Skip to main content
Springer Nature Link
Log in

Securing big healthcare data using attribute and honey-based encryption in cloud environment

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

The recent advancements on the Internet of clinical things, intelligent agents, data frameworks, and cloud administrations has prompted a digitalized change in the health industry. The healthcare data has been processed using several software-based techniques over the years. The cloud environment is used to reduce the time and space complexity. The size of available healthcare dataset is increased using different augmentation techniques. However, hospitals and other healthcare organizations have been worried about privacy and security of patients’ data during transmission, storage, usage, and movement of information. During security breaches, several factors such as users, customers, partners, associations, and organizations are affected. This paper proposes an encryption framework that secures big data in healthcare on cloud technology. A ciphertext-policy attribute-based honey encryption (CP-ABHE) algorithm has been used to encode each sensitive public healthcare data document to enable the mechanism of versatile access control and fine-grained security for medical records. In the former stage, the security is enhanced with password protection, while in latter stage, honey words are produced to prevent unauthorized access by attackers.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Data availability

Data sharing does not apply to this article as no datasets were generated during the current study.

No datasets were generated or analysed during the current study.

Abbreviations

CP-ABHE:

Ciphertext-Policy Attribute-based Honey Encryption

DES:

Data Encryption Standard

M-AES:

Modified Advanced Encryption System

RSA:

Rivest, Shamir &Adelman

OTP:

One Time Password

ABE:

Attribute-based Encryption

EHR:

Electronic Health Record

HMAC:

Hash-Based Message Authentication Code

ACL:

Access Control List

KP-ABE:

Key-Policy Attribute-Based Encryption

DEA:

Data Encryption Algorithm

ECC:

Elliptic Curve Cryptography

HDFS:

Hadoop Distributed File System

References

  1. Sharma K, Agrawal A, Pandey D, Khan RA, Dinkar SK (2022) RSA based encryption approach for preserving confidentiality of big data. Journal of King Saud University-Computer and Information Sciences 34(5):2088–2097

    Article  Google Scholar 

  2. Hathaliya JJ, Tanwar S (2020) An exhaustive survey on security and privacy issues in Healthcare 4.0. Comput Commun 153:311–335

    Article  Google Scholar 

  3. Mišić J, Mišić VB (2007) Implementation of security policy for clinical information systems over wireless sensor networks. Ad Hoc Netw 5(1):134–144

    Article  MathSciNet  Google Scholar 

  4. Deshmukh P, Croasdell D (2008) HIPAA: Privacy and security in health care networks. In Information Security and Ethics: Concepts, Methodologies, Tools, and Applications . 2770–2781 IGI Global

  5. Cavalli E, Mattasoglio A, Pinciroli F, Spaggiari P (2004) Information security concepts and practices: the case of a provincial multi-specialty hospital. Int J Med Informatics 73(3):297–303

    Article  Google Scholar 

  6. Farzandipour M, Sadoughi F, Ahmadi M, Karimi I (2010) Security requirements and solutions in electronic health records: lessons learned from a comparative study. J Med Syst 34:629–642

    Article  Google Scholar 

  7. Kwon J, Johnson ME (2013) Security practices and regulatory compliance in the healthcare industry. J Am Med Inform Assoc 20(1):44–51

    Article  Google Scholar 

  8. Fernando J (2004) Factors that have contributed to a lack of integration in health information system security. The Journal on Information Technology in Healthcare 2(5):313–328

    Google Scholar 

  9. Mahmoud H, Hegazy A, Khafagy MH (2018) An approach for big data security based on Hadoop distributed file system. In 2018 International Conference on Innovative Trends in Computer Engineering (ITCE) 109–114. IEEE

  10. Dutta A, Bose R, Roy S, Sutradhar S (2023) Hybrid Encryption Technique to Enhance Security of Health Data in Cloud Environment. Arch Pharm Pract 14(3–2023):41–47

    Article  Google Scholar 

  11. Esther Omolara A, Jantan A, Abiodun OI, Arshad H, Dada KV, Emmanuel E (2020) HoneyDetails: A prototype for ensuring patient’s information privacy and thwarting electronic health record threats based on decoys. Health Informatics J 26(3):2083–2104

    Article  Google Scholar 

  12. Yang, C., Lin, W., & Liu, M. (2013, September). A novel triple encryption scheme for hadoop-based cloud data security. In 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies 437–442. IEEE.

