Towards Trusted eHealth Services in the Cloud
Antonis Michalas Rafael Dowsley
Old-style Personal Health Records
Improvements
Digitalization of the medical records was the first step of the transition and proved to be very beneficial.
More ambitious goal: the complete medical record should be available to the patients wherever they are.
Records on the Cloud
Important question: How the medical records are accessed?
Doctors Access Directly
Totally unacceptable from patients’ privacy point of view.
Patient Authorization
Ideally download from the cloud only the relevant data.
Protecting Against the Cloud
Protects against the cloud, but breaks search functionality.
Symmetric Encryption Schemes
Security Goal: Ciphertexts do not leak any information about the plaintexts.
E
Message M
Secret-Key K Ciphertext C
D
Ciphertext C
Secret-Key K Message M
Symmetric Searchable Encryption Schemes
E
Files F
Secret-Key K
Ciphertexts C
Encrypted index I
Ciphertexts C, encrypted index I
Symmetric Searchable Encryption Schemes
ST
Keyword W
Secret-Key K
Search token TS
Search token TS
Encrypted files containing W
Dynamic SSE Schemes
UT
Update U
Secret-Key K
Update token TU
Update token TU
Update ciphertext vector and encrypted index
Using SSE in our Scenario
Use dynamic symmetric searchable encryption scheme.
Security of SSE
Ideally a symmetric searchable encryption scheme should leak no information for the storage server, but this is hard to achieve efficiently.
Access pattern: outcome of the search query (i.e., ids of the matching files)
Search pattern: whether two search queries are for the same keyword. Leaks in the most efficient known solutions, which use deterministic search tokens.
Update operations normally also generate some leakage.
Formalization using leakage functions: LI, LS, LU.
Security of SSE
If the simulated server view is indistinguishable from the real server view, then the SSE scheme is secure according to these leakage functions.
Ideal World
Leakage functions LI, LS, LU Simulated server view
Security of Our Scheme
Security against leakage on the cloud layer follows directly from the security of the SSE scheme.
Any improvements in the leakage profile of the most efficient SSE schemes translates directly in more security in our scenario.
There are already SSE schemes with reasonably good efficiency and leakage profiles.
Summary
Stores medical records in the cloud in order to make them available to the patients everywhere and thus improves their diagnosis and treatment.
Protects the medical data against unauthorized accesses by doctors and minimizes the possible leakage of information at the cloud layer, while keeping the usage efficiency.
Security against leakage on the cloud layer based on the security of the SSE schemes. Improvements translate directly.