Skip to main content
SpringerLink
Log in

Privacy preserving secure data exchange in mobile P2P cloud healthcare environment

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Cloud computing technology offers the possibility of inter-organizational medical data sharing at a larger scale. The different organizations can maintain their own cloud environment while exchanging healthcare data among them in a peer-to-peer(P2P) fashion according to some defined polices. However, there are many security and privacy challenges that hamper the adoption of cloud computing solutions in healthcare domain. Besides, due to the privacy sensitivity of healthcare data, an organization may not wish to disclose its identity to others when exchanging data in the network to avoid different attacks by the intruders. Hence, anonymously authenticated data exchange is essential between the different peer organizations. In this paper we propose an anonymous on-the-fly secure data exchange protocol for such environment based on pairing-based cryptography. Our proposed solution allows cloud peers to dynamically generate temporary identities that are used to produce a session key for each session of data exchange. The proposed protocol is robust against different attacks, such as target-oriented, man-in-the middle, masquerade, and message manipulation attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Fuxman A, Kolaitis PG, Miller RJ, Tan WC (2005) Peer data exchange. In ACM Trans Database Syst 31(4):1454–1498

    Article  Google Scholar 

  2. Beeri C, Vardi MY (1984) A proof procedure for data dependencies. In JACM 31(4):718–741

    Article  MathSciNet  MATH  Google Scholar 

  3. Halevy AY, Ives ZG, Suciu D, Tatarinov I (2003) Schema mediation in peer data management system. In: Proceedings of the international conference on data engineering, pp 505–516

  4. Halevy AY, Ives ZG, Madhavan J, Mork P, Suciu D, Tatarinov I (2004) The piazza peer-data management system. In IEEE Trans Knowl Data Eng (TKDE) 16(7):787–798

    Article  Google Scholar 

  5. Serafini L, Giunchiglia F, Molopoulos J, Bernstein P (2003) Local relational model: a logocal formalization of database coordination. Technical Report, Informatica e Telecomunicazioni, University of Trento

  6. Rodriguez-Gianolli P, Garzetti M, Jiang L, Kementsietsidis A, Kiringa I, Masud M, Miller R, Mylopoulos J (2005) Data sharing in the hyperion peer database system. In: Proceedings of the international conference on very large data bases (VLDB), pp 1291–1294

  7. Kementsietsidis A, Arenas M, Miller RJ (2003) Mapping data in peer-to-peer systems: semantics and algorithmic issues. In: Proceedings of the international conference on the management of data (ACMSIGMOD), pp 325–336

  8. Miller V (1986) Uses of elliptic curves in cryptography. In: Crypto’85 on advances in cryptology. Lecture Notes in Computer Science, vol 218. Springer, Berlin Heidelberg, pp 417– 426

  9. Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48:203–209

    Article  MathSciNet  MATH  Google Scholar 

  10. Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and RSA on 8-bit CPUs. Workshop on cryptographic hardware and embedded systems (CHES), pp 119–132

  11. Oliveira LB, Dahab R (2006) Pairing-based cryptography for sensor networks. In: 5th IEEE international symposium on network computing and applications (NCA’06), USA

  12. Shamir A (1984) Identity-based cryptosystems and signature schemes. In: CRYPTO’84 on advances in cryptology. Springer, Berlin Heidelberg, pp 47–53

  13. Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Proceedings of the CRYPTO 2001, LNCS 2139. Springer, Berlin Heidelberg, pp 213–229

  14. Sakai R, Ohgishi K, Kasahara M (2000) Cryptosystems based on pairing. In: Proceedings of the symposium on cryptography and information security (SCIS2000), pp 26–28

  15. Joux A, Nguyen K (2001) Separating decision Diffie-Hellman from Diffie-Hellman in cryptographic groups. Cryptology ePrint Archive, Report 2001/03, available at http://eprint.iacr.org/2001/03/

  16. Rahman Sk Md M, Masud M, Adams C, El-Khatib K, Mouftah H, Okamoto E (2010) Pair-wise cryptographic models for secure data exchange in P2P database management systems. Cryptology ePrint Archive: Report 2010/085 (a technical report); available at http://eprint.iacr.org/2010/085

  17. Balfanz D, Durface G, Shankar N et al (2003) Secure handshakes from pairing-based key agreements. IEEE symposium on security and privacy

  18. The Tate Pairing available at http://www.computing.dcu.ie/%7Emike/tate.html

  19. Elliptic Curve Cryptography Tutorial http://www.certicom.com/index.php/ecc

  20. Rahman Sk Md M, Inomata A, Okamoto T, Mambo M, Okamoto E (2007) Anonymous secure communication in wireless mobile ad-hoc networks. In: Stajano F et al (eds) Springer lecture notes in computer science LNCS 4412, pp 140– 149

  21. Rahman Sk Md M, Inomata A, Mambo M, Okamoto E (2006) Anonymous on-demand position-based routing in mobile ad-hoc networks. In: IPSJ digital courier, vol 2, pp 524–536

  22. Popescu BC, Crispo B, Tanenbaum A S Popescu BC, Crispo B, Tanenbaum AS (2006) Safe and private data sharing with turtle: friends team-up and beat the system. In: Christianson B et al (eds) Lecture notes in computer science (LNCS 3957), security protocols 2004. Springer, Berlin, pp 213–220

  23. Raymond J-F (2001) Traffic analysis: protocols, attacks, design issues and open problems. In: Proceedings of PET’01, vol 2009, LNCS. Springer, pp 10–29

  24. Shim K (2003) Efficient one round tripartite authenticated key agreement protocol from Weil pairing. Electron Lett 39(2):208–209

