Efficient Search Over Encrypted Medical Data With Known-Plaintext/Background Models and Unlinkability

Sherif Abdelfattah; Mohamed Baza; Mahmoud M. Badr; Mohamed M. E. A. Mahmoud; Gautam Srivastava; Fawaz Alsolami; Abdullah Marish Ali

doi:10.1109/ACCESS.2021.3126200

IEEE Access (Jan 2021)

Efficient Search Over Encrypted Medical Data With Known-Plaintext/Background Models and Unlinkability

Sherif Abdelfattah,
Mohamed Baza,
Mahmoud M. Badr,
Mohamed M. E. A. Mahmoud,
Gautam Srivastava,
Fawaz Alsolami,
Abdullah Marish Ali

Affiliations

Sherif Abdelfattah: Department of Electrical & Computer Engineering, Tennessee Tech University, Cookeville, TN, USA
Mohamed Baza: Department of Computer Science, College of Charleston, Charleston, SC, USA
Mahmoud M. Badr: Department of Electrical & Computer Engineering, Tennessee Tech University, Cookeville, TN, USA
Mohamed M. E. A. Mahmoud: ORCiD; Department of Electrical & Computer Engineering, Tennessee Tech University, Cookeville, TN, USA
Gautam Srivastava: ORCiD; Department of Mathematics and Computer Science, Brandon University, Brandon, MB, Canada
Fawaz Alsolami: ORCiD; Department of Computer Science, King Abdulaziz University, Jeddah, Saudi Arabia
Abdullah Marish Ali: ORCiD; Department of Computer Science, King Abdulaziz University, Jeddah, Saudi Arabia

DOI: https://doi.org/10.1109/ACCESS.2021.3126200
Journal volume & issue: Vol. 9
pp. 151129 – 151141

Abstract

Read online

In advanced health care systems, patients’ medical data can be outsourced to cloud servers to enable remote healthcare service providers to access and analyze patients’ data from any location to provide better treatment. However, outsourcing sensitive medical data makes data owners, i.e., patients, concerned about their privacy because private companies run the cloud service and the data can be accessed by them. Therefore, it is important to encrypt the data in the form of documents before outsourcing them to the cloud in a way that enables a data user, i.e., a doctor, to search over these documents without allowing the cloud provider to learn any private information about patients. Several schemes have been proposed to enable search over encrypted medical cloud data to preserve patient privacy, but the existing schemes suffer from high communication/computation overhead because they are designed for a single-data-owner setting. Moreover, they are not secure against known-plaintext/background and linkability attacks and do not allow doctors to customize their search to avoid downloading irrelevant documents. In this paper, we develop an efficient search scheme over encrypted data for a multi-data-owner setting. To secure our scheme, the cloud server obtains noisy similarity scores and doctors de-noise them to download the most relevant documents. Our scheme enables doctors to prescribe search conditions to customize the search without revealing the conditions to the server. Our formal proof and analysis indicate that our scheme can preserve privacy and is secure against known-plaintext/background and linkability attacks, and the results of extensive experiments demonstrate the efficiency of our scheme compared to the existing works.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords