; 0x43 becomes 0x1a,
and 0x44 becomes 0x1b.
ShiftRows()
ShiftRows() provides diffusion by
mixing data within rows. Row zero of the State is
not shifted, row 1 is shifted 1 byte, row 2 is
shifted 2 bytes, and row 3 is shifted 3 bytes, as
shown in the FIPS illustration that follows:

Fig.4: ShiftRows

MixColumns()
MixColumns() also provides diffusion
by mixing data within columns. The 4 bytes of
each column in the State are treated as a 4-byte
number and transformed to another 4- byte
number via finite field mathematics, as shown in
the FIPS illustration that follows:


Fig.5: MixColumns

AddRoundKey()
The actual encryption is
performed in the AddRoundKey() function,
when each byte in the State is XORed with the
subkey. The subkey is derived from the key
according to a key expansion schedule, as shown
in the FIPS illustration that follows:

Fig.6: AddRoundKey

One Round of AES
Here is one round of AES encryption, shown in
the FIPS publication two dimensionally:
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
5

Fig.7: One Round AES
AES Decryption
Decryption occurs through the function
AddRoundKey(), plus the inverse AES functions
InvShiftRows(), InvSubBytes(), and
InvMixColumns(). AddRoundKey() does not
require an inverse function, as it simply XORs
the state with the subkey (XOR encrypts when
applied once, and decrypts when applied again).
Algorithm:
STEP 1 : Key Expansion - Round keys are
derived from the cipher key using Rijndael's key
Schedule.
A separate 128- bit round key blockfor each
round plus one more.
STEP 2 : To perform Initial Round
transformation.
Add Round Key
STEP 3 : To perform Round transformation.
To perform Sub Bytes
substitution.
To perform Shift Rows
permutation.
To perform Mix Columns
permutation.
To Add Round Key
permutation.
STEP 4 : Final Round (no Mix Columns)
1. Sub Bytes
2. Shift Rows
3. Add Round Keys
3. Related Work
Various attribute encryption techniques are
used for fine grained encryption of data and are
discussed below.
KP-ABE: [1] propose a cryptosystem for fine-
grained sharing of encrypted data that is called
as Key-Policy Attribute-Based Encryption. In
this cryptosystem, cipher texts are designated
with sets of attributes and private keys .Private
keys are related with access structures that in
turn specifies which type of cipher texts the key
can decrypt.
Symmetric key cryptography (SKC) based
solutions: Symmetric-key algorithms are a class
of algorithms for cryptography that use the
same cryptographic keys for both encryption of
plaintext and decryption of ciphertext. The keys
may be identical or there may be a simple
transformation to go between the two keys. The
keys, in practice, represent a shared secret
between two or more parties that can be used to
maintain a private information link Vimercati
et.al.[2] Proposed a solution for securing
outsourced data on semi-trusted servers based
on symmetric key derivation methods, which
can achieve fine-grained access control.
Unfortunately, the complexities of file creation
and user grant/revocation operations are linear
to the number of authorized users, which is less
scalable.
Multi-Authority attribute-Based encryption:
In a multi-authority ABE system [3], we have
many attribute authorities, and many users.
There are also a set of system wide public
parameters available to everyone (either
created by a distributed protocol between the
authorities). A user can choose to go to an
attribute authority, prove that it is entitled to
some of the attributes handled by that authority,
and request the corresponding decryption keys.
The authority will run the attribute key
generation algorithm, and return the result to
the user. Any party can also choose to encrypt a
message, in which case he uses the public
parameters together with an attribute set of his
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
6
choice to form the ciphertext. Any user who has
decryption keys corresponding to an
appropriate attribute set can use them for
decryption.
Public key cryptography (PKC) based
solutions: PKC based solutions were proposed
due to its ability to separate write and read
privileges. To realize fine-grained access control,
the traditional public key encryption (PKE)
based schemes proposed by J. Benaloh, M. Chase,
E. Horvitz, and K. Lauter [4] in their work
Patient controlled encryption: ensuring privacy
of electronic medical records, they purpose the
solution scenario and shows how public and
symmetric based encryption used , disadvantage
of their solution is either incur high key
management overhead, or require encrypting
multiple copies of a file using different users
keys.
CP-ABE: Waters et.al. Proposed [5] Cipher text-
Policy Attribute-Based Encryption, which was
specifically designed by considering that data
can be kept confidential even servers are semi
trusted. Also the encryption methods are
resistant against collusion attacks.CP-ABE
overcomes the drawback that existing Attribute-
Based Encryption systems has which uses
attributes to describe the encrypted data and on
that basis amend policies on users keys. Instead
scheme suggests to use attributes to decide
users credentials, and a party encrypting data
deter- mines a policy for who can decrypt.
AES-CBC + Elephant diffuser: [6] The Bitlocker
Drive Encryption feature of Windows Vista
poses an interesting set of security and
performance requirements on the encryption
algorithm used for the disk data. We discuss
why no existing cipher satisfies the
requirements of this application and document
our solution which consists of using AES in CBC
mode with a dedicated diffuser to improve the
security against manipulation attacks.
CC MAABE: Chase and Chow [7] proposed a
multiple-authority ABE (CC MAABE) Solution. As
per (CC MAABE) there can be arbitrary TAs,
each of them governing a distinguished subset of
the users attributes and secret key is generated
collectively from each subset. User can get part
of the key from each TA.

