HUMAN SKIN CANCER RECOGNITION AND CLASSIFICATION BY UNIFIED SKIN TEXTURE AND COLOR FEATURES

Securing Public Health Records in Cloud Computing Patient Centric And Fine Grained Data Access Control in Multi Owner Settings

CHAPTER 1ABSTRACTPersonal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi-trusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage advanced encryption standard (AES) techniques to encrypt each patients PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme

INTRODUCTIONIn recent years, personal health record (PHR) has emerged as a patient-centric model of health information exchange. A PHR service allows a patient to create manage, and control her personal health data in a centralized place through the web, from anywhere and at any time (as long as they have a web browser and Internet connection), which has made the storage, retrieval, and sharing of the medical information more efficient. Especially, each patient has the full control of his/her medical records and can effectively share his/her health data with a wide range of users, including staffs from health-care providers, and their family members or friends. In this way, the accuracy and quality of care are improved while the health-care cost is lowered. At the same time, cloud computing has attracted a lot of attention because it provides Storage-as-a-Service and Software-as-a-Service, by which software service providers can enjoy the virtually infinite and elastic storage and computing resources. As such, the PHR providers are more and more willing to shift their PHR storage and application services into the cloud instead of building specialized data centers, in order to lower their operational cost. For example, two major cloud platform providers, Google and Microsoft are both providing their PHR services, Google Health and Microsoft Health Vault, respectively. While it is exciting to have PHR services in the cloud for everyone, there are many security and privacy risks which could impede its wide adoption. The main concern is about the privacy of patients personal health data and which could gain access to the PHRs when they are stored in a cloud server. Since patients lose physical control to their own personal health data, directly placing those sensitive data under the control of the servers cannot provide strong privacy assurance at all. First, the PHR data could be leaked if an insider in the cloud providers organization misbehaves due to the high value of the sensitive personal health information (PHI). A famous incident, a Department of Veterans Affairs database containing sensitive PHI o26.5 million military veterans, including their social security numbers and health problems was stolen by an employee who took the data home without authorization [2]. Second, since cloud computing is an open platform, the servers are subjected to malicious outside attacks. For example, Google has reported attacks to its Gmail accounts in early 2010. Although there exist administrative regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) [3], technical protections that effectively ensure the confidentiality of and proper access PHR are still indispensable.1.1 Cloud computing BasicWhat is Cloud Computing?

Cloud computing is Internet based development and use of computer technology. Cloud computing is the practice of using a network of remote servers hosted on the Internet to store, manage, and process data, rather than a local server or a personal computer. In concept, It is a conceptual paradigm shift whereby details are abstracted from the user who no longer need knowledge of, expertise in, or control over the technology infrastructure "in the cloud" that supports them. It typically involves the provision of dynamically scalable and often virtualized resources as a service over the Internet. The term cloud is used as a metaphor for the Internet, based on how the Internet is depicted in computer network diagrams and is an abstraction of the underlying infrastructure it conceals. Typical cloud computing services provide common business applications on line that are accessed from a web browser, while the software and data are stored on the servers.

These services are broadly divided into three categories:

i. Infrastructure as a Service (IaaS)

ii. Platform as a Service (PaaS), and

iii. Software as a Service (SaaS)

The name cloud computing was inspired by the cloud symbol that is often used to represent the Internet in flow charts and diagrams.

"Cloud Computing" refers to the use of Internet based computer technology for a variety of services. It is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet on a pay-for-use basis, at a fraction of the cost of provisioning a traditional Data Center based solution. All the costs associated with setting up a data center such as procuring a building, hardware, redundant power supply, cooling systems, upgrading electrical supply, and maintaining a separate Disaster Recovery site can be passed on to a third party vendor. Since the customer is charged only for computer services used, cloud computing costs are a fraction of traditional technology expenditures

Infrastructure as a service (IaaS):In the most basic cloud-service model, providers of IaaS offer computers - physical or (more often) virtual machines - and other resources. (A hypervisor, such as Xen or KVM, runs the virtual machines as guests. Pools of hypervisors within the cloud operational support-system can support large numbers of virtual machines and the ability to scale services up and down according to customers' varying requirements.) IaaS clouds often offer additional resources such as a virtual-machine disk image library, raw (block) and file-based storage, firewalls, load balancers, IP addresses, virtual local area networks (VLANs), and software bundles. IaaS-cloud providers supply these resources on-demand from their large pools installed in data centers. For wide-area connectivity, customers can use either the Internet or carrier clouds (dedicated virtual private networks).

