“Everyone designs who devises courses of action aimed at changing existing situations into preferred ones”.
Herbert Simon.
Abstract
The assiduous parade of the state-of-the-art sprouting digital technologies, is disrupting the smooth, easy-going health care digital ecosystem and forewarns us to manage it preemptively; since adaptation and survival of the fittest is a proven fact and we need to acclimatize to the mutated health care digital landscape. In this paper, the heightened consternations in the cloud are discoursed, with prime focus on integrity and privacy solutions, useful to hook the doles of cloud computing technologies for the health care world. An all-embracing appraisal of the correlated up-to-date research work on Provable Data Possession (PDP), tosses light on the erstwhile current status, research challenges, and future directions of PDP based health care data integrity. The need of the hour is a system, which, aids as an external auditor to audit the user’s outsourced health care data in the cloud, deprived of the wisdom of the health care data content. The contributions in this paper are (1) A comprehensive analysis of the contemporary Privacy Conserving PDP data integrity schemes, (2) a proposed novel generic support framework, which is useful to shield stored health care data, provide authentication in the cloud environment, which, is scalable and efficient, (3) deployment of the Secure Privacy Conserving Provable Data Possession (SPC-PDP) framework. The results validate that the proposed SPC-PDP framework can competently accomplish secure auditing and outclass the erstwhile ones. The SPC-PDP framework is no doubt, a promising solution to the challenges soaring due to the state-of-the-art improvements in health care digital technology. Last but not the least, this paper also gives a bird’s eye view on the future directions of secure and privacy preserving data integrity.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abbas A, Khan SU (2014) A review on the state-of-the-art privacy-preserving approaches in the e-health clouds. IEEE J Biomed Health Inf 18(4):1431–1441
Abbas A, Khan M, Ali M, Khan S, Yang L (2015) A cloud based framework for identification of influential health experts from Twitter. In: Proceedings of the 15th international conference on scalable computing and communications (ScalCom)
Ahuja S, Mani S, Zambrano J (2012) A survey of the state of cloud computing in healthcare. Netw Commun Technol 1:12–19
Akinyele J, Lehmann C, Green M, Pagano M, Peterson Z, Rubin A (2010) Self-protecting electronic medical records using attribute-based encryption. In: Technical report 2010/565, Cryptology e-Print Archive
Ateniese G, Di Pietro R, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th international conference on security and privacy in communication networks, p 9. ACM
Ateniese G, Kamara S, Katz J (2009) Proofs of storage from homomorphic identification protocols. In: International conference on the theory and application of cryptology and information security, pp 319–333. Springer, Berlin
Bhadauria R, Chaki R, Chaki N, Sanyal S (2011) A survey on security issues in cloud computing. ar**v preprint ar**v:1109.5388, pp 1–15
Buyya R, Yeo CS, Venugopal S, Broberg J, Brandic I (2009) Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Gener Comput Syst 25(6):599–616
Chen Y, Lu J, Jan J (2012) A secure EHR system based on hybrid clouds. J Med Syst 36(5):3375–3384
Du W, Jia J, Mangal M, Murugesan M (2004) Uncheatable grid computing. In: 24th international conference on distributed computing systems, proceedings, pp 4–11. IEEE
Erway CC, Küpçü A, Papamanthou C, Tamassia R (2015) Dynamic provable data possession. ACM Trans Inf Syst Secur 17(4):15
Fu A, Yu S, Zhang Y, Wang H, Huang C (2017) NPP: a new privacy-aware public auditing scheme for cloud data sharing with group users. IEEE Trans Big Data. https://doi.org/10.1109/TBDATA.2017.2701347
Gasti P, Ateniese G, Blanton M (2010) Deniable cloud storage: sharing files via public-key deniability. In: Proceedings of the 9th annual ACM workshop on privacy in the electronic society, pp 31–42. ACM
Gitanjali J, Banu SN, Geetha Mary A, Indumathi J, Uma GV (2007) An agent based burgeoning framework for privacy preserving information harvesting systems. Int J Comput Sc Netw Secur 7(11):268–276
Gitanjali J, Banu SN, Indumathi J, Uma GV (2008) A panglossian solitary-skim sanitization for privacy preserving data archaeology. Int J Electr Power Eng 2(3):154–165
