scholarly journals Protecting Sensitive Data with Secure Data Enclaves

2021 ◽  
Author(s):  
Mark Howison ◽  
Mintaka Angell ◽  
Michael Hicklen ◽  
Justine S. Hastings
Keyword(s):  
Data Sharing ◽  
Data Use ◽  
Data Access ◽  
Cloud Services ◽  
Reference Architecture ◽  
Sensitive Data ◽  
Technical Requirements ◽  
Data Owner ◽  
Secure Data ◽  
Amazon Web Services

A Secure Data Enclave is a system that allows data owners to control data access and ensure data security while facilitating approved uses of data by other parties. This model of data use offers additional protections and technical controls for the data owner compared to the more commonly used approach of transferring data from the owner to another party through a data sharing agreement. Under the data use model, the data owner retains full transparency and auditing over the other party’s access, which can be difficult to achieve in practice with even the best legal instrument for data sharing. We describe the key technical requirements for a Secure Data Enclave and provide a reference architecture for its implementation on the Amazon Web Services platform using managed cloud services.

scholarly journals User Prediction in a Role for Secure Data Sharing Through Cloud

2019 ◽  
Vol 8 (10) ◽  
pp. 162-166
Keyword(s):  
Data Sharing ◽  
Cloud Service ◽  
Searchable Encryption ◽  
Security Issue ◽  
Cloud Service Provider ◽  
Insider Attack ◽  
Data Owner ◽  
User Request ◽  
Secure Data ◽  
Role Based

Nowadays cloud is being used by both individuals and organizations to store and share the data without establishing their own data center. The outsourcings of these data are becoming a major security issue for businesses. Searchable encryption is one of the prominent techniques which allow the data owner to securely store the data and then share the data for their growth in business. With this technique, Cloud Service Provider can process the user request by searching on encrypted stored data without decrypting the data. In this paper we analyze different searchable encryption techniques for secure data sharing and their preventive attacks. We also proposed a method named “User Prediction in Role” to reduce the insider attack possibility in Role Based Data Sharing (RBDS), which is based on user p

scholarly journals An efficient and secure data sharing scheme for mobile devices in cloud computing

2020 ◽  
Vol 9 (1) ◽  
Author(s):  
Xiuqing Lu ◽  
Zhenkuan Pan ◽  
Hequn Xian
Keyword(s):  
Cloud Computing ◽  
Mobile Devices ◽  
Data Sharing ◽  
Data Privacy ◽  
Mobile Terminals ◽  
Sensitive Data ◽  
Integrity Verification ◽  
Sharing Scheme ◽  
Secure Data ◽  
Authorized Access

Abstract With the development of big data and cloud computing, more and more enterprises prefer to store their data in cloud and share the data among their authorized employees efficiently and securely. So far, many different data sharing schemes in different fields have been proposed. However, sharing sensitive data in cloud still faces some challenges such as achieving data privacy and lightweight operations at resource constrained mobile terminals. Furthermore, most data sharing schemes have no integrity verification mechanism, which would result in wrong computation results for users. To solve the problems, we propose an efficient and secure data sharing scheme for mobile devices in cloud computing. Firstly, the scheme guarantees security and authorized access of shared sensitive data. Secondly, the scheme realizes efficient integrity verification before users share the data to avoid incorrect computation. Finally, the scheme achieves lightweight operations of mobile terminals on both data owner and data requester sides.

Secure Data Sharing: Blockchain enabled Data Access Control Framework for IoT

2021 ◽  
pp. 1-1
Author(s):  
Xin Wei ◽  
Yong Yan ◽  
Shaoyong Guo ◽  
Xuesong Qiu ◽  
Feng Qi
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Data Access ◽  
Data Access Control ◽  
Control Framework ◽  
Secure Data

scholarly journals Efficient Hierarchical and Time-Sensitive Data Sharing with User Revocation in Mobile Crowdsensing

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Jiawei Zhang ◽  
Jianfeng Ma ◽  
Teng Li ◽  
Qi Jiang
Keyword(s):  
Data Sharing ◽  
High Efficiency ◽  
Data Access ◽  
Sensitive Data ◽  
Mobile Crowdsensing ◽  
Data Access Control ◽  
Sharing Scheme ◽  
User Revocation ◽  
And Performance ◽  
Ciphertext Policy

Recently, cloud-based mobile crowdsensing (MCS) has developed into a promising paradigm which can provide convenient data sensing, collection, storage, and sharing services for resource-constrained terminates. Nevertheless, it also inflicts many security concerns such as illegal access toward user secret and privacy. To protect shared data against unauthorized accesses, many studies on Ciphertext-Policy Attribute-Based Encryption (CP-ABE) have been proposed to achieve data sharing granularity. However, providing a scalable and time-sensitive data-sharing scheme across hierarchical users with compound attribute sets and revocability remains a big issue. In this paper, we investigate this challenge and propose a hierarchical and time-sensitive CP-ABE scheme, named HTR-DAC, which is characteristics of time-sensitive data access control with scalability, revocability, and high efficiency. Particularly, we propose a time-sensitive CP-ABE for hierarchical structured users with recursive attribute sets. Moreover, we design a robust revocable mechanism to achieve direct user revocation in our scheme. We also integrate verifiable outsourced decryption to improve efficiency and guarantee correctness in decryption procedure. Extensive security and performance analysis is presented to demonstrate the security requirement satisfaction and high efficiency for our data-sharing scheme in MCS.

