SlideShare a Scribd company logo

kpit ppt

Download as PPTX, PDF
Manoj Kumar K.M
Manoj Kumar K.M
1 of 15
Cloud-based Architecture for e-HealthWireless sensor networks K. M. Manoj Kumar, K. Kaviyarasan B.Tech IT FinalYr., Kongunadu college of Engg. &Tech,TRICHY
INTRODUCTION • Recent advances in medical sensors and wireless technologies have enabled the development of senor nodes capable of sensing, processing and communicating several physiological signs • These lightweight miniaturized nodes collaborate to form a wireless sensor network (WSN) that simplify the supervision of patients’ health • Proposed solutions have adopted a common architecture with three main components: BodyArea Networks (BAN), gateways, and remote monitoring system • In this paper, we address the challenge of data management in wireless sensor networks for patient supervision
ABSTRACT • There has been a host of research works on wireless sensor networks for medical applications. • However, the major shortcoming of these efforts is a lack of consideration of data management, which is not solved by existing architectures. • In this paper, we propose an innovative architecture for collecting and accessing large amount of data generated by medical sensor networks. • Furthermore, we propose an effective and flexible security mechanism that guarantees confidentiality, integrity as well as fine grained access control to outsourced medical data.
FOLDS OFTHIS WORK • First: A new cloud based architecture for medical wireless sensor networks • Second: How we guarantee the confidentiality and the integrity of outsourced medical data without involving patients or doctors interventions • Third: An innovative access control which allows implementing complex and dynamic security policies necessary to medical application • More specifically, we combine Cipher text Policy Attribute Based Encryption (CPABE) and symmetric encryption to achieve fine grained access with low computation overhead.
OUR PROPOSED ARCHITECTURE 1. TheWSN which collects health information from patients 2. The monitoring applications which allow healthcare professionals to access to stored data 3. The Healthcare Authority ( HA ) which specifies and enforces the security policies of the healthcare institution 4. The cloud servers which ensure data storage.
ABE & HA • To achieve fine-grained access control, we can use Attribute Based Encryption (ABE) to encrypt data before storing them on the cloud • In ABE, data are encrypted with an access structure which is the logical expression of the access policy • An entity called Healthcare Authority (HA) specifies and enforces the security policies of the healthcare institution . It define rules as “who can access to what”. • WSN enables supervision of the patient • Sensor nodes are carried by the patient to collect different health data such as heart beats, motion and physiological signals • The gateway aggregates the different health data into a file and encrypts it using the RSK
ATTRIBUTE-BASED ENCRYPTION • The ABE technique extends the identity- based encryption to enable expressive access policies and fine-grained access to encrypted data • Universal attributes set (U): Set of all attributes that describe data properties, user properties and environment properties. • Access structure:Access policy that designs who can access to what. It is built from an access tree (T) which can be seen as a logical expression combining several attributes through AND, OR or other operators
Cipher text-Policy Attribute-Based Encryption (CP-ABE) • Setup: Defines the universal attributes set (U) , computes the public key (PK) and the master key (MK). • Encryption (PK, M, A):Takes input the public key PK, message M, and an access structure A built over the universal attributes set (U). Gives as output the ciphertext CT. Only users having a set of attributes corresponding to the access structure A can decrypt the ciphertext ( CT ) • Key generation (MK, S):Takes as input a master key MK and the user set of attributes S and generates the user’s secret key SK. • Decryption (PK, CT, SK):Takes as input the public key PK, the ciphertext CT and a secret key SK. It returns a message M that is plaintext of CT
Security implementation 1. System initialization: At the installation of our architecture, the HA creates the universal attributes set and calls the ABE setup algorithm to generate the master key (Mk) and the public key (Pk). 2. Adding new user • The HA generates private/public keys (PrivP, PubP) for the patient P. • The HA calls the key generation algorithm of CPABE to generate the secret key SKP. Furthermore, it builds the access structure ARP that the patient P will use to encrypt his health data. • The HA asks the cloud to add the patient P to the users lists. • Upon receiving the patient addition request, the cloud adds the patient P and his public key PubP to the users list (LU). • When the patient’s gateway establishes a connection to the HA for the first time, it receives the corresponding secret key SKP, access structure ARP and private key PrivP.
3) Health data management: 1) Assigns a unique identifier ID to the health data file F 2) Generates a random secret key RSK for a symmetric cryptography algorithm 3) Computes H the hash value of the file F 4) Uses RSK to encrypt the concatenation of the file F and the hash value H 5) Encrypts RSK with CP-ABE encryption algorithm according to the access structure ARP 6) Sends to the cloud the following data : Id {RSk}ARP {(Data+H)}RSK
Medical data management 1) Assigns a unique identifier ID to the medical data file F 2) Generates a random secret key RSK for a symmetric cryptography algorithm 3) Generates a random password PASS for protecting controlling the write access 4) Computes H the hash value of the file F 5) Uses RSK to encrypt the concatenation of the file F and the hash value H 6) Encrypts RSK with CP-ABE encryption algorithm according to the read access structure ARHP 7) Encrypts PASS with CP-ABE encryption algorithm according to the write access structure AWHP 8) Encrypts PASS with the public key of the cloud 9) Sends to the cloud the following data : Id {RSk}ARHP {PASS}AWHP {PASS}PubCloud {(Data+H)}RSK
SECURITY AND PERFORMANCE ANALYSIS Algorithm Operation AS1 AS2 AS3 AS4 ABE Encryption (s) 2,87 2,21 2,55 3 , 86 Decryption (s) 1,60 1,70 1,79 2 , 80
CONCLUSION • We proposed a secure and scalable architecture that leverages cloud computing technology to dynamically scale storage resources via on demand provisioning • We developed a fine grained access control that combines attributes based encryption and symmetric cryptography.This combination reduced the management overhead and the encryption/decryption time as showed by our preliminary performance evaluation • In future works, we plan to use distributed attribute-based encryption to have multi healthcare authorities.
THANK YOU
QUERIES??