Gitanjali J, Ghalib MdR, Murugesan K, Indumathi J, Manjula D (2009a) An object-oriented scaffold premeditated for privacy preserving data mining of outsourced medical data. Int J Softw Eng Appl (in press)
Gitanjali J, Ghalib MdR, Murugesan K, Indumathi J, Manjula D (2009b) A hybrid scheme Of data camouflaging for privacy preserved electronic copyright publishing using cryptography and watermarking technologies. Int J Secur Appl
Grobauer B, Walloschek T, Stocker E (2011) Understanding cloud computing vulnerabilities. IEEE Secur Priv 9(2):50–57
Guan C, Ren K, Zhang F, Kerschbaum F, Yu J (2015) Symmetric-key based proofs of retrievability supporting public verification. In: European symposium on research in computer security (pp 203–223). Springer, Cham
Haas S, Wohlgemuth S, Echizen I, Sonehara N, Muller G (2011) Aspects of privacy for electronic health records. Int J Med Inform 80(2):e26–e31
He J, Zhang Z, Li M, Zhu L, Hu J (2018) Provable data integrity of cloud storage service with enhanced security in the internet of things. IEEE Access 7:6226–6239
Huang D, Misra S, Verma M, Xue G (2011a) PACP: an efficient pseudonymous authentication-based conditional privacy protocol for VANETs. IEEE Trans Intell Transp Syst 12(3):736–746
Huang Q, Yang G, Wong DS, Susilo W (2011b) Efficient strong designated verifier signature schemes without random oracle or with non-delegatability. Int J Inf Secur 10(6):373–385
Indumathi J (2012) A generic scaffold housing the innovative modus operandi for selection of the superlative anonymisation technique for optimized privacy preserving data mining. In: Karahoca A (ed) Data mining applications in engineering and medicine, Chapter 6. InTech, London, pp 133–156. ISBN 9535107200 9789535107200
Indumathi J (2013a) Amelioration of anonymity modus operandi for privacy preserving data publishing. In: Amine A, Mohamed OA, Benatallah B (eds) Network security technologies: design and applications, chapter 7. IGI Global, Hershey, pp 96–107
Indumathi J (2013b) An enhanced secure agent-oriented burgeoning integrated home tele health care framework for the silver generation. Int J Adv Network Appl 04(04):16–21. Special issue on “Computational intelligence—a research perspective” held on “21st–22nd Feburary 2013”
Indumathi J (2013c) State-of-the-art in reconstruction-based modus operandi for privacy preserving data dredging. Int J Adv Netw Appl 04(04):9–15. Special issue on “Computational intelligence—a research perspective” held on “21st–22nd Feburary 2013”
Indumathi J, Uma GV (2007a) Customized privacy preservation using unknowns to stymie unearthing of association rules. J Comput Sci 3(12):874–881
Indumathi J, Uma GV (2007b) Using privacy preserving techniques to accomplish a secure accord. Int J Comput Sci Netw Secur 7(8):258–266
Indumathi J, Uma GV (2008a) A bespoked secure framework for an ontology-based data-extraction system. J Softw Eng 2(2):1–13
Indumathi J, Uma GV (2008b) A new flustering approach for privacy preserving data fishing in tele-health care systems. Int J Healthc Technol Manag 9(5–6):495–516 (Special issue on: “Tele-healthcare system implementation, challenges and issues”)
Indumathi J, Uma GV (2008c) A novel framework for optimized privacy preserving data mining using the innovative desultory technique. Int J Comput Appl Technol 35(2/3/4):194–203 (Special Issue on: “Computer applications in knowledge-based systems”)
Indumathi J, Uma GV (2008d) An aggrandized framework for genetic privacy preserving pattern analysis using cryptography and contravening—conscious knowledge management systems. Int J Mol Med Adv Sci 4(1):33–40
Jain P, Gyanchandani M, Khare N (2016) Big data privacy: a technological perspective and review. J Big Data 3(1):25
Joshi B, Vijayan AS, Joshi BK (2011) Securing cloud computing environment against DDoS attacks. IEEE, pp 1–5
Kaletsch A, Sunyaev A (2011) Privacy engineering: personal health records in cloud computing environments. In: Proceedings of the 32nd international conference on information systems (ICIS), pp 1–11
Khedr WI, Khater HM, Mohamed ER (2019) Cryptographic accumulator-based scheme for critical data integrity verification in cloud storage. IEEE Access 7:65635–65651
Kuo AH (2011) Opportunities and challenges of cloud computing to improve health care services. J Med Internet Res 13(3):e67. https://doi.org/10.2196/jmir.1867
Juels A, Kaliski Jr, BS (2007) PORs: Proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security, pp 584–597. ACM
