Review

A survey of state-of-the-art methods for securing medical databases

  • Received: 07 June 2017 Accepted: 08 November 2017 Published: 20 December 2017
  • This review article presents a survey of recent work devoted to advanced state-of-the-art methods for securing of medical databases. We concentrate on three main directions, which have received attention recently: attribute-based encryption for enabling secure access to confidential medical databases distributed among several data centers; homomorphic encryption for providing answers to confidential queries in a secure manner; and privacy-preserving data mining used to analyze data stored in medical databases for verifying hypotheses and discovering trends. Only the most recent and significant work has been included.

    Citation: Andrei V. Kelarev, Xun Yi, Hui Cui, Leanne Rylands, Herbert F. Jelinek. A survey of state-of-the-art methods for securing medical databases[J]. AIMS Medical Science, 2018, 5(1): 1-22. doi: 10.3934/medsci.2018.1.1

    Related Papers:

  • This review article presents a survey of recent work devoted to advanced state-of-the-art methods for securing of medical databases. We concentrate on three main directions, which have received attention recently: attribute-based encryption for enabling secure access to confidential medical databases distributed among several data centers; homomorphic encryption for providing answers to confidential queries in a secure manner; and privacy-preserving data mining used to analyze data stored in medical databases for verifying hypotheses and discovering trends. Only the most recent and significant work has been included.


