CHAPTER-1

INTRODUCTION

Cloud computing offers an opportunity for individuals and companies to

offload to powerful servers the burden of managing large amounts of data and
performing computationally demanding operations. Due to the increasing
popularity of cloud computing, more and more Data owners are motivated to
outsource their data to cloud servers for great convenience and reduced cost in data
management. Data owners offer services to a large number of businesses and
companies, they stick to high security standards to improve data security by
following a layered approach that includes data encryption, key management,
strong access controls, and security intelligence. Healthcare is a data-intensive
domain where a large amount of data is created, disseminated, stored, and accessed
daily.

It is clear that technology can play a significant role in enhancing the quality of
care for patients (e.g. leveraging data analytics to make informed medical
decisions) and potentially reduce costs by more efficiently allocating resources in
terms of personnel, equipment, etc. Generally, Electronic Medical Records (EMRs)
contain medical and clinical data related to a given patient and stored by the
responsible healthcare provider. This facilitates the retrieval and analysis of
healthcare data. To better support the management of EMRs, early generations of
Health Information Systems (HIS) are designed with the capability to create new
EMR instances, store them, and query and retrieve stored EMRs of interest.2 HIS
can be relatively simple solutions, which can be schematically described as a

1
graphical user interface or a web service. These are generally the front-end with a
database at the back-end, in a centralized or distributed implementation.

With patient mobility (both internally and externally to a given country) being
increasingly the norm in today’s society, it became evident that multiple stand-
alone EMR solutions must be made interoperable to facilitate sharing of healthcare
data among different providers, even across national borders, as needed. For
example, in medical tourism hubs such as Singapore, the need for real-time
healthcare data sharing between different providers and across nations becomes
more pronounced. To facilitate data sharing or even patient data portability, there
is a need for EMRs to formalize their data structure and the design of HIS.
Electronic Health Records (EHRs), for example, are designed to allow patient
medical history to move with the patient or be made available to multiple
healthcare providers (e.g. from a rural hospital to a hospital in the capital city of
the country, before the patient seeks medical attention at another hospital in a
different country).

EHRs have a richer data structure than EMRs. There have also been initiatives
to develop HIS and infrastructures that are able to scale and support future needs,
as evidenced by the various national and international initiatives such as the
Fascicolo Sanitario Elettronico (FSE) project in Italy, the epSOS project in Europe,
and an ongoing project to standardize sharing of EHRs. Recently, the
pervasiveness of smart devices (e.g. Android and iOS devices and wearable
devices) has also resulted in a paradigm shift within the healthcare industry. Such
devices can be user-owned or installed by the healthcare provider to measure the
well-being of the users (e.g. patients) and inform/facilitate medical treatment and
2
monitoring of patients. For example, there is a wide range of mobile applications
(apps) in health, fitness, weight-loss, and other healthcare related categories.

These apps mainly function as a tracking tool, such as registering user

exercises/workouts, keeping the count of consumed calories, and other statistics
(e.g. number of steps taken), and so on. There are also devices with embedded
sensors for more advanced medical tasks, such as bracelets to measure heartbeat
during workouts, or devices for self-testing of glucose. These developments have
paved the way for Personal Health Records (PHR), where patients are more
involved in their data collection, monitoring of their health conditions, etc, using
their smart phones or wearable devices (e.g. smart shirts and smart socks).Block
chain was originally designed to record transaction data, which is relatively small
in size and linear. In other words, one only concerns itself about whether the
current transaction can be traced backwards to the original ―deal‖.To overcome the
security problems that are occurred in the existing system and effectively store the
data over the cloud we introduce this system. The data user outsources the
encrypted documents to the cloud. The Data user get the each result, the proof and
the public verification key, they itself or others can verify the freshness,
authenticity, and completeness of the search result even without decrypting
them.Efficient Search Result. Prevents data freshness attacks and data integrity
attacks. It provides High Security. Files can be easily updated.

