Вы находитесь на странице: 1из 6

2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering

Hybrid Secure and Scalable Electronic Health Record

Sharing in Hybrid Cloud
R. Manoj1, Abeer Alsadoon1, P.W.C. Prasad1, Nectar Costadopoulos1, Salih Ali2
School of Computing and Mathematics, Charles Sturt University, Australia.
University of Baghdad Technology, Iraq

Abstract— Cloud computing has become an integral part of the proposed system together with its logical design are given in
operation of health. However, there are major security and sections 4, and 5 respectively. Section 6 analyses
privacy issues in terms of accessing medical records from the implementation results. The conclusion and future research is
hybrid cloud environment. In this paper, a new secure hybrid discussed in section 7.
Electronic Health Record system is proposed. In this framework,
two efficient encryption methods are combined for fine grained II. LITERATURE REVIEW
access control and protection of data privacy. Multi-authority and
Key-based encryption schemes are used for the encryption of each A. Impact of Cloud security and privacy in EHR
part of health records after dividing those records using a vertical
partitioning method. Multi-authority encryption schemes are
Over the last decade, cloud computing has grown as a new
primarily used in the Public Domains (PUDs), while Key-based service model leading to the establishment of numerous cloud
encryption schemes are prevalent in Personal Domains (PSDs). based data centers as cost-effective platforms for hosting large-
Together, they provide; secure data access and authentication of scale service applications. However, notwithstanding
users. Implementation is facilitated using Windows Azure Cloud considerable benefits and services, the problem of security and
Computing platform. privacy of medical data access has been significant for service
providers. To mitigate this, researchers have proposed
Keywords— Privacy, security, Electronic health records, Hybrid numerous techniques and methods. [2], have proposed a
cloud, Data access, Authentication.
practical hybrid solution for secure data access in cloud, which
I. INTRODUCTION ensures high data reliability, security and integrity by
combining statistical and cryptographic techniques. The aim of
The capacity of cloud computing to store and share globally this model is to provide flexible and secure medical data access
large amounts of information has made this technology highly
with maximum data utilization and privacy protection.
useful for the health industry [1]. Electronic Health Record
systems (EHR) consist of a large amount of electronic health Others have focused on an effective and secure Electronic
information, which, with the help of cloud computing, can be Health Record (EHR) system by meeting cloud security
easily and effectively managed, shared, providing access to the requirements through confidentiality, integrity, availability,
personal health information of patients. The high cost of non-repudiation, protection of patient medical information, and
building and maintaining Electronic Health Record (EHR) privacy as in [1]. These researchers have introduced a secure
systems leads health organizations to migrating to cloud or EHR system, which meets the requirements of the Health
outsourcing services from cloud health service providers such Insurance Portability and Accountability Act [3]. Similarly, [4]
as Google Health. Due to the benefit of multiple deployments introduce a user-friendly framework for health providers, which
model in hybrid cloud, increased the interest of health industries help to secure electronic health record access using hybrid
to host their EHR application toward in hybrid infrastructures. cloud. In this framework, authors ensure fine grained access
This development has heightened the problem of security and control by implementing strong authentication and efficient
privacy in terms of access of EHRs. To overcome the encryption algorithms.
challenges created by the inclusion of cloud computing, and to
ensure the medical data, it is crucial to have a fine grained B. Survey of Mobile EHR Cloud Architecture
access control method and an effective authentication scheme. Several researchers have also concentrated on developing the
To achieve this and maintain security of sensitive information,
architecture for mobile health cloud and have presented a
encryption is the most suitable method.
detailed survey of the problems caused by mobile computing.
The aim of this project is to propose a hybrid solution for [5], propose a mobile health application by integrating
sharing EHRs in a hybrid cloud environment by preserving cryptography, mobile application, and Role Based Access
security and privacy. To achieve fine grained access control for control in hybrid cloud. This system helps to speed up and
EHRs, we innovatively combine two Attribute Based improve medical services by means of providing security and
Encryption (ABE) techniques to encrypt each patient’s EHR privacy. [6], implement an Open SOA web platform suitable for
file. The remainder of this paper is organized as follows: mobile health application. This system provides some features
Section 2 reviews relevant literature. Section 3 analyses the best such as secure online vital sign access of patients and gives
current solution, identifying limitations and mitigations and guidelines to patients based on those signs. Similarly, [7] have
discussing the proposed system. Implementation details for the presented a detailed survey of security requirements while

