A Security Model For Preserving The Privacy of Med

See discussions, stats, and author profiles for this publication at: https://www.researchgate.
net/publication/320093536
A Security Model for Preserving the Privacy of Medical Big Data in a Healthcare
Cloud Using a Fog Computing Facility With Pairing-Based Cryptography
Article in IEEE Access · September 2017

DOI: 10.1109/ACCESS.2017.2757844
CITATIONS READS
230 3,219
5 authors, including:
Sk Md Mizanur Rahman M. Shamim Hossain

University of Ottawa King Saud University
53 PUBLICATIONS 1,494 CITATIONS 386 PUBLICATIONS 18,697 CITATIONS
SEE PROFILE SEE PROFILE
Ahmad S. Almogren Atif Alamri

King Saud University King Saud University
227 PUBLICATIONS 7,802 CITATIONS 190 PUBLICATIONS 7,860 CITATIONS
SEE PROFILE SEE PROFILE
All content following this page was uploaded by M. Shamim Hossain on 09 October 2017.
The user has requested enhancement of the downloaded file.

This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2017.2757844, IEEE Access
IEEE ACCESS. VOL.XXX, NO.XX, 2017 1
A Security Model for Preserving the Privacy of

Medical Big Data in a Healthcare Cloud Using a
Fog Computing Facility with Pairing-Based
Cryptography
Hadeal Abdulaziz Al Hamid, Non-Member, IEEE, Sk Md Mizanur Rahman*, Member, IEEE,
M. Shamim Hossain*, Senior Member, IEEE, Ahmad Almogren, Member, IEEE, and Atif Alamri, Member, IEEE,
Abstract—Nowadays, telemedicine is an emerging healthcare healthcare industry includes patient data in electronic patient
service where the healthcare professionals can diagnose, evaluate, records (EPRs); clinical data from computerized physician
and treat a patient using telecommunication technology. To order entries (CPOEs); machine generated/sensor data, such as
diagnose and evaluate a patient, the healthcare professionals need
to access the electronic medical record (EMR) of the patient, from monitoring vital signs; clinical decision support systems
which might contain huge multimedia big data including x-rays, (medical imaging, physician’s written notes and prescriptions,
ultrasounds, CT scans, MRI reports, etc. For efficient access and insurance, laboratory, pharmacy, and other administrative
supporting mobility for both the healthcare professionals as well data); social media posts, including Twitter feeds (so-called
as the patients, the EMR needs to be kept in big data storage in tweets) [8][9], blogs [10][11], status updates on Facebook
the healthcare cloud. In spite of the popularity of the healthcare
cloud, it faces different security issues; for instance, data theft and other platforms, and web pages; and non-patient-specific
attacks are considered to be one of the most serious security information, including emergency care data, news feeds, and
breaches of healthcare data in the cloud. In this paper, the main articles in medical journals.
focus has been given to secure healthcare private data in the Telemedicine is one of the emerging fields for e-health
cloud using a fog computing facility. To this end, a tri-party one- research. In the telemedicine service, EMRs including MBD,
round authenticated key agreement protocol has been proposed
based on the bilinear pairing cryptography that can generate images, and multimedia medical data are transmitted on the
a session key among the participants and communicate among fly over insecure internet connections as they are required
them securely. Finally, the private healthcare data are accessed by the remote doctors. The healthcare cloud infrastructure
and stored securely by implementing a decoy technique. would make it much easier to pull all different healthcare
Index Terms—Key Management; Security and Privacy; Med- information together for a patient while the patient moves from
ical Big Data; Fog Computing; Pairing-based cryptography; one hospital to another; as a result, the patients’ information
Decoy Technique can be managed and tracked easily. The healthcare cloud is a
cloud computing infrastructure where all the healthcare service
I. I NTRODUCTION providers and stakeholders can communicate with each other
through the cloud servers, as illustrated in Figure 1.
Big data in healthcare refers to sets of electronic med-
Healthcare cloud computing offers the benefit of both
ical health data that are large and complex. Due to their
software and hardware through the provision of services over
huge volume and complexity, it is difficult (or infeasible)
the Internet. Cloud computing is defined by the NIST (2009)
to manage those data sets using traditional software and/or
as ”a model for enabling ubiquitous, convenient, on-demand
hardware [1][2]. The diversity and volume of multimedia
network access to a shared pool of configurable comput-
medical big data (MBD) and efficient accessibility of these
ing resources (e.g., networks, servers, storage, applications,
datasets make it irresistible [2][3][4][5][6][7]. MBD in the
and services) that can be rapidly provisioned and released
* are the corresponding authors with minimal management effort or service provider interac-
H. Al Hamid is with the Information Systems Department, College of tion” [12], [13].
Computer and Information Sciences, King Saud University, Riyadh 11543,
Saudi Arabia. e-mail: 434203451@student.ksu.edu.sa Similar to cloud computing, healthcare cloud computing has
Sk. Md. M. Rahman, is with the Information Systems Department, College different issues related to its security, the most important of
of Computer and Information Sciences, King Saud University, Riyadh 11543, which are: legal and policy issues, data protection, privacy
Saudi Arabia. e-mail: mizan@ksu.edu.sa
M.S. Hossain, is with the Software Engineering, College of Computer and protection, lack of transparency, cybersecurity issues, absence
Information Sciences, King Saud University, Riyadh 11543, Saudi Arabia. of security standards, and software licensing [14].
e-mail: mshossain@ksu.edu.sa Each of these issues has different challenges that can be
A. Almogren, is with the Computer Science Department, College of
Computer and Information Sciences, King Saud University, Riyadh 11543, briefly discussed as follows. The challenges related to cloud
Saudi Arabia. e-mail: ahalmogren@ksu.edu.sa computing’s legal and policy issues are: liability, applicable
A. Alamri, is with the Software Engineering, College of Computer and law, compliance, copyright, data portability, and data pro-
Information Sciences, King Saud University, Riyadh 11543, Saudi Arabia.
e-mail: atif@ksu.edu.sa tection. Speaking about protection, privacy protection means
Manuscript received xxx, 2017; revised xxx xx, 2017. to protect the personally identifiable information (PII), by
2169-3536 (c) 2017 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
Other Professional System Administrator
Medical Patient
Center
Doctor
Nurse
Doctor
Healthcare Cloud
Computing Servers
Medical Laboratory/
Pharmacy
Research Cell Unit
Medical
Center Ambulance
With
Communication
Medical facility
Center
Medical
Center
Specialized
Doctor
Nurse
Patient
Patient
Fig. 1. High level illustration of healthcare cloud
making it clear to the consumer how it is used and where where the decoy files are called when an attacker is detected
it is stored. Usually, privacy issues are all about three things, as accessing the system, in our proposed methodology the
which are trust, uncertainty, and compliance. Also, another decoy files are retrieved from the beginning to ensure better
issue related to the consumer is lack of transparency, which security. Additionally, it uses a double security technique by
may appear through the consumer not knowing where his/her encrypting the original file when an attacker recognizes that
data are physically stored or what happens to it. On the he/she is dealing with a decoy gallery; he/she would need to
other hand, another cloud security issue is cyber security. figure out how to decode the original gallery. As a result, our
Cyber security challenges are related to four factors which methodology ensures that the users’ MBD are 100% secure
are: (1) information input, (2) information and commands and shortens the process. There is no need to worry if the
output, (3) shared tenancy, and (4) physical infrastructure. user is an attacker, since by default it offers the decoy big
Each one of these challenges contains different sub-challenges, data gallery directly to any user and keeps the original one
for example information input challenges are categorized into hidden, which is only made available to a legitimate user after
three areas: (1) challenges related to the way of collecting and successful verification.
delivering the information to cloud computing applications, Organization of The Paper: Section II and its subsec-
(2) challenges related to the mechanism used to transport the tions describe the background and preliminaries of the pro-
information from utility to cloud computing facility, and (3) posed technique. Section III describes the existing literature
challenges related to information storage facility. So, each on similar topics. The proposed system and methodology
cloud computing issue or challenge has different staff we are described in Section IV; the justification for selecting
need to know more about. At the end, to define the relations cryptographic techniques have been described in Section V;
between consumers, utilities, and third parties in the cloud, a computational analysis for cryptographic Implementation are
proper policy is needed in order to make sure that the cloud described in Section VI, and Section VII concludes the paper.
computing is secure [15].
In this paper, a methodology is presented to secure patients’
II. BACKGROUND AND P RELIMINARIES
MBD in the healthcare cloud using the decoy technique with
a fog computing facility. It serves as a second gallery to In this section we provide a few technical backgrounds
contain decoy MBD (DMBD) that appear to the attacker as that will help to ensure better understanding of our proposed
if it is the original MBD (OMBD). Unlike other methods, technique.
A. Cloud Computing tiring for the user, especially if we are talking about a large
Cloud computing has different service models, which are organization with multiple users and files. For this reason,