To deploy their applications, cloud users install operating-system images and their application software on the cloud infrastructure. In this model, the cloud user patches and maintains the operating systems and the application software. Cloud providers typically bill IaaS services on a utility computing basis cost reflects the amount of resources allocated and consumed.

Examples of IaaS providers include: Amazon EC2, Azure Services Platform.Platform as a service (PaaS):

In the PaaS model, cloud providers deliver a computing platform typically including operating system, programming language execution environment, database, and web server. Application developers can develop and run their software solutions on a cloud platform without the cost and complexity of buying and managing the underlying hardware and software layers. With some PaaS offers, the underlying computer and storage resources scale automatically to match application demand such that cloud user does not have to allocate resources manually.

Examples of PaaS include: Cloud Foundry, OpenShift, Google App Engine, Windows Azure Cloud Services.Software as a service (SaaS):

In the SaaS model, cloud providers install and operate application software in the cloud and cloud users access the software from cloud clients. Cloud users do not manage the cloud infrastructure and platform where the application runs. This eliminates the need to install and run the application on the cloud user's own computers, which simplifies maintenance and support. Cloud applications are different from other applications in their scalabilitywhich can be achieved by cloning tasks onto multiple virtual machines at run-time to meet changing work demand. Load balancers distribute the work over the set of virtual machines. This process is transparent to the cloud user, who sees only a single access point.

To accommodate a large number of cloud users, cloud applications can be multitenant, that is, any machine serves more than one cloud user organization. It is common to refer to special types of cloud based application software with a similar naming convention: desktop as a service, business process as a service, test environment as a service, communication as a service. The pricing model for SaaS applications is typically a monthly or yearly flat fee per user, so price is scalable and adjustable if users are added or removed at any point.

Examples of SaaS include: Google Apps, Microsoft Office 365, Onlive, GT Nexus.

Cloud clients:Users access cloud computing using networked client devices, such as desktop computers, laptops, tablets and smart phones. Some of these devices - cloud clients - rely on cloud computing for all or a majority of their applications so as to be essentially useless without it. Examples are thin clients and the browser-based Chrome book. Many cloud applications do not require specific software on the client and instead use a web browser to interact with the cloud application. With Ajax and HTML5 these Web user interfaces can achieve a similar or even better look and feel as native applications. Some cloud applications, however, support specific client software dedicated to these applications (e.g., virtual desktop clients and most email clients). Some legacy applications (line of business applications that until now have been prevalent in thin client Windows computing) are delivered via a screen-sharing technology.1.2 ObjectiveThe main objective of the proposed system is to provide secure patient-centric PHR access and efficient key management at the same time. The key idea is to divide the system into multiple security domains (namely, public Cloud and private Cloud according to the different users data access requirements.

Distributed encryption and access policy change

Role based access of data1.3 Scope of the Study

The proposed work will allow us to achieve the goals in the different scenarios like, Hospital Management, Health Care Website, National health data center, any time access of medical data Privacy protection of patients1.4 Existing SystemIn the existing system, PHR model has multiple owners (patients) who may encrypt their records according to their own ways. By using different sets of cryptographic keys each user obtains keys from every owner whos PHR has to be read would limit the accessibility since the patients are not always online.

Another method is central authority to do the key management on behalf of all PHR owners (patients), this requires too much trust on single authority.

Disadvantages1. There have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties.

2. Non-availability of authorization for the accessibility of health records which leads to an insecure data manipulation

1.5 Proposed SystemA secured framework for patient-centric information and a suite of mechanisms for data access control to PHRs has been proposed. To achieve fine-grained and scalable data access control for PHRs, we leverage advanced encryption standard (AES) techniques to encrypt each patients PHR file and use the security policy to allow the access of the data.