978-1-5090-6325-3/17 $31.00 © 2017 IEEE 185

DOI 10.1109/MobileCloud.2017.38
migrating an electronic health system to an IaaS (Infrastructure Quasi-Identifiers, Plain text medical information and Explicit
as a Service) cloud environment, its mechanism, major Identifiers. After partitioning the original EMR file, the current
challenges and the solutions. They have explained some of the solution encrypts Quai-identifiers and Explicit identifiers
basic challenges of weak security such as dependency, cost, published in hybrid cloud using Advanced Encryption Method
integrity, availability, scalability and regulatory complaints. (AES) along with plaintext for medical information. The
For this protocol, the authors conduct a survey of secure data limitation of this component is that it uses Advanced
deletion techniques, and provide classification of secure data Encryption method (AES) as an encryption process. To assure
deletion techniques [8]. A different approach was taken by [9] the privacy of medical data and provide secure access using
who analyzed a procedure for migration of Personal health hybrid cloud, it is crucial to have a fine grained access control
information systems to a cloud environment. Even though method and an effective authentication scheme. One encryption
methods that is most suitable for the security of sensitive
various secure electronic health cloud solutions has been
information.is Advanced Encryption Standards (AES) with
surveyed, the authors however have not recommended an
proven proficiency in protection. However, its major drawback
effective system in terms of high security and privacy and is in privacy protection and processing time [16]. In addition,
minimal cost. although AES needs less computation time for small amounts
C. Maintain security using Efficient Encryption Algorithm. of data processing, when the size of the data grows,
computation time increases rapidly [16]. Moreover, the
The privacy and security of health record access depends to a implementation result of the current solution shows that it is
significant extent upon the efficiency of encryption algorithms inefficient for medical data sharing and access by concurrent
and authentication methods. Researchers in this field have users. Also a traditional authentication method is used to
proposed and implemented numerous solutions by integrating authenticate the recipient in the current solution. The current
encryption algorithms and different authentication standards. solution with its limitation and its possible mitigations is shown
[10] , have carried out a detailed analysis of different encryption in figure 1.
methods used in EHR systems. Some, such as, [11], focus on IV. PROPOSED SECURITY AND PRIVACY PRESERVED
how to enhance security and access control of existing ELECTRONIC HEALTH RECORD ACCESS USING HYBRID CLOUD.
solutions. They propose a hybrid solution by combining
efficient encryption algorithms such as Advanced Encryption The proposed model focuses on the security and privacy of
Standard (AES) and Multi Authority Attribute Based access to medical records using hybrid cloud. To overcome the
Encryption (MA-ABE) schemes. Likewise, [12] propose a limitations of the current system, a Hybrid Secure and Scalable
system that provides high security and integrity by encrypting Electronic Health Record Sharing (HSS-EHRS) system is
health records using Attribute Based Encryption techniques. proposed. The main idea behind our proposed framework is to
Some researchers focus on how to secure the shared data stored provide solutions for secure, scalable and privacy preserving
in the cloud from public verifiers [13]. They have proposed a EHR data access in Hybrid Cloud. For this, we divide the
privacy protection method named Oruta, which is based on a system into two security domains namely Public Domains
ring signature, a computational and authentication process for (PUD) and Personal Domains (PSD) based on the data access
auditing cloud data without retrieving entire data sets. [14], requirements of recipients. The recipients in PUDs can access
have implemented an effective and secure health record access the EHR data based on their professional role such as Doctors,
system by integrating an Attribute based encryption (ABE) Nurses, Insurance Executives, etc... . In the case of PSD, users
scheme with a Binary search tree method. By using the are personally related to the data owners, such as family
efficiency of Cipher Policy Attribute based encryption, authors members or friends. In both domains, we use the Attribute
can ensure the security and privacy of stored EHRs in hybrid Based Encryption (ABE) Scheme. In the Public Domain, the
cloud. In the same way, [15] have introduced a heterogeneity- Multi Authority ABE scheme is used for multiple “Attribute
aware dynamic capacity system named Harmony that Authorities” (AAs). In the case of Public Domain users, they
minimizes scheduling delays and optimizes energy savings in can obtain their secret keys from Attribute Authorities and not
cloud data centers. But the authors have stated that the study of directly from EHR owners. A Key Policy Attribute Based
heterogeneity of workloads and physical machines still needs to Encryption (KP-ABE) method is used to encrypt and manage
be more fully researched and implemented. the secret key for Personal Domains (PSDs). In the proposed
HSS-EHRS system, we improve the security and fine grained
III. CURRENT SOLUTION OF ELECTRONIC HEALTH RECORD access control mechanisms of the current system. To overcome
(EHR) IN HYBRID CLOUD WITH LIMITATION limitations in the current best solution, two efficient encryption
The current solution for EHRs in Hybrid Cloud is based on methods are combined \for fine grained access control and
a practical solution by combining the statistical and crypto protection of data privacy. Multi-authority and key-based
graphical technology for sharing medical data in hybrid cloud. encryption schemes are used for the encryption of the Quasi
The current system describes the detailed implementation of its Identifiers and Explicit Identifiers after vertical partitioning
components such as Vertical data partition, Data merging and method. Figure 2 describes the block diagram of the proposed
Integrity assurance. Among those components, the Vertical data system.
partitioning method may be considered one of the most In the proposed system, the data owners partition the EHR file
important features similar to privacy preserved data publishing. into three tables such as quasi identifiers, Explicit Identifiers
In Vertical partitioning the original EMR file is partitioned into and a Medical Information table using a vertical data

