Skip to main content
SpringerLink
Log in

A novel two phase data sensitivity based access control framework for healthcare data

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

This paper proposes a secure data access control framework that utilizes the attribute values and the user specific usage details to provide secure and fine-grained data access. It aims to minimize the data leakage during data retrieval which is a critical challenge for handling health data. No standard data retrieval policies are in place for preserving the privacy of medical data though any data breach may have a disastrous effect on society. In our proposed framework data is divided into different segments based on data sensitivity and data utility and users are authorized based on attribute details. An Integer Linear Programming (ILP) based solution is designed here to optimize the amount of information a user can retrieve from the application while minimizing the data leakage. The data storage technique and the user authorization technique complement each other to decide upon access to the portion of the information available to that particular user. An experimental result shows the sensitivity score calculation of the data items, ILP based privilege value assignment of the users and data retrieval strategy to minimize data leakage. The technique is validated on the benchmark datasets. The results show the utility of the sensitivity score of the data items and user privilege values while ensuring faster data retrieval time as compared to state-of-the-art works.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Similar content being viewed by others

Notes

  1. https://www.kaggle.com/datasets/drateendrajha/health-screening-data

  2. https://www.kaggle.com/datasets/tanmoyx/covid19-patient-precondition-dataset

References

  1. Abdulghani HA, Nijdam NA, Collen A, Konstantas D (2019) A study on security and privacy guidelines, countermeasures, threats: IoT data at rest perspective. Symmetry 11(6):774

    Article  Google Scholar 

  2. Azeez NA, Van der Vyver C (2018) Security and privacy issues in e-health cloud-based system: A comprehensive content analysis, Egyptian Informatics Journal. https://doi.org/10.1016/j.eij.2018.12.001

  3. Barua M, Liang X, Lu R, Shen X (2011) ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing. Int J Security Netw 6(2–3):67–76. https://doi.org/10.1504/IJSN.2011.043666

    Article  Google Scholar 

  4. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on security and privacy (SP’07). IEEE

  5. Bhatt CA, Kankanhalli MS (2011) Multimedia data mining: state of the art and challenges. Multimed Tools Appl 51:35–76

    Article  Google Scholar 

  6. Celikel E, Kantarcioglu M, Thuraisingham B, Bertino E (2009) A risk management approach to RBAC. Risk Decis Anal 1(2):21–33

    Article  Google Scholar 

  7. Chadwick DW, Fatema K (2012) A privacy preserving authorisation system for the cloud. J Comput Syst Sci 78(5):13591373. https://doi.org/10.1016/j.jcss.2011.12.019

    Article  Google Scholar 

  8. Chase M, Chow SS (2009) Improving privacy and security in Multi-Authority Attribute-Based encryption. In: Proceedings 16th ACM Conference computer and communications security. pp 121–130. https://doi.org/10.1109/ACCESS.2018.2820182

  9. di Vimercati SDC, Foresti S, Samarati P (2014) Selective and fine-grained access to data in the cloud. Secure Cloud Computing. Springer New York, 123–148

  10. Eom J, Lee DH, Lee K (2016) Patient-Controlled Attribute-Based Encryption for secure electronic health records system. J Med Syst 40 (12):253. https://doi.org/10.1007/s10916-016-0621-3

    Article  Google Scholar 

  11. Garain A, Dawn R, Singh S, Chowdhury C (2022) Differentially private human activity recognition for smartphone users. Multimed Tools Appl 81(28):40827–40848

    Article  Google Scholar 

  12. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on Computer and communications security (pp 89–98). ACM. https://doi.org/10.1145/1180405.1180418

  13. Harel A, Shabtai A, Rokach L, Elovici Y (2012) M-score:, A misuseability weight measure. IEEE Trans Dependable Secure Comput 9(3):414–428

    Article  Google Scholar 

  14. Hur J, Noh DK (2011) Attribute-Based Access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221. https://doi.org/10.1109/TPDS.2010.203

    Article  Google Scholar 

  15. Jayapradha J, Prakash M, Alotaibi Y, Khalaf OI, Alghamdi SA (2022) Heap Bucketization anonymity—an efficient privacy-preserving data publishing model for multiple sensitive attributes. IEEE Access 10:28773–28791

    Article  Google Scholar 

  16. Kement CE et al (2017) Comparative analysis of load-shaping-based privacy preservation strategies in a smart grid. IEEE Trans Indus Inf 13.6:3226–3235. https://doi.org/10.1109/TII.2017.2718666