Recommended

Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Naveena N
 
secured storage of Personal health record in cloude
secured storage of Personal health record in cloudesecured storage of Personal health record in cloude
secured storage of Personal health record in cloudeMahaveer kandgule
 
Scalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordsScalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordscolourswathi
 
phr
phrphr
phrkajol agarwal
 
Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...shreyank byadagi
 
Efficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingEfficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingNaveena N
 
Scalable and secure sharing of personal health records in cloud computing us...
Scalable and secure sharing of personal health records in cloud computing us...Scalable and secure sharing of personal health records in cloud computing us...
Scalable and secure sharing of personal health records in cloud computing us...Duraiyarasan S
 
Psdot 4 scalable and secure sharing of personal health records in cloud compu...
Psdot 4 scalable and secure sharing of personal health records in cloud compu...Psdot 4 scalable and secure sharing of personal health records in cloud compu...
Psdot 4 scalable and secure sharing of personal health records in cloud compu...ZTech Proje
 

Recommended

Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Naveena N
 
secured storage of Personal health record in cloude
secured storage of Personal health record in cloudesecured storage of Personal health record in cloude
secured storage of Personal health record in cloudeMahaveer kandgule
 
Scalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordsScalable and secure sharing of personal health records
Scalable and secure sharing of personal health recordscolourswathi
 
phr
phrphr
phrkajol agarwal
 
Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...Scalable and secure sharing of public health record using attribute based Enc...
Scalable and secure sharing of public health record using attribute based Enc...shreyank byadagi
 
Efficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingEfficient sharing of personal health records using encryption in cloud computing
Efficient sharing of personal health records using encryption in cloud computingNaveena N
 
Scalable and secure sharing of personal health records in cloud computing us...
Scalable and secure sharing of personal health records in cloud computing us...Scalable and secure sharing of personal health records in cloud computing us...
Scalable and secure sharing of personal health records in cloud computing us...Duraiyarasan S
 
Psdot 4 scalable and secure sharing of personal health records in cloud compu...
Psdot 4 scalable and secure sharing of personal health records in cloud compu...Psdot 4 scalable and secure sharing of personal health records in cloud compu...
Psdot 4 scalable and secure sharing of personal health records in cloud compu...ZTech Proje
 
Private & Secure Data Tx Presentation I (1).pptx
Private & Secure Data Tx Presentation I (1).pptxPrivate & Secure Data Tx Presentation I (1).pptx
Private & Secure Data Tx Presentation I (1).pptxKomal526846
 
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...IRJET Journal
 
Cloud Based Privacy Preserving Data Encryption
Cloud Based Privacy Preserving Data EncryptionCloud Based Privacy Preserving Data Encryption
Cloud Based Privacy Preserving Data EncryptionIRJET Journal
 
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringTowards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringMd Jobair Hossain Faruk
 
Electronic Health Records (EHR) storage using blockchain
Electronic Health Records (EHR) storage using blockchainElectronic Health Records (EHR) storage using blockchain
Electronic Health Records (EHR) storage using blockchainIRJET Journal
 
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...CloudTechnologies
 
PHR PPT (1).pptx
PHR PPT (1).pptxPHR PPT (1).pptx
PHR PPT (1).pptxVarunJain966586
 
