SecMed: A Secure Approach for Proving Rightful Ownership of Medical Images in Encrypted Domain over Cloud

Abstract

The wide attacking surface of the public cloud poses threats to the security of sensitive information such as medical information stored at these distributed cloud data centers. Obscuring this information using traditional encryption schemes would limit the processing capabilities in encrypted domain that are provided via various cloud services. Moreover, it is vital to address the issue of rightful ownership so that the person to which the medical information belongs to can be determined. To address these issues, Chinese Remainder Theorem (CRT) based secret sharing scheme has been employed to divide the medical images into multiple random looking shares which are information theoretically secure and reveal no information about the images. Based on a secret key, some of these encrypted shares are embedded with the secret owner specific information in the encrypted domain itself prior to outsourcing. To prove rightful ownership at the receiver end, this secret information can be extracted either directly from the shares stored at the cloud data centers or obtained after recovery of the medical information at the authentic entity end which possesses the secret keys. The robustness of the scheme against different attack scenarios while stored at the cloud,,,, data centers in encrypted domain has been tested to validate the efficacy of the proposed scheme.