Abstract
Cloud computing paradigm has simplified the delivery of diverse services with the federated organization of computing hardware, storage, software, and services. Many organizations have embraced cloud-based business models to cater to the dynamism of clients. Utility computing harnesses the cloud computing infrastructure to provide services on demand to the customers. It frees the clients from the burden of establishing expensive infrastructures, under-utilization, and wastage of resources, etc. Utility computing provides a wide range of services including storage, computing, networking, web hosting, email, groupware, and data center services. Almost all enterprise models are centered on these services to provide reliable solutions to the clients. In recent years, healthcare industries have resorted to cloud-based solutions to deliver services to remote clients. Rehabilitation is a vital component of healthcare, ascribing to the restoration of the physical, mental and sensory elements of patients. Telerehabilitation services are provided over the cloud for convenience of the healthcare providers and clients. However, these services require maintenance of medical records in the cloud storage for immediate access to the patients and caregivers. Data security is an important concern in such environments in protecting the privacy of a patient. It is required to implement stringent mechanisms for proof generation and verification for authentication and integrity checks. This paper presents a novel publicly certifiable method for the above requirements. This approach is based on a position aware Merkle tree, which employs a 3-tuple scheme, which has been testified for its robustness in providing authentication and data integrity services. The experimental results with the proposed system and performance metrics demonstrate the appropriateness of the system in health rehabilitation services.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Atallah MJ, Pantazopoulos KN, Rice JR, Spafford EE (2002) Secure outsourcing of scientific computations. Adv Comput 54:215–272
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security, Alexandria, Virginia, USA. ACM, New York, pp 598–609. https://doi.org/10.1145/1315245.1315318
Bai J, Song A, Li H, Xu B (2018) Upper extremity rehabilitation training and assessment system for home stroke patients based on workplace measurement. Chin J Sci Instrum 39(4):74–81
Bai J, Song A, Li H (2019) Design and analysis of cloud upper limb rehabilitation system based on motion tracking for post-stroke patients. Appl Sci 9(8):1620
Becker G (2008) Merkle signature schemes, Merkle trees, and their cryptanalysis. Technical Report Ruhr-University, Bochum
Boneh D, Lynn B, Shacham H (2001) Short signatures from the Weil pairing. In: Boyd C (ed) Advances in cryptology — ASIACRYPT 2001. Lecture notes in computer science, vol 2248. Springer, Berlin, Heidelberg, pp 514–532
Chen B, Curtmola R (2014) Auditable version control systems. In: Proceedings of the 21th annual network and distributed system security symposium (NDSS’14), San Diego, California
Cho C, Baek M, Won Y (2018) Guaranteeing the integrity and reliability of distributed personal information access records. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-018-0871-7
Deswarte Y, Quisquater JJ, Saïdane A (2004) Remote integrity checking. In: Jajodia S, Strous L (eds) Integrity and internal control in information systems VI. IICIS 2003. IFIP International Federation for Information Processing, vol 140
Du W, Atallah MJ (2001) Secure multi-party computation problems and their applications: a review and open problems. In: Proceedings of the 2001 workshop on new security paradigms (NSPW '01), Cloudcroft, New Mexico, 10–13 September 2001. ACM, New York, pp 13–22. https://doi.org/10.1145/508171.508174
Eltayesh F, Bentahar J, Mizouni R, Otrok H, Shakshuki E (2017) Refined game-theoretic approach to improve authenticity of outsourced databases. J Ambient Intell Hum Comput 8(3):329–344
Erway C, Küpçü A, Papamanthou C, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 16th ACM conference on computer and communications security (CCS '09), Chicago, Illinois, USA, 9–13 November 2009. ACM, New York, pp 213–222. https://doi.org/10.1145/1653662.1653688
Gazzoni Filho DL, Barreto PS (2006) Demonstrating data possession and uncheatable data transfer. IACR Cryptol ePrint Arch 2006:150
