Public Audit For Medical Cloud Data

In order to effectively utilize cloud computing technology to provide high-quality medical services,medical data is outsourced to the medical cloud for storage and management.However,there are still many security issues with outsourcing medical data to the cloud.One of the important issues is how to protect the integrity of medical data in the cloud because the integrity of these data is a prerequisite for providing accurate medical diagnosis and treatments.In order to solve the integrity problem in the medical cloud,this paper designs different data integrity audit schemes for different data types and data sources,combining security and performance requirements in practical application scenarios.The specific researches are as follows:First,we propose a certificateless public auditing scheme for cloud-assisted medical system,achieving all necessary functions and security requirements for patient's electronic health records.The electronic health records in the cloud-assisted medical system contains medical data processed by different medical personnel.The proposed scheme allows authorized medical personnel to upload data to the cloud on behalf of patients through a controlled authorization method,which significantly reduces the user's computation and communication costs.Besides,a tag generation method based on certificateless signature is adopted to avoid complex certificate management problem and key escrow problem.Further,we prove the security of the proposed scheme with strict security analysis.Theoretical analysis and experimental results show that compared with the existing scheme that supports delegated data outsourcing,the proposed scheme has lower computational costs in the tag generation and auditing phases for the multi-agent environment.Second,an efficient public auditing scheme for medical sensor data in the cloud is proposed,which can meet the high real-time requirements of medical sensor data and support data privacy protection.In most existing auditing schemes,tag generation requires a large computational overheads,and the user's device has limited computing power.Therefore,a new public auditing scheme that supports online-offline tag generation is designed to improve the efficiency of tag generation.Specifically,the users' lightweight device can complete relevant complex operations in advance to generate offline tags;in the online phase,only a few lightweight operations are required,which greatly reduces the user's online computational costs.Detailed theoretical analysis and experiments results demonstrate that the computational costs of the proposed scheme in the online tag generation and verification phases are lower than the existing schemes.Third,for the log data in the shared medical cloud environment,we present a safe and effective log public auditing scheme.Specifically,a blockchain-based logging strategy was designed to support selective verification of log integrity and resist collusion attacks between the malicious users and the cloud service provider.Based on the proposed multi-user logging strategy,a public auditing approach was further presented to verify the integrity of logs in the cloud without leaking any log content.We evaluate the security and performance of the proposed scheme.The results indicate that the proposed scheme can achieve secure and effective auditing for logs in the shared medical cloud storage,and outperforms the extended existing one in computation and communication costs.