towards trusted ehealth services in the cloud
TRANSCRIPT
![Page 1: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/1.jpg)
Towards Trusted eHealth Services in the Cloud
Antonis Michalas Rafael Dowsley
![Page 2: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/2.jpg)
Old-style Personal Health Records
![Page 3: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/3.jpg)
Improvements
Digitalization of the medical records was the first step of the transition and proved to be very beneficial.
More ambitious goal: the complete medical record should be available to the patients wherever they are.
![Page 4: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/4.jpg)
Records on the Cloud
Important question: How the medical records are accessed?
![Page 5: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/5.jpg)
Doctors Access Directly
Totally unacceptable from patients’ privacy point of view.
![Page 6: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/6.jpg)
Patient Authorization
Ideally download from the cloud only the relevant data.
![Page 7: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/7.jpg)
Protecting Against the Cloud
Protects against the cloud, but breaks search functionality.
![Page 8: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/8.jpg)
Symmetric Encryption Schemes
Security Goal: Ciphertexts do not leak any information about the plaintexts.
E
Message M
Secret-Key K Ciphertext C
D
Ciphertext C
Secret-Key K Message M
![Page 9: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/9.jpg)
Symmetric Searchable Encryption Schemes
E
Files F
Secret-Key K
Ciphertexts C
Encrypted index I
Ciphertexts C, encrypted index I
![Page 10: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/10.jpg)
Symmetric Searchable Encryption Schemes
ST
Keyword W
Secret-Key K
Search token TS
Search token TS
Encrypted files containing W
![Page 11: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/11.jpg)
Dynamic SSE Schemes
UT
Update U
Secret-Key K
Update token TU
Update token TU
Update ciphertext vector and encrypted index
![Page 12: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/12.jpg)
Using SSE in our Scenario
Use dynamic symmetric searchable encryption scheme.
![Page 13: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/13.jpg)
Security of SSE
Ideally a symmetric searchable encryption scheme should leak no information for the storage server, but this is hard to achieve efficiently.
Access pattern: outcome of the search query (i.e., ids of the matching files)
Search pattern: whether two search queries are for the same keyword. Leaks in the most efficient known solutions, which use deterministic search tokens.
Update operations normally also generate some leakage.
Formalization using leakage functions: LI, LS, LU.
![Page 14: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/14.jpg)
Security of SSE
If the simulated server view is indistinguishable from the real server view, then the SSE scheme is secure according to these leakage functions.
Ideal World
Leakage functions LI, LS, LU Simulated server view
![Page 15: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/15.jpg)
Security of Our Scheme
Security against leakage on the cloud layer follows directly from the security of the SSE scheme.
Any improvements in the leakage profile of the most efficient SSE schemes translates directly in more security in our scenario.
There are already SSE schemes with reasonably good efficiency and leakage profiles.
![Page 16: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/16.jpg)
Summary
Stores medical records in the cloud in order to make them available to the patients everywhere and thus improves their diagnosis and treatment.
Protects the medical data against unauthorized accesses by doctors and minimizes the possible leakage of information at the cloud layer, while keeping the usage efficiency.
Security against leakage on the cloud layer based on the security of the SSE schemes. Improvements translate directly.
![Page 17: Towards Trusted eHealth Services in the Cloud](https://reader033.vdocuments.us/reader033/viewer/2022051521/587163e01a28ab58758b4e8b/html5/thumbnails/17.jpg)