International Journal of Trend in Scientific Research and Development (IJTSRD)
Volume 4 Issue 3, April 2020 Available Online: www.ijtsrd.com e-ISSN: 2456 – 6470
Cloud Compliance with Encrypted Data – Health Records
Mohan Prakash1, Nachappa S2
1PG
Student, 2Assistant Professor,
1,2School of Computer Science & IT, Jain University, Bengaluru, Karnataka, India
How to cite this paper: Mohan Prakash |
Nachappa S "Cloud Compliance with
Encrypted Data – Health Records"
Published
in
International Journal
of Trend in Scientific
Research
and
Development
(ijtsrd), ISSN: 24566470, Volume-4 |
IJTSRD30773
Issue-3, April 2020,
pp.1080-1083,
URL:
www.ijtsrd.com/papers/ijtsrd30773.pdf
ABSTRACT
several tending organizations area unit mistreatment electronic health record
(EHRS) area unit period, patient-centered records that create data accessible
instantly and firmly to approved users. so information storage becomes
associate evoking interest for developing EHRS systems. this can not price an
excellent deal however it additionally provides the adjustable giant space
mobile access more and more required within the gift world, however, before
cloud-based EHRSs system will become associate beingness, problems with
information security, personal details of patients and overall performance
should be shown. As normal cryptography techniques for EHRSs cause
hyperbolic access management and performance overhead, this paper
proposes the employment of Cipher text-Policy Attribute-Based cryptography
(CPABE) to encrypted information is unbroken confidential although the
storage server is untrusted EHRSs supported health care suppliers credentials
to decipher EHRSs it ought to contain these several attributes required for
correct access . the planning and usage of cloud-related EHRS system
supported CP-ABE area unit galvanized and bestowed, beside introductory
experiments to research the flexibleness and measurability of the planned
approach.
Copyright © 2020 by author(s) and
International Journal of Trend in Scientific
Research and Development Journal. This
is an Open Access article distributed
under the terms of
the
Creative
Commons Attribution
License
(CC
BY
4.0)
(http://creativecommons.org/licenses/by
/4.0)
KEYWORDS: Cloud Computing, Internet, Hospital, Electronic health record, Data
Visualization
1. INTRODUCTION
The health care organization is challenged by sufficiently
nice pressures to decrease the prices correlative, with
providing attention services, adopt new electronic attention
systems and communicate information quick and shield with
alternative attention professionals and government agencies.
The attention organization has not been quick to simply
accept new technologies for infrastructures that support
back-office operations several hospitals and medical aid
organization keep their servers and desktops 2 to a few
years back than a medium for non-healthcare organizations.
The specialty of family practice has conjointly expressed that
the EHRSS may be a core technology for the long run of
family practice within the way forward for family practice
Project. This project outlines a "New Model" of take care of
family practice with the EHRS as "the central nervous
system" of that model. The EHRS becomes a tool through
that the family practice workplace will rework practices to
fulfill its desires and also the desires of its patients. increased
workflows and access to data build the follow of medication
a lot of economical for physicians and their employees. call
support and automatic reminders facilitate the follow deliver
safer and better quality care to patients and also the
community. As a result. So Many healthcare organizations
are decided to move to cloud computing to sort out different
issues that are facing them such as changing the history of
healthcare data and investment the more costs. cloud
computing can active in focusing the healthcare
organizations efforts on healthcare services. And improving
patient care .move over, cloud computing has the potential
@ IJTSRD
|
Unique Paper ID – IJTSRD30773
|
benefit to help healthcare organization reduce the more
budget needed to migrate all the IT infrastructure to provide
integrated services cross much organization. The rest of the
paper is organized as follow section 2 provides the entire
information about the e-health record concept and section 3
the tells about entire information about cloud-based EHRS
system Section 4 lists and talk about technical and
organizational issues gerund the implementation of health
cloud section 5 talks about the Electronic Health Record
Implementation Means Redesign & Workflow Changes.
Finally, section 6 provides some talk about while section 7
concludes the paper.