3
 CHAPTER-2

LITERATURE SURVEY

[1] The paper entitled ―Outsourced symmetric private information retrieval

author S. Jarecki et al. describe Outsourcing is the process of contracting an
existing business process which an organization previously performed internally to
an independent organization, where the process is purchased as a service. The data
owner enables SSE Scheme and outsources a document or collection of files to a
remote server in encrypted form. And also the data owner authorizes clients (third
parties) to search the database to learn. The remote server still does not learn about
the data or queried values as in the basic SSE setting. We extend the OXT
protocol of Cash et al. to support arbitrary Boolean queries in all of the above
models while withstanding adversarial non-colluding servers (Data owner and
remote server) and arbitrarily malicious clients to preserve the remarkable
performance of the protocol

Advantages
1) Implementing digital signatures

2) Cryptographic protocols with different security and privacy features.

3) Supporting various signature schemes without adding additional

hardware complexity compared to a hardware implementation of a

conventional signature scheme.

Disadvantages
1) Encryption keys aren't simple strings of text like passwords.

4
 2) Damage is massive when you lost your symmetric key

[2] The paper entitled ―Dynamic search-able symmetric encryption Author

S.Kamara et al. describe Searchable symmetric encryption (SSE) allows a client to
encrypt data in such a way that it can later generate search tokens to send as
queries to a storage serve. We propose the first SSE scheme to satisfy all the
properties like sub-linear search time and so-on. Extends the inverted index
approach in several non-trivial ways and introduces new techniques for the design
of SSE. We implement our scheme and conduct a performance evaluation,
showing that our approach is highly efficient and ready for deployment.

Advantages
1) Security against adaptive chosen-keyword attacks.
2) Compact indexes.
3) Ability to add and delete files efficiently.

Disadvantages

1) Every means of electronic communication is insecure as it is impossible

to guarantee.
2) So the only secure way of exchanging keys would be exchanging them
personally.

[3] The paper entitled ―Highly-scalable-searchable symmetric encryption with

support for Boolean queries Author D. Cash et al describe The design, analysis and
implementation of the first searchable symmetric encryption (SSE) protocol that
supports conjunctive search and general Boolean queries on outsourced
symmetrically-encrypted data and that scales to very large databases and

5
arbitrarily-structured data including free text search. Our solution provides a
realistic and practical trade-off between performance and privacy by efficiently
supporting very large databases at the cost of moderate and well-defined leakage to
the outsourced serve.

Advantages

1) Providing performance results of a prototype applied to several large

representative data sets, including encrypted search over the whole

English Wikipedia.
2) Load Balancing.

Disadvantages

1) Exact matching may retrieve too few or too many documents.

[4] The paper entitled ―Practical dynamic searchable encryption with small
leakage author E.Stefanov et al describe Dynamic Searchable Symmetric
Encryption (DSSE) enables a client to encrypt his document collection in a way
that it is still searchable and efficiently updatable. We propose the first DSSE
scheme that achieves the best of both worlds, i.e., both small leakage and
efficiency. Our scheme leaks significantly less in formation than any other
previous DSSE construction and supports both updates and searches in sub-linear
time in the worst case, maintaining at the same time a data structure of only linear
size. We finally provide an implementation of our construction, showing its
practical efficiency.

Advantages
1) Complete expressiveness for any identifiable subset of collection.

6
 2) A symmetric cryptosystem uses password authentication to prove the
receiver’s identity.

Disadvantages
1) Cannot provide digital signatures that cannot be repudiated.

[5] The paper entitled ―Efficient no-dictionary verifiable SSE Author W. Ogata
et al describe a generic method to transform any SSE scheme (that is only secured
against passive adversaries) to a no-dictionary verifiable SSE scheme. A client
encrypts a set of files and an index table by a symmetric encryption scheme, and
then stores them on an untrusted server. In the search phase, he can efficiently
retrieve the matching files for a search keyword keeping the keyword and the files
secret.