divided into three categories: (1) IaaS, which allows users to fog computing is used to create decoys with minimal user
take advantage of the infrastructure without mentioning the intervention [21], [22], [23].
hardware running behind it; (2) PaaS, which builds on IaaS
and provides clients with access to basic operating software C. Decoyfile
and optional services to develop and use software applications The basic idea behind this technique is to limit the damage
without software installation; and (3) SaaS, which enables caused by stolen data by decreasing the value of the stolen
clients to use software applications without having to install information. To achieve this, the decoy should have certain
them on their personal computer, by offering these as a service features. First, it should be believable. In the absence of any
through the Internet [16]. We can categorize cloud computing additional information, a perfectly believable decoy should
consistent with the deployment model into: (1) a public cloud, make it impossible for an attacker to figure out that the
in which the resources are sold or rented to the public by data are not real. Thus, the decoy should seem authentic and
the service provider, who at the same time is the owner; trustworthy. Second, the decoy should be enticing enough to
(2) a private cloud owned or rented by an organization; (3) attract the attention of the attacker and make him/her open the
community clouds, in which some closed communities share file. Third, the decoy should be conspicuous, which is closely
the same cloud resources; and (4) a hybrid cloud, which has related to being enticing. Whereas enticing is related to how
the characteristics of two or more deployment models [17]. curious an attacker is about a decoy, conspicuousness has to
Several features are available in cloud computing, for exam- do with how easy a decoy is to access. Therefore, the decoy
ple: on-demand broad network access, self-service, measured should be easily located by search queries. Fourth, the decoy
service, resource pooling, and rapid elasticity. Self-service should be differentiable so that the real user can distinguish
means that the customers can manage and request their own between the real and the decoy file. Balancing differentiability
resources. On the Internet or in private networks, the ser- for authentic users with believability for attackers is one of
vices offered are known as broad network access. In pooled the critical aspects of any decoy deployment system. Fifth,
resources, the customer draws from a pool of computing the decoy should be non-interfering so that the real user will
resources, usually in a remote data center. The services can be not accidentally misuse the bogus information contained in
scaled larger or smaller, and customers are billed according to the decoy. Finally, the decoy should be detectable; this feature
the measured use of a service [18]. refers to the ability of decoys to alert their owners once they
have been accessed [24], [25], [26].
B. Fog Computing
Fog computing, as shown in Figure 2, is an emerging D. Bilinear Pairing Function
paradigm that provides storage, processing, and communica- A bilinear pairing is a map between cyclic groups. Let
tion services closer to the end user. It reduces latency, pro- G1 , G2 , and GT be cyclic groups with a prime order q.
vides location awareness, and supports high-density wireless We consider G1 and G2 as additive groups and GT to be
networks. Providing data and putting them on the edge of a multiplicative group. A bilinear pairing is defined as: e :
a network to be nearer to the user are considered among G1 ×G2 → GT , Which satisfies the following properties [27],
the main tasks of fog computing. The end user is connected [28], [29], [30]:
to different nodes, which are referred to as the ”edge,” thus • Bilinear: It holds the important property e(aP, bQ) =
the term ”edge computing.” Fog computing does not replace e(P, Q)ab , where ∀P, Q ∈ G1 and ∀a, b ∈ Z
cloud computing. Rather, it extends the cloud to the edge • Non-degenerate: e(P, P ) 6=1
of the network [19], [20]. Creating decoy information and • Computability: A mapping is said to be computable if an
locating it beside the real information in the cloud to hide algorithm exists which can efficiently compute e(P, Q)
the true data of the user is also called fog computing. This for any P, Q ∈ G1 .
architecture offers a number of services that are related to the Also, the following are considered as bilinear pairing prop-
use of decoys. Hence, fog computing can be considered as an erties. ∀P, Q ∈ G1 :
alternative name for the Decoy Document Distributor (D3),
• e(P, ∞) = 1 and e(∞, P ) = 1
which is a tool for generating and monitoring decoys. This −1
• e(P, −Q) = e(−P, Q) = e(P, Q)
strategy is used to protect the real, sensitive data by providing
• e(P, Q) = e(Q, P )
a ”fog” of misinformation. Decoy information, such as decoy
documents, honey files, and honeypots, among others, can be
generated when unauthorized access is detected. This confuses E. Bilinear Diffie-Hellman Problems
the attackers and makes them believe that they have the real, The security of many pairing-based protocols is dependent
useful data when they actually do not. Decoys can be created on the intractability of the following problems [27], [28], [29],
manually by the user him/herself; for example, when the user [30]:
creates a new document, he/she can create a fake document • Computational bilinear Diffie-Hellman problem (CBDH):
that will appear as a mirror document but contains bogus which is the problem of computing e(P, P )abc when
information. Such manual creation of decoys is obviously very P, aP, bP, cP ∈ G1 are given.
Fig. 2. Fog computing architecture
• Decision bilinear Diffie-Hellman problem (DBDH): involves user information, such as passwords, social security
which is the problem of deciding if e(P, P )abc = r when numbers, credit card information, other personal information,
P, aP, bP, cP ∈ G1 and r ∈ GT are given. and confidential corporate information. A recent study done in
the Saudi population sought to determine the most important
F. Elliptic Curve Diffie-Hellman contents in mobile phones [32]. The results showed that
88% of the female respondents answered ”personal photos,”
Elliptic curve Diffie-Hellman (ECDH) is a key-agreement whereas 63% of the male participants cited ”personal infor-
protocol, more than an encryption algorithm. This means that mation” and ”personal photos.” The statistics clearly indicate
ECDH defines how keys should be generated and exchanged that personal photos are the most important contents in mobile
between parties, and how actual data using such keys are devices. This may also mean that types of content which may
encrypted is up to us. Based on our proposed system, we will be important to some people may not be as important for
encrypt the photos using the Blowfish algorithm while the key others.
authentication and exchange will be done using ECDH [27], Based on what was described previously about the popular-
[28], [29]. Thus, the key is generated by the Elliptic Curve ity of using cloud computing and the importance of securing
Cryptography (ECC) Private Key Generator (PKG) key gener- the data within it, our paper will clarify the different security
ator and then the key agreement can be done by Diffie-Hellman issues that can affect the protection of MBD in the healthcare
(DH); the combination of these two concepts is ECDH. Now, cloud environment. Also, we have investigated the existing
the obvious question is why would using a curve make DH decoy technique and its suitability for protecting MBD in the
better than using the integers? Well, many different properties healthcare cloud. Finally, we propose our method to secure
are related to using elliptic curves, such as EC, which improves the MBD in the healthcare cloud by using DMBD, which
efficiency by performing faster operations. Also, by using EC, depends on using a fog computing facility and pairing-based
we can achieve higher security with a smaller key size, so we cryptography (PBC). A session key is generated for secure
can use a much smaller prime to achieve the same complexity communication among the participants by using PBC to access
as working with integers. and store MBD in the cloud. An initial version of this research
has been presented in a conference [33].
G. Motivation and Our Contribution
MBD stored in the healthcare cloud typically reside in a III. R ELATED W ORK
shared environment collocated with data from other stakehold- This section presents a comprehensive study on the use of
ers [31]. Data theft occurs when information is illegally copied a decoy technique to secure cloud data. According to Vikas,
or taken from a business or individual. Such theft usually Gurudatt, Pawan, and Shyam [34], there are different security
issues in mobile cloud computing. These can be divided into Further, Sonali and Dhanashree [37] explained the method that
five categories: (1) physical threats, which include mobile is used to secure cloud data in the following scenario: when
possession and lost or stolen devices; (2) application-based a user logs in to the system, a ”Successful login” SMS is
threats, such as those involving malware, spyware, privacy, sent to his/her mobile device. The user can execute all tasks
and vulnerable applications; (3) network-based mobile security after answering the security question. Thereafter, one of two
threats, including Wi-Fi sniffing, denial of service, and address different situations is presented: first, if the user answers the
impersonation; (4) web-based threats, such as phishing scams, question correctly, the original file is downloaded. Second, if
drive-by downloads, browser exploits, and jail broken devices; the user answers the question incorrectly, which means that
and (5) other active attacks, including Internet protocol vulner- he/she is an attacker, then the decoy document is downloaded.
abilities, information recovery vulnerability, and unauthorized Then, the real user receives an SMS containing information on
access to management interface. the attacker, such as the IP address, server name, and access
A decoy defense network can be deployed to bolster the date and time, which can be used to track the attacker. In [38],
