Advertisement

Peer-to-Peer Networking and Applications

, Volume 9, Issue 5, pp 894–909 | Cite as

Privacy preserving secure data exchange in mobile P2P cloud healthcare environment

  • Sk. Md. Mizanur RahmanEmail author
  • Md. Mehedi Masud
  • M. Anwar Hossain
  • Abdulhameed Alelaiwi
  • Mohammad Mehedi Hassan
  • Atif Alamri
Article

Abstract

Cloud computing technology offers the possibility of inter-organizational medical data sharing at a larger scale. The different organizations can maintain their own cloud environment while exchanging healthcare data among them in a peer-to-peer(P2P) fashion according to some defined polices. However, there are many security and privacy challenges that hamper the adoption of cloud computing solutions in healthcare domain. Besides, due to the privacy sensitivity of healthcare data, an organization may not wish to disclose its identity to others when exchanging data in the network to avoid different attacks by the intruders. Hence, anonymously authenticated data exchange is essential between the different peer organizations. In this paper we propose an anonymous on-the-fly secure data exchange protocol for such environment based on pairing-based cryptography. Our proposed solution allows cloud peers to dynamically generate temporary identities that are used to produce a session key for each session of data exchange. The proposed protocol is robust against different attacks, such as target-oriented, man-in-the middle, masquerade, and message manipulation attacks.

Keywords

P2P cloud Secure data exchange Pairing-based cryptography Anonymous authentication Security attacks 

Notes

Acknowledgments

This work was supported by NSTIP strategic technologies program number (12-INF2613-02) in the Kingdom of Saudi Arabia.