    加载中
    [1] Carter JH (2008) Electronic Health Records: A Guide for Clinicians and Administrators. ACP Press.
    [2] Anderson R (2012) Personal Medical Information: Security, Engineering, and Ethics. Springer, Cambridge.
    [3] Villalva CM, López-Alvarez XLM, Rodríguez MM, et al. (2017) Blood pressure monitoring in cardiovascular disease. AIMS Med Sci 4: 164–191.
    [4] Kara B, Tenekeci EG, Demirkaya S (2016) Factors associated with sleep quality in patients with multiple sclerosis. AIMS Med Sci 3: 203–212. doi: 10.3934/medsci.2016.2.203
    [5] Dillon C, Taragano FE (2016) Special Issue: Activity and Lifestyle Factors in the Elderly: Their Relationship with Degenerative Diseases and Depression. AIMS Med Sci 3: 213–216. doi: 10.3934/medsci.2016.2.213
    [6] Wilson D, Keith G, Harpal B, et al. (2017) Therapy through social medicine: cultivating connections and inspiring solutions for healthy living. AIMS Med Sci 4: 131–150. doi: 10.3934/medsci.2017.2.131
    [7] Panchal HB (2016) Percutaneous interventions for peripheral vascular disease. AIMS Med Sci 3: 234–236. doi: 10.3934/medsci.2016.2.234
    [8] Amraoui H, Mhamdi F, Elloumi M (2017) Survey of metaheuristics and statistical methods for multifactorial diseases analyses. AIMS Med Sci 4: 291–331. doi: 10.3934/medsci.2017.3.291
    [9] Petillo D, Orey S, Tan AC, et al. (2014) Parkinson's disease-related circulating microRNA biomarkers – a validation study. AIMS Med Sci 2: 7–14.
    [10] DeMarshall CA, Sarkar A, Nagele RG (2015) Serum autoantibodies as biomarkers for Parkinson's disease: background and utility. AIMS Med Sci 2: 316–327. doi: 10.3934/medsci.2015.4.316
    [11] Ervin K, Pallant J, Terry DR, et al. (2015) A descriptive study of health, lifestyle and sociodemographic characteristics and their relationship to known dementia risk factors in rural Victorian communities. AIMS Med Sci 2: 246–260. doi: 10.3934/medsci.2015.3.246
    [12] Shinde S, Mukhopadhyay S, Mohsen G, et al. (2015) Biofluid-based microRNA biomarkers for Parkinson's disease: an overview and update. AIMS Med Sci 2: 15–25. doi: 10.3934/medsci.2015.1.15
    [13] White VJ, Nayak RC (2015) Re-circulating phagocytes loaded with CNS debris: a potential marker of neurodegeneration in Parkinsons disease? AIMS Med Sci 2: 26–34. doi: 10.3934/medsci.2015.1.26
    [14] Fagere MO (2016) Diagnostic utility of pleural effusion and serum cholesterol, lactic dehydrogenase and protein ratios in the differentiation between transudates and exudates. AIMS Med Sci 3: 32–40. doi: 10.3934/molsci.2016.1.32
    [15] Khalid KE, Nsairat HN, Zhang JZ (2016) The presence of interleukin 18 binding protein isoforms in Chinese patients with rheumatoid arthritis. AIMS Med Sci 3: 103–113. doi: 10.3934/medsci.2016.1.103
    [16] Kirchengast S (2017) Diabetes and obesity-an evolutionary perspective. AIMS Med Sci 4: 28–51.
    [17] Tanhapour M, Vaisi-Raygani A, Khazaei M, et al. (2017) Cytotoxic T-lymphocyte associated antigen-4 (CTLA-4) polymorphism, cancer, and autoimmune diseases. AIMS Med Sci 4: 395–412. doi: 10.3934/medsci.2017.4.395
    [18] Fitzmaurice MJ, Adams K, Eisenberg JM (2002) Three decades of research on computer applications in health care: medical informatics support at the agency for healthcare research and quality. JAMIA 9:144–160.
    [19] Hage I, Hamade R (2015) Automatic detection of cortical bone's Haversian osteonal boundaries. AIMS Med Sci 2: 328–346. doi: 10.3934/medsci.2015.4.328
    [20] Zhang Q, Zhou D, Zeng X (2017) Machine learning-empowered biometric methods for biomedicine applications. AIMS Med Sci 4: 274–290. doi: 10.3934/medsci.2017.3.274
    [21] Abawajy J, Kelarev A, Chowdhury M (2013) Multistage approach for clustering and classification of ECG data. Comput Meth Prog Biomed 112: 720–730. doi: 10.1016/j.cmpb.2013.08.002
    [22] Abawajy J, Kelarev A, Chowdhury M, Jelinek HF, et al. (2013) Predicting cardiac autonomic neuropathy category for diabetic data with missing values. Comput Biol Med 43: 1328–1333. doi: 10.1016/j.compbiomed.2013.07.002