security in different situations. In [21], the authors discussed Sriram, Patel, Harishma, and Lakshmanan proposed a hybrid
several scenarios in which a decoy can be used. One usage protocol that leverages on the advantages of encryption and
scenario involves using a decoy within a local computer, fog computing to secure the cloud from insider attacks. The
which means placing the decoy document within the same protocol used an approach called selective encryption: because
environment in which it was created. In another scenario, the of performance issues, not all data can be encrypted, and
decoy can be located on a network level. In both scenarios, to address this concern, only selected information that needs
the decoy is used to protect documents on different levels. more security is encrypted. This is done by giving the user
However, a decoy can also be used to protect software, as an option to completely encrypt, selectively encrypt, or not
by being made to look like a legitimate source code, decoy encrypt his/her data at all. To protect the data from insider
software can protect real software from unauthorized usage. attacks, a data cleaning approach is used. When the data are
Another decoy usage scenario applies a voicemail decoy to decrypted by a legitimate user, they are stored in the volatile
detect malicious activity; here the decoy is a legitimate voice memory of the physical machine for a temporary period,
message but contains false information. Lastly, a cloud-based during which they could be misused by an insider attacker;
decoy can be used to protect documents in the cloud against a data cleaning technique is used to address this concern.
insider attacks. As previously mentioned, besides selective encryption, fog
A few studies have focused on securing cloud data by using computing is applied. To profile the user’s search behavior, a
decoy documents. For instance, in [22], the authors first carried neural network is used, with the following parameters: amount
out user behavior profiling to determine unauthorized access. of downloaded data, nature of operation, division of tasks, IP
When an attacker accesses the cloud, a decoy document is address, and log file content. Whenever the system detects
returned such that the real user’s data are kept secure. Each dean attacker accessing it, decoy documents are deployed, and
coy document header contains a hidden Hash-based Message the legitimate user receives a warning e-mail once a decoy
Authentication Code (HMAC). Verification of whether or not document is opened. Again, in [39], Vinod, Sunidatta, Rani,
the document is a decoy is done by calculating the HMAC and Sasidharan presented an integrated detection approach by
based on the content of the document; if the two HMACs combining user behavior and decoy technology. They cited
match, then the document is a decoy and an alert is issued. that their proposed security system is appropriate only for
In this case, decoy documents are used for two purposes: a single cloud ownership system. Thus, they recommended
first, to validate whether or not the data access is authorized enhancing their application to manage a cloud environment
when abnormal information access is detected, and second, to that has more than one cloud architecture. On the other hand,
confuse the attacker by providing false documents. It should Liu [40] stated that a single security method cannot solve the
be noted that only decoy documents are used in this study, and cloud computing security problem and that many traditional
these are selected manually and added into the file system by and new technologies and strategies must be used together to
the user. In a similar technique carried out by Aruna, Prasad, protect the total cloud computing system because the data in
and Reddy [35], malicious insider attacks were prevented by the cloud are greatly dependent on the network and the server,
using decoy information technology. When abnormal infor- which makes the data privacy issue more prominent than in
mation access is detected, the decoy helps to validate whether the traditional network.
or not the access is authorized. Hence, when unauthorized
data access is detected and verified, a malicious inside flood
IV. P ROPOSED S YSTEM
with bogus information is returned to dilute the real user
data. Also, in [36], Dnyanesh, Suyash, Deepak, and Nilesh Now and in the subsequent sections, whenever we use the
presented an approach to secure cloud computing by using terms ”Gallery/ Photo gallery” we mean ”multimedia MBD
decoy documents. Abnormal data access patterns are detected gallery,” and the gallery contains MBD. Using fog computing
by monitoring the data access. When unauthorized access is facilities and the decoy technique, a DMBD is created. This
detected and verified, a large amount of decoy information technique can be considered as an illusion technique, as it
is returned to the attacker to protect the real data from any makes the attacker believe that he/she has accessed the user’s
misuse. Such technology could offer exceptional levels of user MBD while in fact it is just a decoy gallery. In our proposed
data security in cloud computing and social networks as well. system, as shown in Figure 3, once the user accesses his/her
account, by default the DMBD is shown. Thus, both authorized Therefore, for each newly uploaded MBD in the OMBD, a
and unauthorized users will be referred to the DMBD as the decoy one will be placed on the DMBD.
first step, while authorized legitimate users, as a second step,
will be referred to the OMBD after being verified. We believe
B. User Profiling Algorithm
that by setting the default value of the DMBD as shown and
the OMBD as hidden, we keep the original MBD more secure. User profiling can help to determine whether a user is
Also, we believe that verifying that the user is legitimate is legitimate or not based on certain parameters, such as the
much easier than detecting the attacker, which is why we tried user-search behavior, amount of downloaded data, nature of
to deal with the attacker in the first place by offering the operations, division of tasks, and IP address. Knowing how a
DMBD as the first step legitimate user deals with his/her cloud data based on these
When the user accesses his/her account, whether he/she is parameters will help determine whether or not the user is
a legitimate user or an attacker, his/her first step would be malicious [38]. There are three different types of user profiling,
accessing the DMBD, which is located in the fog computing each with different advantages and disadvantages based on the
layer side by side with user profiling. User profiling is a techniques used. The type that we will use in our system is
familiar technique that can be applied to model in what the hybrid user profile, which is a combination of explicit
way, at what time, and how considerable users access their and implicit user profiles. The explicit user profile usually
information in the healthcare cloud. This method of behavior- contains high-quality information because it is gathered from
based security is commonly used in fraud detection applica- the user him/herself, but it requires a lot of effort from the user
tion. The DMBD contains fake MBD, which are supposed to to update his/her profile information. On the other hand, the
make an attacker believe that he/she has accessed the user’s implicit user profile is automatically updated with minimal
photos/medical image while in fact it is just a decoy gallery. user effort; however, a large amount of interaction between
The legitimate user already knows that the gallery he/she the user and the content is required before an accurate user
accessed is not his/her original one, so would move on to profile can be created. Thus, combining the two types into a
the next step. Moving to the next step, the legitimate user hybrid user profile should reduce the weak points and enhance
can access his/her OMBD after being verified by passing the strong points of each technique used to monitor the cloud
the security challenge. The security challenge might be a data access and detect any unusual data access pattern [41].
challenging security question or even a verification code. Thus,
if he/she passes the security challenge, that means he/she is C. Key Exchange Algorithm
the legitimate user, so will be able to access the OMBD which
In our proposed system, the OMBD agent and the DMBD
is located on the cloud computing layer. In the event of the
need to communicate in different situations, for example,
user accessing only the DMBD, an SMS or email will be sent
when the user uploads a new photo/image, the OMBD is
to the legitimate user to inform him/her that his/her account
supposed to communicate with the DMBD to inform it to
has been accessed. The message will contain the attacker’s
add a new decoy photo. These communications between three
information (e.g., access time and date and the IP address).
parties (the user, the OMBD, and the DMBD) need to be
Now, how do we ensure that the two galleries are similar
secure. The following consecutive sub-sections describe the
to a large extent? Each time the legitimate user uploads a
secure communication procedure among the parties. For better
new photo/medical image on his/her account, a decoy photo
understanding the proposed protocol, Table I represents the
from fog computing will be uploaded to his/her DMBD, as
symbols and corresponding meaning that are used to describe
shown in Figure 4. When the user uploads the photo, he/she
the protocol.
is supposed to recognize the photo category (ECG, X-ray,
During the bootstrap of the communications, the Private Key
MRI, etc.), which will help fog computing to add the photo
Generator (PKG) Server generates following parameters:
that belongs to the same category on the DMBD; this would
make it closer to the original photo, so that the attacker would • Determines two groups G1 and G2 , of the same prime
not differentiate between the real user’s photo and the fake order q, where G1 as an additive group and G2 as a
one. Thus, in our methodology, the user is not responsible multiplicative group.
for adding the decoy photo in his/her DMBD, since it will • Determines a generator P of G1 and a bilinear map e :
be added automatically while he/she is uploading the original G1 × G1 → G2