  13. Xu L, Wu X, Zhang X (2012) CL-PRE: a certificateless proxy re-encryption scheme for secure data sharing with public cloud. In Proceedings of the 7th ACM symposium on information, computer and communications security (pp. 87–88)

  14. Kamalov F, Pourghebleh B, Gheisari M, Liu Y, Moussa S (2023) Internet of medical things privacy and security: Challenges, solutions, and future trends from a new perspective. Sustainability 15(4):3317

    Article  Google Scholar 

  15. Joshi M, Joshi K, Finin T (2018) Attribute based encryption for secure access to cloud based EHR systems. In 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) 932–935. IEEE

  16. Wang H, Song Y (2018) Secure cloud-based EHR system using attribute-based cryptosystem and blockchain. J Med Syst 42(8):152

    Article  MathSciNet  Google Scholar 

  17. Jain S, Doriya R (2022) Security framework to healthcare robots for secure sharing of healthcare data from cloud. Int J Inf Technol 14(5):2429–2439

    Google Scholar 

  18. Jam MR, Khanli LM, Javan MS, Akbari MK (2014) A survey on security of Hadoop. In 2014 4th International Conference on Computer and knowledge Engineering (ICCKE) 716–721. IEEE

  19. Sweeney L (2002) Achieving k-anonymity privacy protection using generalization and suppression. Internat J Uncertain Fuzziness Knowledge-Based Systems 10(05):571–588

    Article  MathSciNet  Google Scholar 

  20. Samarati P (2001) Protecting respondents identities in microdata release. IEEE Trans Knowl Data Eng 13(6):1010–1027

    Article  Google Scholar 

  21. Truta TM, Vinay B (2006) Privacy protection: p-sensitive k-anonymity property. In 22nd International Conference on Data Engineering Workshops (ICDEW’06) 94–94. IEEE

  22. Ahsaan SU, Mourya AK (2019) Big data analytics: challenges and technologies. Annals of the Faculty of Engineering Hunedoara 17(4):75–79

    Google Scholar 

  23. Tertulino R, Antunes N, Morais H (2024) Privacy in electronic health records: a systematic mapping study. J Public Health 32(3):435–454

    Article  Google Scholar 

  24. Mohan A, Blough DM (2010) An attribute-based authorization policy framework with dynamic conflict resolution. In Proceedings of the 9th Symposium on Identity and Trust on the Internet 37–50

  25. Charmanas K, Mittas N, Angelis L (2023) Topic and influence analysis on technological patents related to security vulnerabilities. Comput Secur 128:103128

    Article  Google Scholar 

  26. Zhou, H., & Wen, Q. (2014, May). Data security accessing for HDFS based on attribute-group in cloud computing. In International conference on logistics engineering, management and computer science (LEMCS 2014) 1140–1143. Atlantis Press.

  27. Yu S, Wang C, Ren, K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In 2010 Proceedings IEEE INFOCOM 1–9. IEEE

  28. van der Linden H, Kalra D, Hasman A, Talmon J (2009) Inter-organizational future proof EHR systems: A review of the security and privacy related issues. Int J Med Informatics 78(3):141–160

    Article  Google Scholar 

  29. Marchal, S., Jiang, X., State, R., & Engel, T. (2014, June). A big data architecture for large scale security monitoring. In 2014 IEEE International Congress on Big Data (pp. 56–63). IEEE.

  30. Terzi DS, Terzi R, Sagiroglu S (2015) A survey on security and privacy issues in big data. In 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST) (pp. 202–207). IEEE

  31. Lan L, Jun L (2013) Some special issues of network security monitoring on big data environments. In 2013 IEEE 11th International Conference on Dependable, Autonomic and Secure Computing 10–15. IEEE

  32. Panda, M. (2016, October). Performance analysis of encryption algorithms for security. In 2016 International Conference on Signal Processing, Communication, Power and Embedded System (SCOPES) 278–284. IEEE.

  33. Jeong YS, Kim YT (2015) A token-based authentication security scheme for Hadoop distributed file system using elliptic curve cryptography. Journal of Computer Virology and Hacking Techniques 11(3):137–142

    Article  Google Scholar 

  34. Al-Issa Y, Ottom MA, Tamrawi A (2019) eHealth cloud security challenges: a survey. Journal of healthcare engineering 2019(1):7516035

    Google Scholar 

  35. Yakubu J, Abdulhamid SIM, Christopher HA, Chiroma H, Abdullahi M (2019) Security challenges in fog-computing environment: a systematic appraisal of current developments. Journal of Reliable Intelligent Environments 5(4):209–233

    Article  Google Scholar 

  36. Sivaranjani N, Sanjana P, Sindhubairavi S, Saishrre L (2024) Graphical Password Authentication using Image Processing (GPAIP). In 2024 11th International Conference on Computing for Sustainable Global Development (INDIACom) (pp. 185–191). IEEE

  37. Owezarski P (2015) A near real-time algorithm for autonomous identification and characterization of honeypot attacks. In Proceedings of the 10th ACM symposium on information, computer and communications security 531–542

  38. Bellare M, Ristenpart T, Rogaway P, Stegers T (2009) Format-preserving encryption. In Selected Areas in Cryptography: 16th Annual International Workshop, SAC (2009) Calgary, Alberta, Canada, August 13–14, 2009, Revised Selected Papers 16. Springer, Berlin Heidelberg, pp 295–312