Patient Privacy Control for Health Care in Cloud Computing System
Patient Privacy Control for Health Care in Cloud Computing SystemPatient Privacy Control for Health Care in Cloud Computing System
Patient Privacy Control for Health Care in Cloud Computing SystemIRJET Journal
 
Ijcatr04051002
Ijcatr04051002Ijcatr04051002
Ijcatr04051002Editor IJCATR
 
1. Application Security Administrator – Keep software / apps safe and secure...
1. Application Security Administrator – Keep software / apps safe and secure...1. Application Security Administrator – Keep software / apps safe and secure...
1. Application Security Administrator – Keep software / apps safe and secure...BalajiKoushikS
 
please give only correct option in given options?.PPT
please give only correct option in given options?.PPTplease give only correct option in given options?.PPT
please give only correct option in given options?.PPTBalajiKoushikS
 
Network Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarNetwork Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarDr. Shivashankar
 
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...IJSRD
 
Enhancing the Security for Clinical Document Architecture Generating System u...
Enhancing the Security for Clinical Document Architecture Generating System u...Enhancing the Security for Clinical Document Architecture Generating System u...
Enhancing the Security for Clinical Document Architecture Generating System u...IRJET Journal
 
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...IRJET Journal
 
Improved ciphertext-policy time using short elliptic curve Diffie–Hellman
Improved ciphertext-policy time using short elliptic curve Diffie–HellmanImproved ciphertext-policy time using short elliptic curve Diffie–Hellman
Improved ciphertext-policy time using short elliptic curve Diffie–HellmanIJECEIAES
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityPriyadharshiniVS
 
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...NAUMAN MUSHTAQ
 
Kg3617691773
Kg3617691773Kg3617691773
Kg3617691773IJERA Editor
 
Secure Personal Health Records Using Encryption
Secure Personal Health Records Using Encryption Secure Personal Health Records Using Encryption
Secure Personal Health Records Using Encryption Editor IJCATR
 

More Related Content

Similar to kpit ppt

Private & Secure Data Tx Presentation I (1).pptx
Private & Secure Data Tx Presentation I (1).pptxPrivate & Secure Data Tx Presentation I (1).pptx
Private & Secure Data Tx Presentation I (1).pptxKomal526846
 
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...IRJET Journal
 
Cloud Based Privacy Preserving Data Encryption
Cloud Based Privacy Preserving Data EncryptionCloud Based Privacy Preserving Data Encryption
Cloud Based Privacy Preserving Data EncryptionIRJET Journal
 
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringTowards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringMd Jobair Hossain Faruk
 
Electronic Health Records (EHR) storage using blockchain
Electronic Health Records (EHR) storage using blockchainElectronic Health Records (EHR) storage using blockchain
Electronic Health Records (EHR) storage using blockchainIRJET Journal
 
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...CloudTechnologies
 
Patient Privacy Control for Health Care in Cloud Computing System
Patient Privacy Control for Health Care in Cloud Computing SystemPatient Privacy Control for Health Care in Cloud Computing System
Patient Privacy Control for Health Care in Cloud Computing SystemIRJET Journal
 
1. Application Security Administrator – Keep software / apps safe and secure...
1. Application Security Administrator – Keep software / apps safe and secure...1. Application Security Administrator – Keep software / apps safe and secure...
1. Application Security Administrator – Keep software / apps safe and secure...BalajiKoushikS
 
please give only correct option in given options?.PPT
please give only correct option in given options?.PPTplease give only correct option in given options?.PPT
please give only correct option in given options?.PPTBalajiKoushikS
 
Network Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarNetwork Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarDr. Shivashankar
 
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...IJSRD
 
Enhancing the Security for Clinical Document Architecture Generating System u...
Enhancing the Security for Clinical Document Architecture Generating System u...Enhancing the Security for Clinical Document Architecture Generating System u...
Enhancing the Security for Clinical Document Architecture Generating System u...IRJET Journal
 
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...IRJET Journal
 
Improved ciphertext-policy time using short elliptic curve Diffie–Hellman
Improved ciphertext-policy time using short elliptic curve Diffie–HellmanImproved ciphertext-policy time using short elliptic curve Diffie–Hellman
Improved ciphertext-policy time using short elliptic curve Diffie–HellmanIJECEIAES
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network securityPriyadharshiniVS
 
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...NAUMAN MUSHTAQ
 
Secure Personal Health Records Using Encryption
Secure Personal Health Records Using Encryption Secure Personal Health Records Using Encryption
Secure Personal Health Records Using Encryption Editor IJCATR
 

Similar to kpit ppt (20)

Private & Secure Data Tx Presentation I (1).pptx
Private & Secure Data Tx Presentation I (1).pptxPrivate & Secure Data Tx Presentation I (1).pptx
Private & Secure Data Tx Presentation I (1).pptx
 
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
Dynamic Fine-grained Access Control and Multi-Field Keyword Search in Cloud B...
 
