医疗数据外包的隐私保障方案

2015 International Conference on Cloud Technologies and Applications (CloudTech) Pub Date : 2015-06-02 DOI:10.1109/CLOUDTECH.2015.7336982

R. Gonçalves, E. Leonova, R. Puttini, Anderson C. A. Nascimento

{"title":"医疗数据外包的隐私保障方案","authors":"R. Gonçalves, E. Leonova, R. Puttini, Anderson C. A. Nascimento","doi":"10.1109/CLOUDTECH.2015.7336982","DOIUrl":null,"url":null,"abstract":"Despite the movement towards cloud computing, the involvement of a third-party is quite challenging when dealing with sensitive information. This article proposes a practical scheme for making possible to outsource medical data to fully malicious clouds while preserving privacy, resulting in a ready-to-go architecture based on hybrid encryption carried out at the client-side. Standard efficient cryptographic primitives are used to provide dynamic key management with no further assumptions about the data structure. We also encompass two-factor authentication to combine passwords with tokens generated by mobile devices, averting cumbersome smart cards or biometrics. The resulting framework is evaluated through a real-world cloud application, producing a full-featured prototype with a controllable shared access model not exploitable by any opponents.","PeriodicalId":293168,"journal":{"name":"2015 International Conference on Cloud Technologies and Applications (CloudTech)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-06-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"A privacy-ensuring scheme for health data outsourcing\",\"authors\":\"R. Gonçalves, E. Leonova, R. Puttini, Anderson C. A. Nascimento\",\"doi\":\"10.1109/CLOUDTECH.2015.7336982\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Despite the movement towards cloud computing, the involvement of a third-party is quite challenging when dealing with sensitive information. This article proposes a practical scheme for making possible to outsource medical data to fully malicious clouds while preserving privacy, resulting in a ready-to-go architecture based on hybrid encryption carried out at the client-side. Standard efficient cryptographic primitives are used to provide dynamic key management with no further assumptions about the data structure. We also encompass two-factor authentication to combine passwords with tokens generated by mobile devices, averting cumbersome smart cards or biometrics. The resulting framework is evaluated through a real-world cloud application, producing a full-featured prototype with a controllable shared access model not exploitable by any opponents.\",\"PeriodicalId\":293168,\"journal\":{\"name\":\"2015 International Conference on Cloud Technologies and Applications (CloudTech)\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-06-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Cloud Technologies and Applications (CloudTech)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CLOUDTECH.2015.7336982\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Cloud Technologies and Applications (CloudTech)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CLOUDTECH.2015.7336982","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

尽管向云计算发展，但在处理敏感信息时，第三方的参与是相当具有挑战性的。本文提出了一种实用的方案，可以将医疗数据外包给完全恶意的云，同时保留隐私，从而产生基于在客户端执行的混合加密的现成架构。标准高效的加密原语用于提供动态密钥管理，而无需对数据结构进行进一步假设。我们还包含双因素认证，将密码与移动设备生成的令牌结合起来，避免了繁琐的智能卡或生物识别技术。最终的框架通过一个真实的云应用程序进行评估，产生一个具有可控共享访问模型的全功能原型，不被任何对手利用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A privacy-ensuring scheme for health data outsourcing

Despite the movement towards cloud computing, the involvement of a third-party is quite challenging when dealing with sensitive information. This article proposes a practical scheme for making possible to outsource medical data to fully malicious clouds while preserving privacy, resulting in a ready-to-go architecture based on hybrid encryption carried out at the client-side. Standard efficient cryptographic primitives are used to provide dynamic key management with no further assumptions about the data structure. We also encompass two-factor authentication to combine passwords with tokens generated by mobile devices, averting cumbersome smart cards or biometrics. The resulting framework is evaluated through a real-world cloud application, producing a full-featured prototype with a controllable shared access model not exploitable by any opponents.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 International Conference on Cloud Technologies and Applications (CloudTech)

自引率

0.00%

发文量