2. RELATED WORK
EMR systems use electronic health records that may be
created, gathered, and managed by approved care suppliers
at intervals one health care organization. EHRS square
measure subdivide into a organized so as of structure during
which every section is encrypted with a acquire public key
that patients square measure needed to manage and
decrypted with a acquire sub key from a master non-public
key this method has several problems[1]. potential key
management overhead no support for a key a bond agent in
emergencies and sure info integrity as health records square
measure managed by patients, not care suppliers. For care
supplier to access a record they have to rewrite the data
entry to search out the placement and name of the record
and parallela bilaterally symmetric biradia cruciate
cruciform even regular interchangeable isosceles radial
stellate
radially
symmetrical
centro
symmetric
Volume – 4 | Issue – 3
|
March-April 2020
Page 1080
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
rhombohedral trigonal parallel regular key they then request
the encrypted record from the cloud server and rewrite it
exploitation the symmetric key.
3. KEY POLICY ATTRIBUTE-BASED
3.1. ENCRYPTION (KPABE)
Data encryption is an efficient thanks to preventing sensitive
information from unauthorized access and information
privacy. In earlier public key encoding or identity-based
encoding systems, encrypted information is targeted on
decrypting by one noted user. to beat these coming
requarments . As another of encoding to individual users, in
ABE policy, users will input AN access policy into the cipher
text or decrypting. Hence, accessing information is self
accessing from the cryptography, with no sure intermediary.
ABE is thought of as AN extension of identity-based encoding
within which user identity is taken into account to a group of
communicative attributes rather than one string specifying
the user identity. Compared to knowing encrypting ABE has
the good thing about accomplishing it one-to-many-variable
variable encoding as a substitution for a single object; it's
thought of a promising tool to cope with downside with
sharing secure and well-organized information access
management There square measure 2 sorts of ABE
reckoning on that personal keys or cipher documents access
policies square measure compliant. KP-ABE could be a
community the primary key for cryptography for several
communication. In KP-ABE, the files square measure
compatible heir individual attributes that square measure
the key to society outlined. Encrypting or associating a group
of symbols to the message by encrypting it with it vital
elements of society. for every user the access structure
shared, frequency is outlined because the access tree
additionally to information symbols, e.g., internal access tree
numbers little gates and leaf nodes square measure
compatible attributes. The user's personal secret is outlined
to point accessibility structure in order that the user will
interpret the cipher text once and given that the attributes of
the information satisfy his or her accessibility KP-ABE
programs square measure ideal for organized organizations
and rules on World Health Organization will browse sure
texts. In Policy-based-policy-encryption (CP-ABE) program,
once the sender writes a message, they outline a selected
access policy in terms of access data override symbols in
cipher text, say The receiver kind are going to be ready to
translate cipher text. Users have a collection of attributes
and realize compatible ones personal responsibility keys
from the authority. Such the user will translate a lot of text if
his or her attributes square measure satisfactory access
policy related to cipher text.
4. ELECTRONIC-HEALTH RECORD
The Electronic Health Record (EHRS) or processed Patient
Record (CPR)– received its 1st real validation in Associate in
Nursing Institute of Medicine's (IOM) report in 1991 entitled
The computer-based patient record a necessary technology
for health care IOM drove home the concept that the EHRS is
required to rework the health system to enhance quality and
enhance safety. The computer-based patient record a
necessary technology for health care.
The EHRS is regarding quality, safety, and potency. it's a
good tool for physicians, however cannot guarantee these
virtues in isolation. Achieving verity advantages of EHRS
systems needs the transformation of practices, supported
@ IJTSRD
|
Unique Paper ID – IJTSRD30773
|
quality improvement methodologies, system, and teambased care, and evidence-based medicine[1]. History health
and drugs it offers the whole data of the patients and health
care organization. A diagnostic assay could be a procedure
performed to substantiate or confirm the presence of
sickness in a personal suspected of getting a sickness,
sometimes following the report of symptoms, or supported
alternative medical take a look at results.
Organizations that use electronic health usually maintain a
substantial quantity of clinical content within the variety of
order sets, documentation templates, and call support rules.
EHRS vendors rarely give analytic tools for patrons to keep
up such content and monitor their usage. An electronic
health record (EHRS) contains patient health data, like body
and asking information. Patient demographics.
Fig 1: Electronic Health Records Types
5. CLOUD-BASED EHRS SYSTEM
CP-ABE access management theme with hidden attributes
for the sensitive knowledge set constraint. This theme
incorporates protractible, partly hidden constraint policy. In
our theme, because of the separation of duty principle, the
duties of implementing the access management policy and
therefore the constraint policy area unit divided into
freelance entities to boost security.
