Research On EHR Data Protection Based On Attributes In Hybrid Cloud Environment

As a new generation of distributed computing platform,cloud has absolute advantage in data storage and processing. However, from the view of users, they put their data on the cloud, which makes them lose direct control over their data. The cloud providers may steal or tamper with the user ’ s data.Therefore, they are particularly concerned about the security of their data in the cloud,and the integrity of the data is an effective way to address their concerns.In this paper, we proposed a novel public auditing scheme(MU-MR-DPA) of supporting the authentication of dynamic data update and integrity verification,which can realize the verification of the multiple replica data for multiple users.With this scheme,we can improve the efficiency of the verification,reduce the communication and storage overhead and enhance the data protection.What’s more,this solution is applied to electronic health record(EHR) to realize the data protection of patients’ health information. The main work is described as follows:A new integrity verification scheme which is based on Merkle hash tree is proposed, which improves the verification efficiency by concentrating multiple replica data blocks together to support authentication of dynamic data update and integrity verification for multiple users at the same time.(1)The user’s identity authentication based on the attribute based signature scheme is used to strengthen the data protection before the data verification.(2)MU-MR-DPA scheme is applied to EHR in a hybrid cloud. A comprehensive system architecture has been established, and according to the need of the application environment, the authentication data structure is changed to Huffman tree to achieve integrity verification in a more efficient way.(3)In order to find out the data tampering and damage earlier, a method is used to enhance the data protection by weighting for each data block according to the corresponding sensitivity of patient’s data.A new method based on attribute signature is proposed to obtain user’s identity information to realize trace by a tracing key in EHR.Finally, the performance of MU-MR-DPA is analyzed, the simulation results are given by experiment, and then the analysis and description are shown in detail.