Psdot 4 scalable and secure sharing of personal health records in cloud computing


Published on


Published in: Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Psdot 4 scalable and secure sharing of personal health records in cloud computing

  1. 1. SCALABLE AND SECURE SHARING OF PERSONAL HEALTH RECORD IN CLOUD COMPUTING USING ATTRIBUTE-BASED ENCRYPTIONOBJECTIVES: Personal Health Record has emerged as a patient-centric model of healthinformation exchange.PROBLEM DEFINITION: Many old people have the need of long-term medication, and often takeseveral kinds of medicine at the same time. Almost every one of them knowsthe frustration of missing doses and the worry about potential interactionsamong the medicine.ABSTRACT: A Personal Health Record service allows a patient to create, manage, andcontrol her personal health data in one place through the web, which has madethe storage, retrieval, and sharing of the medical information more efficient.Especially, each patient is promised the full control of her medical records andcan hare her health data with a wide range of users, including healthcareproviders, family members or friends. Due to the high cost of building andmaintaining specialized data centres, many Personal Health Record services areoutsourced to or provided by third-party service providers, for example,Microsoft HealthVault1. Recently, architectures of storing Personal HealthRecord in cloud computing have been proposed in. While it is exciting to haveconvenient Personal Health Record services for everyone, there are manysecurity and privacy risks the value of home-based health monitoring has been
  2. 2. recognized lately Studies 24-hour ambulatory monitoring System whichPerform home-based health monitoring tasks. In our framework, there aremultiple SDs, multiple owners, multiple AAs, and multiple users. In addition,The attribute hierarchy of files – leaf nodes are atomic file categories whileinternal nodes are compound categories. Dark boxes are the categories that aPSD’s data reader has access to. two ABE systems re involved: for each PSDthe YWRL’s revocable KP-ABE scheme is adopted; for each PUD, ourproposed revocable MA-ABE scheme is used. The framework is illustrated inWe term the users having read and write access as data readers and contributors,respectively, System Setup and Key Distribution. The system first defines acommon universe of data attributes shared by every PSD, such as “basicprofile”, “medical history”, “allergies”, and “prescriptions”. An emergencyattribute is also defined for break-glass access. Each Personal Health Recordowner’s client application generates its corresponding public/master keys. Thepublic keys can be published via user’s profile in an online healthcare social-network (HSN). There are two ways for distributing secret keys. First, whenfirst using the Personal Health Record service, a Personal Health Record ownercan specify the access privilege of a data reader in her PSD the Personal HealthRecord owner via HSN, and the owner will grant her a subset of requested datatypes. Based on that, the policy engine of the application automatically derivesan access structure, and runs KEYGEN of KP-ABE to generate the user secretkey that embeds her access structure. In addition, the data attributes can beorganized in a hierarchical manner for efficient policy generation; see when theuser is granted all the file types under a category, her access privilege will berepresented by that category instead.
  3. 3. Personal Health Record is an emerging patient-centric model of healthinformation exchange, which is often outsourced to be stored at a third party,such as cloud providers. However, there have been wide privacy concerns aspersonal health information could be exposed to those third party servers and tounauthorized parties.EXISTING SYSTEM: We consider a Personal Health Record system where there are multiplePersonal Health Record owners and Personal Health Record users. The ownersrefer to patients who have full control over their own Personal Health Recorddata, i.e., they can create, manage and delete it. There is a central serverbelonging to the Personal Health Record service provider that stores all theowners’ Personal Health Record. The users may come from various aspects; forexample, a friend, a caregiver or a researcher. Users access the Personal HealthRecord documents through the server in order to read or write to someone’sPERSONAL HEALTH RECORD, and a user can simultaneously have access tomultiple owners’ data. A typical Personal Health Record system uses standarddata formats. For example, continuity-of-care (CCR) (based on XML datastructure), which is widely used in representative PERSONAL HEALTHRECORD systems including Indio, an open-source Personal Health Recordsystem adopted by Boston Children’s Hospital. Due to the nature of XML, thePersonal Health Record files are logically organized by their categories in ahierarchical way.
  4. 4. DISADVANTAGE:  Difficult for long-term medication  Several kinds of medicine Diagnosing  Frustration of missing doses  Manual Insurance ClimbingPROPOSED SYSTEM: To assure the patients’ control over their own Personal Health Record, itis a promising method to encrypt the Personal Health Record beforeoutsourcing. Yet, issues such as risks of privacy exposure, scalability in keymanagement, flexible access and efficient user revocation, have remained themost important challenges toward achieving fine- rained, cryptographicallyenforced data access control. In this paper, we propose a novel patient-centricframework and a suite of mechanisms for data access control to Personal HealthRecord stored in semi-trusted servers. To achieve fine-grained and scalable dataaccess control for Personal Health Record, we leverage attribute basedencryption (ABE) techniques to encrypt each patient’s Personal Health Recordfile. Different from previous works in secure data outsourcing, we focus on themultiple data owner scenario, and divide the users in the Personal HealthRecord system into multiple security domains that greatly reduces the keymanagement complexity for owners and users. A high degree of patient privacyis guaranteed simultaneously by exploiting multi-authority ABE. Our schemealso enables dynamic modification of access policies or file attributes, supportsefficient on-demand user/attribute revocation and break-glass access underemergency scenarios.
  5. 5. ADVANTAGE: Extensive analytical and experimental results are presented which shows  scalability  security  Efficiency. Of our Proposed Scheme.ALGORITHM USED: 1. MD 5(Message-Digest) 2. AES(Advanced Encryption Standard) 3. DES(Data Encryption Standard) 4. Triple DES.BLOCK DIAGRAM: PHR Owner CLOUD EMERGENCY DEPARTMENT Personal Information, SERVER Current License, Sensitive Diagnosis Information Like HIV etc. HOSPITAL’s, Physicians, MD, Internal Medicine INSURANCE COMPANY License Of Physicians, Nurses, M.D, Medical Health Insurance Information’s & Examination Reports Of Information’s Of Patients Patients
  6. 6. SYSTEM REQUIREMENTS: Hardware Requirements: System : Pentium IV 2.4 GHz. Hard Disk : 40 GB. Floppy Drive : 1.44 Mb. Monitor : 15 VGA Colour. Mouse : Logitech. Ram : 512 Mb. Software Requirements: Operating system : Windows XP. Coding Language : ASP.Net with C# Data Base : SQL ServerAPPLICATIONS: 1. Hospital Management 2. Medical Stores 3. Health Care Website