    Article  Google Scholar 

  25. Sun H-M, Hsieh B-T (2003) Security analysis of Shim’s authenticated key agreement protocols from pairings. IACR Cryptology ePrint Archive, 113. available at http://eprint.iacr.org/2003/113

  26. Barreto PSLM, Kim HY, Lynn B, Scott M (2002) Efficient algorithms for pairing-based cryptosystems. In: Yung M (ed) Proceedings of CRYPTO 2002 advances in cryptology, LNCS 2442. Springer, Berlin Heidelberg, pp 354– 368

  27. Doukas C, Pliakas T, Maglogiannis I (2010) Mobile healthcare information management utilizing cloud computing and android OS. In: 2010 annual international conference of the IEEE engineering in medicine and biology society (EMBC), pp 1037–1040

  28. Chenguang H, Fan X, Li Y (2013) Toward ubiquitous healthcare services with a novel efficient cloud platform. IEEE Trans Biomed Eng 60(1):230–234

    Article  Google Scholar 

  29. Babaoglu O, Marzolla M (2014) Escape from the data center: the promise of peer-to-peer cloud computing. IEEE Spectr

  30. Zhijia C et al (2009) Rapid provisioning of cloud infrastructure leveraging peer-to-peer networks. In: 29th IEEE international conference on ICDCS workshops, distributed computing systems workshops, 2009

  31. Pearson S (2009) Taking account of privacy when designing cloud computing services. In: ICSE workshop on software engineering challenges of cloud computing, 2009. CLOUD 2009

  32. Pearson S, Shen Y, Mowbray M (2009) A privacy manager for cloud computing. In: Cloud computing, pp 90–106

  33. Itani W, Kayssi A, Chehab A (2009) Privacy as a service: privacy- aware data storage and processing in cloud computing architectures. In: IEEE international conference on dependable, autonomic and secure computing, pp 711–716

  34. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: IEEE INFOCOM 2010, San Diego

  35. Van Dijk M, Juels A (2010) On the impossibility of cryptography alone for privacy-preserving cloud computing. IACR ePrint, vol 305

  36. Grobauer B, Walloschek T, Stocker E (2011) Understanding cloud computing vulnerabilities. IEEE Secur Priv 9(2):50–57

    Article  Google Scholar 

  37. Rahman Sk Md M, Masud M, Noman ANM, Alamri A, Hassan MM (2014) Towards secure data exchange in peer-to-peer data management systems. Appl Math Inf Sci 8(6):2775– 2787

    Article  Google Scholar 

  38. Masud M, Rahman Sk Md M (2012) Secure data exchange in P2P data sharing systems in eHealth perspective. IJCSI International Journal of Computer Science Issues, ISSN (Online): 1694-0814, vol 9, issue 6, No 2, pp 36-42

  39. Rahman Sk Md M, Masud Md M, Adams C, El-Khatib K, Mouftah H, Okamoto E (2011) Cryptographic security models for eHealth P2P database management systems network. In: IEEE 2011 9th annual conference on privacy, security and trust (PST2011), Montreal

  40. Rahman Sk Md M, Masud Md M, Adams C, Mouftah H, Inomata A (2011) Session-wise private data exchange in eHealth peer-to-peer database management systems. In: IEEE international conference on intelligence and security informatics (ISI2011), Beijing

  41. Shini S, Thomas T, Chithraranjan K (2012) Cloud based medical image exchange-security challenges. In: Proceedings of international conference on modelling, optimization and computing

  42. Ratnam KA, Dominic DD (2012) Cloud services enhancing the Malaysian Healthcare sector. In: Proceedings of international conference on computer and information science

  43. Basu S et al (2012) Fusion: managing healthcare records at cloud scale. Computer 11:42–49

    Article  Google Scholar 

  44. Guo L, Chen F, Chen L, Tang X (2010) The building of cloud computing environment for E-health. In: Proceedings of international conference on E-Health networking, digital ecosystem and technologies

  45. Li M et al (2011) Authorized private keyword search over encrypted data in cloud computing. In: 2011 31st international conference on distributed computing systems (ICDCS). IEEE

  46. Li M et al (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems 24.1: 131–143

    Article  Google Scholar 

  47. Chen T-S et al (2012) Secure dynamic access control scheme of PHR in cloud computing. J Med Syst 36.6:4005–4020

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported by NSTIP strategic technologies program number (12-INF2613-02) in the Kingdom of Saudi Arabia.

Author information

Authors and Affiliations

  1. Information Systems Department, College of Computer and Information Sciences(CCIS), Research Chair of Pervasive and Mobile Computing, King Saud University, Riyadh, KSA

    Sk. Md. Mizanur Rahman, Mohammad Mehedi Hassan & Atif Alamri

  2. Software Engineering Department, College of Computer and Information Sciences(CCIS), King Saud University, Riyadh, KSA

    M. Anwar Hossain & Abdulhameed Alelaiwi

  3. Computer Science Department, Taif University, Taif, KSA

    Md. Mehedi Masud

Authors
  1. Sk. Md. Mizanur Rahman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Md. Mehedi Masud
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. M. Anwar Hossain
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abdulhameed Alelaiwi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohammad Mehedi Hassan
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Atif Alamri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sk. Md. Mizanur Rahman.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rahman, S.M.M., Masud, M.M., Hossain, M.A. et al. Privacy preserving secure data exchange in mobile P2P cloud healthcare environment. Peer-to-Peer Netw. Appl. 9, 894–909 (2016). https://doi.org/10.1007/s12083-015-0334-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-015-0334-2

Keywords

Search

Navigation