Li J (2013) Electronic personal health records and the question of privacy. Computer. https://doi.org/10.1109/mc.2013.225
Li M, Yu S, Ren K, Lou W (2010) Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. International conference on security and privacy in communication networks. Springer, Berlin, Heidelberg, pp 89–106
Lin H, Shao J, Zhang C, Fang Y (2013) CAM: cloud-assisted privacy preserving mobile health monitoring. IEEE Trans Inf Forensics Secur 8(6):985–997
Liu W (2012) Research on cloud computing security problem and strategy. IEEE, pp 1216–1219
Lounis A, Hadjidj A, Bouabdallah A, Challal Y (2015) Healing on the cloud: secure cloud architecture for medical wireless sensor networks. Future Gener Comput Syst. https://doi.org/10.1016/j.future.2015.01.009
Luo Y, Xu M, Fu S, Wang D, Deng J (2015) Efficient integrity auditing for shared data in the cloud with secure user revocation. In 2015 IEEE Trustcom/BigDataSE/ISPA; vol 1, pp 434–442. IEEE
Mandagere N, Zhou P, Smith MA, Uttamchandani S (2008) Demystifying data deduplication. In: Proceedings of the ACM/IFIP/USENIX Middleware’08 conference companion, pp 12–17. ACM
Mashima D, Ahamad M (2012) Enhancing accountability of electronic health record usage via patient-centric monitoring. In: Proceedings of the 2nd ACM SIGHIT international health informatics symposium, IHI’12, pp 409–418. ACM
Metri P, Sarote G (2011) Privacy issues and challenges in cloud computing. Int J Adv Eng Sci Technol 5:1–6
Meyer DT, Bolosky WJ (2012) A study of practical deduplication. ACM Trans Storage 7(4):14. https://doi.org/10.1145/2078861.2078864
Murugesan K, Gitanjali J, Indumathi J, Manjula D (2009) Sprouting modus operandi for selection of the best PPDM technique for health care domain. Int J Conf Recent Trends Comput Sci 1(1):627–629
Murugesan K, Indumathi J, Manjula D (2010a) An optimized intellectual agent based secure decision system for health care. Int J Eng Sci Technol 2(5):3662–3675
Murugesan K, Indumathi J, Manjula D (2010b) A framework for an ontology-based data-gleaning and agent based intelligent decision support PPDM system employing generalization technique for health care. Int J Comput Sci Engi 2(5):1588–1596
Narayanan A, Huey J, Felten EW (2016) A precautionary approach to big data privacy. Data protection on the move. Springer, Dordrecht, pp 357–385
Prakash D, Murugesan K, Indumathi J, Manjula D (2009) A novel cardiac attack prediction and classification using supervised agent techniques. CiiT Int J Artif Intell Syst Mach Learn 1(2):59
Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput 16(1):69–73
Ren Y, Xu J, Wang J, Kim JU (2013) Designated-verifier provable data possession in public cloud storage. Int J Secur Appl 7(6):11–20
Rong C, Nguyen ST, Jaatun MG (2013) Beyond lightning: a survey on security challenges in cloud computing. Comput Electr Eng 39(1):47–54
Satheesh Kumar K, Indumathi J, Uma GV (2008) Design of smoke screening techniques for data surreptitiousness in privacy preserving data snoo** using object oriented approach and UML. IJCSNS Int J Comput Sci Netw Secur 8(4):106–115
Sebé F, Domingo-Ferrer J, Martinez-Balleste A, Deswarte Y, Quisquater JJ (2008) Efficient remote data possession checking in critical information infrastructures. IEEE Trans Knowl Data Eng 20(8):1034–1038
Sedayao J (2012) Enhancing cloud security using data anonymization. White Paper, Intel Coporation
Sedghi S (2012) Towards provably secure efficiently searchable encryption. University of Twente, Enschede
Shen W, Yang G, Yu J, Zhang H, Kong F, Hao R (2017) Remote data possession checking with privacy-preserving authenticators for cloud storage. Future Gener Comput Syst 76:136–145
Shen W, Qin J, Yu J, Hao R, Hu J (2019) Enabling identity-based integrity auditing and data sharing with sensitive information hiding for secure cloud storage. IEEE Trans Inf Forensics Secur 14(2):331–346
Sookhak M, Gani A, Talebain H, Akhunzada A, Khan S, Buyya R, Zomaya A (2015) Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Comput Surv 47(4):65:1–65:34
Tang J, Cui Y, Li Q, Ren K, Liu J, Buyya R (2016) Ensuring security and privacy preservation for cloud data services. ACM Comput Surv 49(1):13:1–13:39
Tian H, Chen Y, Chang CC, Jiang H, Huang Y, Chen Y, Liu J (2017) Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans Serv Comput 10(5):701–714
Vasudevan V, Sivaraman N, SenthilKumar S, Muthuraj R, Indumathi J, Uma GV (2007) A comparative study of SPKI/SDSI and K-SPKI/SDSI systems. Inf Technol J 6(8):1208–1216
