Skip to main content
SpringerLink
Log in

Secure search for encrypted personal health records from big data NoSQL databases in cloud

  • Published:
Computing Aims and scope Submit manuscript

Abstract

As the healthcare industry adopts the use of cloud to store personal health record (PHR), there is a need to ensure that we maintain the ability to perform efficient search on encrypted data (stored in the cloud). In this paper, we propose a secure searchable encryption scheme, which is designed to search on encrypted personal health records from a NoSQL database in semi-trusted cloud servers. The proposed scheme supports almost all query operations available in plaintext database environments, especially multi-dimensional, multi-keyword searches with range query. Specifically, in the proposed scheme, an Adelson-Velsky Landis (AVL) tree is utilized to construct the index, and an order-revealing encryption (ORE) algorithm is used to encrypt the AVL tree and realize range query. As document-based databases are probably the most popular NoSQL database, due to their flexibility, high efficiency, and ease of use, MongoDB, a document-based NoSQL database, is chosen to store the encrypted PHR data in our scheme. Experimental results show that the scheme can achieve secure and practical searchable encryption for PHRs. A comparison of the range query demonstrates that the time overhead of our ORE-based scheme is 25.5% shorter than that of the mOPE-based Arx (an encrypted database system) scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

References

  1. Microsoft HealthVault. http://www.healthvault.com. Accessed 5 Nov 2017

  2. Google Health. https://www.google.com/health. Accessed 5 Nov 2017

  3. Poh GS, Chin JJ, Yau WC, Choo KKR, Mohamad MS (2017) Searchable symmetric encryption: designs and challenges. ACM Comput Surv 50(3):40

    Article  Google Scholar 

  4. Adelson-Velsky G, Landis E (1962) An algorithm for the organization of information. Proc USSR Acad Sci 146(2):263–266

    MathSciNet  Google Scholar 

  5. Cormen TH, Leiserson CE, Rivest RL, Stein C (2001) “Red–black trees. In: Cormen TH, Leiserson CE, Rivest RL, Stein C (eds) Introduction to algorithms, 2nd edn. MIT Press, London, pp 273–301

    MATH  Google Scholar 

  6. Elmasri R, Navathe SB (2010) Fundamentals of database systems, 6th edn. Pearson Education, London, pp 652–660

    MATH  Google Scholar 

  7. Popa RA, Li FH, Zeldovich N (2013) An ideal-security protocol for order-preserving encoding. In: Proceedings IEEE symposium security & privacy (SP), Washington, DC, USA, pp 463–477

  8. Song DX, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Proceeding IEEE Symposium Security and Privacy (SP), Oakland, CA, USA, pp 44–55

  9. Goh E (2003) Secure indexes. Cryptology ePrint Archive: 2003/216

  10. Curtmola R, Garay J, Kamara S, Ostrovsky R (2006) Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings ACM international conference on computer communication security (CCS), Alexandria, VA, USA, pp 79–88

  11. Wang C, Cao N, Li J, Ren K, Lou W (2012) Enabling secure and efficient ranked keyword search over outsourced cloud data. IEEE Trans Parallel Distrib Syst 23(8):1467–1479

    Article  Google Scholar 

  12. Cao N, Wang C, Li M, Ren K, Lou W (2014) Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans Parallel Distrib Syst 25(1):222–233

    Article  Google Scholar 

  13. Chen L, Qiu L, Li KC, Shi W, Zhang N (2017) DMRS: an efficient dynamic multi-keyword ranked search over encrypted cloud data. Soft Comput 21(16):4829–4841

    Article  Google Scholar 

  14. Li J, Wang Q, Wang C, Cao N, Ren K, Lou W (2010) Fuzzy keyword search over encrypted data in cloud computing. In: Proceeding IEEE 29th Conference on Computer Communication (INFOCOM), San Diego, CA, USA, pp 1–5

  15. Wang B, Yu S, Lou W, Hou YT (2014) Privacy-preserving multi-keyword fuzzy search over encrypted data in the cloud. In: Proceedings IEEE 29th conference on computer communication (INFOCOM), Toronto, ON, Canada, pp 2112–2120

  16. Wang C, Ren K, Yu S, Urs KM (2012) Achieving usable and privacy-assured similarity search over outsourced cloud data. In Proceedings IEEE 29th conference on computer communication (INFOCOM), Orlando, Florida, pp 451–459

  17. Kamara S, Papamanthou C, Roeder T (2012) Dynamic searchable symmetric encryption. In: Proceedings ACM International conference on computer communication security (CCS), Raleigh, NC, USA, pp. 965–976