photo to the OMBD. • Determines two collision resistant cryptographic hash
functions H1 and H2 , whereH1 : {0, 1}∗ → G1 ,
(mapping from arbitrary-length strings to points in G1 )
A. DMBD Algorithm and H2 : {0, 1}∗ → {0, 1}µ (a mapping from arbitrary-
DMBD is used as a trap gallery that makes it not of direct length strings to µ-bit fixed length output).
relevance to the legitimate user but it is used to secure his/her 1) Key Generation: PKG picks k+ 1 random numbers
OMBD by distracting the attacker. As shown in Figure 5, the ρ0 , ρ1 , ρ2 , · · · , ρk ∈ Zq∗ and generates a polynomial g(x) of
DMBD is placed in the fog computing as a honeypot to secure degree k, where g(y) = ρ0 + ρ1 y + ρ2 y 2 + · · · + ρk y k ∈ Zq [y].
the original one, which is located in the cloud. As noted, a PKG then computes U0 = ρ0 P ,U1 = ρ1 P , . . . ., Uk = ρk P .
number of anomaly-detection systems are provided by fog The public parameters of the system published by PKG are
computing such as user profiling and a decoy file system. {G1 , G2 , e, H1 , H2 , P, U0 , U1 , U2 ,. . . , U k }and the PKG keeps
Healthcare
Cloud
OMBD
Image Image
Encryption Decryption
Private Key Generator