Advantages for Proposed System The proposed system has the following advantages

Provides higher level Data confidentiality

On-demand revocation

Write access control

Scalability and usability

To provide user friendly environment

To provide easy and faster access information

Quickly find out information of patient details

It provides an easy platform for medical data sharing between healthcare and patient.Applications

Hospital Management

Health Care Website

National health data center

Any time access of medical data

Privacy protection of patients1.6 Literature survey[1] Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM 2010 (2010)

An extensive literature survey is conducted to investigate the various approaches for managing the patient records. To keep sensitive user data confidential against un-trusted servers, existing solutions usually apply cryptographic methods by disclosing data decryption keys only to Authorized users. In order to achieve secure scalable and fine grained data access control in Cloud Computing authors used the combination of different types of algorithms viz., Attribute Based Encryption (ABE), proxy re-encryption, and lazy re-encryption.[2] Liang, X., Lu, R., Lin, X., Shen, X.S.: Cipher text policy attribute based encryption with efficient revocation. Technical Report, University of Waterloo (2010)

A cipher text policy attribute based encryption scheme with efficient revocation, construction uses linear secret sharing and binary techniques as underlying tools are used, each user is assigned a unique identifier, therefore user can be easily revoked by using his/her unique identifier.[3] Chase, M., Chow, S.S.: Improving privacy and security in multi-authority attribute based encryption. In: CCS 2009, pp. 121130 (2009)

Multi-authority ABE scheme specifies that multiple attribute-authorities monitor different sets of attributes and issue corresponding decryption keys to users, and encryptors requires that a user obtain keys for appropriate attributes from each authority before decrypting a message. Chase M. et al., given a solution which removes the trusted central authority, and protects the users privacy.[4] Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient controlled encryption: ensuring privacy of electronic medical records. In: CCSW 2009: Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 103114 (2009)

The challenges of preserving patients privacy in electronic health record systems, security in the systems should be enforced via encryption as well as access control. Furthermore we argue for approaches that enable patients to generate and store encryption keys, so that the patients privacy is protected should the host data center Be compromised.[5] Ibraimi, L., Asim, M., Petkovic, M.: Secure management of personal health records by applying attribute-based encryption. Technical Report, University of Twente (2009)

A new variant of a cipher text-policy proposed by Laun Ibraim et. al., comprises attributebased encryption scheme to enforce patient/organizational access control policies such that everyone can download the encrypted data but only authorized users from the social domain (e.g. family, friends, or fellow patients) or authorized users from the professionals domain (e.g. doctors or nurses) are allowed to decrypt it. The confidently of personal health records is a major problem when patients use commercial web-based systems to store their health data. Traditional access control mechanisms, such as Role-Based Access control.[6] Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: CCS 2008, pp. 417426 (2008)

The Fuzzy IBE primitive and binary tree data structure, and is provably secure. An Identity-Based encryption (IBE) is an exciting alternative to public key encryption. As IBE eliminates the need for a public key infrastructure (PKI), the senders using an IBE do not need to look up the public keys and the corresponding certificates of the receivers.[7] Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: CCS 2005, pp. 190202 (2005)

the problem of key management in an access hierarchy has elicited much interest in the literature. the hierarchy is modeled as a set of partially ordered classes(represented as a directed graph), and a user who obtains access(i.e., a key) to a certain class can also obtain access to all descendent classes of her class through key derivation. our solution to the above problem has the following properties: (India)only hash functions are used for a node to derive a descendant key from its own key; (ii) the space complexity of the public information is the same as that of storing the hierarchy.[8]Privacy preserving HER System Using Attribute -based infrastructure

Shivaramakrishna Narayan , Martin Gagne

In the paper, Author explore techniques which guarantees security and privacy of Medical data stored in the cloud. We show how new primitives in attribute based Cryptograph can be used o construct a secure and privacy-preserving HER systems that Enables patients to share their data among healthcare providers in a flexible, dynamic and Scalable manner.[9] Authorized Private Keyword Search Over Encrypted Data in Cloud Computing