Table1: Comparison of Different ABE & AES
Schemes
4. Framework for PHR Model
To present Novel patient-centric secure data
sharing framework considers a PHR system
where there is PHR owners and PHR users. The
owners refer to patients who have full control
over their own PHR data, i.e., they can create,
manage, retrieve and delete it. There is a central
server belonging to the PHR service provider
that stores all the owners PHRs. The users may
come from various aspects; for example, a
friend, a care giver or a researcher. Users access
the PHR documents through the server in order
to read or write to someones PHR, and a user
can simultaneously have access to multiple
owners data. A typical PHR system uses
standard data formats. For example, continuity-
of-care (CCR) (based on XML data structure),
which is widely used in representative PHR
systems Indivo, an open-source PHR system
adopted by Boston Childrens Hospital. Due to
the nature of XML, the PHR files are logically
organized by their categories in a hierarchical
way. We consider the server to be semi-trusted,
i.e., honest but curious. Some users will also try
to access the files beyond their privileges. For
example, a pharmacy may want to obtain the
prescriptions of patients for marketing and
boosting its profits. To do so, they may collude
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
7
with other users, or even with the server. In
addition, we assume each party in our system is
preloaded with a public/private key pair and
entity authentication can be done by traditional
challenge-response protocols. To achieve
patient-centric PHR sharing, a core
requirement is that each patient can control
who are authorized to access to her own PHR
documents. Especially, user controlled
read/write access is the core security objective
for any electronic health record system.
5. Implementation Details
(1) RSA Algorithm: For actual
encryption/decryption of data we will be using
RSA algorithm. It belongs to Advance encryption
Standard i.e. AES. Till date no known attacks are
identified against RSA algorithm. The various
algorithms which belong to DES standard like
Deffie Hellman, MD5 are prone to attacks and
also require huge computation. The details of
RSA are as follows
It uses public & a private key
Uses large integers (e.g. 1024 bits)
The One-Way Function
The exponentiation function y = f(x) = xe mod n
can be computed with reasonable effort.
Its inverse x = f -1(y) is extremely difficult to
compute.
4. The RSA public key algorithm is
based on the well-known hard problem of
factoring large numbers into its prime factors
(2)Dividing system into domains: Aim is to
provide secure patient-centric PHR access and
efficient key management at the same time. The
key idea [8] is to divide the system into multiple
security domains (namely, public domains
(PUDs) and personal domains (PSDs) according
to the different users data access requirements.
The PUDs consist of users who make access
based on their professional roles, such as
doctors, nurses and medical researchers. In
practice, a PUD can be mapped to an
independent sector in the society, such as the
health care, government or insurance sector. For
each PSD, its users are personally associated
with a data owner (such as family members or
close friends), and they make accesses to PHRs
based on access rights assigned by the owner.
Both types of security domains, utilize AES to
realize cryptographically enforced, patient-
centric PHR access. The multi-domain approach
best suited for different user types and their
access requirements in a PHR system. The use of
AES makes the encrypted PHRs self-protective,
i.e., they can be accessed by only authorized
users even when storing on a semi-trusted
server, and when the owner is not online. [8]
(3) Encryption of PHR and Access rules: The
files which are encrypted using AES are
uploaded on server by the owner. Each owner
PHR files are encrypted on the basis of certain
fine grained and role based access policy.
Encrypted files can be decrypted only by
authorized users, excluding the server.
(4)Policy Updates. Sharing policy for an
existing PHR is done by PHR owner by updating
the attributes (or access policy) in the cipher
text. The supported operations like
add/delete/modify can be performed by server
on behalf of the user
(5) Break-glass. A break glass concept is used
in case of emergency. Break glass allows
bypassing the regular access policies and
accessing the PHR record through emergency
department (ED) .For this scheme PHR access
rights are delegated to emergency department
beforehand. To prevent from abuse of break-
glass option, the emergency staffs needs to
contact the ED to verify identity and emergency
situation, as well as obtain temporary read keys.
After the emergency is over, the patient can
revoke the emergent access via the ED.
6. Proposed System Model
The general flow will be, user through web
application will login into the system. The user
credententials will be checked against login
database system. System will verify that to
which domain user belongs to. On that basis
attribute authentication system will grant
read/write access. If user wants to write some
data to PHR cloud than application server will
encrypt that data and then it will be stored in
PHR cloud. Key distribution will be again
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
8
managed by application logic server. In case of
Break glass PHR access rights are delegated to
emergency department beforehand so that
misuse of it can be avoided. In this model,
Advanced Encryption Standard (AES) technique
is used for securing PHR. AES algorithm is a
symmetric key algorithm which uses same key
for encryption and decryption process. This
algorithm helps to encrypt the information
based on number of rounds involved in it. Each
round includes four functions such as Sub Bytes,
Shift Rows, MixColumns and Add Round Keys. A
set of reverse round keys are used for
decrypting the information. Number of rounds
helps for the strongest secure of information.
This technique is mainly used for securing
medical records.