Advantage:
1) Efficient data search.
Disadvantage:
1) Data Integrity Problem

[6] The paper entitled ―Parallel and Dynamic Searchable Symmetric Encryption
Author S.Kamara et al describe Searchable symmetric encryption (SSE) enables a
client to outsource a collection of encrypted documents in the cloud and retain the
ability to perform keyword searches without revealing information about the
contents of the documents and queries. Although efficient SSE constructions are
known, previous solutions are highly sequential. This is mainly due to the fact
that, currently, the only method for achieving sub-linear time search is the inverted
index approach which requires the search algorithm to access a sequence of
memory locations, each of which is unpredictable and stored at the previous

7
location in the sequence. Motivated by advances in multi-core architectures, we
present a new method for constructing sub-linear SSE schemes. Our approach is
highly parallelizable and dynamic.

Advantages
1) Efficient search result.
Disadvantages:
1) Time Complexity

[7] The paper entitled ―Parallel Publicly verifiable conjunctive keyword search
in outsourced databases Author M. Azraoui et al describe Recent Technological
developments in cloud computing and the ensuing commercial appeal have
encouraged companies and individuals to outsource their storage and computations
to powerful cloud servers. We focus in particular on the scenario where a data
owner wishes to outsource its public database to a cloud server; enable anyone to
submit multi-keyword search queries to the outsourced. Database and ensure that
anyone can verify the correctness of the server’s responses.

Advantages
1) Efficient search and verification.

2) In curs a constant storage at the data owner

Disadvantages
1) The identities of new users must fit within the hierarchy depth
specified by the public parameters.

8
 CHAPTER-3

SYSTEM REQUIREMENT

3.1 Software Requirements

 O/S : Windows XP.

 Language : Java.

 IDE : Net Beans 8.2

 Data Base : MySQL

3.2 Hardware Requirements

 System : Pentium IV 2.4 GHz

 Hard Disk : 160 GB

 Monitor : 15 VGA colour

 Mouse : Logitech.

 Keyboard : 110 keys enhanced

9
 CHAPTER-4

PROPOSED SYSTEM

INTRODUCTION:

Healthcare is a data-intensive domain where large amount of

data is created, disseminated, stored, and accessed daily. Block chain
originally block chain, is a growing list of records, called blocks, which are linked
using cryptography. Each block contains a cryptographic hash of the previous
block, a timestamp, and transaction data. Cloud computing will connect different
healthcare providers.

4.1 ARCHITECTURE DIAGRAM

The above diagram is the representation of the upload and download of
health details between health providers. First, the health provider needs to access
the cloud for the uploading of the patient details. The cloud will generate a secret
key .once the verification of the user is done by the cloud; the health provider can
able to upload the details of the patient. The process is repeated same for the
downloading of the patient details

Patient Record Maintenance

Secret Key Generation and Proof + Authenticator

upload + download
Authenticator
Challenge

Fig 1: Architecture diagram of health provider

Healthcare Healthcare
Provider A Provider B
10
 4.2 FLOW DIAGRAM

The health provider will have access to upload and download the patient
once the user is valid by the cloud server and the cloud server will generate a secret
key.

Healthcare
Provider Cloud Server

Login Register Login

View Download View Upload View Patient

Requests
Download Patient Requests reports
Load Patient
Records Records

Check
Key Generation Search Records Validity Check
Validity
of Each Record

Send Download
Send a Key
Encrypt Records Request to cloud

Receive Key
Secret Key Verification
Decrypt Records Download

Send an upload Grand

request Permission

Block Creation Build a Block Upload

Chain

Fig 2: Flow diagram of health provider

11
 4.3 USE CASE DIAGRAM

The health provider first has the register to upload the patient details. Once
the user is logged in then the user has to send request to cloud to upload the patient
details. After the permission is granted the user can upload the data into the cloud.
The health provider B has to request the cloud server for the downloading process
of the patient. The cloud will verify the user and once the user is a valid user, the
cloud will grant permission to download the patient details.