Using CP-ABE in a very cloud-based EHRS System
A CP-ABE theme consists of 4 elementary algorithms Setup,
Encrypt, Key Generation, and decode, and one nonobligatory
formula, Delegate.
Setup: takes no input aside from the implicit security
parameter. It outputs the general public parameters PK and
a keyMK.
Key Generation (MK, S): uses the key MK and a collection of
attributes S that describe the key, and outputs a personal key
SK.
Encrypt (PK, M, A): takes as input the general public
parameters PK, a message M, associated an access structure
A over a collection of attributes. it'll cypher M and turn out a
cipher text CT such solely a user World Health Organization
possesses the set of attributes satisfying the access structure
are going to be ready to decode CT.
Decrypt (PK, CT, SK): takes as input PK, aciphertext CT, that
was obtained for associate access policy A, and a personal
key SK for a collection S of attributes. If the set S of attributes
satisfies the access structure A, then the formula can decode
Volume – 4 | Issue – 3
|
March-April 2020
Page 1081
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
the cipher text and come back a message M. Delegate (SK, S):
takes as input a secret key SK for a few set of attributes S and
a collection ⊆ S. It outputs a secret key SK for the set of
attributes
Fig 2: Cloud Based EHRS System
6. PROJECT SCOPE AND OBJECTIVE
The health record project gives an assortment of the
suggestion identified with grasping the electronic wellbeing
data gauges in Electronic Health Information/Electronic
Medical Information and other clinical records. [9] The
principle extension is distinguishing the gauges and their
motivation in clinical industry, the catching of information
alongside the perspective on information, how they are
spoken to, put away, shared, transmitted that will be through
interoperability of the considerable number of records. This
venture does exclude considering portions of creation and
action of neighborhood, nearby or national systems, records,
or storage facilities as they are overseen by appropriate
regulative/administrative bodies.
The main objectives are as follows –
Improving interoperability which makes sure that the
content that are shared and exchanged may be of
different formats, but they can still incorporate the
different formats of data, including the vocabulary and
other standards.
Implementing policies, best practices and frameworks.
Adapting according to the standards and make sure they
are not interdependent.
Encouraging all the hospitals to adopt to modernization
(digitalization)
Making the data technically available according to the
standards.
Maintenance of the system in a timely manner.
Implementation and maintenance cost must be low
7. TECHNICAL ISSUES
Security and Privacy Issues: E-health systems square
measure Janus-faced with many security and privacy
problems like unauthorized Access to Patient's
Electronic Records, attack established on host estate,
attack on personal heath record, system and web
security problems.
Service Delivery and asking Issues: Electronic health
records (EHRSs) are wide projected health service
delivery is scant, particularly for kids and adolescents.
maintaining documentation on purchasers and services
@ IJTSRD
|
Unique Paper ID – IJTSRD30773
|
provided, billing, procuring and maintaining EHRS most
outstanding, however conjointly as well as problems
associated with technology.
Interoperability and movability Issues: Clinical
documentation and health data movability create
distinctive challenges in urban and rural areas of
Republic of India. this text presents the findings of a
pilot study.
Performance vs. value Issues: several organization
provides higher performance of the e health care cloud
services and repair performance is decisive for health
care suppliers WHO cannot effectively operate unless
their applications and patients data is accessible once
required.
Cloud merchant lock-in value Issue: Cloud merchant
lock-in is known as possession lock-in wherever health
care organization depends on a selected cloud merchant
for services once a health care organization decides to
modify to a different merchant {fixed value fixed charge
fixed values charge} shows up fixing to a lower-cost
cloud supplier is straightforward because the switch
cost is low whereas switch to higher cost vendors can
incur a lot of prices.
Data Management: a lot of health care organization
knowledge is predicted to be self-addressed and keep
within the cloud from varied health care supplier via
varied technology. the target is to own high
responsibility and higher access at totally different
locations and across giant geographic distances so the
cloud is challenged to supply secure storage over public
clouds fault tolerance and made definite quantity
languages that and climbable facilities to method the
applying data.
Scalability and Flexibility: huge users from the health
care domain square measure expected to use the cloud
services, wherever this could be solely achieved by the
quantifiability of services. flexibility suggests that the
power of cloud suppliers to serve multiple health care
suppliers with totally different necessities in terms of
functions, operations, users, auditing, management, and
quality of service (QoS) necessities.
