Skip to main content
SpringerLink
Log in

Secure data-exchange protocol in a cloud-based collaborative health care environment

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

Cloud-based big data frameworks help collaborative healthcare service providers to efficiently store and manage large-scale health data. In such frameworks each cloud data source is autonomous and exchanges data with another cloud using pair-wise communication for user queries by creating an on-the-fly data-exchange session. The frameworks provide a platform for sharing or exchanging health data residing in multiple clouds for the purpose of data analysis, decision making, and improving patients’ treatment. As healthcare data are extremely sensitive, security is vital when sharing such data in a collaborative framework. Since clouds may exchange sensitive patient health data over an insecure channel, the sensitive data might be accessed or intercepted by malicious users or intruders. In this circumstance, a central third-party security mechanism (e.g., Public Key Infrastructure) can not protect confidential data. Concerning pair-wise, on-the-fly data exchange, this paper presents a two-phase security protocol that uses pairing-based cryptography. Each cloud computes a secret session key dynamically by computing a pairing in an elliptic curve. Validating the presented protocol, a formal verification proves that the proposed protocol is robust and safe against the masquerade, man-in-the-middle, and replay attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Asija R, Rajarathnam N (2016) Healthcare saas based on a data model with built-in security and privacy. Int J Cloud Appl Comput (IJCAC) 6(3):1–14

    Google Scholar 

  2. Babaoglu O, Marzolla M (2014) Escape from the data center: the promise of peer-to-peer cloud computing. IEEE Spectrum. http://spectrum.ieee.org/computing/networks/escape-from-the-data-center-the-promise-of-peertopeer-cloud-computing. Accessed 24 August 2017

  3. Barreto PSLM, Kim HY, Lynn B, Scott M (2002) Efficient algorithms for pairing-based cryptosystems. Advances in Cryptography, Springer. LNCS 2442:354–368

    MATH  Google Scholar 

  4. Basu S et al (2012) Fusion: managing healthcare records at cloud scale. Computer 45(11):42–49

    Article  Google Scholar 

  5. Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. Advances in Cryptography 2139:213–229

    MathSciNet  MATH  Google Scholar 

  6. Chenguang H, Fan X, Li Y (2013) Toward ubiquitous healthcare services with a novel efficient cloud platform. IEEE Trans Biomed Eng 60(1):230–234

    Article  Google Scholar 

  7. Chen T -S et al (2012) Secure dynamic access control scheme of PHR in cloud computing. J Med Syst 36(6):4005–4020

    Article  Google Scholar 

  8. Christos S, Koastas EP, Byung-Gyu K, Gupta BB (2018) Secure integration of IoT and cloud computing. Futur Gener Comput Syst 78(3):964–975

    Google Scholar 

  9. Doukas C, Pliakas T, Maglogiannis I (2010) Mobile healthcare information management utilizing cloud computing and android OS. In: Annual international conference of the IEEE engineering in medicine and biology society (EMBC)

  10. Guo L, Chen F, Chen L, Tang X (2010) The building of cloud computing environment for E-health. In: International conference on E-Health networking, digital ecosystem and technologies. https://doi.org/10.1109/EDT.2010.5496512

  11. Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: Workshop on cryptographic hardware and embedded systems (CHES), pp 119–132

  12. Gupta BB, Shashank G, Pooja C (2017) Enhancing the browser-side context-aware sanitization of suspicious HTML5 Code for halting the DOM-based XSS vulnerabilities in cloud. Int J Cloud Appl Comput (IJCAC) 7(1):1–31

    Google Scholar 

  13. Itani W, Kayssi A, Chehab A (2009) Privacy as a service: privacyaware data storage and processing in cloud computing architectures. In: IEEE international conference on dependable, autonomic and secure computing, pp 711–716

  14. Jin L, Jingwei L, Xiaofeng C (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437

    Article  MathSciNet  MATH  Google Scholar 

  15. Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48:203–209

    Article  MathSciNet  MATH  Google Scholar 

  16. Li M et al (2011) Authorized private keyword search over encrypted data in cloud computing. In: International conference on distributed computing systems (ICDCS)

  17. Li M et al (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24 (1):131–143

    Article  MathSciNet  Google Scholar 

  18. Li J (2014) Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parallel Distrib Syst 25(6):1615–1625

    Article  Google Scholar 

  19. Masud M, Rahman Sk, Md M (2012) Secure data exchange in P2P data sharing systems in eHealth perspective. IJCSI Int J Comput Sci Issues 9(6):36–42