Registration
Healthcare
Provider A Cloud ID Generation

Key Generation CSP

Block Creation

Upload Encrypted File

Healthcare
Provider B View & Request File

Provides Authentication

Provides Verification Key

Proof Verification

Download Decrypted File

Fig 3: Use diagram of health provider

12
 4.4 CLASS DIAGRAM

The data owner will have access to the cloud and can able to generate the
secret key and can able to encrypt the data of the patient details .the CSP is the
cloud server who has the right to view the upload and download request and can
verify whether is user is a valid user and can able to grant permission.

DATA OWNER DATA USERS

Cloud ID Registration
Login Cloud ID
Secret Key Login
Generation()
View File()
Upload Encrypted
Request File()
File()
View Status()
Delete File() CSP
Proof Verification()
Update File() View Uploaded Files()
Download
View Downloaded Decrypted File()
Files()
View Requests()
Accept the Requests()
Reject the Request()
Send Public
Verification Key()

Fig 4: Class diagram of health provider

13
4.5 SEQUENCE DIAGRAM

It is a process of enrolling or being enrolled into the cloud. To utilize the

cloud documents, every healthcare provider should enroll. During this process your
basic information like email, contacts etc., are collected and stored in the Cloud.
The cloud id for a particular user will get automatically generated during the
registration.

Healthcare Healthcare CSP DATABASE

provider A Provider B

Registration

Search & Request

File
Login

Accept the Request

File Upload

Verification Proof Save Information

File Update

Download File

Fig 5: Sequence diagram of health provider

14
 4.6 ER DIAGRAM

The health provider first has the register to upload the patient details. Once
the user is logged in then the user has to send request to cloud to upload the patient
details. After the permission is granted the user can upload the data into the cloud.
The health provider B has to request the cloud server for the downloading process
of the patient. The cloud will verify the user and once the user is a valid user, the
cloud will grant permission to download the patient details.

Proof Index
Password
verification
File Upload
History ()
Public Verification
Cloud ID
Username Key

File Download
History ()
View Request()
LOGIN Healthcare
provider B

CSP
Healthcare
File Request()
Provider A

Block Creation

VERIFICATI DOWNLOAD
Upload ON

File File

Fig 6: ER diagram of health provider

15
 CHAPTER-5

IMPLEMENTATION

5.1 MODULE DESCRIPTION

The project has been completed using following modules

Healthcare Provider

5.1.1 Load patient Records

5.1.2 Key Generation
5.1.3 Encrypt patient record
5.1.4 Block Creation
5.1.5 Upload and Download Patient Record
5.1.6 Generate Cloud ID

16
5.1.1 Load patient Records

Fig 7: Uploading of patient details

EXPLANATION:

The module will load the patient record and display the total number
of record in the database. We also browse the data and upload into the
database.

17
5.1.2 Key Generation

Fig 8: Encryption/ Key generation of patient details

EXPLANATION:

The module will generate an individual key using AES algorithm. The key
will automatically Saved in the cloud. The key will be used for future verification.

18
5.1.3 Encrypt patient Records

Fig 9: Encryption of patient details

EXPLANATION:

The patient records will be encrypted and stored in the cloud .If the provider
need to know about the patient details the records need to be decrypted and it can
be downloaded.

19
5.1.4 Block Creation

Fig 10: Build/create a block chain

EXPLANATION:

This module will create and Build a block chain. The block is used to store
the information of the patient details .We can also view the block and upload in the
cloud.

20
5.1.5 Upload and Download patient record

Fig 11: Viewing of timestamp/record of patient

EXPLANATION:

The module will display the patient records .Each block contain timestamp
and the details of the previous block.

21
5.1.6 Generate Cloud ID

Fig 12: Login of cloud

EXPLANATION:

Every user should create a Cloud ID and use it to identify something with
near certainty that the identifier does not duplicate one that has already been, or
will be, created to identify something else. Information that contains Cloud ID can
be later combined into single database or converted in single channel and there will
be no conflict between identifiers.

