Skip to main content
Springer Nature Link
Log in

HCAC-EHR: hybrid cryptographic access control for secure EHR retrieval in healthcare cloud

  • Original Research
  • Published:
Journal of Ambient Intelligence and Humanized Computing Aims and scope Submit manuscript

Abstract

Technology that is perfect is free of vulnerability. Technological growth offers users online data storage and access to it from anywhere. Cloud computing is a model that provides data storage on a contract facility and a slew of different services. Today, online data relating to health is inevitably stored and managed. These health records comprise data that includes X-ray images, scanned images, therapy procedures, medical prescriptions, and patient information. Medical professionals use the stored health data for diagnosis, patients for their understanding, and government and insurance companies for further follow-up. Since multiple category of users want access to health data, data needs protection and to be stored with extreme security before being stored online in the form of electronic health records (EHRs) with proper access control mechanisms. To this end to provide secure cloud storage, we propose a novel scheme by implementing a hybrid cryptography algorithm in which we use Improved Key Generation Scheme of RSA (IKGSR) algorithm to encrypt health data and Blowfish algorithm for key encryption. We follow steganography-based access control for key sharing by means of substring indexing and keyword search mechanism to efficiently retrieve the encrypted data. We measure performance evaluation as well as the security of the proposed method and compare with existing hybrid method consider New York State Department of Health dataset. The results clearly confirm that our method provides better security and also retrieves data efficiently.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

References

  • 2018. https://health.data.ny.gov/api/views/tsg2-5hds/files/5ded175fecf34dd2bb38df464b137958?ilename=NYSDOHHospitalInpatientDischargesSPARCSDeIdentified2016.zip

  • AHIMA (2016) what is a personal health record (PHR)? http://myphr.com/StartaPHR/whatisaphr.aspx

  • Ajala JA, Singh S, Mukherjee S, Chakraborty S (2019) Application of steganography technique in cloud computing. In: 2019 international conference on computational intelligence and knowledge economy (ICCIKE), pp 532–537. https://doi.org/10.1109/ICCIKE47802.2019.9004347

  • Al-Farraji OII (2016) Steganography by use binary operations. Int J Eng Res General Sci 4:179–87

    Google Scholar 

  • Ali M, Malik SUR, Khan SU (2017) Dasce: data security for cloud environment with semi-trusted third party. IEEE Trans Cloud Comput 5(4):642–655. https://doi.org/10.1109/TCC.2015.2446458

    Article  Google Scholar 

  • Alshehri S, Mishra S, Raj RK (2016) Using access control to mitigate insider threats to healthcare systems. In: 2016 IEEE international conference on healthcare informatics (ICHI), pp 55–60. https://doi.org/10.1109/ICHI.2016.11

  • Singh AK, Singh J, Singh V (2015) Steganography in images using lsb technique. Int J Latest Trends Eng Technol (IJLTET) 5:426–430

    Google Scholar 

  • Sirisha BL, Kumar SS, Mohan BC (2015) Steganography based information security with high embedding capacity. In: National conference on recent advances in electronics computer engineering

  • Bansal VP, Singh S (2015) A hybrid data encryption technique using rsa and blowfish for cloud computing on fpgas. In: 2015 2nd international conference on recent advances in engineering computational sciences (RAECS), pp 1–5. https://doi.org/10.1109/RAECS.2015.7453367

  • Bhase G, Mangrulkar RS (2018) An access control system using visual cryptography and steganography. In: 2018 fourteenth international conference on information processing (ICINPRO), pp 1–6. https://doi.org/10.1109/ICINPRO43533.2018.9096673

  • Bouchti AE, Bahsani S, Nahhal T (2016) Encryption as a service for data healthcare cloud security. In: 2016 fifth international conference on future generation communication technologies (FGCT), pp 48–54. https://doi.org/10.1109/FGCT.2016.7605072

  • Buchade AR, Ingle R (2014) Key management for cloud data storage: methods and comparisons. In: 2014 fourth international conference on advanced computing communication technologies, pp 263–270. https://doi.org/10.1109/ACCT.2014.78

  • Liang C, Ye N, Malekian R, Wang R (2016) The hybrid encryption algorithm of lightweight data in cloud storage. In: 2016 2nd international symposium on agent, multi-agent systems and robotics (ISAMSR), pp 160–166. https://doi.org/10.1109/ISAMSR.2016.7810021

