Efficient sharing of personal health records using encryption in cloud computing. M.tech project synopsis

1. VISVESVARAYA TECHNOLOGICAL UNIVERSITY
PHASE 1
“Efficient Sharing of Personal Health Records using Encryption in Cloud
Computing”
By,
NAVEENA N
1BT12SCS08
Guide:
Mrs. R VIDHYALAKSHMI
Sr. Lecturer of CSE dept.
B.T.L INSTITUTE OF TECHNOLOGY
Department of Computer Science & Engineering
2013-14

2. AGENDA
oAbstract
oPersonal Health Records in cloud computing
oExisting system
oDrawbacks
oProposed System
oModules
oApplications
oConclusion

3. ABSTRACT
 Personal health records (PHRs) grant patients access to a wide range of
health information sources, best medical practices and health knowledge.
 In patient centric secure sharing, patients will create, manage and control
their personal health data from one place using the web.
 Prior to storing the records in cloud server, they are encrypted using
encryption algorithm which ensures the patient’s full control over their PHR.
 Patients only decide which set of users can access which set of files.

4. LITERATURE SURVEY
 . J. Benaloh, “Patient Controlled Encryption: Ensuring Privacy of Electronic
Medical Records,”
→ proposed a scheme in which a file can be uploaded without key distribution
and it is highly efficient. But it is a single data owner scenario and thus it is
not easy to add categories
 Recently J. Hur and D. K. Noh in “Attribute-Based Revocation in Data
Outsourcing Systems,”
→ proposed two CPABE schemes with immediate attribute revocation
capability, instead of periodical revocation. However, they were not
designed for Multi Authority Attribute Based Encryption (MAABE).

5. EXISTING SYSTEM
 Due to the high cost of building and maintaining specialized data centers,
many PHR services are outsourced to or provided by third-party service
providers, for example, Microsoft Health Vault.
 The main concern is about whether the patients could actually control the
sharing of their sensitive personal health information (PHI), especially when
they are stored on a third-party server which people may not fully trust.

6. OBJECTIVE
 The main aim of the proposed system is to provide secure patient-centric
PHR access and efficient key management at the same time.
 The key idea is to divide the system into multiple security domains
(namely, public domains (PUDs) and personal domains (PSDs))
according to the different users’ data access requirements.

7. Architecture
The proposed framework for patient-centric, secure and scalable PHR sharing on semi-trusted
storage under multi-owner settings.

8. SYSTEM FLOW CHART

9. Attribute Based Encryption (ABE)
 In this scheme, users are categorized into
personal and professional domains which
greatly reduce the key management
complexity.
 There is a structured way to access the files for
personal and professional purposes. Patients
are able to dynamically modify the access
policy and attributes.

10. Attribute Based Encryption (ABE)
Attribute Types in this System
 Friends
 Hospitals
 Insurance
 Emergency

11. MODULES
 PHR Owner Module
 Attribute based Access Policy Module
 Data confidentiality Module

12.  PHR Owner Module
 The key idea is to divide the system into multiple security domains
(namely, public domains (PUDs) and personal domains (PSDs))
according to the different users’ data access requirements.
 The PUDs consist of users who make access based on their
professional roles, such as doctors, nurses and medical researchers.
 For each PSD, its users are personally associated with a data owner
(such as family members or close friends), and they make accesses to
PHRs based on access rights assigned by the owner.

13.  Attribute based Access Policy Module
 Users having read and write access as data readers and
contributors, respectively.
 Dark boxes are the categories that a PSD’s data readers have access to.

14.  Data confidentiality Module
 The owners upload ABE-encrypted PHR files to the server.
 Each owner’s PHR file is encrypted both under a certain fine
grained and role-based access policy for users from the PUD to
access.
 Under a selected set of data attributes that allows access from users
in the PSD. Only authorized users can decrypt the PHR files,
excluding the server.

15. ADVANTAGES
Extensive analytical and experimental results are presented
which shows
 Data confidentiality
 On-demand revocation
 Write access control
 Scalability and usability

16. APPLICATIONS
 Hospital Management
 Health Care Website

17. CONCLUSION
 This paper proposed a novel framework of secure sharing of
personal health records in cloud computing. Considering partially
trustworthy cloud servers, argue that to fully realize the patientcentric concept, patients shall have complete control of their own
privacy through encrypting their PHR files to allow fine-grained
access.