  18. Gajek S (2016) Dynamic symmetric searchable encryption from constrained functional encryption. In: Proceedings Cryptographers’ Track at the RSA Conference, San Diego, California, 2016, pp 75–89

  19. Li R, Xu Z, Kang W, Yow K, Xu C (2014) Efficient multi-keyword ranked query over encrypted data in cloud computing. Future Gener Comput Syst 30(1):179–190

    Article  Google Scholar 

  20. Zhang W, Lin Y, Xiao S, Wu J, Zhou S (2016) Privacy preserving ranked multi-keyword search for multiple data owners in cloud computing. IEEE Trans Comput 65(5):1566–1577

    Article  MathSciNet  Google Scholar 

  21. Strizhov M, Ray I (2016) Secure multi-keyword similarity search over encrypted cloud data supporting efficient multi-user setup. Trans Data Priv 9(2):131–159

    Google Scholar 

  22. Sun W, Liu X, Lou W, Hou YT, Li H (2015) Catch you if you lie to me: efficient verifiable conjunctive keyword search over large dynamic encrypted cloud data. In: Proceedings IEEE 29th conference on computer communication (INFOCOM), Hong Kong, pp 2110–2118

  23. Wang J, Chen X, Li J, Zhao J, Shen J (2017) Towards achieving flexible and verifiable search for outsourced database in cloud computing. Future Gener Comput Syst 67:266–275

    Article  Google Scholar 

  24. Chen D, Hu Y, Wang L, Zomaya AY, Li X (2016) H-PARAFAC: hierarchical parallel factor analysis of multidimensional big data. IEEE Trans Parallel Distrib Syst 28(4):1091–1104

    Article  Google Scholar 

  25. Chen D, Li X, Wang L, Khan SU, Wang J, Zeng K, Cai C (2015) Fast and scalable multi-way analysis of massive neural data. IEEE Trans Comput 64(3):707–719

    Article  MathSciNet  Google Scholar 

  26. Tang Y, Chen D, Wang L, Zomaya AY, Chen J, Liu H (2018) Bayesian tensor factorization for multi-way analysis of multi-dimensional EEG. Neurocomputing 318:162–174

    Article  Google Scholar 

  27. Hacigümüş H, Iyer B, Li C, and Mehrotra S (2002) Executing SQL over encrypted data in the database-service-provider model. In: Proceedings ACM SIGMOD international conference manage data (SIGMOD), Madison, WI, pp 216–227

  28. Damiani E, Vimercati SD, Jajodia S, Paraboschi S, Samarati P (2003) Balancing confidentiality and efficiency in untrusted relational DBMSs. In: Proceedings ACM international conference computer communication security (CCS), Washington, DC, pp 93–102

  29. Ge T, Zdonik S (2007) Fast, secure encryption for indexing in a column-oriented DBMS. In: Proceedings IEEE 23rd international conference data engineer. (ICDE), Istanbul, Turkey, pp 676–685

  30. Chow SS, Lee JH, Subramanian L (2009) Two-party computation model for privacy-preserving queries over distributed databases. In: Proceedings 16th network and distributed system security symposium (NDSS), San Diego, CA, pp 1–16

  31. Popa RA, Redfield C, Zeldovich N, Balakrishnan H (2011) CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings ACM symposium operating system principles (SOSP), Cascais, Portugal, pp 85–100

  32. Boldyreva A, Chenette N, Lee Y, O’neill A (2009) Order preserving symmetric encryption. In: Proceedings international conference theory and applications of cryptographic techniques (EUROCRYPT), Cologne, Germany, pp 224–241

  33. Tu S, Kaashoek MF, Madden S, Zeldovich N (2013) Processing analytical queries over encrypted data. In: Proceedings international conference very large data bases (VLDB), Riva del Garda, Italy, pp 289–300

  34. Cash D, Jaeger J, Jarecki S, Jutla CS, Krawczyk H, Rosu MC, Steiner M (2014) Dynamic searchable encryption in very-large databases: data structures and implementation. In: Proceedings 21st network and distributed system security symposium (NDSS), San Diego, CA

  35. Faber S, Jarecki S, Krawczyk H, Nguyen Q, Rosu M, Steiner M (2015) Rich queries on encrypted data: beyond exact matches. In: Proceedings 20th European symposium research in computer security (ESORICS), Vienna, Austria, pp 123–145

