scholarly journals The issues connected with the anonymization of medical data. Part 2. Advanced anonymization and anonymization controlled by owner of protected sensitive data

2014 ◽  
Vol 8 (2) ◽  
pp. 13-24 ◽  
Author(s):  
Arkadiusz Liber
Keyword(s):  
Privacy Protection ◽  
Differential Privacy ◽  
Data Access ◽  
Medical Data ◽  
Medical Documentation ◽  
Research Review ◽  
Sensitive Data ◽  
Data Anonymization ◽  
Data Access Control ◽  
Anonymized Data

Introduction: Medical documentation ought to be accessible with the preservation of its integrity as well as the protection of personal data. One of the manners of its protection against disclosure is anonymization. Contemporary methods ensure anonymity without the possibility of sensitive data access control. it seems that the future of sensitive data processing systems belongs to the personalized method. In the first part of the paper k-Anonymity, (X,y)- Anonymity, (α,k)- Anonymity, and (k,e)-Anonymity methods were discussed. these methods belong to well - known elementary methods which are the subject of a significant number of publications. As the source papers to this part, Samarati, Sweeney, wang, wong and zhang’s works were accredited. the selection of these publications is justified by their wider research review work led, for instance, by Fung, Wang, Fu and y. however, it should be noted that the methods of anonymization derive from the methods of statistical databases protection from the 70s of 20th century. Due to the interrelated content and literature references the first and the second part of this article constitute the integral whole.Aim of the study: The analysis of the methods of anonymization, the analysis of the methods of protection of anonymized data, the study of a new security type of privacy enabling device to control disclosing sensitive data by the entity which this data concerns.Material and methods: Analytical methods, algebraic methods.Results: Delivering material supporting the choice and analysis of the ways of anonymization of medical data, developing a new privacy protection solution enabling the control of sensitive data by entities which this data concerns.Conclusions: In the paper the analysis of solutions for data anonymization, to ensure privacy protection in medical data sets, was conducted. the methods of: k-Anonymity, (X,y)- Anonymity, (α,k)- Anonymity, (k,e)-Anonymity, (X,y)-Privacy, lKc-Privacy, l-Diversity, (X,y)-linkability, t-closeness, confidence Bounding and Personalized Privacy were described, explained and analyzed. The analysis of solutions of controlling sensitive data by their owner was also conducted. Apart from the existing methods of the anonymization, the analysis of methods of the protection of anonymized data was included. In particular, the methods of: δ-Presence, e-Differential Privacy, (d,γ)-Privacy, (α,β)-Distributing Privacy and protections against (c,t)-isolation were analyzed. Moreover, the author introduced a new solution of the controlled protection of privacy. the solution is based on marking a protected field and the multi-key encryption of sensitive value. The suggested way of marking the fields is in accordance with Xmlstandard. For the encryption, (n,p) different keys cipher was selected. to decipher the content the p keys of n were used. The proposed solution enables to apply brand new methods to control privacy of disclosing sensitive data.

scholarly journals The issues connected with the anonymization of medical data. Part 1. The introduction to the anonymization of medical data. Ensuring the protection of sensitive information with the use of such methods as f(a) and f(a,b)

2014 ◽  
Vol 8 (1) ◽  
pp. 13-21 ◽  
Author(s):  
ARKADIUSZ LIBER
Keyword(s):  
Privacy Protection ◽  
Data Privacy ◽  
Differential Privacy ◽  
Medical Data ◽  
Medical Documentation ◽  
Sensitive Information ◽  
Sensitive Data ◽  
New Methods ◽  
Anonymized Data ◽  
Data Privacy Protection