  • Chinnasamy P, Deepalakshmi P (2018) Improved key generation scheme of rsa (ikgsr) algorithm based on offline storage for cloud. In: Rajsingh EB, Veerasamy J, Alavi AH, Peter JD (eds) Advances in big data and cloud computing. Springer Singapore, Singapore, pp 341–350

    Chapter  Google Scholar 

  • Chinnasamy P, Deepalakshmi P (2018) Design of secure storage for health-care cloud using hybrid cryptography. In: 2018 second international conference on inventive communication and computational technologies (ICICCT), pp 1717–1720. https://doi.org/10.1109/ICICCT.2018.8473107

  • Chinnasamy P, Deepalakshmi P, Shankar K (2020) Chapter 6—an analysis of security access control on healthcare records in the cloud. In: Singh AK, Elhoseny M (eds) Intelligent data security solutions for e-health applications, intelligent data-centric systems. Academic Press, New York, pp 113–130. https://doi.org/10.1016/B978-0-12-819511-6.00006-6 (ISBN 978-0-12-819511-6)

    Chapter  Google Scholar 

  • Chiuchisan I, Balan D, Geman O, Chiuchisan I, Gordin I (2017) A security approach for health care information systems. In: 2017 E-health and bioengineering conference (EHB), pp 721–724. https://doi.org/10.1109/EHB.2017.7995525

  • Cramer R, Shoup V (2004) Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J Comput 33(1):167–226. https://doi.org/10.1137/S0097539702403773

    Article  MathSciNet  MATH  Google Scholar 

  • Esposito C, De Santis A, Tortora G, Chang H, Choo KR (2018) Blockchain: a panacea for healthcare cloud-based data security and privacy? IEEE Cloud Comput 5(1):31–37. https://doi.org/10.1109/MCC.2018.011791712

    Article  Google Scholar 

  • Fan Y, Lin X, Tan G, Zhang Y, Dong W, Lei J (2019) One secure data integrity verification scheme for cloud storage. Future Gener Comput Syst 96:376–385. https://doi.org/10.1016/j.future.2019.01.054

    Article  Google Scholar 

  • Ferguson N, Schneier B, Kohno T (2015) Primes. Wiley, New York, pp 163–180. https://doi.org/10.1002/9781118722367.ch10 (chapter 10)

    Book  Google Scholar 

  • Fu Z, Shu J, Sun X, Zhang D (2014) Semantic keyword search based on trie over encrypted cloud data. In: Proceedings of the 2nd international workshop on security in cloud computing, SCC ’14, pp 59–62, New York, NY, USA. Association for Computing Machinery. ISBN 9781450328050. https://doi.org/10.1145/2600075.2600081

  • Gallagher LA (2012) Cloud computing in healthcare: privacy and security considerations, WSHIMA. http://www.himss.org/sites/himssorg/files/HIMSSorg/Content/files/CloudComputing WSHIMA042012-LG.pdf

  • Guo C, Zhuang R, Jie Y, Ren Y, Wu T, Choo KK (2016) Fine-grained database field search using attribute-based encryption for e-healthcare clouds. J Med Syst 40:1–8

    Article  Google Scholar 

  • Gutub A, Al-Ghamdi M (2019) Hiding shares by multimedia image steganography for optimized counting-based secret sharing. Multimed Tools Appl 79:7951–7985. https://doi.org/10.1007/s11042-019-08427-x

    Article  Google Scholar 

  • Hosam O, Ahmad MH (2019) Hybrid design for cloud data security using combination of aes, ecc and lsb steganography. Int J Comput Sci Eng 19:153–161

    Google Scholar 

  • Ahaiwe J (2014) Document security within institutions using image steganography technique. Int J Sci Res (IJSR) 3:528–535

    Google Scholar 

  • Alhassan JK, Abba E, Olaniyi OM, Waziri VO (2016) Threat modeling of electronic health systems and mitigating countermeasures. In: International conference on information and communication technology and its applications, pp 82–89

  • Karame GO, Soriente C, Lichota K, Capkun S (2019) Securing cloud data under key exposure. IEEE Trans Cloud Comput 7(3):838–849. https://doi.org/10.1109/TCC.2017.2670559