Fig. 8: Proposed System Model for AES PHR system

7. System Implementation
Implementation is the stage in the project where
the theoretical design in the turned into a
working system and is giving confidence on the
new system for the user that it will work
effectively. It involves careful planning,
investigation of the current system and its
constraints on implementation, design of
methods to achieve the changeover, an
evaluation, of change over methods.
Apart from planning major task of preparing the
implementations are education and training of
users .The more complex the system begin
effort, required just for implementation. An
implementation coordination committee based
on policies of individual organization has been
appointed. The implementation process begins
with preparing a plan for the implementation of
the system. After the system is implemented
successfully, training of the user is one of the
most important subtasks of the developer. For
this purpose user manuals are prepared and
handled over to the user to operate the
developed system. Thus the users are trained to
operate the developed system. Both the
hardware and software securities are made to
run the developed systems successfully in
future.
The implementation stage involves following
Tasks.
Careful planning.
Investigation of system and constraints.
Design of methods to achieve the
changeover.
Training of the staff in the changeover
phase.
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
9
Evaluation of the changeover method
The maintenance phase of the software
cycle is the time in which a software product
useful work. After a system is successfully
implemented, it should be maintained in a
proper manner. System maintenance is an
important aspect in the software development
life cycle. The need for the system maintenance
is for it to make adaptable to change in the
system environment. There may be social,
Technical and other environmental changes,
which affect a system, which is being
implemented. Software product enhancements
may involve providing new functional
capabilities, improving user displays and mode
of interaction, upgrading the performance
characteristics of the system. So only throw
proper system maintenance procedures, the
system can be adapted to cope up with these
changes. The maintenance activity occurs
because it is unreasonable to assume that
software testing will uncover all errors in large
software system. During the use of any large
program, errors, will occur and be reported to
the Developer. The process that includes the
diagnosis and correction of one or more errors
is called Corrective maintenance
Parameterization of Key Length, Block Size,
and Round Number
This standard explicitly defines the
allowed values for the key length (Nk), block
size (Nb), and number of rounds (Nr) see Fig.
8.1 However, future reaffirmations of this
standard could include changes or additions to
the allowed values for those parameters.
Therefore, implementers may choose to design
their AES implementations with future flexibility
in mind.