References

  1. 1.
    Fuxman A, Kolaitis PG, Miller RJ, Tan WC (2005) Peer data exchange. In ACM Trans Database Syst 31(4):1454–1498CrossRefGoogle Scholar
  2. 2.
    Beeri C, Vardi MY (1984) A proof procedure for data dependencies. In JACM 31(4):718–741MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Halevy AY, Ives ZG, Suciu D, Tatarinov I (2003) Schema mediation in peer data management system. In: Proceedings of the international conference on data engineering, pp 505–516Google Scholar
  4. 4.
    Halevy AY, Ives ZG, Madhavan J, Mork P, Suciu D, Tatarinov I (2004) The piazza peer-data management system. In IEEE Trans Knowl Data Eng (TKDE) 16(7):787–798CrossRefGoogle Scholar
  5. 5.
    Serafini L, Giunchiglia F, Molopoulos J, Bernstein P (2003) Local relational model: a logocal formalization of database coordination. Technical Report, Informatica e Telecomunicazioni, University of TrentoGoogle Scholar
  6. 6.
    Rodriguez-Gianolli P, Garzetti M, Jiang L, Kementsietsidis A, Kiringa I, Masud M, Miller R, Mylopoulos J (2005) Data sharing in the hyperion peer database system. In: Proceedings of the international conference on very large data bases (VLDB), pp 1291–1294Google Scholar
  7. 7.
    Kementsietsidis A, Arenas M, Miller RJ (2003) Mapping data in peer-to-peer systems: semantics and algorithmic issues. In: Proceedings of the international conference on the management of data (ACMSIGMOD), pp 325–336Google Scholar
  8. 8.
    Miller V (1986) Uses of elliptic curves in cryptography. In: Crypto’85 on advances in cryptology. Lecture Notes in Computer Science, vol 218. Springer, Berlin Heidelberg, pp 417– 426Google Scholar
  9. 9.
    Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48:203–209MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Gura N, Patel A, Wander A, Eberle H, Shantz SC (2004) Comparing elliptic curve cryptography and RSA on 8-bit CPUs. Workshop on cryptographic hardware and embedded systems (CHES), pp 119–132Google Scholar
  11. 11.
    Oliveira LB, Dahab R (2006) Pairing-based cryptography for sensor networks. In: 5th IEEE international symposium on network computing and applications (NCA’06), USAGoogle Scholar
  12. 12.
    Shamir A (1984) Identity-based cryptosystems and signature schemes. In: CRYPTO’84 on advances in cryptology. Springer, Berlin Heidelberg, pp 47–53Google Scholar
  13. 13.
    Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. In: Proceedings of the CRYPTO 2001, LNCS 2139. Springer, Berlin Heidelberg, pp 213–229Google Scholar
  14. 14.
    Sakai R, Ohgishi K, Kasahara M (2000) Cryptosystems based on pairing. In: Proceedings of the symposium on cryptography and information security (SCIS2000), pp 26–28Google Scholar
  15. 15.
    Joux A, Nguyen K (2001) Separating decision Diffie-Hellman from Diffie-Hellman in cryptographic groups. Cryptology ePrint Archive, Report 2001/03, available at http://eprint.iacr.org/2001/03/
  16. 16.
    Rahman Sk Md M, Masud M, Adams C, El-Khatib K, Mouftah H, Okamoto E (2010) Pair-wise cryptographic models for secure data exchange in P2P database management systems. Cryptology ePrint Archive: Report 2010/085 (a technical report); available at http://eprint.iacr.org/2010/085
  17. 17.
    Balfanz D, Durface G, Shankar N et al (2003) Secure handshakes from pairing-based key agreements. IEEE symposium on security and privacyGoogle Scholar
  18. 18.
    The Tate Pairing available at http://www.computing.dcu.ie/%7Emike/tate.html
  19. 19.
    Elliptic Curve Cryptography Tutorial http://www.certicom.com/index.php/ecc
  20. 20.
    Rahman Sk Md M, Inomata A, Okamoto T, Mambo M, Okamoto E (2007) Anonymous secure communication in wireless mobile ad-hoc networks. In: Stajano F et al (eds) Springer lecture notes in computer science LNCS 4412, pp 140– 149Google Scholar
  21. 21.
    Rahman Sk Md M, Inomata A, Mambo M, Okamoto E (2006) Anonymous on-demand position-based routing in mobile ad-hoc networks. In: IPSJ digital courier, vol 2, pp 524–536Google Scholar
  22. 22.
    Popescu BC, Crispo B, Tanenbaum A S Popescu BC, Crispo B, Tanenbaum AS (2006) Safe and private data sharing with turtle: friends team-up and beat the system. In: Christianson B et al (eds) Lecture notes in computer science (LNCS 3957), security protocols 2004. Springer, Berlin, pp 213–220Google Scholar
  23. 23.
    Raymond J-F (2001) Traffic analysis: protocols, attacks, design issues and open problems. In: Proceedings of PET’01, vol 2009, LNCS. Springer, pp 10–29Google Scholar
  24. 24.
    Shim K (2003) Efficient one round tripartite authenticated key agreement protocol from Weil pairing. Electron Lett 39(2):208–209CrossRefGoogle Scholar
  25. 25.
    Sun H-M, Hsieh B-T (2003) Security analysis of Shim’s authenticated key agreement protocols from pairings. IACR Cryptology ePrint Archive, 113. available at http://eprint.iacr.org/2003/113
  26. 26.