Ming Li , Shucheng Yu, Ning cao and Wenjing Lou

In this paper ,using online Personal Health Record (PHR) as a case study, we first show The necessity of search capability authorized that reduces the privacy exposure Resulting from the search results, and establish a scalable framework for Authorized Private Keyword Search (APKS) over encrypted cloud data. We then propose to novel Solutions for APKS based on a recent cryptographic primitive, Hierarchical Predicate Encryption (HPE). Our solutions enable efficient multi-dimensional keyword searches With range query, allow delegation and revocation of search capabilities .More over, we Enhance the query privacy which hides users query keywords against the server. We Implement our scheme on a modern workstation, and experimental results demonstrate its Suitability for practical usage. [10] Authorized Private Keyword Search Over Encrypted Personal Health Records in Cloud ComputingMing Li_, Shucheng Yuy, Ning Cao_

In this paper , Author formulate and address the problem of authorized private keyword Searches (APKS) on encrypted PHR in cloud computing environment . we first present a Scalable an fine-grained authorized frame work for searching on encrypted PHR, where users Obtain query capabilities from localized trusted authorities according to their attributes , Which is highly scalable with the user scale of the system. Then we propose two novels solutions For APKS based on a recent cryptographic primitive, hierarchical predicate encryption (HPE), one with enhanced efficiency and the other with enhanced query privacy. In addition to document privacy and query privacy, other salient features of our schemes include: efficiently support multi-dimensional, multiple Keyword searches with simple range query ,allow delegation and revocation of search capabilities. We implement our scheme on a modern workstation, experimental results demonstrate its suitability for practical usage.

CHAPTER 2 2.1 ModulesThe following three modules are

1. PHR Owner/ patient module

2. Data confidentiality module

3. Cloud Server module

1 PHR Owner/patient module: The main goal of this module is to provide secure patient-centric PHR access and efficient key management at the same time. The key idea is to divide the system into multiple security domains (namely public clouds and private clouds according to the different users data access requirements.

PHR service providers encrypt patients data, PHR services should give patients (PHR owners) full control over the selective sharing of their own PHR data.

2 Data Confidentiality module: The owners upload encrypted PHR files to the server. Each owners PHR file is encrypted both under a certain fine grained and role-based access policy for users from the public clouds to access and under a selected set of data attributes that allows access from users in the private clouds. Only authorized users can decrypt the PHR files.

3 Cloud server module: The main function of cloud server is to create an interface between the application and users. The authentication of the user name and password is carried out. If user is authentic then he/she gets access to his/her records.

CHAPTER 33.1 Architecture

Fig 3.1. System Architecture

3.2 Algorithm UsedAdvanced Encryption Standard (AES) is a symmetric block cipher which uses the same key for both encryption and decryption. The algorithm allows a variety of block and key sizes, and not just the 64 and 56 bits of DES block and key sizes, the block and key size can be chosen from 128, 160, 192, 224, 256 bits The AES standard states that the algorithm can only accept a block size of 128 bits and a choice of three keys 128, 192, 256 bits.

For encryption the number of rounds depends on the chosen key length. The key length 128 bits uses 10 round, the key length 192 bits uses 12 round, the key length 256 bits uses 14 rounds.Encryption:

Each round consist of following 4 stages

1. Substitution Bytes

2. Shift Rows

3. Mix columns

4. Add Round KeyDecryption:

Each round consists of the following four stages1. Inverse Shift rows

2. Inverse Substitute bytes

3. Inverse Add Round Key

4. Inverse Mix Columns

Step1: The substitute bytes stage uses an s-box to perform a byte-by-byte substitution of the block, there is a single 8-bit wide s-box used on every byte, this s-box is permutation of all 256 8-bits values. Step 2: The shift rows stage provides a simple permutation of the data, It performs the shifting the rows of the state array during forward process, circular rotate on each row of 0,1,2 and 3 places for respective rows

Step 3: : Operates on each column individually, each byte is replaced by a value dependent on all 4 bytes in the column

it performs the mixing up of the bytes in each column separately.