partitioning method. Quasi Identifier and Explicit Identifier Health Records. The policy can be developed based on the
tables are encrypted using a Key Policy Attribute Based recommended settings by the access policy system. The data
Encryption method and the access policy is encrypted using recipients in both PUDs and PSDs can access medical
Multi Authority Attribute Based Encryption. Then, the medical information based on the dataset level. With the authorization
information table along with those encrypted tables is published of EHR owners, they can directly access plaintext medical
in hybrid cloud. The key policy based encryption scheme records. Based on levels of authentication, recipients can merge
eliminates the user revocation problem in the current system. medical information with quasi identifiers or explicit identifiers
Also implementing the MA-ABE scheme helps to increase the or both using Data merging components.
scalability and provide fine grained access control to Electronic

Fig. 1. Current system for Electronic Health Record in the Hybrid cloud

Fig. 2. Proposed System for Secure and Privacy Medical Data Access from Hybrid Cloud

Algorithm : Electronic Health Record (EHR) Encryption Windows azure Cloud and leveraged a Cloud web service
Algorithm. Azure SQL database and Virtual Machines. The
INPUT : Electronic Health Record File (D); (D) = { D1,D2…..Dn}. implementation of our HSS-EHRS mainly covers two phases.
Personal Domain Attribute Set (PSD);
PSD = {Apsd1,Apsd2,…….,Apsdn}, where A is attribute value In the first case, an Attribute Based Encryption Scheme such
of personal recipient. as KP-ABE and MA-ABE is used for encrypting the EHR file
Public Domain Attribute set (PUD ); PUD = {A pud1, and fine grained access control. By using this encryption
Apud2,……,Apudn}. method, we achieved a reduction in encryption time in the
OUTPUT : Encrypted File (De); De = { De1,De2,…Den}
with attributes of EID and QID. proposed HSS-EHRS system. Also, we analyzed the Average
Plaintext (Dp); Dp = {Dp1, Dp2, ….Dpn) with attributes of medical Response Time of HTTP requests to concurrent users in
information. Windows Azure cloud. The important elements of the
Anonymized table (Da); Da = { Da1,Da2,……Dan} with attributes of QID. detailed design are Attribute Classification of EMR and Key
Initials: The original Electronic Health Record (D), Quasi Identifiers Distribution.
(QID), Medical Information (MI), Explicit Identifiers (EID).
Assign NULL to both Da and De; VI. RESULT AND DISCUSSION
Step 1: Input D,PUD and PSD; A. Efficiency Based on Encryption time.
Step 2: Encrypt QID and EID by extracting them from D;
For each i=1 and less than or equal to end of the record, n, The result of the experiment on EHR encryption is shown in
Repeat step 3 to 8 until end of the file reached. table 1. For encryption, both current and proposed systems
Step 3: For each Aj element of EID U QID only attribute values of Explicit Identifiers (EID) and Quasi
Step 4: Dei(Aj)= E(KP-ABE)[ Di(Aj)] Using PSD attribute set. Identifiers (QID) are encrypted as cipher text. We conducted
Dei(Ak)= E(MA-ABE)[Dk(Aj)] Using PUD attribute set.
Step 5: Extract MI from D and store in Dp, as plaintext. the experiment with different sizes of EHR. Here, for the
For each Aj element of MI current system, the data is encrypted using an Advanced
Dpi(Aj)= Di(Aj). Encryption Standard (AES) method with key length 128. In
Step 6: Increment the value of i. the proposed system, the attribute values are encrypted using
Step 7: Process the K-anonymization Partition for extracting QID from
D. an Attribute based encryption method. In the private domain,
Step 8: For I =1 and less than or equal to end of the record, repeat the a Key policy Attribute based encryption is used and in the
until end of the file reached. public domain a Multi–Authority attribute based encryption
Step 9: For each Aj belong to QID method is used. The encryption time of the current and
Dai(Aj) = Range (Ek), where di belongs to Ek.
Step 10: Store Output Da,Dp and De separately in Hybrid cloud proposed system is shown in table 1, below. The proposed
Step 11: END. system encryption time is based on the parameters,
exponential time for private domain Exp1=6.4ms and ExpT
=0.6ms for public domain and pairing time =2.5 ms. In the
In the current solution, after partitioning the EMR file, case of the current system, the encryption time and security
encryption of Quasi identifiers and Explicit Identifiers takes is based on the key length and the number of pairings. To
place using an AES encryption method and the key is carry out this experiment, we implemented both current and
encrypted using an RSA encryption method. In the proposed proposed encryption techniques in java programming
algorithm, the explicit identifiers and Quasi-identifiers are language.
encrypted under a certain fine grained and role based access
policy for users from Public Domains (PUDs) and Personal B. Average Response Time of HTTP request to concurrent
Domains (PSDs). In step 4, the data owner encrypts QID and users in Windows Azure cloud.
EID using a KP-ABE encryption method with a PSD attribute The following table 2 shows the measurements of the
set and a role based file access policy under an MA-ABE Average Response Time for a HTTP request for different
encryption method with PUD attributes. In the Personal group sizes of users in private and public domains. For this
Domain, a data owner gives access to EHR files to selected experiment, we deployed our proposed system in Windows
users, such as family member or close friends. The privileged Azure Cloud and leveraged Cloud web services, Azure SQL
access of different PSD users is different based on databases and Virtual machines. In the initial stage of this
relationship. The advantage of the proposed algorithm over experiment, we allocated sufficient SQL database and
current solutions is that a Multi domain and multi authority Virtualized Web service in the server for handling any service
framework helps data owners key escrow problems, while request. On the user side, concurrent users access the system
public users only need to contact the Attribute Authority for using different workload generation tools. Here, Apache
a security key which reduces the overload for the Data owner. JMeter, workload generation tool is used for simulating 20
In the current solution, traditional method is used for user different groups of concurrent users from private and public
verification, while in the proposed system using security domains. This helps to evaluate the scalability of our
domains so the recipient verification is easier. proposed system hosted in Windows Azure Cloud. From
table 4, it is clear that our proposed system with Windows
Azure Cloud configuration provides the best Quality service
The implementation of the HSS-EHRS system is based on in terms of response time for HTTP requests for web service
Windows Azure Cloud. We deployed our proposed system in and query processing.