    Google Scholar 

  20. Miller V (1986) Uses of elliptic curves in cryptography. In: Crypto85 on advances in cryptology. Lecture Notes in Computer Science, vol 218. Springer, Berlin Heidelberg, pp 417–426

  21. Mohammad AA, Yaser J, Islam O, Gupta BB (2017) Internet of surveillance: a cloud supported large-scale wireless surveillance system. J Supercomput 73(3):973–992

    Article  Google Scholar 

  22. Pearson S (2009) Taking account of privacy when designing cloud computing services. In: ICSE workshop on software engineering challenges of cloud computing. https://doi.org/10.1109/CLOUD.2009.5071532

  23. Pearson S, Shen Y, Mowbray M (2009) A privacy manager for cloud computing. In: International conference on cloud computing, pp 90–106

  24. Ratnam KA, Dominic DD (2012) Cloud services enhancing the Malaysian Healthcare sector. In: International conference on computer and information science. https://doi.org/10.1109/ICCISci.2012.6297101

  25. Rahman Sk, Md M, Masud M, Adams C, El-Khatib K, Mouftah H, Okamoto E (2011) Cryptographic security models for eHealth P2P database management systems network. In: Annual conference on privacy, security and trust (PST2011), Montreal

  26. Rahman Sk, Md M, Masud M, Adams C, Mouftah H, Inomata A (2011) Session-wise private data exchange in eHealth peer-to-peer database management systems. In: International conference on intelligence and security informatics (ISI2011), Beijing

  27. Rahman Sk Md M, Masud M, Noman ANM, Alamri A, Hassan MM (2014) Towards secure data exchange in peer-to-peer data management systems. Appl Math Inf Sci 8(6):2775–2787

    Article  Google Scholar 

  28. Rahman SMM, Masud MM, Hossain MA et al (2016) Privacy preserving secure data exchange in mobile P2P cloud healthcare environment. Peer-to-Peer Netw Appl 9(5):894–909

    Article  Google Scholar 

  29. Sakai R, Ohgishi K, Kasahara M (2000) Cryptosystems based on pairing. The 2000 Symposium on Cryptography and Information Security (SCIS2000), Okinawa, pp 26–28

    Google Scholar 

  30. Shini S, Thomas T, Chithraranjan K (2012) Cloud based medical image exchange-security challenges. In: International conference on modelling, optimization and computing. https://doi.org/10.1016/j.proeng.2012.06.399

  31. Thilakanathan D, Calvo RA, Chen S, Nepal S, Glozier N (2016) Facilitating secure sharing of personal health data in the cloud. JMIR Med Inform, https://doi.org/10.2196/medinform.4756

  32. Van Dijk M, Juels A (2010) On the impossibility of cryptography alone for privacy-preserving cloud computing, vol 305, IACR ePrint

  33. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: IEEE INFOCOM, San Diego

  34. Xiaokang X, Duncan S, Xiaotie D (2009) TinyPairing: Computing tate pairing on sensor nodes with higher speed and less memory. In: International Symposium on Network Computing and Applications (NCA 2009), Cambridge, pp 187–194

  35. Zheli L et al (2015) L-EncDB: A lightweight framework for privacy-preserving data queries in cloud computing. Knowl-based Syst 79:18–26

    Article  Google Scholar 

  36. Zhijia C et al (2009) Rapid provisioning of cloud infrastructure leveraging peer-to-peer networks. In: IEEE international conference on ICDCS workshops, distributed computing systems workshops

  37. Zhihua X et al (2014) A privacy-preserving and copy-deterrence content-based image retrieval scheme in cloud computing. IEEE Trans Inf Forensic Secur 11(11):2594–2608

    Google Scholar 

Download references

Acknowledgments

The authors are grateful to the Deanship of Scientific Research, King Saud University for funding through Vice Deanship of Scientific Research Chairs.

Author information

Authors and Affiliations

  1. Department of Computer Science, Taif University, Taif, Kingdom of Saudi Arabia

    Mehedi Masud

  2. Department of Software Engineering, College of Computer and Information Sciences, King Saud University, Riyadh, Kingdom of Saudi Arabia

    M. Shamim Hossain

  3. Research Chair of Pervasive and Mobile Computing, King Saud University, Riyadh, 11543, Saudi Arabia

    M. Shamim Hossain

Authors
  1. Mehedi Masud
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. Shamim Hossain
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to M. Shamim Hossain.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Masud, M., Hossain, M. Secure data-exchange protocol in a cloud-based collaborative health care environment. Multimed Tools Appl 77, 11121–11135 (2018). https://doi.org/10.1007/s11042-017-5294-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-017-5294-5

Keywords

Search

Navigation