Vol 7, No 8 (2017)

(1)

Research Article

a

August

2017

Computer Science and Software Engineering

ISSN: 2277-128X (Volume-7, Issue-8)

An Enhanced Methodology to Protect the Patient Healthcare

Records Using Multi-Cloud Approach

R. Josephius Arunkumar, R. Anbuselvi

PG Dept. of Computer Science, Bishop Heber College, Trichy, Tamil Nadu, India

DOI: 10.23956/ijarcsse/V7I8/0148

Abstract—Now-a-days, most hospitals and medical centers is to manage huge volume of patient’s medical records into database. It is essential to collect and access this information everywhere, to increase productivity and improve quality of health cares. Need to access electronic health information across the world and improve the quality of healthcare to patients will highlight importance of using cloud computing architecture in this area. But, despite the benefits of cloud computing applications for health care, the security challenges of cloud should be addressed. In this paper, we introduce and describe a new proposed model called Electronic Health Record with Multi-Clouds Databases. This model will ensure the privacy of persons in a network and multi-cloud environment using cryptographic algorithm and distributed storage. This model is able to store any type of data such as number, string, image, etc. in a cloud environment. The Electronic Health Record with Multi-Clouds Database prevent from illegal intrusion and access to data in cloud environment and provide services such as data integrity, confidentiality and permanent availability of data in a safe and secure way. The evaluation results of proposed method show that despite increasing time of information storage and retrieval and System overhead

Keywords— Cloud Computing, Electronic Health Records, Multi-Clouds, Privacy.

I. INTRODUCTION

Cloud computing is a technology used to provide a service to users and allows them to access the technology-based services in the Internet without specific information about this technology. With the advancement of information technology most of the hospitals and health centers use software systems to register electronic patient’s medical records [2] [10]. There is a need for systematic and constant innovation for cost effectiveness and efficiency of health services and provides high quality services to patients. Many managers and experts predict that cloud computing can decrease cost of installing electronic health record systems [3].Although the benefits of cloud computing applications for health care health care, there are security challenges in the cloud systems especially public cloud systems that must be addressed which its infrastructure and computational resources are offered to Public access by a third party . In this regard, one of most important issues is privacy of patients that occurs in cloud architecture for data outsourcing. In this paper, we try to enhance the security and privacy of patients by using multi-cloud method and division of critical data on them.

A. Basic Definitions 1) EHR

E-Health is a new field between medical informatics, public health and business that consider serving, distribution of Health and medical information via the Internet or related technologies [11]. Electronic Health Record includes systematic collection of Electronic records of individual health information at different periods. It contains medicinal problems, illnesses reports, vital signs, disease history, laboratory data and radiology reports. Quality of diagnosis and treatment of health care is highly dependent on the data about patient’s condition. These records were usually stored locally within a certain collection and can be used [5]. Today, most hospitals and medical centers have a database to manage their patients’ medical records but it is necessary to collect and access these information everywhere, to increase productivity and improve quality of health care’s [2].

2) Privacy

The same features that were considered as strengths of electronic registration of medical record create health information privacy concern [6]. The thread that information is kept out of the medical centers, as well as they are available everywhere, creates the problem of privacy and security of critical data. The three basic objectives of Electronic Health Record systems are seems essential: confidentiality, integrity and availability [5]. Health information privacy and security are always major concern for public, patients and health service providers [6]. Concerning protection of individual privacy in relation to electronic medical records, using aliases and Being unknown are the most common Protective measures [12]. Confidentiality and integration between the patient and his medical records are the ways for Anonymity individual health information.

II. CHALLENGES IN CLOUD COMPUTING

(2)

ISSN(E): 2277-128X, ISSN(P): 2277-6451, DOI: 10.23956/ijarcsse/V7I8/0148, pp. 239-244

attention of many organizations, but the aspect that makes many organizations to retreat against this technology is How to secure data in the cloud and ensure the safety of environment. Outsourcing data and applications, sharing, multitenancy, virtualization, identification and authentication of users create challenges in cloud computing [5]. Data on the cloud consist of less critical public data, private and highly sensitive information such as social security numbers, medical records, or essential shipping information. Furthermore, identification of providers who are vulnerable can be a good target for hacker’s attacks. In addition, issues such as service availability and data transfer from one place to another (due to lack of resources caused by many customers’ requests) can be considered as cloud computing challenges [1].

