Secret Sharing for Health Data in Multi-provider Clouds

The accelerated adoption of cloud computing among enterprises is due to the multiple benefits the technology provides, one of them the simplification of inter-organizational information sharing, which is of utmost importance in healthcare. Nevertheless, moving sensitive health records to the cloud still implies severe security and privacy risks. With this background, we present a novel secure architecture for sharing electronic health records in a cloud environment. We first conducted a systematic literature review and interviews with different experts from the German healthcare industry that allowed us to derive real-world processes and corresponding security and privacy requirements. Based on these results, we designed our multi-provider cloud architecture that satisfies many of the requirements by providing increased availability, confidentiality and integrity of the medical records stored in the cloud. This architecture features secret sharing as an important measure to distribute health records as fragments to different cloud services, which can provide higher redundancy and additional security and privacy protection in the case of key compromise, broken encryption algorithms or their insecure implementation. Finally, we evaluate and select a secret-sharing algorithm for our multi-cloud architecture. We implemented both Shamir's secret-sharing scheme and Rabin's information dispersal algorithm and performed several experiments measuring the execution time. Our results indicate that an adoption of Rabin's algorithm would create a low overhead, giving strong indicators to the feasibility of our approach.