    Article  Google Scholar 

  17. Khan LS, Khan M, Hazzazi MM, Jamal SS (2023) A novel combination of information confidentiality and data hiding mechanism. Multimed Tools Appl 82(5):6917–6941

    Article  Google Scholar 

  18. Krishnan R (2015) Access control and privacy policy challenges in big data, position paper, NSF Workshop on big data security and privacy. http://csi.utdallas.edu/events/NSF/papers/paper10.pdf

  19. Kudryavtsev LD, Samarin MK (2011) Lagrange interpolation formula. Encyclopedia of Mathematics,[On-line]. Available: http://www.encyclopediaofmath.org/index.php.

  20. Kumar TA, Liu H, Thomas JP, Hou X (2017) Content sensitivity based access control framework for Hadoop. Digit Commun Netw 3(4):213–225

    Article  Google Scholar 

  21. Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology–EUROCRYPT 2010: 29th Annual international conference on the theory and applications of cryptographic techniques, French Riviera, May 30–June 3, 2010. Proceedings 29, pp 62–91. Springer Berlin Heidelberg

  22. Li S, Mu N, Le J, Liao X (2019) A novel algorithm for privacy preserving utility mining based on integer linear programming. Eng Appl Artif Intell 81:300–312

  23. Li S, Mu N, Le J, Liao X (2019) A novel algorithm for privacy preserving utility mining based on integer linear programming. Eng Appl Artif Intell 81:300–312

  24. Li W, Ni W, Liu D, Liu RP, Wang P, Luo S (2017) Fine-grained access control for personal health records in cloud computing. In: 2017 IEEE 85th Vehicular Technology Conference (VTC Spring), pp 1–5. IEEE

  25. Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute based encryption. IEEE Trans Parall Distr 24(1):131–143. https://doi.org/10.1109/TPDS.2012.97

    Article  Google Scholar 

  26. Liu Y, Zhang Y, Ling J, Liu Z (2018) Secure and fine-grained access control on e-healthcare records in mobile cloud computing. Futur Gener Comput Syst 78:1020–1026

    Article  Google Scholar 

  27. Majeed A, Lee S (2020) Attribute susceptibility and entropy based data anonymization to improve users community privacy and utility in publishing data. Appl Intell 50.8:2555–2574

    Article  Google Scholar 

  28. Musthafa S, Student MT, Sudarsa DB (2013) Patient–Centric Secure data sharing frame work for Cloud-Based PHR systems. Int J Eng Sci Invent 2.5:17–26

    Google Scholar 

  29. Qiu M, Gai K, Thuraisingham B, Tao L, Zhao H (2018) Proactive user-centric secure data scheme using attribute-based semantic access controls for mobile clouds in financial industry. Future Gener Comput Syst 80:421–429

    Article  Google Scholar 

  30. Roy M, Chowdhury C, Ahmed G, Aslam N, Chattopadhyay S, Islam SU (2022) Intra WBAN routing using Zipf’s law and intelligent transmission power switching approach (ZITA). J Ambient Intell Humanized Comput 13(9):4135–4149

    Article  Google Scholar 

  31. Saha S, Mallick S, Neogy S (2022) Privacy-Preserving healthcare data modeling based on sensitivity and utility. SN Comput Sci 3.6:482. https://doi.org/10.1007/s42979-022-01372-x

    Article  Google Scholar 

  32. Saha S, Saha P, Neogy S (2018) Hierarchical metadata-based secure data retrieval technique for healthcare application. In: Advanced computing and communication technologies, Springer, Singapore, vol 2018, pp 175–182

  33. Satyanarayanan M (2001) Pervasive computing: Vision and challenges. Pers Commun IEEE 8.4:10–17

    Article  Google Scholar 

  34. TK AK, Liu H, Thomas JP, Mylavarapu G (2015) Identifying sensitive data items within hadoop. In: 2015 IEEE 17th International conference on high performance computing and communications, 2015 IEEE 7th International symposium on cyberspace safety and security, and 2015 IEEE 12th International conference on embedded software and systems, pp 1308–1313. IEEE

  35. Tang PC, Ash JS, Bates DW, Overhage JM, Sands DZ (2006) Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. J Am Med Inf Assoc 13(2):121–126

