Abstract
The popularity and large-scale adoption of cloud computing have accelerated the development of e-healthcare systems. Outsourcing electronic health records (EHRs) demands the assurance of search privacy, given that data and its access are not in control of the EHR owner. Here, we adopted a different approach to the problem of access privacy in EHRs by addressing the problem of information leakage based on revealing access patterns in semi-trusted cloud servers. In this paper, we proposed a dynamic data structure called a Root table (R-table) to create a storage index, which ensures access privacy while querying the outsourced database. The objective of R-table is to hide access pattern from a honest-but-curious server. R-table is an adaptation of dynamic arrays and randomized binary search trees, which randomly shuffle locations of data blocks following each access. This model provides access privacy with minimum communication and storage overhead and enables the EHR owner to perform a private read or write without revealing the type of operation and target data fragment processed. The results of our experiments showed limited performance overhead, indicating that R-table is suitable for practical use.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mell, P., Grance, T.: The NIST definition of cloud computing (2011)
Fernández-Alemán, J.L., Señor, I.C., Lozoya, P.Á.O., Toval, A.: Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inform. 46(3), 541–562 (2013)
Sajid, A., Abbas, H.: Data privacy in cloud-assisted healthcare systems: state of the art and future challenges. J. Med. Syst. 40(6), 1–16 (2016)
Latif, R., Abbas, H., Latif, S., Masood, A.: Distributed denial of service attack source detection using efficient traceback technique (ETT) in cloud-assisted healthcare environment. J. Med. Syst. 40(7), 1–13 (2016)
Sultan, N.: Making use of cloud computing for healthcare provision: opportunities and challenges. Int. J. Inf. Manag. 34(2), 177–184 (2014)
Zhou, J., Cao, Z., Dong, X., Vasilakos, A.V.: Security and privacy for cloud-based IoT: challenges. IEEE Commun. Mag. 55(1), 26–33 (2017)
di Vimercati, S.D.C., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Efficient and private access to outsourced data. In: 2011 31st International Conference on Distributed Computing Systems (ICDCS), pp. 710–719. IEEE (2011)
Miyaji, A., Nakasho, K., Nishida, S.: Privacy-preserving integration of medical data. J. Med. Syst. 41(3), 37 (2017)
Aikat, J., Akella, A., Chase, J.S., Juels, A., Reiter, M.K., Ristenpart, T., Sekar, V., Swift, M.: Rethinking security in the era of cloud computing. IEEE Secur. Priv. 15(3), 60–69 (2017)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings of the 36th Annual Symposium on Foundations of Computer Science, pp. 41–50. IEEE (1995)
Yekhanin, S.: Private information retrieval. Commun. ACM 53(4), 68–73 (2010)
Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with \(O((\text{ log }N)^{3})\) worst-case cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 197–214. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_11
Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Privacy-preserving group data access via stateless oblivious RAM simulation. In: Proceedings of the Twenty-Third Annual ACM-SIAM Symposium on Discrete Algorithms, pp. 157–167. Society for Industrial and Applied Mathematics (2012)
Tang, J., Cui, Y., Li, Q., Ren, K., Liu, J., Buyya, R.: Ensuring security and privacy preservation for cloud data services. ACM Comput. Surv. (CSUR) 49(1), 13 (2016)
di Vimercati, S.D.C., Foresti, S., Paraboschi, S., Pelosi, G., Samarati, P.: Shuffle index: efficient and private access to outsourced data. ACM Trans. Storage (TOS) 11(4), 19 (2015)
Martínez, C., Roura, S.: Randomized binary search trees. J. ACM (JACM) 45(2), 288–323 (1998)
AbuKhousa, E., Mohamed, N., Al-Jaroodi, J.: e-Health cloud: opportunities and challenges. Future Internet 4(3), 621–645 (2012)
Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: Proceedings of the 15th ACM conference on Computer and communications security, pp. 139–148. ACM (2008)
Yang, K., Zhang, J., Zhang, W., Qiao, D.: A light-weight solution to preservation of access pattern privacy in un-trusted clouds. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 528–547. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23822-2_29
Li, L., Datta, A.: Write-only oblivious RAM-based privacy-preserved access of outsourced data. Int. J. Inf. Secur. 16(1), 23–42 (2017)
Sahin, C., Magat, A., Zakhary, V., El Abbadi, A., Lin, H.R., Tessaro, S.: Understanding the security challenges of oblivious cloud storage with asynchronous accesses. In: 2017 IEEE 33rd International Conference on Data Engineering (ICDE), pp. 1377–1378. IEEE (2017)
Yang, J.-J., Li, J.-Q., Niu, Y.: A hybrid solution for privacy preserving medical data sharing in the cloud environment. Future Gener. Comput. Syst. 43, 74–86 (2015)
Guo, C., Zhuang, R., Jie, Y., Ren, Y., Wu, T., Choo, K.-K.R.: Fine-grained database field search using attribute-based encryption for e-Healthcare clouds. J. Med. Syst. 40(11), 235 (2016)
Drozdowicz, M., Ganzha, M., Paprzycki, M.: Semantically enriched data access policies in ehealth. J. Med. Syst. 40(11), 238 (2016)
Lin, H., Shao, J., Zhang, C., Fang, Y.: CAM: cloud-assisted privacy preserving mobile health monitoring. IEEE Trans. Inf. Forensics Secur. 8(6), 985–997 (2013)
Chen, Y.-C., Horng, G., Lin, Y.-J., Chen, K.-C.: Privacy preserving index for encrypted electronic medical records. J. Med. Syst. 37(6), 9992 (2013)
di Vimercati, S.D.C., Foresti, S., Moretti, R., Paraboschi, S., Pelosi, G., Samarati, P.: A dynamic tree-based data structure for access privacy in the cloud (2016)
Chen, Y., Sion, R.: On securing untrusted clouds with cryptography. In: Proceedings of the 9th Annual ACM Workshop on Privacy in the Electronic Society, pp. 109–114. ACM (2010)
Lichman, M.: UCI machine learning repository (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Smithamol, M.B., Sridhar, R. (2018). Root Table: Dynamic Indexing Scheme for Access Protection in e-Healthcare Cloud. In: Bhattacharyya, P., Sastry, H., Marriboyina, V., Sharma, R. (eds) Smart and Innovative Trends in Next Generation Computing Technologies. NGCT 2017. Communications in Computer and Information Science, vol 827. Springer, Singapore. https://doi.org/10.1007/978-981-10-8657-1_17
Download citation
DOI: https://doi.org/10.1007/978-981-10-8657-1_17
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-8656-4
Online ISBN: 978-981-10-8657-1
eBook Packages: Computer ScienceComputer Science (R0)