    Google Scholar 

  39. Zhao T, Wei L, Zhang C (2016) Attribute-based encryption scheme based on SIFF. In 2016 IEEE International Conference on Communications (ICC) 1–6. IEEE

  40. Dyer KP, Coull SE, Ristenpart T, Shrimpton T (2013) Protocol misidentification made easy with format-transforming encryption. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security 61–72

  41. Vinayak PP, Nahala MA (2015) Avoiding brute force attack in manet using honey encryption. Inter J Sci Res 4(3):83–85

    Google Scholar 

  42. Ebrahim M, Khan S, Khalid UB (2014) Symmetric algorithm survey: a comparative analysis. arXiv preprint arXiv:1405.0398

  43. Yin W, Indulska J, Zhou H (2017) Protecting private data by honey encryption. Security and communication networks 2017(1):6760532

    Google Scholar 

  44. Juels A, Ristenpart T (2014) Honey encryption: Security beyond the brute-force bound. In Advances in Cryptology–EUROCRYPT 2014: 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark, May 11–15, 2014. Proceedings 33 (pp. 293–310). Springer Berlin Heidelberg

  45. Kim IS, Kim MH (2012) Agent-based honeynet framework for protecting servers in campus networks. IET Inf Secur 6(3):202–211

    Article  Google Scholar 

  46. Jain P, Sardana A (2012) Defending against internet worms using honeyfarm. In Proceedings of the CUBE International Information Technology Conference (pp. 795–800)

  47. Choi H, Nam H, Hur J (2017) Password typos resilience in honey encryption. In 2017 International conference on information networking (ICOIN) (pp. 593–598). IEEE

  48. Tan SF, Samsudin A (2018) Enhanced security of internet banking authentication with extended honey encryption (XHE) scheme. Innovative Computing, Optimization and Its Applications: Modelling and Simulations, 201–216

  49. Mourya AK, Idrees SM (2020) Cloud computing-based approach for accessing electronic health record for healthcare sector. In Microservices in big data analytics: Second international, ICETCE 2019, Rajasthan, India, February 1st-2nd 2019, revised selected papers (pp. 179–188). Springer Singapore

  50. Elminaam DSA, Kader HMA, Hadhoud MM (2008) Performance evaluation of symmetric encryption algorithms. IJCSNS Int J Comp Sci Network Security 8(12):280–286

    Google Scholar 

  51. Singh SP, Maini R (2011) Comparison of data encryption algorithms. Int j comp sci communication 2(1):125–127

    Google Scholar 

  52. Song Y, Shin YS, Jang M, Chang JW (2017) Design and implementation of HDFS data encryption scheme using ARIA algorithm on Hadoop. In 2017 IEEE International Conference on Big Data and Smart Computing (BigComp) (pp. 84–90). IEEE

  53. Kapil G, Agrawal A, Attaallah A, Algarni A, Kumar R, Khan RA (2020) Attribute based honey encryption algorithm for securing big data: Hadoop distributed file system perspective. Peer J Computer Science 6:e259

    Article  Google Scholar 

  54. Neupane A, Alsadoon A, Prasad PWC, Ali RS, Haddad S (2020) A novel modified chaotic simplified advanced encryption system (MCS-AES): mixed reality for a secure surgical tele-presence. Multimedia Tools and Applications 79(39):29043–29067

    Article  Google Scholar 

  55. Assa-Agyei K, Olajide F (2023) A Comparative study of Twofish, Blowfish, and advanced encryption standard for secured data transmission. International Journal of Advanced Computer Science and Applications 14 3. https://doi.org/10.14569/IJACSA.2023.0140344

Download references

Author information

Authors and Affiliations

  1. GNIOT Institute of Professional Studies, Greater Noida, Uttar Pradesh, India

    Gayatri Kapil

  2. Department of Information Technology, Dr B R Ambedkar National Institute of Technology, Jalandhar, Punjab, India

    Neeraj Kumar & Vijay Kumar

  3. Department of Information Technology, ABESIT, Ghaziabad, Uttar Pradesh, India

    Ashish Kumar Mourya

Authors
  1. Gayatri Kapil
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Neeraj Kumar
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Ashish Kumar Mourya
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Vijay Kumar
    View author publications

    You can also search for this author inPubMed Google Scholar

Contributions

All author have equally contributed.

Corresponding author

Correspondence to Vijay Kumar.

Ethics declarations

Conflict of interest

The authors declare they have no known competing financial interests or personal relationships.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Kapil, G., Kumar, N., Mourya, A.K. et al. Securing big healthcare data using attribute and honey-based encryption in cloud environment. J Supercomput 81, 181 (2025). https://doi.org/10.1007/s11227-024-06535-6

Download citation

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11227-024-06535-6

Keywords