  36. Poddar R, Boelter T, Popa RA (2016) Arx: a strongly encrypted database system. Cryptology ePrint Archive: 2016/591

  37. Ahmadian M, Plochan F, Roessler Z, Marinescu DC (2017) SecureNoSQL an approach for secure search of encrypted NoSQL databases in the public cloud. Int J Inf Manag 37(2):63–74

    Article  Google Scholar 

  38. Li M, Yu S, Cao N, Lou W (2011) Authorized private keyword search over encrypted data in cloud computing. In: Proceeding IEEE 31st international conference on distributed computing systems (ICDCS), Washington, DC, USA, pp 383–392

  39. Xhafa F, Wang J, Chen X, Liu JK, Li J, Krause P (2014) An efficient PHR service system supporting fuzzy keyword search and fine-grained access control. Soft Comput 18(9):1795–1802

    Article  Google Scholar 

  40. Liu Z, Weng J, Li J, Yang J, Fu C, Jia C (2016) Cloud-based electronic health record system supporting fuzzy keyword search. Soft Comput 20(8):3243–3255

    Article  Google Scholar 

  41. Guo C, Zhuang R, Jie Y, Ren Y, Wu T, Choo KKR (2016) Fine-grained database field search using attribute-based encryption for e-healthcare clouds. J Med Syst 40(11):1–8

    Article  Google Scholar 

  42. Yang L, Zheng Q, Fan X (2017) RSPP: a reliable, searchable and privacy-preserving e-Healthcare system for cloud-assisted body area networks. In: Proceedings IEEE 36th conference on computer communication (INFOCOM), GA, USA, pp 1–9

  43. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings IEEE 29th conference on computer communication. (INFOCOM), San Diego, CA, USA, pp 534–542

  44. Lewi K, Wu DJ (2016) Order-revealing encryption: new constructions, applications, and lower bounds. In: Proceedings ACM International conference on computer communication security (CCS), Vienna, Austria, pp 1167–1178

  45. Boneh D, Lewi K, Raykova M, Sahai A, Zhandry M, Zimmerman J (2015) Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Proceedings Int. Conf. Theory and Applications of Cryptographic Techniques (EUROCRYPT), Sofia, Bulgaria, pp 563–594

  46. Chenette N, Lewi K, Weis SA, Wu DJ (2016) Practical order-revealing encryption with limited leakage. In: Proceedings international symposium foundations of software engineering (FSE), Seattle, WA, USA, pp 474–493

  47. Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order-preserving encryption for numeric data. In Proceedings ACM SIGMOD international conference management of data (SIGMOD), Paris, France, pp 563–574

  48. Alves PGMR, Aranha DF (2016) A framework for searching encrypted databases. In: Proceedings XVI Brazilian symposium on information and computational systems security, Niterói, Rio de Janeiro

  49. Frank A, Asuncion A (2010) UCI machine learning repository. https://archive.ics.uci.edu/ml/index.php

  50. Yang Z, Zhong S, Wright RN (2006) Privacy-preserving queries on encrypted data. In: Proceedings European symposium research in computer security (ESORICS), Hamburg, Germany, pp 479–495

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China under Grant Nos. 61602118, 61572010 and U1805263, Fujian Normal University Innovative Research Team under Grant No. IRTL1207, Natural Science Foundation of Fujian Province under Grant Nos. 2019J01329 and 2017J01738.

Author information

Authors and Affiliations

  1. College of Mathematics and Informatics, Fujian Provincial Key Laboratory of Network Security and Cryptology, Fujian Network and Information Security Industry Technology Development Base, Fujian Normal University, Fuzhou, 350117, China

    Lanxiang Chen & Nan Zhang

  2. Department of Computer Science, National Tsing Hua University, Hsinchu, Taiwan

    Hung-Min Sun

  3. Department of Information Engineering and Computer Science, Feng Chia University, Taichung, Taiwan

    Chin-Chen Chang

  4. School of Information Technology, Deakin University, Waurn Ponds, VIC, 3216, Australia

    Shui Yu

  5. Department of Information Systems and Cyber Security and Department of Electrical and Computer Engineering, The University of Texas at San Antonio, San Antonio, TX, 78249, USA

    Kim-Kwang Raymond Choo

Authors
  1. Lanxiang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hung-Min Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chin-Chen Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shui Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Kim-Kwang Raymond Choo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kim-Kwang Raymond Choo.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chen, L., Zhang, N., Sun, HM. et al. Secure search for encrypted personal health records from big data NoSQL databases in cloud. Computing 102, 1521–1545 (2020). https://doi.org/10.1007/s00607-019-00762-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-019-00762-z

Keywords

Mathematics Subject Classification

Search

Navigation