Table.2: Key Rounds

Implementation Suggestions Regarding
Various Platforms
Implementation variations are possible
that may, in many cases, offer performance or
other advantages. Given the same input key
and data (plaintext or ciphertext), any
implementation that produces the same output
(ciphertext or plaintext) as the algorithm
specified in this standard is an acceptable
implementation of the AES.
8. CONCLUSION
Based on the fact that it is a government
standard AES is going to be used in the future as
the symmetric algorithm of choice, unless a
major flaw is found in the algorithm. It is
important to remember that while all initial
analysis looks like the algorithm is secure there
is no way to prove an algorithm is secure, you
can only prove it is not secure by breaking it.
Therefore only time will tell but if all works out
as planned, you will be seeing AES used in all
products instead of DES/Triple DES.
The Advanced Encryption Technique
was implemented successfully using java
language. Various data messages were
encrypted using different keys and varying key
sizes. The original data was properly retrieved
via decryption of the cipher text. The
modifications brought about in the code was
tested and proved to be accurately encrypting
and decrypting the data messages with even
higher security and immunity against the
unauthorized users.
9. REFERENCES
1. S. Yu, C. Wang, K. Ren, and W. Lou,
Achieving secure, scalable,and fine-
grained data access control in cloud
computing, in IEEEINFOCOM10, 2010.

2. S. D. C. di Vimercati, S. Foresti, S. Jajodia,
S. Paraboschi, and P. Samarati, Over-
encryption: management of access
control evolution on outsourced data,
in VLDB 07, 2007, pp. 123134.

3. M. Chase and S. S. Chow, Improving
privacy and security in multi-authority
GJESR RESEARCH PAPER VOL. 1 [ISSUE 4] MAY, 2014 ISSN:- 2349283X

Virtu and Foi
10
attribute-based encryption, in CCS 09,
2009, pp. 121130.

4. J. Benaloh, M. Chase, E. Horvitz, and K.
Lauter, Patient controlled encryption:
ensuring privacy of electronic medical
records, in CCSW09, 2009, pp. 103
114.

5. L. Ibraimi, M. Petkovic, S. Nikova, P.
Hartel, and W. Jonker,Ciphertext-policy
attribute-based threshold decryption
with delegation and revocation of user
attributes, 2009.

6. Niels Ferguson, AES-CBC + Elephant
diffuser. A Disk Encryption Algorithm
for Windows Vista,
niels@microsoft.com, Aug 2006.

7. M. Chase and S. S. Chow, Improving
privacy and security in multi-authority
attribute-based encryption, in CCS 09,
2009, pp.121130.

8. Google, microsoft say hipaa stimulus
rule doesnt apply to them,
http://www.ihealthbeat.org/Articles/2
009/4/8/.

9. Ming Li, Shucheng Yu, Yao Zheng, Kui
Ren, and Wenjing Lou, Scalable and
Secure Sharing of Personal Health
Records in Cloud Computing using
Attribute- based Encryption, IEEE
TRANSACTIONS ON PARALLEL AND
DISTRIBUTE SYSTEMS-jan2013.

Вам также может понравиться