    Article  Google Scholar 

  • Kartit Z, Azougaghe A, Idrissi HK, El Marraki M, Hedabou M, Belkasmi M, Kartit A (2016) Applying encryption algorithm for data security in cloud storage. In: Sabir E, Medromi H, Sadik M (eds) Advances in ubiquitous networking. Springer Singapore, Singapore, pp 141–154

    Chapter  Google Scholar 

  • Kruse CS, Smith B, Vanderlinden H, Nealand A (2017) Security techniques for the electronic health records. J Med Syst. https://doi.org/10.1007/s10916-017-0778-4

    Article  Google Scholar 

  • Coppolino L, D’Antonio S, Romano L, Sgaglione L, Staffa M (2017) Addressing security issues in the e-health domain relying on siem solutions. In: IEEE 41st annual computer software and applications conference (COMPSAC), pp 510–515 https://doi.org/10.1109/COMPSAC.2017.45

  • Lee CF, Weng CY, Sharma A (2016) Steganographic access control in data hiding using run length encoding and modulo operations. Secur Commun Netw 9:139–148

    Article  Google Scholar 

  • Mai V, Khalil I, Ibaida A (2013) Steganography-based access control to medical data hidden in electrocardiogram. In: 2013 35th annual international conference of the IEEE engineering in medicine and biology society (EMBC), pp 1302–1305. https://doi.org/10.1109/EMBC.2013.6609747

  • Maitri PV, Verma A (2016) Secure file storage in cloud computing using hybrid cryptography algorithm. In: 2016 international conference on wireless communications, signal processing and networking (WiSPNET), pp 1635–1638. https://doi.org/10.1109/WiSPNET.2016.7566416

  • Medicare (2018) Centers for Medicare Medicaid Services. Electronic Health Record. https://www.cms.gov/Medicare/Ehealth/EHealthRecords/index.html

  • Oladeji M. O. A, Akomolafe P (2017) A hybrid cryptographic model for data storage in mobile cloud computing. Int J Comput Netw Inf Secur (IJCNIS) 9:53–60. https://doi.org/10.5815/ijcnis.2017.06.06

    Article  Google Scholar 

  • Yong PE, Wei ZH, Feng XI, Dai ZH, Yang GA, Chen DQ (2012) Secure cloud storage based on cryptographic techniques. J China Univ Posts Telecommun 19:182–189. https://doi.org/10.1016/S1005-8885(11)60424-X

    Article  Google Scholar 

  • Phad Vitthal S, Bhosale Rajkumar S, Panhalkar Archana R (2011) A novel security scheme for secret data using cryptography and steganography. Int J Comput Netw Inf Secur 2:36–42

    Google Scholar 

  • Patil P, Narayankar P, Narayan DG, Meena SM (2016) A comprehensive evaluation of cryptographic algorithms: Des, 3des, aes, rsa and blowfish. Proc Comput Sci 322(78):617–624. https://doi.org/10.1016/j.procs.2016.02.108

    Article  Google Scholar 

  • Rabin M (1980) Probabilistic algorithm for testing primality. J Number Theory 12:128–138

    Article  MathSciNet  Google Scholar 

  • Raghavendra S, Meghana K, Doddabasappa P, Geeta C, Buyya R, Venugopal K, Iyengar S, Patnaik L (2016) Index generation and secure multi-user access control over an encrypted cloud data. Proc Comput Sci 89:293–300. https://doi.org/10.1016/j.procs.2016.06.062

    Article  Google Scholar 

  • Raghavendra S, Reddy CS, Geeta CM, Buyya R, Venugopal KR, Iyengar SS, Patnaik LM (2016) Survey on data storage and retrieval techniques over encrypted cloud data. Int J Comput Sci Inf Secur (IJCSIS) 14:718

    Google Scholar 

  • Rahmani H, Sundararajan E, Ali ZM, Zin AM (2013) Encryption as a service (eaas) as a solution for cryptography in cloud. Proc Technol 11:1202–1210. https://doi.org/10.1016/j.protcy.2013.12.314 (4th International Conference on Electrical Engineering and Informatics, ICEEI 2013)

    Article  Google Scholar 

  • Reshma V, Gladwin SJ, Thiruvenkatesan C (2019) Pairing-free cp-abe based cryptography combined with steganography for multimedia applications. In: 2019 international conference on communication and signal processing (ICCSP), pp 0501–0505. https://doi.org/10.1109/ICCSP.2019.8698053