(PKG)
Fog Computing
Facility
User Profiling
DMBD
Attacker
Legitimate Users
Fig. 3. Proposed system architecture
it’s secret keys that are {ρ0 , ρ1 , ρ2 , · · · , ρk }. On top of the g(IDD ).

above computations, PKG also computes σi = g(IDi ) = 2) Key Agreement: To establish a shared secret key among
ρ0 +ρ1 IDi +ρ2 (IDi )2 +· · ·+ρk (IDi )k mod q for the entity i the parties (as shown in Figure 7), each party computes the
whose identity is IDi ∈ Zq∗ . In our proposed system there are following public parameters and sends to other two parties.
three parties, i.e., the user, OMBD, and DMBD; and the iden- k
(IDR )i Ui = σR P and
P
tities can be represented as IDR , IDO and IDD , respectively; The user entity computes ψR =
` ` ` i=0
IDR = H1 (IDR ), IDO = H1 (IDO ), IDD = H1 (IDD ) sends to OMBD and DMBD. The OMBD computes ψO =
∗
where IDR , IDO , IDD ∈ Zq . The parties send their public k
(IDO )i Ui = σO P and sends to the user and DMBD. The
P
identity and collect their corresponding secret key from the i=0
PKG through private channel as shown in Figure 6. The public k
(IDD )i Ui = σD P and sends to
P
and private keys for the parties are computed by PKG as DMBD computes ψD =
i=0
follows: the user and the OMBD. Finally, each party can compute their
• For the User: Public Key: IDR ; Secret Key :σR = shared secret key as follows:
g(IDR ). • The user computes the shared secret key: KR =
• For the OMBD: Public Key: IDO ; Secret Key :σO = e(ψO , ψD )σR = e(σO P, σD P )σR = e(P, P )σR σO σD
g(IDO ). • The OMBD computes the shared secret key: KO =
• For the DMBD: Public Key: IDD ; Secret Key: σO = e(ψR , ψD )σO = e(σR P, σD P )σO = e(P, P )σO σR σD
Service OMBD DMBD
OMBD
DMBD
Fig. 4. Upload photo/image process
Proposed Pretended Server

Fog Computing
Facility
User Profiling
DMBD
Attacker
Monitor the user Healthcare

Cloud
OMBD
Alert attacked detected
Potential Victim
Fig. 5. How the illusion technique works
TABLE I
S YMBOLS ARE USED TO DESCRIBE THE PROTOCOL
Symbols Corresponding meaning

G1 Is an additive group of prime order q
G2 Is a multiplicative group of prime order q
H1 A cryptographic hash function which maps from an arbitrary-length strings to a point in G1
H2 A cryptographic hash function which maps from an arbitrary-length strings to µ- bit fixed length string
ρ0 , ρ1 ,. . . ., ρk Random master secrets of the system generated from Z∗q
g(y) Is a k degree polynomial using the random master secrets as the co-efficient
U0 , U1 , U2 , . . . , Uk The public parameters generated with the random secrets
σi Secret key for the entity i
?i Public shared component for the entity i
Ki Shared secret key for the entity i
OMBD’s
OMBD DMBD
Fig. 6. Collection of secret keys from the PKG
The DMBD computes the shared secret key: KD =

• H2 (KO kIDO kIDR kIDD kRR1 ) and then compare it with
e(ψR , ψO )σD = e(σR P, σO P )σD = e(P, P )σD σR σO AutR1 , if they are equal then it generates another authentication
Thus KR = KO = KD code AutO2 = H2 (KO kIDO kIDR kRO1 kRR1 ) and send
it with the random number RO1 to the user. Finally, the user
computes V erR2 = H2 (KR kIDR kIDO kRR1 kRO1 )and
D. Mutual Authentication Protocol
compare it to AutO2 , if it matches then the authen-
Now, each party needs to authenticate the other party in tication is successful otherwise it fails. On the other
order to exchange messages between each other secretly. As hand, DMBD generates a verification code V erD1 =
shown in Figure 8, firstly all the parties should compute H2 (KD kIDD kIDR kIDO kRR1 ) and then compare it with
their shared secret key, following the steps that described AutR1 ; if they are equal then it will generate another authenti-
in the previous section. So, for the user the shared se- cation code AutD2 = H2 (KD kIDD kIDR kRD1 kRR1 ) and
cret key is KR = e(ψO , ψD )σR = e(σO P, σD P )σR = send it with the random number RD1 to the user. Finally, the
e(P, P )σR σO σD . Then, the shared secret key for the OMBD is user computes V erR3 = H2 (KR kIDR kIDD kRR1 kRD1 )
KO = e(ψR , ψD )σO = e(σR P, σD P )σO = e(P, P )σO σR σD . and compare it to AutD2 , if it matches then the authentication
Also, for the DMBD the shared secret key is KD = is successful otherwise it fails. Similarly OMBD and DMBD
e(ψR , ψO )σD = e(σR P, σO P )σD = e(P, P )σD σR σO . Now, can also authenticate with the other party.
let us assume that the user wants to authenticate the OPG
and the DPG. The user will generate an authentication code
AutR1 = H2 (KR kIDR kIDO kIDD kRR1 ) then send it E. Photo Encryption Algorithm
with the random number RR1 to both OMBD and DMBD. Photo encryption is a technique used to secure a photo
After that, OMBD generates a verification code V erO1 = by changing it to an understandable one. Different photo
Fig. 7. Three parties’ secure communication
encryption algorithms with different properties and different nally. As mentioned previously, in this process, the same photo
levels of security are available. In our proposed system, we encryption key will be used. The only difference between
are using the Blowfish algorithm. Blowfish is a symmetric decryption and encryption is that supplying the sub-keys (P-
key cryptography where the key does not change, such as array) with photo decryption is in reverse order.
an automatic file encryption. The reasons behind choosing Figure 9 shows the process of photo encryption/decryption.
this algorithm are the following: (1) Blowfish has a longer To encrypt a photo, the two inputs are the plain photo and
key length, making it the most secure algorithm; and (2) it the key. After that, the photo will be converted into a cipher
can encrypt any photo file format of any size, black and photo. For the reverse process, which is decryption, the inputs
white or even a color photo [42]. Note that in our system, are the cipher photo and the key, and this process will convert
the encryption/decryption key is established by sharing public the cipher photo to its original form, which is the plain photo.
parameters and the parties can generate on the fly as shown in
Section IV-C. In the encryption process as shown in Figure 9 ,
the inputs would be the original photo and the encryption key. G. Original MBD Algorithm
After that, based on the Blowfish algorithm length, the photo
will be divided. The beginning of the array will be directly The OMBD contains the real legitimate user’s photos, for
after the photo header since the header would not be encrypted. which the whole system was built to secure them. This gallery
The array elements will be stored in rows, left to right ordered, is located in the cloud. Each time the user needs to access it,
with every photo scan line represented by one row, and the he/she needs to pass the security challenge first. Moreover,
photo rows will be encrypted from top to bottom [43]. each time the user uploads a new photo into the gallery, a
decoy one will be added in the DMBD and the original photo
will be encrypted. This was designed to make the system more
F. Photo Decryption Algorithm secure since it has two levels of security: one is the honeypot
Photo decryption is the reverse of photo encryption. This DMBD and the other keeps the original photos encrypted
process will restore the encrypted photo to what it was origi- while stored in the cloud.
PKG User OMBD DMBD

