Towards Trusted eHealth Services in the Cloud

Antonis Michalas Rafael Dowsley

Old-style Personal Health Records

Improvements

Digitalization of the medical records was the first step of the transition and proved to be very beneficial.

More ambitious goal: the complete medical record should be available to the patients wherever they are.

Records on the Cloud

Important question: How the medical records are accessed?

Doctors Access Directly

Totally unacceptable from patients’ privacy point of view.

Patient Authorization

Ideally download from the cloud only the relevant data.

Protecting Against the Cloud

Protects against the cloud, but breaks search functionality.

Symmetric Encryption Schemes

Security Goal: Ciphertexts do not leak any information about the plaintexts.

E

Message M

Secret-Key K Ciphertext C

D

Ciphertext C

Secret-Key K Message M

Symmetric Searchable Encryption Schemes

E

Files F

Secret-Key K

Ciphertexts C

Encrypted index I

Ciphertexts C, encrypted index I

Symmetric Searchable Encryption Schemes

ST

Keyword W

Secret-Key K

Search token TS

Search token TS

Encrypted files containing W

Dynamic SSE Schemes

UT

Update U

Secret-Key K

Update token TU

Update token TU

Update ciphertext vector and encrypted index

Using SSE in our Scenario

Use dynamic symmetric searchable encryption scheme.

Security of SSE

Ideally a symmetric searchable encryption scheme should leak no information for the storage server, but this is hard to achieve efficiently.

Access pattern: outcome of the search query (i.e., ids of the matching files)

Search pattern: whether two search queries are for the same keyword. Leaks in the most efficient known solutions, which use deterministic search tokens.

Update operations normally also generate some leakage.

Formalization using leakage functions: LI, LS, LU.

Security of SSE

If the simulated server view is indistinguishable from the real server view, then the SSE scheme is secure according to these leakage functions.

Ideal World

Leakage functions LI, LS, LU Simulated server view

Security of Our Scheme

Security against leakage on the cloud layer follows directly from the security of the SSE scheme.

Any improvements in the leakage profile of the most efficient SSE schemes translates directly in more security in our scenario.

There are already SSE schemes with reasonably good efficiency and leakage profiles.

Summary

Stores medical records in the cloud in order to make them available to the patients everywhere and thus improves their diagnosis and treatment.

Protects the medical data against unauthorized accesses by doctors and minimizes the possible leakage of information at the cloud layer, while keeping the usage efficiency.

Security against leakage on the cloud layer based on the security of the SSE schemes. Improvements translate directly.