    [23] Stranieri A, Abawajy J, Kelarev A, et al. (2013) An approach for Ewing test selection to support the clinical assessment of cardiac autonomic neuropathy. Artif Intell Med 58: 185–193. doi: 10.1016/j.artmed.2013.04.007
    [24] Abawajy J, Kelarev A, Chowdhury MU, et al. (2016) Enhancing predictive accuracy of cardiac autonomic neuropathy using blood biochemistry features and iterative multi-tier ensembles. IEEE J Biomed Health Informatics 20: 408–415. doi: 10.1109/JBHI.2014.2363177
    [25] Chowdhury M, Abawajy J, Kelarev A, et al. (2016) A clustering-based multi-layer distributed ensemble for neurological diagnostics in cloud services. IEEE Trans Cloud Comp. DOI10.1109/TCC.2016.2567389.
    [26] Jelinek HF, Abawajy JH, Kelarev AV, et al. (2014) Decision trees and multi-level ensemble classifiers for neurological diagnostics. AIMS Med Sci 1: 1–12.
    [27] Jelinek HF, Abawajy JH, Cornforth D, et al. (2015) Multi-layer attribute selection and classification algorithm for the diagnosis of cardiac autonomic neuropathy based on HRV attributes. AIMS Med Sci 2: 396–409. doi: 10.3934/medsci.2015.4.396
    [28] Jelinek HF, Kelarev AV (2016) A survey of data mining methods for automated diagnosis of cardiac autonomic neuropathy progression. AIMS Med Sci 3: 217–233. doi: 10.3934/medsci.2016.2.217
    [29] Jelinek HF, Cornforth DJ, Kelarev AV (2016) Machine learning methods for automated detection of severe diabetic neuropathy. J. Diab Compl Med 1: 1–7.
    [30] Menezes AJ, van Oorschot PC, Vanstone SA (2001) Handbook of Applied Cryptography (Discrete Mathematics and Its Applications), Fifth Edition, CRC Press, Taylor & Francis Group, London, New York.
    [31] Pieprzyk J, Hardjono T, Seberry J (2003) Fundamentals of Computer Security. Springer-Verlag, Berlin.
    [32] Domingo-Ferrer J (2002) Inference Control in Statistical Databases. Sixth edition, Springer, Berlin.
    [33] Batten LM (2013) Public Key Cryptography: Applications and Attacks. Wiley-IEEE Press, New York.
    [34] Yi X, Paulet R, Bertino E (2013) Private Information Retrieval. Morgan and Claypool, United States.
    [35] Zhu Y, Peng L (2007) Study on K-anonymity Models of Sharing Medical Information. International Conference on Service Systems and Service Management. IEEE: 1–8.
    [36] El Emam K, Dankar FK, Issa R, et al. (2009) A globally optimal k-anonymity method for the de-identification of health data. J Am Med Inform Association 16: 670–682. doi: 10.1197/jamia.M3144
    [37] Shin M, Yoo S, Lee KH, et al. (2013) Electronic medical records privacy preservation through k-anonymity clustering method. Joint, International Conference on Soft Computing and Intelligent Systems. IEEE: 1119–1124.
    [38] Belsis P, Pantziou G (2014) A k-anonymity privacy-preserving approach in wireless medical monitoring environments. Person Ubiquitous Comput 18: 61–74. doi: 10.1007/s00779-012-0618-y
    [39] Panackal JJ, Pillai AS, Krishnachandran VN (2014) Disclosure risk of individuals: a k-anonymity study on health care data related to Indian population. International Conference on Data Science & Engineering. IEEE: 200–205.
    [40] Wei D, Ramamurthy KN, Varshney KR (2016) Health insurance market risk assessment: Covariate shift and k-anonymity. SIAM Data Mining: 226–234.
    [41] Xie Y, He Q, Zhang D, et al. (2016) Medical ethics privacy protection based on combining distributed randomization with k-anonymity. International Congress on Image and Signal Processing. IEEE: 1577–1582.
    [42] Simi MS, Nayaki KS, Elayidom MS (2017) An extensive study on data anonymization algorithms based on k-anonymity. IOP Conf Ser Mater Sci Eng 225: 1–10.
    [43] Mehta BB, Rao UP (2017) Privacy preserving big data publishing: A scalable k-anonymization approach using MapReduce. IET Software 11: 271–276. doi: 10.1049/iet-sen.2016.0264