  • Tavoli R, Bakhshi M, Salehian F (2016) A new method for text hiding in the image by using LSB. Int J Adv Comput Sci Appl 7:126–32

    Google Scholar 

  • Ruth JA, Sirmathi H, Meenakshi A (2019) Secure data storage and intrusion detection in the cloud using mann and dual encryption through various attacks. IET Inf Secur 13(8):321–329

    Article  Google Scholar 

  • Sajay KR, Babu SS, Vijayalakshmi Y (2019) Enhancing the security of cloud data using hybrid encryption algorithm. J Ambient Intell Humaniz Comput. https://doi.org/10.1007/s12652-019-01403-1

    Article  Google Scholar 

  • Saleh S (2013) A secure data communication system using cryptography and steganography. Int J Comput Netw Commun 5(3):125–137

  • Sarkar MK, Kumar S (2016) Ensuring data storage security in cloud computing based on hybrid encryption schemes. In: 2016 fourth international conference on parallel, distributed and grid computing (PDGC), pp 320–325. https://doi.org/10.1109/PDGC.2016.7913169

  • Schneier B (1996) Applied cryptography, 2 edn. Wiley, Inc, US

  • Shekokar N, Sampat K, Chandawalla C, Shah J (2015) Implementation of fuzzy keyword search over encrypted data in cloud computing. Proc Comput Sci 45:499–505. https://doi.org/10.1016/j.procs.2015.03.089(International Conference on Advanced Computing Technologies and Applications (ICACTA))

    Article  Google Scholar 

  • Singh N, Kaur PD (2015) A hybrid approach for encrypting data on cloud to prevent dos attacks. Int J Database Theory Appl 8:145–154. https://doi.org/10.14257/ijdta.2015.8.3.12

    Article  Google Scholar 

  • Tariq H, Agarwal P (2018) Secure keyword search using dual encryption in cloud computing. Int J Inf Technol 12:1063–1072. https://doi.org/10.1007/s41870-018-0091-6

    Article  Google Scholar 

  • Timothy DP, Santra AK (2017) A hybrid cryptography algorithm for cloud computing security. In: 2017 international conference on microelectronic devices, circuits and systems (ICMDCS), pp 1–5. https://doi.org/10.1109/ICMDCS.2017.8211728

  • Vegh L, Miclea L (2015) Access control in cyber-physical systems using steganography and digital signatures. In: 2015 IEEE international conference on industrial technology (ICIT), pp 1504–1509. https://doi.org/10.1109/ICIT.2015.7125309

  • Venkatraman K, Geetha K (2019) Dynamic virtual cluster cloud security using hybrid steganographic image authentication algorithm. Automatika 60(3):314–321. https://doi.org/10.1080/00051144.2019.1624409

    Article  Google Scholar 

  • Wainer J, Campos CJ, Salinas MD, Sigulem D (2008) Security requirements for a lifelong electronic health record system: an opinion. Open Med Inform J 2:160–165. https://doi.org/10.2174/1874431100802010160

    Article  Google Scholar 

  • Yang Y (2015) Attribute-based data retrieval with semantic keyword search for e-health cloud. J Cloud Comput 4:1–6

    Article  Google Scholar 

  • Zhang R, Liu L (2010) Security models and requirements for healthcare application clouds. In: 2010 IEEE 3rd international conference on cloud computing, pp 268–275. https://doi.org/10.1109/CLOUD.2010.62

  • Zhang Y, Xu C, Ni J, Li H, Shen XS (2019) Blockchain-assisted public-key encryption with keyword search against keyword guessing attacks for cloud storage. IEEE Trans Cloud Comput. https://doi.org/10.1109/TCC.2019.2923222

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Sri Shakthi Institute of Engineering and Technology, Coimbatore, India

    P. Chinnasamy

  2. Department of Computer Science and Engineering, Kalasalingam Academy of Research and Education, Kirshnankoil, 626126, India

    P. Deepalakshmi

Authors
  1. P. Chinnasamy
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. P. Deepalakshmi
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to P. Chinnasamy.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chinnasamy, P., Deepalakshmi, P. HCAC-EHR: hybrid cryptographic access control for secure EHR retrieval in healthcare cloud. J Ambient Intell Human Comput 13, 1001–1019 (2022). https://doi.org/10.1007/s12652-021-02942-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12652-021-02942-2

Keywords