III. CLOUD COMPUTING SECURITY

The Data generated by various people and institutionshas been increasing rapidly and management of these data by the cloud will bring flexibility and economic saving [10]. To protect information privacy and fight against unwanted access in the cloud, the owners of data before outsourcing sensitive data encrypt them. To ensure confidentiality, integrity and availability of data, service providers of storage resources should contain at least the following capabilities:

• Stored data encryption schema

• Access control to prevent unauthorized access • Data backup plan

• Secure storage of data on backup media

In this work, we proposed a model based on multi-cloud databasesto enhance the security of the stored data in the clouds. The main purpose of the proposed model is to avoid malicious risk in the clouds and to prevent cloud services failure and security risks such as data integrity, data intrusion and service availability. In the multi-cloud model, data distribution depends on the number of providers and the confidential data sharing is a major factor in this approach. In this paper, we try to share and distribute important data in medical records in order to maintain and ensure the privacy of individuals.

IV. LITERATURE REVIEW

In the past more research has been conducted into single clouds than into multi-clouds. Multi–clouds can address the security issues that relate to data integrity, data intrusion, and service availability in multi-clouds. Inaddition, most of the research has focused on providing secure “cloud storage” [13]. Therefore, providing a cloud database system, instead of normal cloud storage, is a significant goal in order to run queries and deal with databases; in other words, to profit from a database-as-a-service facility in a cloud computingenvironment.Privacy and security for cloud storage are generally a wide area of research. Numerous academic interrogations have been conducted to identify the potential security issues about this subject. It is important to note that sharing files over cloud platform possess numerous vulnerabilities that can lead to unauthorized access. The attackers of cloud have varied intensions or goals which leads to the poor image of the cloud providers once the goal is achieved.

Benjamin Fabian et. al [2], proposed an architecture for sharing health care records in multi-cloud storage using Attribute Based Encryption (ABE) and cryptographic secret sharing. Multi-Cloud proxy splits the encrypted record and stores it in the Multi-Cloud. The main disadvantage in this methods are group sharing requires huge computation and long waiting time. Since the CP-ABE is provided by third party malicious insider may have easy access to the data. File size more than 50 MBs increase the customer’s waiting time. The experiments are performed using a highly configured machine hence it is cost consuming in real time. Malicious files are also easily uploaded by the third party authority or role based managers to corrupt the entire scheme. All the tasks are not automated i.e to upload a file client must create a signed medical record using CP-ABE Scheme. Cloud provider’s splits the data and transfers data from multi-cloud proxy to cloud data sources.

Balasaraswathiet. al [3],proposed an enhanced secure data sharing in the multi-cloud storagearchitecture with an Advanced Encryption Standard Algorithm (AES) which seeks to provide better cloud storage decision making for the customers. But insider attacks, colluding attacks, data integrity, data intruder and malicious files have not been focused.

Mazhar Ali et. al [4] , introduced a Secure Data Sharing in Clouds methodology which uses third party server to store a part of the encryption key and other part is maintained by the user. If the revoked user and third party server colludes data can be retrieved from the cloud. Similarly if the malicious cloud admin and third party server colludes data can be retrieved. This method uses single cloud storage and hence centralized distribution of sensitive data is not recommended for the customers. Larger files of 100 MB reduce the performance of this method and makes customer to wait for a longer time since uploading and encryption process are done consecutively.

Wang Liang-lianget. al [5],proposed a proxy re-encryption scheme for secure data sharing in cloud but private key gets fully exposed when revoked user and proxy colludes. In addition the entire file is stored in single cloud storage which has low security and efficiency. The reconstruction of data from multi-cloud requires an effective procedure to merge all the files without changing the meaningful information.

(3)

ShunganZhou et.al [7],proposed Secure Scalable and Efficient Multi-owner data sharing scheme. This scheme integrates Identity Based Encryption and asymmetric group agreement to enable group-oriented access control for data owners in a many-to-many sharing pattern. However the key generation process is carried out by the third party as a separate process and encryption and decryption process is carried out as another process which is burden to the data owner to wait for the completion of the whole process. Malicious files protection has not been guaranteed. Centralized distribution of data storage has not been much promising to the customers to share their data. Identity based encryption supports only small data of 50MB. Key escrow problem arises in Identity based scheme.