    Barreto PSLM, Kim HY, Lynn B, Scott M (2002) Efficient algorithms for pairing-based cryptosystems. In: Yung M (ed) Proceedings of CRYPTO 2002 advances in cryptology, LNCS 2442. Springer, Berlin Heidelberg, pp 354– 368Google Scholar
  27. 27.
    Doukas C, Pliakas T, Maglogiannis I (2010) Mobile healthcare information management utilizing cloud computing and android OS. In: 2010 annual international conference of the IEEE engineering in medicine and biology society (EMBC), pp 1037–1040Google Scholar
  28. 28.
    Chenguang H, Fan X, Li Y (2013) Toward ubiquitous healthcare services with a novel efficient cloud platform. IEEE Trans Biomed Eng 60(1):230–234CrossRefGoogle Scholar
  29. 29.
    Babaoglu O, Marzolla M (2014) Escape from the data center: the promise of peer-to-peer cloud computing. IEEE SpectrGoogle Scholar
  30. 30.
    Zhijia C et al (2009) Rapid provisioning of cloud infrastructure leveraging peer-to-peer networks. In: 29th IEEE international conference on ICDCS workshops, distributed computing systems workshops, 2009Google Scholar
  31. 31.
    Pearson S (2009) Taking account of privacy when designing cloud computing services. In: ICSE workshop on software engineering challenges of cloud computing, 2009. CLOUD 2009Google Scholar
  32. 32.
    Pearson S, Shen Y, Mowbray M (2009) A privacy manager for cloud computing. In: Cloud computing, pp 90–106Google Scholar
  33. 33.
    Itani W, Kayssi A, Chehab A (2009) Privacy as a service: privacy- aware data storage and processing in cloud computing architectures. In: IEEE international conference on dependable, autonomic and secure computing, pp 711–716Google Scholar
  34. 34.
    Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: IEEE INFOCOM 2010, San DiegoGoogle Scholar
  35. 35.
    Van Dijk M, Juels A (2010) On the impossibility of cryptography alone for privacy-preserving cloud computing. IACR ePrint, vol 305Google Scholar
  36. 36.
    Grobauer B, Walloschek T, Stocker E (2011) Understanding cloud computing vulnerabilities. IEEE Secur Priv 9(2):50–57CrossRefGoogle Scholar
  37. 37.
    Rahman Sk Md M, Masud M, Noman ANM, Alamri A, Hassan MM (2014) Towards secure data exchange in peer-to-peer data management systems. Appl Math Inf Sci 8(6):2775– 2787CrossRefGoogle Scholar
  38. 38.
    Masud M, Rahman Sk Md M (2012) Secure data exchange in P2P data sharing systems in eHealth perspective. IJCSI International Journal of Computer Science Issues, ISSN (Online): 1694-0814, vol 9, issue 6, No 2, pp 36-42Google Scholar
  39. 39.
    Rahman Sk Md M, Masud Md M, Adams C, El-Khatib K, Mouftah H, Okamoto E (2011) Cryptographic security models for eHealth P2P database management systems network. In: IEEE 2011 9th annual conference on privacy, security and trust (PST2011), MontrealGoogle Scholar
  40. 40.
    Rahman Sk Md M, Masud Md M, Adams C, Mouftah H, Inomata A (2011) Session-wise private data exchange in eHealth peer-to-peer database management systems. In: IEEE international conference on intelligence and security informatics (ISI2011), BeijingGoogle Scholar
  41. 41.
    Shini S, Thomas T, Chithraranjan K (2012) Cloud based medical image exchange-security challenges. In: Proceedings of international conference on modelling, optimization and computingGoogle Scholar
  42. 42.
    Ratnam KA, Dominic DD (2012) Cloud services enhancing the Malaysian Healthcare sector. In: Proceedings of international conference on computer and information scienceGoogle Scholar
  43. 43.
    Basu S et al (2012) Fusion: managing healthcare records at cloud scale. Computer 11:42–49CrossRefGoogle Scholar
  44. 44.
    Guo L, Chen F, Chen L, Tang X (2010) The building of cloud computing environment for E-health. In: Proceedings of international conference on E-Health networking, digital ecosystem and technologiesGoogle Scholar
  45. 45.
    Li M et al (2011) Authorized private keyword search over encrypted data in cloud computing. In: 2011 31st international conference on distributed computing systems (ICDCS). IEEEGoogle Scholar
  46. 46.
    Li M et al (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems 24.1: 131–143CrossRefGoogle Scholar
  47. 47.
    Chen T-S et al (2012) Secure dynamic access control scheme of PHR in cloud computing. J Med Syst 36.6:4005–4020CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2015

Authors and Affiliations

  • Sk. Md. Mizanur Rahman
    • 1
    Email author
  • Md. Mehedi Masud
    • 3
  • M. Anwar Hossain
    • 2
  • Abdulhameed Alelaiwi
    • 2
  • Mohammad Mehedi Hassan
    • 1
  • Atif Alamri
    • 1
  1. 1.Information Systems Department, College of Computer and Information Sciences(CCIS), Research Chair of Pervasive and Mobile ComputingKing Saud UniversityRiyadhKSA
  2. 2.Software Engineering Department, College of Computer and Information Sciences(CCIS)King Saud UniversityRiyadhKSA
  3. 3.Computer Science DepartmentTaif UniversityTaifKSA

Personalised recommendations