A Cloud Based Solution for Collaborative and Secure Sharing of Medical Data

A Cloud Based Solution for Collaborative and Secure Sharing of Medical Data

Mbarek Marwan (LTI Laboratory, ENSA, Chouaib Doukkali University, El Jadida, Morocco), Ali Kartit (LTI Laboratory, ENSA, Chouaib Doukkali University, El Jadida, Morocco) and Hassan Ouahmane (LTI Laboratory, ENSA, Chouaib Doukkali University, El Jadida, Morocco)
Copyright: © 2018 |Pages: 18
DOI: 10.4018/IJEIS.2018070107


Healthcare sector is under pressure to reduce costs while delivering high quality of care services. This situation requires that clinical staff, equipment and IT tools to be used more equitably, judiciously and efficiently. In this sense, collaborative systems have the ability to provide opportunities for healthcare organizations to share resources and create a collaborative working environment. The lack of interoperability between dissimilar systems and operating costs are the major obstacle to the implementation of this concept. Fortunately, cloud computing has great potential for addressing interoperability issues and significantly reducing operating costs. Since the laws and regulations prohibit the disclosure of health information, it is necessary to carry out a comprehensive study on security and privacy issues in cloud computing. Based on their analysis of these constraints, the authors propose a simple and efficient method that enables secure collaboration between healthcare institutions. For this reason, they propose Secure Multi-party Computation (SMC) protocols to ensure compliance with data protection legislation. Specifically, the authors use Paillier scheme to protect medical data against unauthorized usage when outsourcing computations to a public cloud. Another useful feature of this algorithm is the possibility to perform arithmetic operations over encrypted data without access to the original data. In fact, the Paillier algorithm is an efficient homomorphic encryption that supports addition operations on ciphertexts. Based on the simulation results, the proposed framework helps healthcare organizations to successfully evaluate a public function directly on encrypted data without revealing their private inputs. Consequently, the proposed collaborative application ensures privacy of medical data while completing a task.
Article Preview

1. Introduction

The adoption of collaborative software or groupware in healthcare domain would inevitably improve patient services (Lee & Leu, 2016). Indeed, it allows healthcare ecosystem to share data and tools efficiently. The ability of this model to easily build a collaborative environment has significantly attracted the attention of healthcare institutions. Despite its remarkable ability to facilitate coordination and data exchange, this concept requires massive investment in hardware and software. In this respect, we propose a highly efficient approach and framework to encourage communication and effective teamwork among healthcare professionals. This can be achieved by using cloud technology which ensures cost reduction, greater flexibility, elasticity and optimal resource utilization (Mell & Grance, 2009; Shameem, Johnson, Shaji, & Arun, 2017). Additionally, customers take advantage of a flexible usage-based pricing system for an optimal use of cloud resources (Arinze & Anandarajan, 2010). More precisely, metering and reporting tools are generally based on real-time usage and the quality-of-service requirements of cloud services. The features and characteristics of cloud are summarized in the Figure 1.

Figure 1.

Definition of cloud computing according to NIST

Although cloud services offer significant potential and advantages, the utilization of off-site solutions raise numerous security issues (Marwan et al., 2018). In order to use cloud services safely, it is of paramount importance to explore and seriously address cloud security risks. The next step is to design and develop a cloud platform that enables secure collaboration among medical professionals. The primary contribution of this research consists in using Secure Multi-party Computation (SMC) protocol in conjunction with Pallier cryptosystem to protect patient privacy against unauthorized users. Concretely, this technique enables various parties to conduct operations over distributed data without revealing confidential information. In reality, SMC protocol is widely used to guarantee data privacy in various IT domain areas, such as price negotiations in electronic auction (Li et al., 2016), privacy-preserving computational geometry (Shundong et al., 2014) and privacy preserving data mining (Yi et al., 2015). In this study, this approach permits healthcare administrators to make the correct global decisions by using different homogeneous distributed databases. Simultaneously, this solution is perfectly suitable to use in heterogeneous systems to achieve interoperability.

The organization of this paper is as follows. In Section 2 and 3, we present and discusss security problems in cloud computing as well as the privacy requirements in the healthcare domain. We essentially provide some previous works and discuss their limitations in Section 4. Section 5 illustrates our proposed framework to meet security needs. We provide background information of Secure Multiparty Computation (SMC) protocol and its basic principles in Section 6. In Section 7, we implement our solution and discuss the results. We end this work in Section 8 by remarks and future research directions.

2. Security Issues In Cloud Computing

Cloud computing relies on the sustainable development of recent computing technologies, especially distributed systems, storage systems and applications. Essentially, it aims to drastically reduce costs by using the shared storage pool and the multi-tenancy architecture. Additionally, this model is an appropriate solution to improve collaboration between healthcare organizations. Nevertheless, the security and privacy risks are the primary barriers hindering the implementation of cloud computing (Radwan, Azer, & Abdelbaki, 2017; Jouini & Rabai, 2016). In this section, we explore the potential vulnerabilities and risks facing cloud computing and identify the main cause of these problems.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 15: 4 Issues (2019): Forthcoming, Available for Pre-Order
Volume 14: 4 Issues (2018): 3 Released, 1 Forthcoming
Volume 13: 4 Issues (2017)
Volume 12: 4 Issues (2016)
Volume 11: 4 Issues (2015)
Volume 10: 4 Issues (2014)
Volume 9: 4 Issues (2013)
Volume 8: 4 Issues (2012)
Volume 7: 4 Issues (2011)
Volume 6: 4 Issues (2010)
Volume 5: 4 Issues (2009)
Volume 4: 4 Issues (2008)
Volume 3: 4 Issues (2007)
Volume 2: 4 Issues (2006)
Volume 1: 4 Issues (2005)
View Complete Journal Contents Listing