IbrahimAbdullahAlthamaryet. al [8] , introduced a secure file sharing in multi-cloud using Shamir’s secret sharing scheme and base 64 encoding in their algorithm. Malicious insider’s attacks have been prevented by this scheme. However, indexing of files has not been used so that in the retrieval process receiver has to select all the shares to encode and reconstruct the file which is burden to the receiver. In addition malicious files are not prevented and automation of all the tasks in this scheme has not been focused which reduces the overall efficiency of this scheme. Many similar approaches has been proposed but failed to implement an effective architecture and working procedure for the secure data sharing using the Multi Cloud storage providers. The existing above approaches does not guarantee the automation of file slicing, encryption, decryption and retrieval process. Existing research also does not focus on the merging file conflicts in the retrieval process, malicious files, colluding provider attacks, insider attacks, removal of centralized distribution of data and key management while sharing the data in Multi-Cloud Storage. Similarly all the existing architectures of single cloud storage and Multi-Cloud Storage follows the same pattern that is file uploading, encryption and slicing without index. If an encryption process is done before slicing very large files or video files cannot be uploaded securely and in addition it may also result to wait the customer for a longer time. Malicious files can also be easily uploaded which causes damages to the multi cloud server in the existing approaches.

Safaa Salam Hatem et. al [9],in this work Malicious files are detected in providers environment or by using third parties only after damage is caused. The proposed model is designed in such a way when the malicious files gets uploaded it first affects the owner’s machine. In order to address the above challenges this paper presents an effective architecture framework with a standard algorithm which would enable to enhance the secure data sharing through index based cryptographic data slicing and retrieval of file without file merging conflicts from the Multi Cloud storage. It also ensures the protection of data from malicious insiders and malicious files while uploading the file.

V. PROPOSED MODEL

In Existing method there is no solution for cloud failure and there may be chances of data lost due to any one cloud failure. In the proposed system we take care for cloud failure which prevents data lost. We propose privacy and security to cloud users with less computation cost and minimum time. By using the Multi-Cloud architecture we propose a two layer encryption and decryption method which provides double security to cloud users’ data. So this method provides high privacy and double security to users. The proposed model will ensure privacy in a multi-cloud environment, using the encryption algorithm and distributed storage. This model is able to store any type of data such as number, string, image, etc. in a cloud environment. the Electronic Health Record Multi-Cloud Data Base prevent from illegal intrusion and access to data in cloud environment and provide services such as data integrity, confidentiality and permanent availability of data in a safe and secure way.

A. Overview of the Proposed Model

The idea of reducing the risk for data and applications in a public cloud is the simultaneous usage of multiple clouds. Several approaches employing this paradigm have been proposed recently.They differ in partitioning and distribution patterns, technologies, cryptographic methods, and targeted scenarios as well as security levels. This paper is an extension of different securities by Multi-Cloud adoption approaches. It provides four distinct models in form of abstracted multicloud architectures. These developed multicloud architectures allow to categorize the available schemes and to analyze them according to their security benefits. An assessment of the different methods with regards to legal aspects and compliance implications is given in particular. We propose privacy and security to cloud users with less computation cost and minimum time. By using that Multicloud architecture we propose a two layer encryption and decryption method which provides double security to cloud user’s data. We propose Attribute based encryption to provide security to cloud user’s data. In Existing method there is no solution for cloud failure and there may be chances of data lost due to any one cloud failure. In propose system we take care for cloud failure which prevents data lost. So this method provides high privacy and double security to users.

(4)

Fig. 1Overview of Proposed Model

In this proposed model, we first determine that what kind of information is highly sensitive and they need protection because many data in electronic health records are worthless without availability of this sensitive information. For example, consider two different data tables that are used for the storing patient’s personal information and the drugs consumed by them, without personal information, consumed drugs information will not have much value for attackers and will not lead to disclosure of private information of patients. In the next step, sensitive data encrypt with DES asymmetric encryption algorithm. The key of this encryption is combination of social security number and patient’s ID in the system. After that, the encrypted data should be stored in the clouds. For this reason the length of encrypted data divided by the number of clouds. Each episode will be stored separatelyin single cloud. This will increase the amount of computation and somewhat will reduce the rate of Information storage and retrieval. Thus, we will make sure that if there was an illegal intrusion in one of the clouds, there will be no possibility to retrieve the entire data because each cloud contains part of original data. For instance, suppose we have four cloud service providers in our system, If the original data is “Cloud” and after encryption converted to “F@P&%h{9”, this data will be store in the clouds according to Table I.

Table I Encrypted Data Storage in the Cloud Servers

S.No. Cloud Service Provider Stored Data

1 CSP-1 F@

2 CSP-2 P€

3 CSP-3 %H

4 CSP -4 {9

(5)

Fig. 2 Architecture Of The Proposed System

B. The advantages of Proposed Model

As mentioned in the previous section, in this model the reliability of data is well-maintained. If a hacker tries to access the users privacy information, unlike the single cloud method in which the intrusion causes to access to all of information, he or she requires to penetrate to all cloud servers. Even in this case only encrypted data will be found and decryption of it requires access to the encryption key. Therefore, in this model the information recovery for unauthorized person would be very complicated or even impossible. Another advantage is that this model provides privacy by encrypting sensitive data. Therefore, without having these data, other information has no concept and value. On the other hand, Given that any cloud server in this model has a separate backup server, when the main server fails, the risk of failure in store and retrieval of data process will be disappeared. Consequently, this model always has the ability to service.