    [44] Lu Y, Sinnott RO, Verspoor K (2017) A semantic-based k-anonymity scheme for health record linkage. Studies Health Technology Informatics 239: 84–90.
    [45] Sahai A, Waters B (2005) Fuzzy identity-based encryption. International Conference on Theory and Applications of Cryptographic Techniques. Springer-Verlag. Lect Notes Comp Sci 3494: 457–473.
    [46] Goyal V, Pandey O, Sahai A, et al. (2006) Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security. ACM: 89–98.
    [47] Shamir A (1984) Identity-based cryptosystems and signature schemes. Lecture Notes Comput Sci 21: 47–53.
    [48] Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Lecture Notes Comput Sci 2008: 321–334.
    [49] Cui H, Deng RH (2016) Revocable and decentralized attribute-based encryption. Comput J 59: 1220–1235. doi: 10.1093/comjnl/bxw007
    [50] Chase M (2007) Multi-authority attribute based encryption. Theory of Cryptography. Springer Berlin Heidelberg, 515–834.
    [51] Muller S, Katzenbeisser S, Eckert C (2008) Distributed attribute-based encryption. Information Security and Cryptology-Icisc 2008, International Conference, Seoul, Korea, December 3–5, Revised Selected Papers. DBLP: 20–36.
    [52] Cui H, Deng RH, Li Y, et al. (2016) Server-Aided Revocable Attribute-Based Encryption. Europ Symp Res Comptu Sec: 570–587.
    [53] Cui H, Deng RH, Ding X, et al. (2016) Attribute-based encryption with granular revocation. International Conference on Security and Privacy in Communication Systems. Springer: 165–181
    [54] Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of ABE ciphertexts. Proc USENIX Security Symposium, USENIX Association.
    [55] Lai J, Deng RH, Guan C, et al. (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Info Forensics Sec 8: 1343–1354. doi: 10.1109/TIFS.2013.2271848
    [56] Camenisch J, Dubovitskaya M, Enderlein RR, et al. (2012) Oblivious transfer with hidden access control from attribute-based encryption. Int Conf Security Crypt Networks: 559–579.
    [57] Cui H, Deng RH, Wu G, et al. (2016) An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures. International Conference on Provable Security. Springer-Verlag New York: 19–38.
    [58] Liu L, Lai J, Deng RH, et al. (2016) Ciphertext-policy attribute-based encryption with partially hidden access structure and its application to privacy-preserving electronic medical record system in cloud environment. Security Comm Networks 9: 4897–4913. doi: 10.1002/sec.1663
    [59] Lewko AB, Okamoto T, Sahai A, et al. (2010). Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. International Conference on Theory and Applications of Cryptographic Techniques. Springer-Verlag: 62–91.
    [60] Li M, Yu S, Zheng Y, et al. (2013) Scalable and Secure Sharing of Personal Health Records in Cloud Computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24: 131–143. doi: 10.1109/TPDS.2012.97
    [61] Qian H, Li J, Zhang Y, et al. (2014) Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation. Int J Inf Sec 14: 487–497.
    [62] Tian Y, Peng Y, Peng X, et al. (2014) An attribute-based encryption scheme with revocation for fine-grained access control in wireless body area networks. Int J Distrib Sensor Networks: 1–9.
    [63] Radhini MP, Prabha PA, Parthasarathi P (2014) Encryption for secure sharing of personal medical records in cloud. Int J Sci Eng Technol Res (IJSETR) 3: 1308–1414.
    [64] Lambay MA, Lakshmi MJ, Gamare PS (2014) Sharing of personal health records securely in cloud computing with attribute based encryption. Int J Comp Sci Info Tech (IJCSIT) 5: 6864–6866.
    [65] Gondkar DA, Kadam VS (2014) Attribute based encryption for securing personal health record on cloud. Int Conf Devices Circuits Systems (ICDCS): 1–5.
    [66] Alias AE, Roy N (2014) Improved security of attribute based encryption for securing sharing of personal health records. Int J Adv Comp Technol 3: 1224–1227.
    [67] Mohanan L, Varghese AB (2015) Flexible, scalable and fine grained access control for medical data in cloud using attribute based encryption. Int J Appl Eng Res 10: 43378–43383.