Cloud Based Privacy Preserving Data Encryption
Cloud Based Privacy Preserving Data EncryptionCloud Based Privacy Preserving Data Encryption
Cloud Based Privacy Preserving Data Encryption
 
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient MonitoringTowards Blockchain-Based Secure Data Management for Remote Patient Monitoring
Towards Blockchain-Based Secure Data Management for Remote Patient Monitoring
 
Electronic Health Records (EHR) storage using blockchain
Electronic Health Records (EHR) storage using blockchainElectronic Health Records (EHR) storage using blockchain
Electronic Health Records (EHR) storage using blockchain
 
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
Secure Identity-based Data Sharing and Profile Matching for Mobile Healthcare...
 
PHR PPT (1).pptx
PHR PPT (1).pptxPHR PPT (1).pptx
PHR PPT (1).pptx
 
Patient Privacy Control for Health Care in Cloud Computing System
Patient Privacy Control for Health Care in Cloud Computing SystemPatient Privacy Control for Health Care in Cloud Computing System
Patient Privacy Control for Health Care in Cloud Computing System
 
Ijcatr04051002
Ijcatr04051002Ijcatr04051002
Ijcatr04051002
 
1. Application Security Administrator – Keep software / apps safe and secure...
1. Application Security Administrator – Keep software / apps safe and secure...1. Application Security Administrator – Keep software / apps safe and secure...
1. Application Security Administrator – Keep software / apps safe and secure...
 
please give only correct option in given options?.PPT
please give only correct option in given options?.PPTplease give only correct option in given options?.PPT
please give only correct option in given options?.PPT
 
Network Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarNetwork Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. Shivashankar
 
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
A Survey Paper On Data Confidentiatity And Security in Cloud Computing Using ...
 
Enhancing the Security for Clinical Document Architecture Generating System u...
Enhancing the Security for Clinical Document Architecture Generating System u...Enhancing the Security for Clinical Document Architecture Generating System u...
Enhancing the Security for Clinical Document Architecture Generating System u...
 
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
IRJET- Attribute Based Access Control in Personal Health Records using Cloud ...
 
Improved ciphertext-policy time using short elliptic curve Diffie–Hellman
Improved ciphertext-policy time using short elliptic curve Diffie–HellmanImproved ciphertext-policy time using short elliptic curve Diffie–Hellman
Improved ciphertext-policy time using short elliptic curve Diffie–Hellman
 
Cryptography and network security
Cryptography and network securityCryptography and network security
Cryptography and network security
 
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
Access and Secure Storage Based Block Chain Scheme with IPFS Implemented in E...
 
Kg3617691773
Kg3617691773Kg3617691773
Kg3617691773
 
Secure Personal Health Records Using Encryption
Secure Personal Health Records Using Encryption Secure Personal Health Records Using Encryption
Secure Personal Health Records Using Encryption
 