22
 CHAPTER-6

CONCLUSION

Thus proposed system maintaining all the patient records more securely and
it will be easily accessible by any healthcare providers. By building block chain, it
provides efficient search result verification, while preventing data freshness attacks
and data integrity attacks in SSE.

FUTURE WORK

Data Classification based on Security: A cloud computing data centre can

store data from various users. To provide the level of security based on the
importance of data, classification of data can be done. This classification scheme
should consider various aspects like access frequency, update frequency and access
by various entities etc. based on the type of data. Once the data is classified and
tagged, then level of security associated with this specific tagged data element can
be applied. Level of security includes confidentiality, encryption, integrity and
storage etc. that are selected based on the type of data.

23
REFERENCES

1. Alam.Q et al., ―A Cross Tenant Access Control (CTAC) Model for Cloud
Computing: Formal Specification and Verification‖ IEEE Transactions on
Information Forensicsand Security, 2017.
2. Azaria A. et al., ―MedRec: Using Blockchain for Medical Data Access and
Permission Management‖ Proceedings of the 2nd Int’l Conference on Open and
Big Data, 2016.
3. Casola V. et al., ―Healthcare-Related Data in the Cloud: Challenges and
Opportunities‖ IEEE Cloud Computing, 2016.
4. Ciampi M. et al., ―A Federated Interoperability Architecture for Health
Information Systems,‖ Int’l Journal of Internet Protocol Technology, vol. 7, no.
4, 2013, pp. 189–202.
5. He D. et al., ―A Provably-Secure Cross-Domain Handshake Scheme with
Symptoms-Matching for Mobile Healthcare Social Network,‖ IEEE
Transactions on Dependable and Secure Computing,
6. Han S.H. et al., ―Implementation of Medical Information Exchange System
Based on EHR Standard‖ 2010.
7. Hauxe R., ―Health Information Systems—Past, Present, Future,‖ Int'l Journal of
Medical Informatics, 2006.
8. Häyrinena K. et al., ―Definition, Structure, Content, Use and Impacts of
Electronic Health Records: A Review of the Research Literature,‖ Int'l Journal
of Medical Informatics, vol. 77, no. 5, 2008, pp. 291–304.

24
9. Leu F.Y. et al., ―A Smartphone-Based Wearable Sensors for Monitoring Real-
Time Physiological Data,‖ Computers and Electrical Engineering, 2017.
10. Li M. et al., ―Scalable and Secure Sharing of Personal Health Records in
Cloud Computing Using Attribute-Based Encryption‖ IEEE Transactions on
Parallel andDistributed Systems, 2016.
11. Marceglia S. et al., ―A Standards-Based Architecture Proposal for Integrating
Patient Health Apps to Electronic Health Record Systems‖ Applied Clinical
Informatics, 2015
12. McKinlay J. et al., ―Blockchain: Background, Challenges and Legal Issues,‖
DLA Piper Publications, 2016.
13. Memon M. et al., ―Ambient Assisted Living Healthcare Frameworks,
Platforms, Standards, and Quality Attributes‖, 2014.
14. Moharra M. et al., ―Implementation of a Cross-Border Health Service:
Physician and Pharmacists’ Opinions from the epSOS Project‖ 2015.
15. Mu-HsingKuo A., ―Opportunities and Challenges of Cloud Computing to
Improve Health Care Services‖ Journal of Medical Internet Research, 2011.
16. Nepal S. et al., ―Trustworthy Processing of Healthcare Big Data in Hybrid
Clouds‖ IEEE Cloud Computing, 2015.
17. PohG.S.et al., ―Searchable Symmetric Encryption: Designs and Challenges‖
2017.
18. Steward M ., ―Electronic Medical Records,‖ Journal of Legal Medicine, vol.
26, no. 4, 2005.
19. Tang P.C. et al., ―Personal Health Records: Definitions, Benefits, and
Strategies for Overcoming Barriers to Adoption‖ 2006.
20. Zhang, J. N. Xue, and X. Huang, ―A Secure System for Pervasive Social
Network-Based Healthcare‖, 2016.

25