Establish system parameters 1. Get system 1. Get system parameters 1. Get system parameters
parameters and its secret and its secret key  O and its secret key  D
key  R
2. Compute
k
 R   ( IDR ) iU i   R P
i 0
Send  R
2. Compute
k
 O   ( IDO ) iU i   O P
i 0
Send  O
2. Compute
k
 D   ( IDD )iU i   D P
i 0 Send D
3.Compute the shared 3.Compute the shared
secret key 3. Compute the shared
secret key
secret key
K R  e( O , D ) R K D  e( R , O ) D
O
K O  e( R , D )
 e( O P,  D P) R
 e( R P,  D P) O  e( R P,  O P) D
 R O D
 e( P, P )
4.Generates an  e( P , P )  O R  D  e( P , P )  D R  O
authentication code (AutR1)
and select Random# RR1
Aut R1  H 2 ( K R IDR IDO IDD RR1 )
Send <AutR1, RR1>
5.compute verification code
(VerO1) 5.compute verification
VerO1  H 2 ( K O IDO IDR IDD RR1 ) code (VerD1)
Compare (AutR1=VerO1) VerD1  H 2 ( K D IDD IDR IDO RR1 )
6.Generate AutO2
Compare (AutR1=VerD1)
AutO 2  H 2 ( KO IDO IDR RO1 RR1 )
7.a.Compute VerR2 Send < AutO2, RO1>
VerR 2  H 2 ( K R IDR IDO RR1 RO1 ) 6.Generate AutD2
Compare (AutO2=VerR2) Aut D 2  H 2 ( K D IDD IDR RD1 RR1 )
7.b.Compute VerR3 Sen d <AutD2, RD1>
VerR3  H 2 ( K R IDR IDD RR1 RD1 )

Compare (AutD2=VerR3)
Fig. 8. Three parties’ authentication
V. J USTIFICATION FOR S ELECTING C RYPTOGRAPHIC

T ECHNIQUES
In this section, we will review the reasons for choosing
2169-3536 (c) 2017 IEEE. Translations and content mining are permitted for academic research only.those
Personalspecific
use is also permitted,
algorithms but republication/redistribution
in our system. This requires IEEEbe
will permission.
done by See
Plain Medical Image
Photo Encryption Cipher Image

Model
Plain Medical Image
Photo Decryption
Model
Fig. 9. Encryption / Decryption process
comparing the algorithms used with other available algorithms. bit RSA key has roughly the same strength as a 160-bit ECC
Based on the comparison, the vision and the reasons behind key, and a 2048 bit RSA has about the same strength as a 210-
preferring them over the others will be clear. bit ECC key. Based on this, a comparison was made between
the speed and memory space of 2048-bit RSA operations and
A. Why Elliptic Curve Cryptography was selected a 210 bit ECC, between 1024-bit RSA operations and a 160-
Key exchange algorithm is used to ensure that the connec- bit ECC, between 768-bit RSA operations and a 132-bit ECC,
tion between the parties is secured and to let the party ensure and between 512-bit RSA operations and a 106-bit ECC. The
that it is connected to the intended party. Key exchange can results are shown in Table IV [48].
happen by either RSA or ECC algorithms. All of them have
their strong and weak sides, as we will discuss here. B. Why the Blowfish Algorithm was Chosen
Different competitive studies have been done regarding Now, the question that one might ask is “why did we choose
key exchange algorithms. In our comparison, we will use the Blowfish algorithm in particular?” Well, many different
the results of [44], [45], [46], [47] studies. The comparison competitive studies have been done regarding encryption al-
between the two algorithms will be from several angels. First gorithms to help us pick the best one. Thus, we used [49],
of all, we will compare their key sizes. The key size used in [50] results from studies that were about the competitive
cryptographic algorithms is measured in bits. The minimum analysis on different symmetric encryption algorithms, which
key size that is considered strong security is 80 bits. Usually, are DES, 3DES, AES, and Blowfish. The comparison between
the recommended key size that offers more security is 128 the algorithms was based on seven criteria listed below in
bits. Both in RSA and ECC, the private and public keys can detail:
be chosen from equal sizes. The key size has no impact on 1) Block size: The relation between security and block size
performance, but size matters when it comes to the cost of is positive, so the larger the block size, the more secure
secure storage of the keys. As we can see in Table II, ECC it is. The block size used for all of the algorithms is 64
has the best performance in terms of using a smaller key size bits except for AES, which uses 128 bits. Therefore, it is
for the same level of security compared with RSA. Secondly, clear that, based on block size, AES is more secure than
we will compare them based on the execution time for their others, but at the same time it costs more to implement.
private keys. Table 2 shows that at the 80-bit security level, 2) Number of rounds: This is the same as block size, so
RSA is reported to be 10-times slower than ECC for private the higher the number of rounds, the more secure they
key operations. For the performance at the 112-bit security are. The number of rounds for AES might be 10, 12,
level, RSA is approximately 40 times slower. That means or 14 depending on the key length used. For DES and
the RSA private key operation is slower than the ECC. On Blowfish, they have 16 rounds. On the other hand, 3DES
the other hand, the public key operation is generally faster has the highest number of rounds, which is 48, and that
for RSA compared with ECC. The last comparison is about is why it is named triple DES since its number of rounds
the memory used for each algorithm operation. As shown in is three times more than DES.
Table III, ECC achieves the same security level as RSA but 3) Key length: The longest key length means a decreased
with lower memory used. likelihood of successful attacks. Based on that, Blowfish
Besides that, there are three different characteristics that is the most secure algorithm since its key length is in
were compared between these two cryptographic algorithms, the range of 32 bits to 448 bits, while DES’s key length
namely performance, security, and space requirements. A 1024 is 56 bits, 3DES’s key length is either 112 or 168 bits,
TABLE II
RSA AND ECC KEY SIZE COMPARISON
Security Level (bits) RSA Key Size (bits) ECC Key Size (bits)
80 1024 160
112 2048 224
128 3072 256
160 4096 320
192 7680 384
256 15360 521
TABLE III
RSA AND ECC KEY SIZE COMPARISON
Security Level (bits) Operation RSA ECC