TABLE I. ENCRYPTION TIME FOR CURRENT AND PROPOSED SYSTEM In contrast to the current system, the proposed system
guaranties a unified security framework for EHR sharing in
No.of Encryption multi-domain with multiple users. This framework provides
Input: EHR Attribut Time(ms) the facility of accessing EHR in public and personal domain
Type Size(Mb) es Proposed Current
system solution
with a strong access control mechanism. The proposed
[2] system provides the facility to users to choose their own
.doc 1 30 1593 4126.8 access policy for each EHR system. In our novel framework
.txt 5 35 4403.4 18378.4 we utilize the advantage of ABE scheme for EHR encryption,
.xlsx 10 40 5237.9 19671.9
so that data owners can allow access EHR by personal users
.Xlsx 20 45 6994.7 21899.3
.txt 50 50 8750.4 24470.7 as well as users from public domains with different roles.
.txt 70 55 10506.5 27442.4
.txt 100 60 12261.3 29906.6
.txt 150 65 15752.9 35441.3 The maintenance of EHRs in the cloud is an emerging field
.doc 200 70 17338.7 41198.9
in IT. However, there are concerns in terms of security and
.doc 250 75 19093.5 46150.2
.doc 300 80 21028.1 50423.8 privacy of data during storage and access. A significant
.doc 350 85 22717.6 55785.4 number of researchers have identified and implemented a
.txt 400 90 24474.5 59653.2 variety of security and privacy schemes. Yet, existing
.txt 450 95 26230.2 64867.1 methods often do not provide high degrees of security and
.txt 500 100 28167.3 68247.2 privacy of data in hybrid cloud.
.txt 550 105 29852.5 73112.8
.txt 600 110 31608.4 77599.5
In this paper, we propose a Hybrid Secure and Scalable
.doc 650 115 32962.8 85743.2 Electronic Health Record Sharing (HSS-EHRS) system,
.doc 700 120 35297.5 91870.5 whereby two cryptographic methods are utilized for
.doc 750 125 37904.7 95976.9 providing a flexible, secure and fine grained access to EHR
TABLE II. ENCRYPTION TIME FOR CURRENT AND PROPOSED SYSTEM files in hybrid cloud. The proposed framework divides the
system into two security domains and utilizes an ABE
Average response time of HTTP request (MS) encryption scheme to encrypt the EHR files. The proposed
Proposed Current solution [2] system proved its efficiency based on encryption time and
of Users
1 120 133
concurrent recipient data access and sharing. The enhanced
6 135 139 MA-ABE encryption scheme is capable of handling on
12 153 157 demand recipient data access and providing high levels of
18 172 177 security.
22 190 198
25 195 201 REFERENCES
30 202 205
32 216 223
38 224 230 [1] Y. Chen, J. Lu and J. Jan, "A Secure EHR System Based on Hybrid
40 235 241 Clouds," Journal of Medical System, vol. 36, no. 5, p. 3375–3384,
2014. J. Clerk Maxwell, A Treatise on Electricity and Magnetism, 3rd
46 242 252
ed., vol. 2. Oxford: Clarendon, 1892, pp.68-73.
52 255 260
58 263 273 [2] J. J. Yang, J. Li and Y. Niu, "A Hybrid solution for privacy preserving
64 274 284 medical data sharing in cloud computing.," Future Generation
computer systems, vol. 43, no. 44, pp. 74-86, 2015.
72 286 295
80 297 309 [3] HIPPA, "104th United States Congress, Health Insurance Portability
85 312 319 and Accountability Act of 1996 (HIPPA) 1996.," 1996. [Online].
Available: http://aspe.hhs.gov/admnsimp/pl104191.htm.
94 321 332
98 336 349 [4] B. Coats and S. Acharya. S, "Bridging Electronic Health Record
110 353 366 Access to the Cloud.," IEEE 47th Hawaii International Conference on
System Science., pp. 2948-2957., 2014.
[5] K. Nagaty, "Mobile Health Care on a Secured Hybrid Cloud.," Cyber
In the proposed algorithm aspect, each patient (data owner) Journals, vol. 4, no. 2, 2014.
uses KP-ABE scheme for setup, key generation and [6] J. Meyer, "Open SOA Health Web Platform for Mobile Medical Apps:
revocation. In the case of encryption we use both KP-ABE Connecting Securely Mobile Devices with Distributed Electronic
Health Records and Medical Systems," IEEE, pp. 1-6, 2014.
and MA-ABE method, which guarantees confidentiality of
[7] A. Michalas, N. Paladi and C. Gehrmann, "Security Aspects of e-
Electronic Health Records against unauthorized access Health Systems Migration to the Cloud," IEEE 16th International
including curious cloud service providers. Also it helps to Conference on e-Health Networking, pp. 212-218, 2014.
maintain the collusion resistance. The decryption operation [8] J. Reardon, D. Basin and S. Capkun, "“Sok: Secure data deletion,” in
in our proposed system is quiet fast, because it includes only SecurityandPrivacy(SP)," IEEESymposiumon, pp. 301-315, 2013.
(Apud)+1 pairing operations. All operations including [9] H. Aljafera, Z. Malika and M. Alodibb, "A brief overview and an
encryption and decryption time, cost of key generation are experimental evaluation of data confidentiality measures on the cloud,"
Journal of Innovation in Digital Ecosystems, vol. 1, no. 1-2, pp. 1-11,
linear to the number of attributes. For 10 attribute, it takes December 2014.
only less than 500ms.

