摘要:Cloud storage is one of the most promising services in cloud computing. It offers elastic scaling and low-cost data storage. However, the security issues in the cloud are the main concern that hinders the popularity and application of cloud services. The most important issues related to data storage in the cloud are data confidentiality, authentication, and regulations on data access. A straightforward solution to protect the data confidentiality is to encrypt the data before outsourcing to the untrusted cloud server. A malicious administrator possibly creates an account as a legitimate user and compromises the security of encrypted database in numerous ways. An access control is essential for categorizing the data based on the sensitivity level of the health records. This work proposes the cryptographically Enforced Access control for Securing Electronic medical records in the cloud (CEASE). The CEASE includes three components to ensure the confidentiality of medical data. Initially, it exploits the trusted proxy server and applies the Advanced Encryption Standard (AES) on the health data before uploading it to the cloud server. Secondly, the proxy server applies access control policy on health data in the cloud using a set of attributes which are offered during user registration. The proxy server involves in processing encrypted queries to read the encrypted data from the cloud and also decrypts the data using the attributes before delivering the data to an end user. Finally, it introduces the partial shuffling within a restricted data block that contains the hot health records and thus, it ensures the data access pattern confidentiality without degrading the querying speed. The performance of CEASE technique is evaluated in the Java platform, and the results show that the CEASE significantly protects the confidentiality of critical data in the cloud platform
关键词:Cloud Service; Malicious Activities; Encryption; Shuffling; Access Control Policy