VI. CONCLUSION

This proposed work is carried out to design single and multi-cloud using secret key sharing algorithm which will result in deduction of the cost for the physical infrastructure, reducing the cost entry and execution as well as the response time for various associated applications. This paper introduces and describe a new proposed mode called Electronic Health Record with Multi-Clouds Databases. This model will ensure the privacy of persons in a network and multi-cloud environment using cryptographic algorithm and distributed storage. In the proposed model, we first determine that what kind of information is highly sensitive and they need protection because many data in electronic health records are worthless without availability of this sensitive information. The evaluation results of proposed model show that despite increasing time of information storage and retrieval and System overhead. Also comparing the proposed model with data distribution method on different servers shows that it is improved almost about 10% compared to the same multi-cloud model.

REFERENCES

[1] Zaigham Mahmood, “Data Location and Security Issues in Cloud Computing”, Proceedings of the 2011 International Conference on Emerging Intelligent Data and Web Technologies, pp. 49-54, Tirana, Albania, September 2011.

[2] Benjamin Fabian, Tatiana Ermakova and Philipp Junghanns, “Collaborative and secure sharing of healthcare

data in multi-clouds”, Information Systems, Volume 48 Issue C, 2015,pp 132-150.

[3] Balasaraswathi, V. R., and Manikandan, S. , “Enhanced security for multi-cloud storage using cryptographic data splitting with dynamic approach”, In Advanced Communication, International Conference on Control and Computing Technologies (ICACCCT), 2014 on (pp. 1190-1194). IEEE.

[4] Mazhar Ali, RevathiDhamotharan, ErajKhan,SameeU.Khan,AthanasiosV.Vasilakos, KeqinLi and Albert.Y.Zomaya, “SeDaSC: Secure Data Sharing in Clouds”, Systems Journal, IEEE, volume :PP, Issue:99,2015,pp 1-10.

[5] Wang Liang,ChenKe-fei,Mao Xian-ping and Wang Yongtao , “Efficient and Provably-Secure Certificate less

Proxy Re-encryption Scheme for Secure Cloud Data Sharing”, Journal of Shanghai Jiaotong University ,Volume

19, issue 4,2014, pp 398-405.

(6)

[7] ShunganZhou,RuiyingDu,JingChen,HuaDeng,JianShen and Huanguo Zhang , “SSEM: Secure, Scalable and

Efficient multi-owner data sharing in clouds”, China Communications IEEE ,Volume 13,issue 8, 2016,pp

231-243.

[8] IbrahimAbdullah Althamary, TalalMousa and Alkharobi , “Secure File Sharing in Multi-Cloud using Shamir’s

Secret Sharing Scheme”, Transactions on Network and communications Vol 4 issue 6, 2016,pp53-67.

[9] Safaa Salam Hatem, MagedH.Wafy,Mahmoud , “Malware Detection in cloud Computing”,,InternationalJourna of Advanced Science and Computer Science Applications,Vol 5 No 2014.

[10] M. AlZain, E. Pardede, B. Soh and J. Thom, “Cloud Computing Security: From Single to Multi-clouds”, Proceedings of (HICSS), IEEE, pp. 5490–5499, Hawaii, 2012.

[11] HsunChuang ,Syuan-Hao Li , Kuan-Chieh Huang andYau-Hwang Kuo, “An Effective Privacy Protection

Scheme for Cloud Computing”, Proceedings of the 2011 13th International Conference on Advanced

Communication Technology (ICACT), pp. 260 - 265, Seoul , Feb 2011.

[12] Uma Somani, Kanika Lakhani and Manish Mundra, “Implementing Digital Signature with RSA Encryption Algorithm to Enhance the Data Security of Cloud in Cloud Computing”, Proceedings of the 2010 1st International Conference on Parallel, Distributed and Grid Computing (PDGC - 2010), pp. 211-216, Solan, India, Oct 2010.

[13] Jun Feng, Yu Chen, Wei-Shinn Ku and Zhou Su, “D-DOG: Securing Sensitive Data in Distributed Storage

Space by Data Division and Out-of-order keystream Generation”, Proceedings of the 2010 IEEE International