Step 4: The add round key stage which is simple bitwise XOR of the current block with a portion of the expanded key,

CHAPTER 4REQUIREMENTS ENGINEERING

4.1 Hardware Requirements

The hardware requirements may serve as the basis for a contract for the implementation of the system and should therefore be a complete and consistent specification of the whole system. They are used by software engineers as the starting point for the system design. It should what the system do and not how it should be implemented.Processor -Pentium III

Speed

- 1.1 Ghz

RAM

- 256 MB(min)4.2 Software RequirementsOperating System

: Windows95/98/2000/XP

Platform: :net

Language : C# /ASP. Net

Database

: Cloud Server

4.3 Functional Requirements

A functional requirement defines a function of a software-system or its component. A function is described as a set of inputs, the behavior, and outputs. The proposed system is achieved by creating a search engine which may decrease the searching time of the user in the semantic web and can able to give a accurate result to the user.CHAPTER 5DESIGN ENGINEERING5.1 GeneralDesign Engineering deals with the various UML [Unified Modeling language] diagrams for the implementation of project. Design is a meaningful engineering representation of a thing that is to be built. Software design is a process through which the requirements are translated into representation of the software. Design is the place where quality is rendered in software engineering. Design is the means to accurately translate customer requirements into finished product.5.2 Use Case DiagramA use case diagram is a type of behavioral diagram created from a Use-case analysis. The purpose of use case is to present overview of the functionality provided by the system in terms of actors, their goals and any dependencies between those use cases.

In the below diagram seven use cases are depicted. They are used to search result using CST methods.ADMIN PATIENT

CLOUD MANAGER Fig 5.2 Use case Diagram5.3 Dataflow DiagramA data flow diagram (DFD) is a graphical representation of the flow of data through an information system. It differs from the flowchart as it shows the data flow instead of the control flow of the program. A data flow diagram can also be used for the visualization of data processing. The DFD is designed to show how a system is divided into smaller portions and to highlight the flow of data between those parts.

Fig. 5.3 dataflow diagram5.4 Sequence DiagramA sequence diagram in UML is a kind of interaction diagram that shows how processes operate with one another and in what order. It is a construct of a message sequence chart. Sequence diagrams are sometimes called Event-trace diagrams, event scenarios, and timing diagrams. The below diagram shows the sequence flow of the Parallel data Processing in The Cloud

Fig.5.4 Sequence Diagram forCHAPTER 6RESULTS AND DISCUSSIONS

The following figures explains about cloud Services

i. Service Provider

Window Service Provider

SQL Service Provider

Document Service Provider

To access these services user has to be register into the cloud through User registration Interface.

6.1 User/Patient Registration

Fig 6.1 User/Patient Registration6.2 User/Patient Login

Fig 6.2 User/Patient Login

Description: the figure shows user/patient can login into cloud by providing his username and password6.3 Admin Login

Fig 6.3 Admin Login6.4 Encrypt Patient Info

Fig 6.4 Encrypt Patient Info6.5 Insert Patient Info

Fig 6.5 insert Patient Info6.6 View All Patients

Fig 6.6 View All Patients6.7 Encryption Process

Fig 6.7 Encryption Process

Fig 6.8 Browse image

Fig 6.9 upload the image

Fig 6.10 skydrive permission

Fig 6.11 Image Saved In Cloud

Fig 6.12 Encryption Time

6.8 Decryption process

Fig 6.13 Admin Login

Fig 6.14 Download and Decrypt

Fig 6.15Decryption TimePerformance.

Image size in pixelsFig 6.16: A line graph of encryption and upload time(sec) verses image size in pixels.CHAPTER 7SOFTWARE TESTING7.1 General

The purpose of testing is to discover errors. Testing is the process of trying to discover every conceivable fault or weakness in a work product. It provides a way to check the functionality of components, sub assemblies, assemblies and/or a finished product It is the process of exercising software with the intent of ensuring that the Software system meets its requirements and user expectations and does not fail in an unacceptable manner. There are various types of test. Each test type addresses a specific testing requirement.7.2 Developing Methodologies

The test process is initiated by developing a comprehensive plan to test the general functionality and special features on a variety of platform combinations. Strict quality control procedures are used.