    [68] Bhuvaneshwari M, Sasikumar S (2015) Secure and isolated personal health records using cipher text policy attribute based encryption. Int J App Eng Res 10: 23022–23026.
    [69] Wang C, Xu X, Shi D, et al. (2015) Privacy-preserving cloud-based personal health record system using attribute-based encryption and anonymous multi-receiver identity-based encryption. Informatica 39: 375–382.
    [70] Raseena M, Harikrishnan GR (2014) Secure sharing of personal health records in cloud computing using attribute-based broadcast encryption. Int J Comp App 102: 13–19.
    [71] Shubhangi G, Priyanka J, Pranjali K, et al. (2015) Scalable and secure sharing of data in cloud computing using attribute based encryption. Int J Multidisc Res Develop 2: 416–420.
    [72] Lounis A, Hadjidj A, Bouabdallah A, et al. (2016) Healing on the cloud: Secure cloud architecture for medical wireless sensor networks. Future Gen Computer System 55: 266–277. doi: 10.1016/j.future.2015.01.009
    [73] Eom J, Lee DH, Lee K (2016) Patient-controlled attribute-based encryption for secure electronic health records system. J Med Syst 40. Article number 253.
    [74] Saxena AR, Swarnalatha P (2016) Attribute based encryption and decryption of medical records. Int J Pharmacy Technology 8: 22192–22199.
    [75] Reddy MR, Anusha N, Shankar BNV (2016) Secured health records storage & retrieval system using keyword based key generation and Attribute Based Encryption (ABE). Res J Pharm Bio Chem Sci 7: 1420–1426.
    [76] Saravanan T (2016) Energy efficient attribute based encryption technique for health records via virtual machines in the cloud. J. Chem. Pharmaceutical Sci 9: 1654–1657.
    [77] Elmogazy H, Bamasag O (2016) Securing healthcare records in the cloud using attribute-based encryption. Comp Info Sci 9: 60–67.
    [78] Yan H, Li J, Li X, et al. (2016) Secure access control of e-health system with attribute-based encryption. Intell Automation Soft Comput 22: 345–352. doi: 10.1080/10798587.2015.1132586
    [79] Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. International Conference on Theory and Application of Cryptographic Techniques. Springer-Verlag: 223–238.
    [80] ElGamal T (1985) A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31: 469–472. doi: 10.1109/TIT.1985.1057074
    [81] Yi X, Bouguettaya A, Georgakopoulos D, et al. (2016) Privacy protection for wireless medical sensor data. IEEE Trans Dep Sec Comp 13: 369–380. doi: 10.1109/TDSC.2015.2406699
    [82] Yi X, Paulet R, Bertino E (2014) Homomorphic Encryption and Applications. New York, Springer.
    [83] HElib, An open-source homomorphic encryption library for C++, https://github.com/shaih/HElib.
    [84] FHEW. An open source homomorphic encryption library for C and C++, https://github.com/lducas/FHEW.
    [85] Ames S, Venkitasubramaniam M, Kocabas O, et al. (2015) Secure health monitoring in the cloud using homomorphic encryption: a branching-program formulation. Enabling Real-Time Mobile Cloud Comput Emerg Technol 1: 116–152.
    [86] Page A, Kocabas O, Ames S, et al. (2014) Cloud-based secure health monitoring: Optimizing fully-homomorphic encryption for streaming algorithms. Globecom Workshops. IEEE: 48–52.
    [87] Kocabas O, Soyata T, Couderc JP, et al. (2013) Assessment of cloud-based health monitoring using homomorphic encryption. International Conference on Computer Design. IEEE: 443–446.
    [88] Kocabas O, Soyata T (2014) Medical data analytics in the cloud using homomorphic encryption. Handbook Res Cloud Infrastructures Big Data Analytics: 471–488.
    [89] Kocabas O, Soyata T (2015) Medical data analytics in the cloud using homomorphic encryption. E-Health Telemed Concept Methodolog Tool Application 2: 751–768.
    [90] Yi X, Miao Y, Bertino E, et al. (2013) Multiparty privacy protection for electronic health records. GLOBECOM-IEEE Global Telecomm: 2730–2735.