Introduction: Medical documentation must be protected against damage or loss, in compliance with its integrity and credibility and the opportunity to a permanent access by the authorized staff and, finally, protected against the access of unauthorized persons. Anonymization is one of the methods to safeguard the data against the disclosure.Aim of the study: The study aims at the analysis of methods of anonymization, the analysis of methods of the protection of anonymized data and the study of a new security type of privacy enabling to control sensitive data by the entity which the data concerns.Material and methods: The analytical and algebraic methods were used.Results: The study ought to deliver the materials supporting the choice and analysis of the ways of the anonymization of medical data, and develop a new privacy protection solution enabling the control of sensitive data by entities whom this data concerns.Conclusions: In the paper, the analysis of solutions of data anonymizing used for medical data privacy protection was con-ducted. The methods, such as k-Anonymity, (X,y)- Anonymity, (a,k)- Anonymity, (k,e)-Anonymity, (X,y)-Privacy, LKC-Privacy, l-Diversity, (X,y)-Linkability, t-Closeness, Confidence Bounding and Personalized Privacy were described, explained and analyzed. The analysis of solutions to control sensitive data by their owners was also conducted. Apart from the existing methods of the anonymization, the analysis of methods of the anonimized data protection was conducted, in particular the methods of: d-Presence, e-Differential Privacy, (d,g)-Privacy, (a,b)-Distributing Privacy and protections against (c,t)-Isolation were analyzed. The author introduced a new solution of the controlled protection of privacy. The solution is based on marking a protected field and multi-key encryption of the sensitive value. The suggested way of fields marking is in accordance to the XML standard. For the encryption (n,p) different key cipher was selected. To decipher the content the p keys of n is used. The proposed solution enables to apply brand new methods for the control of privacy of disclosing sensitive data.

scholarly journals A noise-based privacy preserving model for Internet of Things

2021 ◽  
Author(s):  
Shelendra Kumar Jain ◽  
Nishtha Kesswani
Keyword(s):  
Internet Of Things ◽  
Privacy Protection ◽  
Privacy Preservation ◽  
Data Access ◽  
Privacy Preserving ◽  
Sensitive Data ◽  
Computational Overhead ◽  
Data Access Control ◽  
Proposed Model ◽  
Control Scheme

AbstractWith the ever-increasing number of devices, the Internet of Things facilitates the connection between the devices in the hyper-connected world. As the number of interconnected devices increases, sensitive data disclosure becomes an important issue that needs to be addressed. In order to prevent the disclosure of sensitive data, effective and feasible privacy preservation strategies are necessary. A noise-based privacy-preserving model has been proposed in this article. The components of the noise-based privacy-preserving model include Multilevel Noise Treatment for data collection; user preferences-based data classifier to classify sensitive and non-sensitive data; Noise Removal and Fuzzification Mechanism for data access and user-customized privacy preservation mechanism. Experiments have been conducted to evaluate the performance and feasibility of the proposed model. The results have been compared with existing approaches. The experimental results show an improvement in the proposed noise-based privacy-preserving model in terms of computational overhead. The comparative analysis indicates that the proposed model without the fuzzifier has around 52–77% less computational overhead than the Data access control scheme and 46–70% less computational overhead compared to the Dynamic Privacy Protection model. The proposed model with the fuzzifier has around 48–73% less computational overhead compared to the Data access control scheme and 31–63% less computational overhead compared to the Dynamic Privacy Protection model. Furthermore, the privacy analysis has been done with the relevant approaches. The results indicate that the proposed model can customize privacy as per the users’ preferences and at the same time takes less execution time which reduces the overhead on the resource constraint IoT devices.

scholarly journals Blockchain Technology: Is It a Good Candidate for Securing IoT Sensitive Medical Data?

2018 ◽  
Vol 2018 ◽  
pp. 1-11 ◽  
Author(s):  
Nabil Rifi ◽  
Nazim Agoulmine ◽  
Nada Chendeb Taher ◽  
Elie Rachkidi
Keyword(s):  
Personal Data ◽  
Data Access ◽  
Medical Data ◽  
Just In Time ◽  
Wireless Devices ◽  
Sensitive Data ◽  
The Past ◽  
Blockchain Technology ◽  
Security Challenges ◽  
Technology Solution

In the past few years, the number of wireless devices connected to the Internet has increased to a number that could reach billions in the next few years. While cloud computing is being seen as the solution to process this data, security challenges could not be addressed solely with this technology. Security problems will continue to increase with such a model, especially for private and sensitive data such as personal data and medical data collected with more and more smarter connected devices constituting the so called Internet of Things. As a consequence, there is an urgent need for a fully decentralized peer-to-peer and secure technology solution to overcome these problems. The blockchain technology is a promising just-in-time solution that brings the required properties to the field. However, there are still challenges to address before using it in the context of IoT. This paper discusses these challenges and proposes a secure IoT architecture for medical data based on blockchain technology. The solution introduces a protocol for data access, smart contracts and a publisher-subscriber mechanism for notification. A simple analytical model is also presented to highlight the performance of the system. An implementation of the solution as a proof of concept is also presented.

