Privacy preservation of electronic health records with adversarial attacks identification in hybrid cloud

Kanwal，Tehsin1; Anjum，Adeel1,2; Malik，Saif U.R.3; Khan，Abid4; Khan，Muazzam A.5

2021-10-01

10.1016/j.csi.2021.103522

COMPUTER STANDARDS & INTERFACES   影响因子和分区

0920-5489

An increasing trend in healthcare organizations to outsource EHRs’ data to the cloud highlights new challenges regarding the privacy of given individuals. Healthcare organizations outsource their EHRs data in a hybrid cloud that elevates the problem of security and privacy in terms of EHRs’ access to an unlimited number of recipients in a hybrid cloud environment. In this paper, we investigated the need for a privacy-preserving access control model for the hybrid cloud. A comprehensive and exploratory analysis of privacy-preserving solutions with the help of taxonomy for cloud-based EHRs is described in this work. We have formally identified the existence of internal access control and external privacy disclosures in outsourcing system architecture for hybrid cloud. Then, we proposed a privacy-preserving XACML based access control model (PPX-AC) that supports fine-grained access control with the multipurpose utilization of EHRs alongside state-of-the-art privacy mechanism. Our proposed approach invalidates the identified security and privacy attacks. We have formally verified the proposed privacy-preserving XACML based access control model (PPX-AC) with the invalidation of identified privacy attacks using High-Level Petri Nets (HLPN). Moreover, property verification of the proposed model in SMT-lib and Z3 solver and implementation of the model proves its effectiveness in terms of privacy-aware EHRs access and multipurpose usage.

Cryptography EHRs Formal verification Generalization Hybrid cloud Privacy

SCI ; EI

英语

通讯

WOS:000670669600013

20211010049067

Health care ; Petri nets ; Privacy by design

Health Care:461.7 ; Computer Software, Data Handling and Applications:723 ; Combinatorial Mathematics, Includes Graph Theory, Set Theory:921.4

COMPUTER SCIENCE

2-s2.0-85102028360

Scopus

1.Department of Computer Sciences,Comsats University,Islamabad,Pakistan
2.Department of Computer Science and Engineering,Southern University of Science and Technology,Shenzhen,China
3.Senior Researcher,Cybernetica AS,Estonia
4.Department of Computer Science,Aberystwyth University,Aberystwyth,SY23 3DB,United Kingdom
5.Department of Computer Sciences,Quaid-i-Azam University Islamabad,

Kanwal，Tehsin,Anjum，Adeel,Malik，Saif U.R.,et al. Privacy preservation of electronic health records with adversarial attacks identification in hybrid cloud[J]. COMPUTER STANDARDS & INTERFACES,2021,78.

Kanwal，Tehsin,Anjum，Adeel,Malik，Saif U.R.,Khan，Abid,&Khan，Muazzam A..(2021).Privacy preservation of electronic health records with adversarial attacks identification in hybrid cloud.COMPUTER STANDARDS & INTERFACES,78.

Kanwal，Tehsin,et al."Privacy preservation of electronic health records with adversarial attacks identification in hybrid cloud".COMPUTER STANDARDS & INTERFACES 78(2021).