Improving Privacy-preserving Healthcare Data Sharing in a Cloud Environment Using Hybrid Encryption

Anotace: In recent years, cloud computing has been widely used in various fields and is gaining importance in healthcare systems. Patients’ health data are outsourced to cloud storage, enabling healthcare professionals to easily access health information from anywhere and at any time to improve health services. Once patient data are stored in the cloud, they are vulnerable to attacks such as data loss, denial of service (DoS), distributed denial of service (DDoS) and other sorts of cyberattacks. Data confidentiality and patient privacy are more of a problem in the cloud computing context due to their public availability. If a patient's personal information is stolen, he or she may face a range of problems. These are concerns that necessitate more security. The transmission of this sensitive information over the internet is always susceptible to hacking. Therefore, the privacy of patients’ data is considered one of healthcare organizations’ main issues. To overcome this problem, encryption mechanisms that place a significant emphasis on securing data within the cloud environment are used to preserve sensitive health data. A hybrid cryptography approach is employed in this paper to ensure the secure sharing of health data over the cloud. To maintain data privacy and secrecy, a hybrid cryptography mechanism for storing and transporting data to and from the cloud is used. To protect data from malevolent insiders, the encryption key is separated into two halves, controlling access to patient records via a specific technique. This paper shows the implementation and performance evaluation of the proposal as a functional system prototype. The evaluation is based on the key generation time, the record encryption time, the record decryption time, the record upload time and the record download time for different user numbers and different file sizes varying from 0.1 MB to 500 MB. The findings show that the proposal performs better than other state-of-the-art systems and can practically share secure health data in cloud environments.