Building a dynamic searchable encrypted medical database for multi-client

Lei Xu, Chungen Xu, Joseph K. Liu, Cong Zuo, Peng Zhang

Research output: Contribution to journalArticleResearchpeer-review

Abstract

E-medical record is an emerging health information exchange model based on cloud computing. As cloud computing allows companies and individuals to outsource their data and computation, the medical data is always stored at a third party such as cloud, which brings a variety of risks, such as data leakage to the untrusted cloud server, unauthorized access or modification operations. To assure the confidentiality of the data, the data owner needs to encrypt the sensitive data before uploading to the third party. Yet, issues like encrypted data search, flexible access and control on sensitive data have also remained the most significant challenges. In this paper, we investigate a novel searchable encrypted e-medical framework for multi-client which provides both confidentiality and searchability. Different from previous privacy protecting works in secure data outsourcing, we focus on providing a fine-grained access control encrypted data search scheme including clients and data. Our scheme also enables secure data update of the encrypted database by leveraging a secure dynamic searchable encryption. Furthermore, we implement the proposed scheme based on some existed cryptography library, and conduct several experiments on a selected dataset to evaluate its performance. The results demonstrate that our scheme provides a balance between security and efficiency.

Original languageEnglish
Number of pages28
JournalInformation Sciences
DOIs
Publication statusPublished - 19 May 2019

Keywords

  • Access and control
  • E-medical record
  • Encrypted data search
  • Multi-client

Cite this

@article{ed0355cf4da540acbd4ec0f5ff13e9b5,
title = "Building a dynamic searchable encrypted medical database for multi-client",
abstract = "E-medical record is an emerging health information exchange model based on cloud computing. As cloud computing allows companies and individuals to outsource their data and computation, the medical data is always stored at a third party such as cloud, which brings a variety of risks, such as data leakage to the untrusted cloud server, unauthorized access or modification operations. To assure the confidentiality of the data, the data owner needs to encrypt the sensitive data before uploading to the third party. Yet, issues like encrypted data search, flexible access and control on sensitive data have also remained the most significant challenges. In this paper, we investigate a novel searchable encrypted e-medical framework for multi-client which provides both confidentiality and searchability. Different from previous privacy protecting works in secure data outsourcing, we focus on providing a fine-grained access control encrypted data search scheme including clients and data. Our scheme also enables secure data update of the encrypted database by leveraging a secure dynamic searchable encryption. Furthermore, we implement the proposed scheme based on some existed cryptography library, and conduct several experiments on a selected dataset to evaluate its performance. The results demonstrate that our scheme provides a balance between security and efficiency.",
keywords = "Access and control, E-medical record, Encrypted data search, Multi-client",
author = "Lei Xu and Chungen Xu and Liu, {Joseph K.} and Cong Zuo and Peng Zhang",
year = "2019",
month = "5",
day = "19",
doi = "10.1016/j.ins.2019.05.056",
language = "English",
journal = "Information Sciences",
issn = "0020-0255",
publisher = "Elsevier",

}

Building a dynamic searchable encrypted medical database for multi-client. / Xu, Lei; Xu, Chungen; Liu, Joseph K.; Zuo, Cong; Zhang, Peng.

In: Information Sciences, 19.05.2019.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Building a dynamic searchable encrypted medical database for multi-client

AU - Xu, Lei

AU - Xu, Chungen

AU - Liu, Joseph K.

AU - Zuo, Cong

AU - Zhang, Peng

PY - 2019/5/19

Y1 - 2019/5/19

N2 - E-medical record is an emerging health information exchange model based on cloud computing. As cloud computing allows companies and individuals to outsource their data and computation, the medical data is always stored at a third party such as cloud, which brings a variety of risks, such as data leakage to the untrusted cloud server, unauthorized access or modification operations. To assure the confidentiality of the data, the data owner needs to encrypt the sensitive data before uploading to the third party. Yet, issues like encrypted data search, flexible access and control on sensitive data have also remained the most significant challenges. In this paper, we investigate a novel searchable encrypted e-medical framework for multi-client which provides both confidentiality and searchability. Different from previous privacy protecting works in secure data outsourcing, we focus on providing a fine-grained access control encrypted data search scheme including clients and data. Our scheme also enables secure data update of the encrypted database by leveraging a secure dynamic searchable encryption. Furthermore, we implement the proposed scheme based on some existed cryptography library, and conduct several experiments on a selected dataset to evaluate its performance. The results demonstrate that our scheme provides a balance between security and efficiency.

AB - E-medical record is an emerging health information exchange model based on cloud computing. As cloud computing allows companies and individuals to outsource their data and computation, the medical data is always stored at a third party such as cloud, which brings a variety of risks, such as data leakage to the untrusted cloud server, unauthorized access or modification operations. To assure the confidentiality of the data, the data owner needs to encrypt the sensitive data before uploading to the third party. Yet, issues like encrypted data search, flexible access and control on sensitive data have also remained the most significant challenges. In this paper, we investigate a novel searchable encrypted e-medical framework for multi-client which provides both confidentiality and searchability. Different from previous privacy protecting works in secure data outsourcing, we focus on providing a fine-grained access control encrypted data search scheme including clients and data. Our scheme also enables secure data update of the encrypted database by leveraging a secure dynamic searchable encryption. Furthermore, we implement the proposed scheme based on some existed cryptography library, and conduct several experiments on a selected dataset to evaluate its performance. The results demonstrate that our scheme provides a balance between security and efficiency.

KW - Access and control

KW - E-medical record

KW - Encrypted data search

KW - Multi-client

UR - http://www.scopus.com/inward/record.url?scp=85066116714&partnerID=8YFLogxK

U2 - 10.1016/j.ins.2019.05.056

DO - 10.1016/j.ins.2019.05.056

M3 - Article

JO - Information Sciences

JF - Information Sciences

SN - 0020-0255

ER -