Abstract
As cloud computing becomes prevalent, electronic health record (EHR) system has appeared in the form of patient centric, in which more and more sensitive information from patients is being uploaded into the cloud. To protect patients’ privacy, sensitive EHR information has to be encrypted before outsourcing. However, this makes effective data utilization, such as fuzzy keyword search and data sharing, a very challenging problem. In this paper, aiming at allowing for securely storing, sharing and effectively utilizing the EHR, a new cloud-based EHR system is proposed. A binary tree is utilized to store the encrypted records in the proposed scheme, and an attribute-based encryption scheme is applied to encrypt the secret keys. The proposed system is very efficient because only symmetric encryption is introduced to encrypt the records. To support effectively retrieve patients’ records, an efficient fuzzy keyword search over encrypted data is proposed without reliance on heavy cryptographic operations, which greatly enhances system usability by returning the matching files. With rigorous security analysis, we show that the proposed scheme is secure, while it realized privacy-preserving data sharing and fuzzy keyword search. Extensive experimental results illustrate the efficiency of the proposed solution.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bethencourt J, Amit S, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Security and privacy, pp 321–334
Bosch C, Brinkman R, Hartel P, Jonker W (2011) Conjunctive wildcard search over encrypted data. In: Secure data management, pp 114–127
Castiglione A, Pizzolante R, De Santis A, Carpentieri B, Castiglione A, Palmieri F (2015) Cloud-based adaptive compression and secure management services for 3D healthcare data. Future Gener Comput Syst 1(43):120–134
Chase M (2007) Multi-authority attribute based encryption. In: Theory of cryptography, pp 515–534
Curtmola R, Garay J, Kamara S, Ostrovsky R (2006) Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM conference on computer and communications security, pp 79–88
Dong C, Russello G, Dulay N (2011) Shared and searchable encrypted data for untrusted servers. J Comput Secur 19(3):367–397
Elger BS, Iavindrasana J, Iacono LL, Mller H, Roduit N, Summers P, Wright J (2010) Strategies for health data exchange for secondary, cross-institutional clinical research. Comput Methods Progr Biomed 99(3):230–251
Esposito C, Ficco M, Palmieri F, Castiglione A (2013) Interconnecting federated clouds by using publish-subscribe service. Clust Comput 16(4):887–903
Esposito C, Ficco M, Palmieri F, Castiglione A (2015) Smart cloud storage service selection based on fuzzy logic, theory of evidence and game theory. IEEE Trans Comput. doi:10.1109/TC.2015.2389952
Ficco M, Palmieri F, Castiglione A (2014) Modeling security requirements for cloud-based system development [J]. Concurr Comput Pract Exp 27(8):2107–2124. doi:10.1002/cpe.3402
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, pp 89–98
Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of ABE ciphertexts. In: Proceedings of the 20th USENIX conference on security, p 3
Hwang YH, Lee PJ (2007) Public key encryption with conjunctive keyword search and its extension to a multi-user system. In: Pairing-based cryptography-pairing, pp 2–22
Kamara S, Papamanthou C, Roeder T (2012) Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM conference on computer and communications security, pp 965–976
Lee WB, Lee CD (2008) A cryptographic key management solution for HIPPA privacy/security regulations. IEEE Trans Inf Technol Biomed 12(1):34–41
Li J, Wang Q, Wang C, Cao N, Ren K, Lou W (2010) Fuzzy keyword search over encrypted data in cloud computing. In: INFOCOM, pp 1–5
Li J, Jia C, Li J, Chen X (2012a) Outsourcing encryption of attribute-based encryption with mapreduce. In: Information and security, communications, pp 191–201
Li J, Li J, Chen X, Jia C, Liu Z (2012b) Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud. In: Network and system security, pp 490–502
Li J, Chen X, Li J, Jia C, Ma J, Lou W (2013a) Fine-grained access control system based on outsourced attribute-based encryption. In: ESORICS, pp 592–609
Li M, Yu S, Zheng Y, Ren K, Lou W (2013b) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143
Narayan S, Gagn’e M, Safavi-Naini R (2010) Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings of the 2010 ACM workshop on cloud computing security workshop, pp 47–52
Neubauer T, Heurix J (2011) A methodology for the pseudonymization of medical data. Int J Med Inform 80(3):190–204
Popa RA, Zeldovich N (2013) Multi-key searchable encryption. In: IACR cryptology ePrint archive
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: EUROCRYPT, pp 457–473
Song DX, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Security and privacy, pp 44–55
Sun W, Yu S, Lou W, Hou YT, Li H (2014) Protecting your right: attribute-based keyword search with fine-grained owner-enforced search authorization in the cloud. In: INFOCOM, pp 226–234
Van Liesdonk P, Sedghi S, Doumen J, Hartel P, Jonker W (2010) Computationally efficient searchable symmetric encryption. In: Secure data management, pp 87–100
Xhafa F, Li J, Zhao G, et al (2014a) Designing cloud-based electronic health record system with attribute-based encryption[J]. Multimed Tools Appl. doi:10.1007/s11042-013-1829-6
Xhafa F, Wang J, Chen X, Liu JK, Li J, Krause P (2014b) An efficient PHR service system supporting fuzzy keyword search and fine-grained access control. Soft Comput 18(9):1795–1802
Zhao F, Nishide T, Sakurai K (2012) Multi-user keyword search scheme for secure data sharing with fine-grained access controls. In: Information security and cryptology, pp 406–418
Acknowledgments
This work is supported by the National Key Basic Research Program of China (No. 2013CB834204), National Natural Science Foundation of China (Nos. 61272423 and 61300241), National Natural Science Foundation of Tianjin (No. 13JCQNJC00300), Specialized Research Fund for the Doctoral Program of Higher Education of China (No. 20120031120036), and the Open Research Fund of The Academy of Satellite Application (No. 2014 CXJJ-DSJ 03).
Conflict of interest
We declare that we have no financial and personal relationships with other people or organizations that can inappropriately influence our work and that there is no professional or other personal interest of any nature or kind in any product, service and/or company that could be construed as influencing the position presented in, or the review of, the manuscript entitled, “Cloud-based Electronic Health Record System Supporting Fuzzy Keyword Search.”
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by V. Loia.
Rights and permissions
About this article
Cite this article
Liu, Z., Weng, J., Li, J. et al. Cloud-based electronic health record system supporting fuzzy keyword search. Soft Comput 20, 3243–3255 (2016). https://doi.org/10.1007/s00500-015-1699-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-015-1699-0