A Differential Privacy Protection Query Language for Medical Data: Study Design (Preprint)

2020 ◽  
Author(s):  
Huanhuan Wang ◽  
Xiang Wu ◽  
Yongqi Tan ◽  
Hongsheng Yin ◽  
Xiaochun Cheng ◽  
...  
Keyword(s):  
Data Mining ◽  
Big Data ◽  
Privacy Protection ◽  
Modular Design ◽  
Differential Privacy ◽  
Query Language ◽  
Medical Data ◽  
Medical Data Mining ◽  
Medical Big Data ◽  
Mining Algorithms

BACKGROUND Medical data mining and sharing is an important process to realize the value of medical big data in E-Health applications. However, medical data contains a large amount of personal private information of patients, there is a risk of privacy disclosure when sharing and mining. Therefore, how to ensure the security of medical big data in the process of publishing, sharing and mining has become the focus of current researches. OBJECTIVE The objective of our study is to design a framework based on differential privacy protection mechanism to ensure the security sharing of medical data. We developed a privacy Protection Query Language (PQL) that can integrate multiple machine mining methods and provide secure sharing functions for medical data. METHODS This paper adopts a modular design method with three sub-modules, including parsing module, mining module and noising module. Each module encapsulates different computing devices, such as composite parser, noise jammer, etc. In the PQL framework, we apply the differential privacy mechanism to the results of the module collaborative calculation to optimize the security of various mining algorithms. These computing devices operate independently, but the mining results depend on their cooperation. RESULTS Designed and developed a query language framework that provides medical data mining, sharing and privacy preserving functions. We theoretically proved the performance of the PQL framework. The experimental results showed that the PQL framework can ensure the security of each mining result, and the average usefulness of the output results is above 97%. CONCLUSIONS We presented a security framework that enables medical data providers to securely share the health data or treatment data, and developed a usable query language based on differential privacy mechanism that enables researchers to mine potential information securely using data mining algorithms. CLINICALTRIAL

14. Implementing a Quantum Solution to Database Hierarchy Control

2018 ◽  
Author(s):  
Helen Percival
Keyword(s):  
Access Control ◽  
Complex Structure ◽  
Data Access ◽  
Direct Access ◽  
Sensitive Data ◽  
Database Access ◽  
Data Access Control ◽  
Access Rights ◽  
Multiple Keys ◽  
Quantum Mechanical Solution

Data access control in a hierarchy is currently a complex structure. Different groups need access to sets of data, some of which overlap, while the rest of the data remains secret. Managers and directors need to access the data that is hidden from regular users. To manage this, users are organized into partially ordered sets, or posets. Nodes in the posets represent users with the same access rights. Current solutions use independent keys to access sections of data. This is chaotic, particularly for upper users in the hierarchy. A proposed solution is up-down computable keys, as described by Nagy and Akl in 2010 [1]. The downfall of this solution is that it is only applicable to stable posets. Users leaving and entering the organization at arbitrary levels or even moving within the structure, may invalidate multiple keys or even all the keys in a poset. Nagy and Akl [1] propose a quantum mechanical solution; by managing systems with two keys per user, a quantum and a classical key, the database is able to use computable keys that the user has no access to. Instead of direct access to the key, the system uses the quantum and the classical keys to compute the access key. The purpose of the study is to design a physical system to implement quantum key database access, able to accommodate large businesses and governments with large, fluctuating and complex organizational hierarchies. Such a system would also be highly secure, suitable for databases with sensitive data. References [1] N. Nagy and S. G. Akl, “A quantum cryptographic solution to the problem of access control in a hierarchy,” Parallel Processing Letters, vol. 20, no. 3, pp. 251–261, 2010.