    Article  Google Scholar 

  36. The GDPR Act (2016) https://gdpr-info.eu/

  37. The HIPAA Act (2000) http://www.hhs.gov/ocr/privacy/

  38. The Sarbanes-Oxley Act (2002) http://www.soxlaw.com/

  39. Ullah I, Khusro S (2023) On the analysis and evaluation of information retrieval models for social book search. Multimed Tools Appl 82(5):6431–6478

    Article  Google Scholar 

  40. Varriale A, Prinetto P, Carelli A, Trotta P (2016) SECube (TM): Data at rest and data in motion protection. In: Proceedings of the International conference on security and management (SAM), p 138. The steering committee of the world congress in computer science, computer engineering and applied computing (WorldComp)

  41. Wang Y, Liu F, Pang Z, Hassan A, Lu W (2019) Privacy-preserving content-based image retrieval for mobile computing. J Inf Secur Appl 49:102399

    Google Scholar 

  42. Wazid M, Das AK, Kumar N, Rodrigues JJ (2017) Secure three-factor user authentication scheme for renewable-energy-based smart grid environment. IEEE Trans Indus Inf 13(6):3144–3153

    Article  Google Scholar 

  43. Weisstein EW (2004) Lagrange interpolating polynomial. https://mathworld.wolfram.com/

  44. Wu R, Ahn GJ, Hu H (2012) Secure sharing of electronic health records in clouds. In: 8th International conference collaborative computing, networking, application and Worksharing (CollaborateCom), Pittsburgh, PA, USA, Oct, pp 711–718. https://doi.org/10.4108/icst.collaboratecom.2012.250497

  45. Wu Y, Wei Z, Deng RH (2013) Attribute-based access to scalable media in cloud-assisted content sharing networks. IEEE Trans Multimed 15 (4):778–788. https://doi.org/10.1109/TMM.2013.2238910

    Article  Google Scholar 

  46. Yang Z, Liang Z (2018) Automated identification of sensitive data from implicit user specification. Cybersecurity 1:1–15

    Article  Google Scholar 

  47. Yang H, Oleshchuk VA (2015) Traceable hierarchical attribute-based authentication for the cloud. IEEE Conference on Communications and Network Security (CNS). IEEE. https://doi.org/10.1109/CNS.2015.7346888

  48. Yang P, Xiong N, Ren J (2020) Data security and privacy protection for cloud storage: a survey. IEEE Access 8:131723–131740

    Article  Google Scholar 

  49. Yao L, Chen Z, Wang X, Liu D, Wu G (2019) Sensitive label privacy preservation with anatomization for data publishing. IEEE Trans Dependable Secure Comput 18(2):904–917

    Article  Google Scholar 

  50. Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: 2010 Proceedings IEEE INFOCOM, pp 1-9. IEEE

  51. Zeng W, Yang Y, Luo B (2014) Content-based access control: Use data content to assist access control for large-scale content-centric databases. In: 2014 IEEE International conference on Big Data (Big Data), Washington, DC USA, pp 701–710. https://doi.org/10.1109/BigData.2014.7004294

  52. Zhang X, Sun S, Zhang K (2018) An information content-based approach for measuring concept semantic similarity in WordNet. Wirel Pers Commun 103.1:117–132. https://doi.org/10.1007/s11277-018-5429-7

    Article  Google Scholar 

  53. Zhou J, Lin X, Dong X, Cao Z (2014) PSMPA: Patient Self-controllable and multi-level privacy-preserving cooperative authentication in distributedm-healthcare cloud computing system. IEEE Trans Parallel Distrib Syst 26(6):1693–1703

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Maulana Abul Kalam Azad University of Technology,West Bengal, Kolkata, 741249, West Bengal, India

    Sayantani Saha

  2. Department of Computer Science & Engineering, Jadavpur University, Kolkata, West Bengal, India

    Chandreyee Chowdhury & Sarmistha Neogy

Authors
  1. Sayantani Saha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chandreyee Chowdhury
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sarmistha Neogy
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Sayantani Saha: Conceptualization, Software, Investigation, Writing - original draft, Writing - review & editing. Sarmistha Neogy: Conceptualization, Visualization, Supervision. Chandreyee Chowdhury: Visualization, Writing - review & editing.

Corresponding author

Correspondence to Sayantani Saha.

Ethics declarations

Conflict of Interests

The authors declare that they have no conflict of interest.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Saha, S., Chowdhury, C. & Neogy, S. A novel two phase data sensitivity based access control framework for healthcare data. Multimed Tools Appl 83, 8867–8892 (2024). https://doi.org/10.1007/s11042-023-15427-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-023-15427-5

Keywords

Search

Navigation