kpit ppt

  • 1. Cloud-based Architecture for e-HealthWireless sensor networks K. M. Manoj Kumar, K. Kaviyarasan B.Tech IT FinalYr., Kongunadu college of Engg. &Tech,TRICHY
  • 2. INTRODUCTION • Recent advances in medical sensors and wireless technologies have enabled the development of senor nodes capable of sensing, processing and communicating several physiological signs • These lightweight miniaturized nodes collaborate to form a wireless sensor network (WSN) that simplify the supervision of patients’ health • Proposed solutions have adopted a common architecture with three main components: BodyArea Networks (BAN), gateways, and remote monitoring system • In this paper, we address the challenge of data management in wireless sensor networks for patient supervision
  • 3. ABSTRACT • There has been a host of research works on wireless sensor networks for medical applications. • However, the major shortcoming of these efforts is a lack of consideration of data management, which is not solved by existing architectures. • In this paper, we propose an innovative architecture for collecting and accessing large amount of data generated by medical sensor networks. • Furthermore, we propose an effective and flexible security mechanism that guarantees confidentiality, integrity as well as fine grained access control to outsourced medical data.
  • 4. FOLDS OFTHIS WORK • First: A new cloud based architecture for medical wireless sensor networks • Second: How we guarantee the confidentiality and the integrity of outsourced medical data without involving patients or doctors interventions • Third: An innovative access control which allows implementing complex and dynamic security policies necessary to medical application • More specifically, we combine Cipher text Policy Attribute Based Encryption (CPABE) and symmetric encryption to achieve fine grained access with low computation overhead.
  • 5. OUR PROPOSED ARCHITECTURE 1. TheWSN which collects health information from patients 2. The monitoring applications which allow healthcare professionals to access to stored data 3. The Healthcare Authority ( HA ) which specifies and enforces the security policies of the healthcare institution 4. The cloud servers which ensure data storage.
  • 6. ABE & HA • To achieve fine-grained access control, we can use Attribute Based Encryption (ABE) to encrypt data before storing them on the cloud • In ABE, data are encrypted with an access structure which is the logical expression of the access policy • An entity called Healthcare Authority (HA) specifies and enforces the security policies of the healthcare institution . It define rules as “who can access to what”. • WSN enables supervision of the patient • Sensor nodes are carried by the patient to collect different health data such as heart beats, motion and physiological signals • The gateway aggregates the different health data into a file and encrypts it using the RSK
  • 7. ATTRIBUTE-BASED ENCRYPTION • The ABE technique extends the identity- based encryption to enable expressive access policies and fine-grained access to encrypted data • Universal attributes set (U): Set of all attributes that describe data properties, user properties and environment properties. • Access structure:Access policy that designs who can access to what. It is built from an access tree (T) which can be seen as a logical expression combining several attributes through AND, OR or other operators
  • 8. Cipher text-Policy Attribute-Based Encryption (CP-ABE) • Setup: Defines the universal attributes set (U) , computes the public key (PK) and the master key (MK). • Encryption (PK, M, A):Takes input the public key PK, message M, and an access structure A built over the universal attributes set (U). Gives as output the ciphertext CT. Only users having a set of attributes corresponding to the access structure A can decrypt the ciphertext ( CT ) • Key generation (MK, S):Takes as input a master key MK and the user set of attributes S and generates the user’s secret key SK. • Decryption (PK, CT, SK):Takes as input the public key PK, the ciphertext CT and a secret key SK. It returns a message M that is plaintext of CT
  • 9. Security implementation 1. System initialization: At the installation of our architecture, the HA creates the universal attributes set and calls the ABE setup algorithm to generate the master key (Mk) and the public key (Pk). 2. Adding new user • The HA generates private/public keys (PrivP, PubP) for the patient P. • The HA calls the key generation algorithm of CPABE to generate the secret key SKP. Furthermore, it builds the access structure ARP that the patient P will use to encrypt his health data. • The HA asks the cloud to add the patient P to the users lists. • Upon receiving the patient addition request, the cloud adds the patient P and his public key PubP to the users list (LU). • When the patient’s gateway establishes a connection to the HA for the first time, it receives the corresponding secret key SKP, access structure ARP and private key PrivP.
  • 10. 3) Health data management: 1) Assigns a unique identifier ID to the health data file F 2) Generates a random secret key RSK for a symmetric cryptography algorithm 3) Computes H the hash value of the file F 4) Uses RSK to encrypt the concatenation of the file F and the hash value H 5) Encrypts RSK with CP-ABE encryption algorithm according to the access structure ARP 6) Sends to the cloud the following data : Id {RSk}ARP {(Data+H)}RSK
  • 11. Medical data management 1) Assigns a unique identifier ID to the medical data file F 2) Generates a random secret key RSK for a symmetric cryptography algorithm 3) Generates a random password PASS for protecting controlling the write access 4) Computes H the hash value of the file F 5) Uses RSK to encrypt the concatenation of the file F and the hash value H 6) Encrypts RSK with CP-ABE encryption algorithm according to the read access structure ARHP 7) Encrypts PASS with CP-ABE encryption algorithm according to the write access structure AWHP 8) Encrypts PASS with the public key of the cloud 9) Sends to the cloud the following data : Id {RSk}ARHP {PASS}AWHP {PASS}PubCloud {(Data+H)}RSK
  • 12. SECURITY AND PERFORMANCE ANALYSIS Algorithm Operation AS1 AS2 AS3 AS4 ABE Encryption (s) 2,87 2,21 2,55 3 , 86 Decryption (s) 1,60 1,70 1,79 2 , 80
  • 13. CONCLUSION • We proposed a secure and scalable architecture that leverages cloud computing technology to dynamically scale storage resources via on demand provisioning • We developed a fine grained access control that combines attributes based encryption and symmetric cryptography.This combination reduced the management overhead and the encryption/decryption time as showed by our preliminary performance evaluation • In future works, we plan to use distributed attribute-based encryption to have multi healthcare authorities.