Gennaro R, Gentry C, Parno B (2010) Non-interactive verifiable computing: outsourcing computation to untrusted workers. In: Rabin T (ed) Advances in cryptology – CRYPTO 2010. CRYPTO 2010. Lecture notes in computer science, vol 6223. Springer, Berlin, Heidelberg, pp 465–482
Goldwasser S, Kalai YT, Rothblum GN (2015) Delegating computation: interactive proofs for muggles. J ACM 62(4):27
Golle P, Mironov I (2001) Uncheatable distributed computations. In: Naccache D (ed) Topics in cryptology — CT-RSA 2001. CT-RSA 2001. Lecture notes in computer science, vol 2020. Springer, Berlin, Heidelberg, pp 425–440
Gupta BB, Yamaguchi S, Agrawal DP (2018) Advances in security and privacy of multimedia big data in mobile and cloud computing. Multimed Tools Appl 77(7):9203–9208
Hao Z, Zhong S, Yu N (2011) A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans Knowl Data Eng 23(9):1432–1437
Hohenberger S, Lysyanskaya A (2005) How to securely outsource cryptographic computations. In: Kilian J (ed) Theory of cryptography. TCC 2005. Lecture notes in computer science, vol 3378. Springer, Berlin, Heidelberg, pp 264–282
Hussain SA, Fatima M, Saeed A, Raza I, Shahzad RK (2017) Multilevel classification of security concerns in cloud computing. Appl Comput Inform 13(1):57–65
Kiraz MS (2016) A comprehensive meta-analysis of cryptographic security mechanisms for cloud computing. J Ambient Intell Hum Comput 7(5):731–760
Koo D, Shin Y, Yun J, Hur J (2017) An online data-oriented authentication based on Merkle tree with improved reliability. In: 2017 IEEE international conference on web services (ICWS), Honolulu, HI, USA, 25–30 June 2017. IEEE, pp 840–843. https://doi.org/10.1109/ICWS.2017.102
Levitin G, Xing L, Dai Y (2018) Co-residence based data vulnerability vs. security in cloud computing system with random server assignment. Eur J Oper Res 267(1):676–686
Li F, Xie D, Gao W, Chen K, Wang G, Metere R (2017) A certificateless signature scheme and a certificateless public auditing scheme with authority trust level 3. J Ambient Intell Hum Comput. https://doi.org/10.1007/s12652-017-0553-x
López-Jaquero V, Montero F, Teruel MA (2019) Influence awareness: considering motivation in computer-assisted rehabilitation. J Ambient Intell Hum Comput 10(6):2185–2197
Luo X, Zhou Z, Zhong L, Mao J, Chen C (2018) An effective integrity verification scheme of cloud data based on BLS signature. Secur Commun Netw. https://doi.org/10.1155/2018/2615249
Merkle RC (1990) A certified digital signature. In: Brassard G (ed) Advances in cryptology — CRYPTO’ 89 Proceedings. CRYPTO 1989. Lecture notes in computer science, vol 435. Springer, New York, pp 218–238
Premkamal PK, Pasupuleti SK, Alphonse PJA (2019) A new verifiable outsourced ciphertext-policy attribute-based encryption for big data privacy and access control in cloud. J Ambient Intell Hum Comput 10(7):2693–2707
Sicuranza M, Esposito A, Ciampi M (2015) An access control model to minimize the data exchange in the information retrieval. J Ambient Intell Hum Comput 6(6):741–752
Wan C, Zhang J, Pei B, Chen C (2016) Efficient privacy-preserving third-party auditing for ambient intelligence systems. J Ambient Intell Hum Comput 7(1):21–27
Wang Q, Wang C, Ren K, Lou W, Li J (2010) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859
Wu S, Jiang D, Ooi BC, Wu KL (2010) Efficient B-tree based indexing for cloud data processing. Proc VLDB Endow 3(1–2):1207–1218
Xiang C, Tang C (2015) Efficient outsourcing schemes of modular exponentiations with checkability for untrusted cloud server. J Ambient Intell Hum Comput 6(1):131–139
Yang K, Jia X (2012a) Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web 15(4):409–428
Yang K, Jia X (2012b) An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Parallel Distrib Syst 24(9):1717–1726
Yao C, Xu L, Huang X, Liu JK (2014) A secure remote data integrity checking cloud storage system from threshold encryption. J Ambient Intell Hum Comput 5(6):857–865
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Hariharasitaraman, S., Balakannan, S.P. A dynamic data security mechanism based on position aware Merkle tree for health rehabilitation services over cloud. J Ambient Intell Human Comput (2019). https://doi.org/10.1007/s12652-019-01412-0
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s12652-019-01412-0