    [91] Wang X, Zhang Z (2015) Data division scheme based on homomorphic encryption in WSNs for health care. J Med Syst 39: 1–7. doi: 10.1007/s10916-014-0182-2
    [92] Kocabas O, Soyata T (2015) Towards privacy-preserving medical cloud computing using homomorphic encryption. Enabling Real-Time Mobile Cloud Comput Emerging Technol 1: 213–246.
    [93] Nagapriya G, Retnaraj J (2015) Securing the privacy of sensitive data on health management system using ElGamal encryption. ARPN J Eng Appl Sci 10: 5802–5806.
    [94] Yi X, Paulet R, Bertino E, et al. (2014) Practical k nearest neighbor queries with location privacy. Proc Int Conf Data Eng: 640–651.
    [95] Paulet R, Kaosar MG, Yi X, et al. (2014) Privacy-preserving and content-protecting location based queries. IEEE Trans Knowledge Data Eng 26: 1200–1210. doi: 10.1109/TKDE.2013.87
    [96] Yi X, Paulet R, Bertino E, et al. (2016) Practical approximate k nearest neighbor queries with location and query privacy. IEEE Trans Knowledge Data Eng 28: 1546–1559. doi: 10.1109/TKDE.2016.2520473
    [97] Vasukidevi A, Jayalakshmi M, Gomathi V (2016) Secure communication between wireless medical sensor networks and data servers using Paillier and ElGamal key cryptosystem. Int Conf Comp Technol Intel Data Eng. Article number 7725333.
    [98] Carpov S, Nguyen TH, Constantino G, et al. (2017) Practical privacy-preserving medical diagnosis using homomorphic encryption. IEEE Int Conf Cloud Comput: 593–599.
    [99] Muralidhar K, Sarathy R, Parsa RA (1999) A general additive perturbation method for database security. Management Sci 45: 1399–1415. doi: 10.1287/mnsc.45.10.1399
    [100] Agrawal D, Aggarwal CC (2001) On the design and quantification of privacy preserving data mining algorithms. Principle Database System: 247–255.
    [101] Agrawal R, Srikant R (2000) Privacy-preserving data mining. Proc ACM SIGMOD Conf Management Data: 439–450.
    [102] Rizvi SJ, Haritsa JR (2002) Maintaining data privacy in association rule mining. Proc 28th Int Conf Very Large Data Bases: 682–693.
    [103] Evfimievski A, Srikant R, Agrawal R, et al. (2002) Privacy preserving mining of association rules. Proc 8th ACM SIGKDD Int Conf Knowledge Discovery Data Mining: 217–228.
    [104] Sweeney L (2002) K-anonymity: a model for protecting privacy. Int J Uncert Fuzz Knowledge-Based Syst 10: 557–570. doi: 10.1142/S0218488502001648
    [105] Lindell Y, Pinkas B (2002) Privacy preserving data mining. J Cryptology 15: 177–206. doi: 10.1007/s00145-001-0019-2
    [106] Kantarcioglu M, Clifton C (2004) Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans Knowledge Data Engineering 16: 1026–1037. doi: 10.1109/TKDE.2004.45
    [107] Yi X, Zhang Y (2007) Privacy-preserving distributed association rule mining via semi-trusted mixer. Data Knowl Eng 63: 550–567. doi: 10.1016/j.datak.2007.04.001
    [108] Yi X, Zhang Y (2009) Privacy-preserving naive Bayes classification on distributed data via semi-trusted mixers. Inf Syst 34: 371–380. doi: 10.1016/j.is.2008.11.001
    [109] Yi X, Zhang Y (2013) Equally contributory privacy-preserving k-means clustering over vertically partitioned data. Inf Syst 38: 97–107. doi: 10.1016/j.is.2012.06.001
    [110] Yi X, Rao FY, Bertino E, et al. (2015) Privacy-preserving association rule mining in cloud computing. Proc 10th ACM Sym Inf Comp Comm Sec: 439–450.
    [111] Rao FY, Samanthula BK, Bertino E, et al. (2015) Privacy-preserving and outsourced multi-user k-means clustering. Proc IEEE Conf Collab Internet Comp: 80–89.
    [112] Liu D, Bertino E, Yi X (2014) Privacy of outsourced k-means clustering. Proc 9th ACM Symp Inf Comp Comm Sec: 123–133.
  • Reader Comments
  • © 2018 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)
通讯作者: 陈斌, bchen63@163.com
  • 1. 

    沈阳化工大学材料科学与工程学院 沈阳 110142

  1. 本站搜索
  2. 百度学术搜索
  3. 万方数据库搜索
  4. CNKI搜索

Metrics

Article views(4698) PDF downloads(1221) Cited by(2)

Article outline

Figures and Tables

Tables(4)

/

DownLoad:  Full-Size Img  PowerPoint
Return
Return

Catalog