Wang Q, Wang C, Li J, Ren K, Lou W (2009) Enabling public verifiability and data dynamics for storage security in cloud computing. In: European symposium on research in computer security. Springer, Berlin, pp 355–370
Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: 2010 proceedings IEEE infocom. IEEE, pp 1–9
Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859
Wang B, Li B, Li H (2012) Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: International conference on applied cryptography and network security. Springer, Berlin, pp 507–525
Wang C, Chow SS, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375
Wang B, Li B, Li H (2014a) Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput 2(1):43–56
Wang B, Li B, Li H (2014b) Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput 2(1):43–56
Wang B, Li B, Li H (2015) Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans Serv Comput 8(1):92–106
Wang H, He D, Tang S (2016a) Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inf Forensics Secur 11(6):1165–1176
Wang H, He D, Yu J, Wang Z (2016b) Incentive and unconditionally anonymous identity-based public provable dat possession. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.216.2633260
Wei L, Zhu H, Cao Z, Dong X, Jia W, Chen Y, Vasilakos AV (2014) Security and privacy for storage and computation in cloud computing. Inf Sci 258:371–386
Worku SG, Ting Z, Zhi-Guang Q (2012) Survey on cloud data integrity proof techniques. In: 2012 Seventh Asia joint conference on information security. IEEE, pp 85–91
Worku SG, Xu C, Zhao J, He X (2014) Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput Electr Eng 40(5):1703–1713
Wu R, Ahn GJ, Hu H (2012) Secure sharing of electronic health records in clouds. In: Proceedings of the 8th international conference on collaborative computing: networking, applications and worksharing (CollaborateCom), pp 711–718
**ao Z, **ao Y (2012) Security and privacy in cloud computing. IEEE Commun Surv Tutorials 15(2):843–859
Yan H, Li J, Zhang Y (2019) Remote data checking with a designated verifier in cloud storage. IEEE Syst J. https://doi.org/10.1109/JSYST.2019.2918022
Yang K, Jia X (2012) Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web 15(4):409–428
Yang K, Jia X (2013) An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Parallel Distrib Syst 24(9):1717–1726
Yang JJ, Li JQ, Niu Y (2015) A hybrid solution for privacy preserving medical data sharing in the cloud environment. Future Gener Comput Syst 43–44:74–86
Yang G, Yu J, Shen W, Su Q, Fu Z, Hao R (2016) Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. J Syst Softw 113:130–139
Yu J, Wang H (2017) Strong key-exposure resilient auditing for secure cloud storage. IEEE Trans Inf Forensics Secur 12(8):1931–1940
Yu J, Ren K, Wang C, Varadharajan V (2015) Enabling cloud storage auditing with key-exposure resistance. IEEE Trans Inf Forensics Secur 10(6):1167–1179
Yu J, Ren K, Wang C (2016) Enabling cloud storage auditing with verifiable outsourcing of key updates. IEEE Trans Inf Forensics Secur 11(6):1362–1375
Yu Y, Au MH, Ateniese G, Huang X, Susilo W, Dai Y, Min G (2017) Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans Inf Forensics Secur 12(4):767–778
Zhang R, Liu L (2010) Security models and requirements for healthcare application clouds. In: Proceedings of the 3rd IEEE international conference on cloud computing (CLOUD), pp 268–275
Zhang J, Mao J (2008) A novel ID-based designated verifier signature scheme. Inf Sci 178(3):766–773
Zhang Y, Yu J, Hao R, Wang C, Ren K (2018) Enabling efficient user revocation in identity-based cloud storage auditing for shared big data. IEEE Trans Dependable Secure Comput. https://doi.org/10.1109/TDSC.2018.2829880
Zhu Y, Hu H, Ahn GJ, Yu M (2012) Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans Parallel Distrib Syst 23(12):2231–2244
Zissis D, Lekkas D (2012) Addressing cloud computing security issues. Future Gener Comput Syst 28(3):583–592
Zyskind G, Nathan O, Pentland A (2015) Enigma: Decentralized computation platform with guaranteed privacy. ar**v preprint ar**v:1506.03471
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Jayaraman, I., Mohammed, M. Secure Privacy Conserving Provable Data Possession (SPC-PDP) framework. Inf Syst E-Bus Manage 18, 351–377 (2020). https://doi.org/10.1007/s10257-019-00417-8
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10257-019-00417-8