scholarly journals The linked medical data access control framework

2014 ◽  
Vol 50 ◽  
pp. 213-225 ◽  
Author(s):  
Eleni Kamateri ◽  
Evangelos Kalampokis ◽  
Efthimios Tambouris ◽  
Konstantinos Tarabanis
Keyword(s):  
Access Control ◽  
Data Access ◽  
Medical Data ◽  
Data Access Control ◽  
Control Framework

Achieving adaptively secure data access control with privacy protection for lightweight IoT devices

2021 ◽  
Vol 64 (6) ◽  
Author(s):  
Zhitao Guan ◽  
Wenti Yang ◽  
Liehuang Zhu ◽  
Longfei Wu ◽  
Ruimiao Wang
Keyword(s):  
Access Control ◽  
Privacy Protection ◽  
Data Access ◽  
Data Access Control ◽  
Secure Data ◽  
Iot Devices

scholarly journals Efficient Hierarchical and Time-Sensitive Data Sharing with User Revocation in Mobile Crowdsensing

2021 ◽  
Vol 2021 ◽  
pp. 1-17
Author(s):  
Jiawei Zhang ◽  
Jianfeng Ma ◽  
Teng Li ◽  
Qi Jiang
Keyword(s):  
Data Sharing ◽  
High Efficiency ◽  
Data Access ◽  
Sensitive Data ◽  
Mobile Crowdsensing ◽  
Data Access Control ◽  
Sharing Scheme ◽  
User Revocation ◽  
And Performance ◽  
Ciphertext Policy

Recently, cloud-based mobile crowdsensing (MCS) has developed into a promising paradigm which can provide convenient data sensing, collection, storage, and sharing services for resource-constrained terminates. Nevertheless, it also inflicts many security concerns such as illegal access toward user secret and privacy. To protect shared data against unauthorized accesses, many studies on Ciphertext-Policy Attribute-Based Encryption (CP-ABE) have been proposed to achieve data sharing granularity. However, providing a scalable and time-sensitive data-sharing scheme across hierarchical users with compound attribute sets and revocability remains a big issue. In this paper, we investigate this challenge and propose a hierarchical and time-sensitive CP-ABE scheme, named HTR-DAC, which is characteristics of time-sensitive data access control with scalability, revocability, and high efficiency. Particularly, we propose a time-sensitive CP-ABE for hierarchical structured users with recursive attribute sets. Moreover, we design a robust revocable mechanism to achieve direct user revocation in our scheme. We also integrate verifiable outsourced decryption to improve efficiency and guarantee correctness in decryption procedure. Extensive security and performance analysis is presented to demonstrate the security requirement satisfaction and high efficiency for our data-sharing scheme in MCS.

Survey on Regenerating Code Based Revocable and Searchable ABE Scheme for Mobile Cloud Storage

2018 ◽  
pp. 295-299
Author(s):  
Jayesh Sahebrav Patil ◽  
Prashant Mininath Mane
Keyword(s):  
Access Control ◽  
Cloud Storage ◽  
Keyword Search ◽  
Data Access ◽  
Data Availability ◽  
Mobile Cloud ◽  
Primary Concern ◽  
Sensitive Data ◽  
Data Access Control ◽  
Attribute Based Encryption

From the time in memorial, Information Security has remained a primary concern and today when most of the sensitive data is stored on Cloud with client organization having lesser control over the stored data, the fundamental way to fix this issue is to encrypt such data. So, a secure user imposed data access control system must be given, before the users outsource any data to the cloud for storage. Attribute Based Encryption (ABE) system is one such asymmetric key based cryptosystem that has received much attention that provides fine-grained access control to data stored on the cloud. In this paper, we propose a more proficient and richer type of Attribute Based Encryption technique (RSABE) that not only considers the Outsourced ABE construction but also address the issue of revocation in case of change of attributes of the group user or organization; once a user is removed from the group, the keys are updated and these new keys are distributed among the existing users also our system supports the Keyword search over encrypted data in the mobile cloud storage. In multi keyword search; data owners and users can generate the keywords index and search trapdoor, respectively, without relying on always online trusted authority. Experimental results prove that the performance of the proposed system is greater than existing system in terms of security, time consumption and memory utilization & data availability.

Sign in / Sign up

Export Citation Format

Share Document