Maintainability: The Cloud is challenged by the
intimidating task of maintaining its resources and
services. because the infrastructure and services grow to
satisfy client wants, it becomes tougher and a lot of
complicated to keep up them whereas conserving
identical levels of performance
8. Electronic Health Record Implementation Means
Redesign & Workflow Changes
Every day within the attention organization got to see the
patients write prescriptions and send bills review workplace
and x-rays and performance and alternative jobs All of which
will be accomplished by the MD and therefore the employees
victimization progresss that are adopted all the time
progress area unit the various ways in which the workplace
accomplishes organization myriad tasks throughout the day
the paper chart to an exact degree has mandated an exact
workflow within the family MD office[4]. Family MD
workplace progress of the twenty first century are fully
totally different. the varied can present itself each as a result
of the electronic health record and therefore the goal of the
long run of medical practice project .the electronic health
record enforced properly can machine-controlled knowledge
flow within the family MD workplace the long run of medical
Volume – 4 | Issue – 3
|
March-April 2020
Page 1082
International Journal of Trend in Scientific Research and Development (IJTSRD) @ www.ijtsrd.com eISSN: 2456-6470
practice project envisions patient-centered care in
redesigned offices victimization advanced info technology
with a stress on potency, quality, and safety.
based EHRS systems results proposed system sensible
performance and occupy inappreciable storage and will be
used to confirm the practicability of this viewpoint.
Keys to Success
Patient focus: assembling your patients want with the
simplest care in {an exceedingly|in a very} feeling
manner is that the central focus of the workplace
knowledge technology acts as an intensity supporter if
it's enforced and used with a patient focus in mind.
Teamwork philosophy: Transitioning associated work
flow with an electronic health record need shut
cooperation nurses and medical assistants should add
shut perceive so as to urge patient care extremely
trained time period autonomy and responsibility to try
and do considerably over sometimes happens in a very
paper-based workplace and new ideas.
Cross Training: unco a lot of workers together with
physicians ought to cross train so as to be accustomed to
alternative job perform in massive offices it's generally
helpful to interrupt up the workers into smaller a lot of
useful patient care units this may conjointly need crosstraining.
Job rotation: a brand new processed workplace setting
rewards non-traditional pondering job descriptions. The
thinking ought to transition from "everyone features a
job to do" to "what tasks square measure necessary,
performed by whom, to realize economical work flow
with tokenish waste
REFERENCES
[1] Suhair AlshEHRsi, Stanisław P. Radziszowski, and
Rajendra K. Raj “Secure Access for Healthcare Data in
the Cloud Using Ciphertext-Policy Attribute-Based
Encryption” 2012 IEEE 28th.
CONCLUSION
This paper represents the architecture for a secure cloudbased EHRS system using CP-ABE that furnish effective
solutions to some of the problems related to standard
encryption mechanisms have we discussed and also
discussed the CP-ABE scheme and work flow of the EHRS
and also main success of the EHRS and thus it can be used as
replacement to standard encryption[9] mechanisms in cloud
@ IJTSRD
|
Unique Paper ID – IJTSRD30773
|
[2] Noura Al Nuaimi, Asma AlShamsi, Nader Mohamed
United Arab Emirates University Al A in 15551, UAE,
Jameela Al-Jaroodi “e-Health Cloud Implementation
Issues and Efforts”
[3] J. Bethencourt, A. Sahai, and B. Waters, “Ciphertextpolicy attributebased encryption,” in Proc. IEEE
Symposium on Security & Privacy, 2007.
[4] https://www.aafp.org/practice-management/healthit/product/workflow-redesign.htm
[5] D. R. Levinson, “Audit of information technology
security included in health information technology
standards,”
May
2011,
http://oig.hhs.gov/
oas/reports/other/180930160.pdf.
[6] A. Shamir, “Identity-based cryptosystems and signature
schemes,” in Proc. CRYPTO 84 on Advances in
Cryptology. Springer, 1984
[7] Introduction
to
electronic
health
records
https://www.aafp.org/practice-management/healthit/product/intro.html
[8] https://www.google.com/search?q=electronic+health
+types&rlz=1C1CHZL_enIN784IN784&source=lnms&t
bm=isch&sa=X&ved=0ahUKEwjU3NW5gOPhAhWlV3w
KHZ0bDG8Q_AUIDigB&biw=1522&bih=738#imgrc=m
VNziGgV05NQXM
Volume – 4 | Issue – 3
|
March-April 2020
Page 1083