Privacy-Preserving Distribution and Access Control of Personalized Healthcare Data

Abstract

The popularity of wearable smart healthcare devices has led to the emergence of a new service paradigm. However, in order to improve service quality, the manufacturers and online service providers collect massive data. This is a big concern as medical data are extremely sensitive. A few schemes have been proposed to overcome this problem. But, they suffer from security risks and overall increased complexity. Also, there is no implicit entity authentication and data integrity involved. We address these problems by allowing rectified data access through a directing authority, known as the transcryptor, using polymorphic encryption. Entity authentication and data integrity are achieved by smartly organizing data access and key information packets. The performance of the proposed approach is tested over different modalities data with varying sizes, whereas the security analysis is demonstrated using a challenge-response game model. The comparison with the state-of-the-art schemes illustrates superiority of the proposed approach.