scholarly journals Access to Sensitive Data: Satisfying Objectives Rather than Constraints

2014 ◽  
Vol 30 (3) ◽  
pp. 533-545 ◽  
Author(s):  
Felix Ritchie
Keyword(s):  
Cost Benefit ◽  
Data Access ◽  
Legal Responsibility ◽  
Sensitive Data ◽  
The Public ◽  
Data Owner ◽  
Level Data ◽  
Good Nature ◽  
The Uk

The argument for access to sensitive unit-level data produced within government is usually framed in terms of risk and the legal responsibility to maintain confidentiality. This article argues that the framing of the question may restrict the set of possibilities; a more effective perspective starts from the data owner’s principles and user needs. Within this principlesbased framework, the role of law changes: It becomes an ‘enabling technology’, helping to define the solution but playing no role in setting the objectives. This shift in perspective has a number of consequences. The perception of ‘costs’ and ‘benefits’ is reversed. Law and established practice are distinguished and appropriately placed within a cost-benefit framework. The subjectivity and uncertainty in risk assessments is made explicit. Overall, all other things being equal, the expectation is that a move towards objective-based planning increases data access and improves risk assessment. This alternative perspective also addresses the problem of the public-good nature of research outputs. It encourages the data owner to engage with users and build a case for data access taking account of the wider needs of society. The UK data access regime is used as the primary example of the arguments in this article

scholarly journals Perceptions of anonymised data use and awareness of the NHS data opt-out amongst patients, carers and healthcare staff

2021 ◽  
Vol 7 (1) ◽  
Author(s):  
C. Atkin ◽  
B. Crosby ◽  
K. Dunn ◽  
G. Price ◽  
E. Marston ◽  
...  
Keyword(s):  
Data Sharing ◽  
Public Awareness ◽  
Data Use ◽  
Academic Research ◽  
Secondary Data ◽  
Data Access ◽  
Health Data ◽  
Healthcare Staff ◽  
Secondary Use ◽  
Opt Out

Abstract Background England operates a National Data Opt-Out (NDOO) for the secondary use of confidential health data for research and planning. We hypothesised that public awareness and support for the secondary use of health data and the NDOO would vary by participant demography and healthcare experience. We explored patient/public awareness and perceptions of secondary data use, grouping potential researchers into National Health Service (NHS), academia or commercial. We assessed awareness of the NDOO system amongst patients, carers, healthcare staff and the public. We co-developed recommendations to consider when sharing unconsented health data for research. Methods A patient and public engagement program, co-created and including patient and public workshops, questionnaires and discussion groups regarding anonymised health data use. Results There were 350 participants in total. Central concerns for health data use included unauthorised data re-use, the potential for discrimination and data sharing without patient benefit. 94% of respondents were happy for their data to be used for NHS research, 85% for academic research and 68% by health companies, but less than 50% for non-healthcare companies and opinions varied with demography and participant group. Questionnaires showed that knowledge of the NDOO was low, with 32% of all respondents, 53% of all NHS staff and 29% of all patients aware of the NDOO. Recommendations to guide unconsented secondary health data use included that health data use should benefit patients; data sharing decisions should involve patients/public. That data should remain in close proximity to health services with the principles of data minimisation applied. Further, that there should be transparency in secondary health data use, including publicly available lists of projects, summaries and benefits. Finally, organisations involved in data access decisions should participate in programmes to increase knowledge of the NDOO, to ensure public members were making informed choices about their own data. Conclusion The majority of participants in this study reported that the use of healthcare data for secondary purposes was acceptable when accessed by NHS. Academic and health-focused companies. However, awareness was limited, including of the NDOO. Further development of publicly-agreed recommendations for secondary health data use may improve both awareness and confidence in secondary health data use.

Provably Secure Data Sharing Approach for Personal Health Records in Cloud Storage Using Session Password, Data Access Key, and Circular Interpolation

2021 ◽  
Vol 17 (4) ◽  
pp. 76-98
Author(s):  
Naveen John ◽  
Shatheesh Sam
Keyword(s):  
Health Information ◽  
Data Sharing ◽  
Cloud Storage ◽  
High Efficiency ◽  
Personal Health Record ◽  
Data Access ◽  
Personal Health Information ◽  
Personal Health ◽  
Secure Data ◽  
Circular Interpolation

Personal health record (PHR) system has become the most important platform to exchange health information, in which the patients can share and manage personal health information more effectively in cloud storage. However, the cloud server is unreliable, and the secure data of users may be disclosed. Therefore, a secure data sharing mechanism is developed in this research using the proposed session password, data access key, and circular interpolation (SKC)-based data-sharing approach for the secure sharing of PHR in the cloud. The proposed SKC-based data sharing approach provides high efficiency and high-security guarantee. It effectively satisfies various security properties, such as tamper resistance, openness, and decentralization. The proposed SKC-based data sharing approach is the reliable mechanism created for the doctors to share the PHR and to access the patient historical data while meeting the privacy preservation.

scholarly journals Secure Data Access Privacy Preserving Using Cloud Services

2021 ◽  
Vol 1916 (1) ◽  
pp. 012228
Author(s):  
M Rajkumar ◽  
E Kanmani ◽  
M Bhuvanesh ◽  
B Haritha ◽  
B Kalaiyarasi
Keyword(s):  
Data Access ◽  
Privacy Preserving ◽  
Cloud Services ◽  
Secure Data
Sign in / Sign up

Export Citation Format

Share Document