Time Data Memory (Bytes) Time Data Memory
Public key operation (Seconds) (Seconds) (Bytes)
80
0.43s 542 0.81s 282
Private key operation 10.99s 930 0.81s 282
Public key operation 1.94s 1332 2.19s 422
112 Private key operation 83.26s 1853 2.19s 422
TABLE IV
RSA AND ECC PERFORMANCE , SECURITY, AND SPACE REQUIREMENTS COMPARISON
Key Generation Time Memory requirement Encrypt /Decrypt Time

ECC (106 bits) 57 ms 108 bytes 11 ms
RSA (512 bits) 383 ms 157 bytes 77 ms
and finally, the AES key length might be 128, 192, or VI. C OMPUTATIONAL A NALYSIS FOR C RYPTOGRAPHIC
256 bits. I MPLEMENTATION
4) Encryption/Decryption time: This is the time needed In this section, the computational analysis for cryptographic
to convert plaintext into cipher text, and the reverse implementation of the proposed methodology is discussed. The
regarding decryption time. The algorithm that consumes selection of the elliptic curve and the finite field is discussed
the longest encryption/decryption time is 3DES, while first, and then communication overhead is calculated. The
the one that consumes the shortest time is Blowfish. computational cost of the proposed scheme is evaluated. Fi-
5) Power consumption: Regarding this criterion, 3DES nally, a comparison analysis is provided between the proposed
consumes more power than the others, while Blowfish scheme and other schemes from different studies based on the
consumes the least. computational cost.
6) Memory usage: Also, 3DES uses a very high memory
while the memory usage of Blowfish is very low.
A. Choosing Elliptic Curves and Finite Fields
7) Confidentiality: The confidentiality of 3DES and AES
is high while DES is low, but Blowfish has the highest There are two accessible options regarding choosing an
confidentiality among them elliptic curve for pairing-based cryptography; the first option is
super singular curves, whereas the second option is non-super
singular curves. The most required property for the selected
elliptic curve is that it should have a small embedding degree
denoted as k. In order to achieve 80 − bit security level and
based on Table 4, the subgroup order of E(Fq )[l] should be
Based on the previous comparisons, Blowfish gives a better in the range of (160 bits – 223 bits) and the size of the
performance than the others based on its encryption/decryption extension field Fqk should be 1024 bits. Hence, the value of
time. It is also more secure than the rest based on the key size the embedding degree k should be nearly (6.4). A pairing-
used. Additionally, it consumes less memory and power than friendly elliptic curve over a finite field consists of the finite
the others. As a result, Blowfish is the best algorithm and is set of points on a curve, which can be defined by one of the
thus the best candidate to be used in our proposed system. below equations.
1) E(Fpm ) : y 2 = x3 + ax + b operations, three elliptic curve point addition operations, three