The process verifies that the application meets the requirements specified in the system requirements document and is bug free. The following are the considerations used to develop the framework from developing the testing methodologies.7.3Types of Tests7.3.1 Unit testing

Unit testing involves the design of test cases that validate that the internal program logic is functioning properly, and that program input produce valid outputs. All decision branches and internal code flow should be validated. It is the testing of individual software units of the application .it is done after the completion of an individual unit before integration. This is a structural testing, that relies on knowledge of its construction and is invasive. Unit tests perform basic tests at component level and test a specific business process, application, and/or system configuration. Unit tests ensure that each unique path of a business process performs accurately to the documented specifications and contains clearly defined inputs and expected results.7.3.2 Functional test

Functional tests provide systematic demonstrations that functions tested are available as specified by the business and technical requirements, system documentation, and user manuals.

Functional testing is centered on the following items:

Valid Input : identified classes of valid input must be accepted.

Invalid Input : identified classes of invalid input must be rejected.

Functions : identified functions must be exercised.

Output : identified classes of application outputs must be exercised.

Systems/Procedures: interfacing systems or procedures must be invoked.

7.3.3 System Test

System testing ensures that the entire integrated software system meets requirements. It tests a configuration to ensure known and predictable results. An example of system testing is the configuration oriented system integration test. System testing is based on process descriptions and flows, emphasizing pre-driven process links and integration points.7.3.4 Performance Test

The Performance test ensures that the output be produced within the time limits,and the time taken by the system for compiling, giving response to the users and request being send to the system for to retrieve the results.7.3.5 Integration Testing

Software integration testing is the incremental integration testing of two or more integrated software components on a single platform to produce failures caused by interface defects. The task of the integration test is to check that components or software applications, e.g. components in a software system or one step up software applications at the company level interact without error.7.3.6 Acceptance Testing

User Acceptance Testing is a critical phase of any project and requires significant participation by the end user. It also ensures that the system meets the functional requirements.

Acceptance testing for Data Synchronization:

The Acknowledgements will be received by the Sender Node after the Packets are received by the Destination Node.

The Route add operation is done only when there is a Route request in need The Status of Nodes information is done automatically in the Cache Updation process

7.3.7 Build the test plan

Any project can be divided into units that can be further performed for detailed processing. Then a testing strategy for each of this unit is carried out. Unit testing helps to identity the possible bugs in the individual component, so the component that has bugs can be identified and can be rectified from errors.CHAPTER 8CONCLUSIONThe proposed method overcomes the drawbacks of the existing system and provides higher security level by using Advanced Encryption Standard (AES) encryption algorithm. This approach allows the users to maintain the data in a secured cloud environment by meeting the goals like data confidentiality, write access control, on-demand revocation, etc.

It also makes sure that the secret data of the patient is accessed and used by only authorized persons, providing highest level of security, The main motto of the patient centric model is that the share the personal health records of the patient with maximum security,

patient centric concept, patients will have complete control over encrypting their PHR files to allow fine-grained access.

.REFERENCES

[1] Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: IEEE INFOCOM 2010 (2010)

[2] Liang, X., Lu, R., Lin, X., Shen, X.S.: Cipher text policy attribute based encryption with efficient revocation. Technical Report, University of Waterloo (2010)

[3] Chase, M., Chow, S.S.: Improving privacy and security in multi-authority attribute based encryption. In: CCS 2009, pp. 121130 (2009)

[4] Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient controlled encryption: ensuring privacy of electronic medical records. In: CCSW 2009: Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 103114 (2009)[5] Ibraimi, L., Asim, M., Petkovic, M.: Secure management of personal health records by applying attribute-based encryption. Technical Report, University of Twente (2009)

[6] Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: CCS 2008, pp. 417426 (2008)

[7] Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: CCS 2005, pp. 190202 (2005)

INSERT\UPDATE

VIEW

PATIENT DATA

MA

ENCRYPT\DECRYPT

Department of Computer Science and Engineering

PDACE, Gulbarga Page 41