[10] S. Lu, R. Ranjan and P. Strazdins, "Reporting an experience on design
and implementation of e-Health systems on Azure cloud.," CSIRO
Computational Informatics., vol. 27, no. 10, pp. 2602-2615., 2015.
[11] M. N. Shrestha, A. Alsadoon, C. P. Prasad and Houran, "Enhanced e-
Health Framework for Security and Privacy in Healthcare.," IEEE, pp.
75-79., 2016.
[12] S. Suresh, "Highly Secured Cloud Based Personal Health Record
Model.," International Conference on Green Engineering and
Technologies (IC-GET), pp. 1-4, 2015.
[13] B. Wang, . B. Li and H. Li, "Oruta: Privacy-Preserving Public Auditing
for Shared Data in the Cloud," IEEE 5th International Conference, pp.
295-302., 2012.
[14] Z. Liu, J. Weng, J. Li, J. Yang, C. Fu and C. Jia, "Cloud-based
electronic health record system supporting fuzzy keyword search," Soft
Computing, vol. 20, no. 8, p. 3243–3255, 2016.
[15] Q. Zhang, M. F. Zhani, R. Boutaba and J. L. Heller, "Harmony:
Dynamic Heterogeneity-Aware Resource Provisioning in the Cloud,"
IEEE 33rd International Conference, pp. 510-519., 2013