2) E(F2m ) : y 2 + y = x3 + x + b hash evaluations on H1 , nine hash evaluations on H2 , and
3) E(F3m ) : y 2 = x3 − x + b three random numbers generations. We did not calculate the
The three previous equations are examples of pairing- server part operations, which is why we have nothing regarding
friendly elliptic curves with 80-bit security strength. In the first modular division operation, modular multiplication operation,
equation, the curve can be super singular with an embedding and modular addition operation.
degree of k = 2 and finite field Fp . For the second equation,
the finite field is F2m and the maximum embedding degree D. Comparison Analysis
is k = 4 where b ∈ 0, 1. For the last equation, the finite
field is F3m and the maximum embedding degree is k = 6 We compare the cost of our proposed work with some
where b ∈ −1, 1. The required field size for achieving 80−bit elliptic curve cryptography schemes that were listed in the
security level for all of the above the three cases are 512, 239, study results of [51] and [53]. We have used some notations
and 194 respectively [51], [52]. that are given below to define the number of operations and
As a result, the candidate finite field for the implementation are used in Table VI and Figure 10.
of our proposed system can be F397 on the super singular • MUL = modular multiplication operation.
elliptic curve y 2 = x3 − x + 1 or y 2 = x3 − x − 1. In the • DIV = modular division operation.
next analysis, we will use the parameter values given above, • ADD = modular addition operation.
resulting in the elements in G1 and G2 to be roughly 160−bit • ECPM = Elliptic Curve point multiplication operation.
and 1024 − bit, respectively. Additionally, we assume that the • ECPA = Elliptic Curve point addition operation.
revenue of keyed hash message authentication code is 160-bit
output by using SHA-1. VII. C ONCLUSIONS
As a part of securing the cloud data mission, this paper
B. Communication Overhead focuses on securing user’s multimedia data within the cloud
Evaluation of our proposed system communication overhead by using fog computing. To this end, two photo galleries are
can be done based on the sizes of the transmitted packets generated. The OMBD is kept secretly in the cloud and the
by the three parties (User, OMBD, and DMBD) over the DMBD is used as a honeypot and is kept in the fog. Therefore,
communication during key generation and authentication, as instead of retrieving the DMBD only when any unauthorized
describe previously in Sections IV-C and IV-D. Firstly, the access is discovered, the user, by default, accesses the DMBD.
communication overhead for the user as follows: (1) First The OMBD is only accessible by a user after verifying the
packet isψU with the size = (|G1 |element) two times since authenticity of the user. Thus, the original multimedia data
it will be sent to the OMBD and DMBD. The second packet become more secure by setting the default value of the DMBD,
is (<AutR1 , RR1 >) with the size (160 − bit HMAC output while the OMBD is kept in a hidden gallery. To facilitate
+160 − bit random number) also multiply by two since the above process, an efficient tri-party authenticated key
it will be sent to both OMBD and DMBD. Secondly, the agreement protocol has been proposed among the user, the
communication overhead for the OMBD will be as follows: DPG, and the OPG based on paring cryptography.
(1) First packet is ψO with the size = (|G1 |element) two times
since it will be sent to the user and DMBD. (2) The second ACKNOWLEDGEMENT
packet is (<AutO2 , RO1 >) with the size (160 − bit HMAC
output +160 − bit random number). (3) And the third packet The authors would like to extend their sincere appreciations
is (<AutO3 , RO2 >) with the size (160 − bit HMAC output to the Deanship of Scientific Research at King Saud Uni-
+ 160 − bit random number). Finally, the communication versity, Riyadh, Saudi Arabia for its funding of this research
overhead for the DMBD will be as follows: (1) First packet through the Profile Research Group project (PRG-1436-17).
isψD with the size = (|G1 |element) two times since it will
be sent to the user and OMBD. (2) The second packet is R EFERENCES
(<AutD2 , RD1 >) with the size (160 − bit HMAC output [1] M. Chen, J. Yang, Y. Hao, , S. Mao, K. Hwang, ”A 5G Cognitive
+ 160 − bit random number). (3) And the third packet is System for Healthcare”, Big Data and Cognitive Computing, Vol. 1, No.
(<AutD3 , RD2 >) with the size (160 − bit HMAC output + 1, DOI:10.3390/ bdcc1010002, 2017.
[2] Frost & Sullivan: Drowning in Big Data? Reducing Infor-
160 − bit random number). mation Technology Complexities and Costs for Healthcare
Organizations. http://www.emc.com/collateral/analyst-reports/
C. Computational Cost frost-sullivan-reducing-information-technology-complexities-ar.pdf
[3] M. Chen, S. Mao, Y. Liu, ”Big Data: A Survey”, Mobile Networks and
Our proposed scheme involves one elliptic curve point mul- Applications, Vol. 19, No. 2, pp. 171-209, April 2014.
tiplication operation, one elliptic curve point addition opera- [4] M. S. Hossain, and G. Muhammad, ”Healthcare Big Data Voice Pathology
Assessment Framework,” IEEE Access, vol. 4, no. 1, pp. 7806-7815,
tion, one hash evaluation on H1 , three hash evaluations on H2 , December 2016.
and one random numbers generation. All these calculations [5] M. Chen, Y. Hao , K. Hwang, L. Wang, L. Wang, ”Disease Prediction
belong to only one party, and in our example we calculate by Machine Learning over Big Healthcare Data”, IEEE Access, Vol. 5,
No. 1, pp. 8869-8879, 2017.
the user operations. So, the total computational cost for all [6] M. Chen, P. Zhou, G. Fortino, ”Emotion Communication System”, IEEE
three parties together is three elliptic curve point multiplication Access, Vol. 5, pp. 326-337, 2017.
TABLE V
S ECURITY STRENGTH COMPARISON
Security Level bits) Integer Factorization Cryptography (bits) Size of extension field Fqk (bits) Size of E(Fq )[l] (bits)
RSA D-H ECC
80 1024 1024 160-223
112 2048 2048 224-155
128 3072 3072 256-383
192 7680 7680 384-511
256 15360 15360 512+
TABLE VI
C OMPARISON BASED ON THE COMPUTATIONAL COST
Schemes MUL DIV ADD ECPM ECPA HASH

Hwang 1 0 1 5 1 2
Zheng 3 1 1 3 1 4
ID-based 3 0 1 5 0 2
Signcryption
P2PDMS 1 0 1 1 0 5
Proposed Scheme 0 0 0 1 1 4
Hwang
Number of operations
4
Zheng
ID-based
3 Signcryption
P2PDMS
2
Proposed
Scheme
0
MUL DIV ADD ECPM ECPA HASH
Fig. 10. Comparison graph between the existing scheme and the proposed scheme
[7] M. Chen, Y. Ma, Y. Li, D. Wu, Y. Zhang, C. Youn, ”Wearable 2.0: Enable on Issues and Challenges of Cloud Computing. International Journal of
Human-Cloud Integration in Next Generation Healthcare System”, IEEE Innovations and Advancement in Computer Science 2015, Volume 4, pp.
Communications, Vol. 55, No. 1, pp. 54-61, Jan. 2017. 81-88.
[8] Bian J, Topaloglu U, Yu F, Yu F. Towards Large-scale Twitter Mining for [15] Akyol BA. Cyber Security Challenges in Using Cloud Computing in the
Drug-related Adverse Events. Maui, Hawaii: SHB; 2012. Electric Utility Industry. Pacific Northwest, Washington, 2012.
[9] M. S. Hossain and G. Muhammad, ”Cloud-assisted Industrial Internet [16] Flavio Lombardi and Roberto Di Pietro. Secure Virtualization for
of Things (IIoT) - enabled framework for Health Monitoring,” Elsevier Cloud Computing. Journal of Network and Computer Applications 2010,
Computer Networks, Vol. 101, No. (2016), pp.192-202, June 2016. Volume 6, pp. 1-10.
[10] Raghupathi W, Raghupathi V. An Overview of Health Analytics. 2013. [17] Zawoad and R. Hasan. (Feb 2013) Cloud forensics: a meta-study of
[11] M. S. Hossain, G. Muhammad, Sk. M. M. Rahman, W. Abdul, A. challenges, approaches, and open problems. Available online: http://arxiv.
Alelaiwi and A. Almari, ”Towards End-to-End Biometrics-Based Security org/abs/1302.6312
for IoT Infrastructure,” IEEE Wireless Communication magazine, vol. 23. [18] Dileep Kumar and Kolla Morarjee. Survey on Insider Data Theft Misuse
no. 5, pp. 45-51, October 2016 Attacks in the Cloud. International Journal of Computer Science and
[12] I. Foster, Yong Zhao, I. Raicu, and Shiyong Lu. Cloud Computing and Mobile Applications 2014, Volume 2, pp. 26-29.
Grid Computing 360-Degree Compared. Grid Computing Environments [19] Dr. Jordan Shropshire. Extending the Cloud with Fog: Security Chal-
Workshop, Austin, 2008. lenges and Opportunities. In 20th Americas Conference on Information
[13] P. T. Grance. (October 2009) The NIST Definition of Cloud Computing. System, Savannah, 2014.
Available online: http://csrc.nist.gov/groups/SNS/cloud-computing [20] Manreet Kaur and Monika Bharti. Fog Computing Providing Data
[14] Das Sargita, Chandrakar Ankita, and Pradhan Reshamlal. A Review Security: A Review. International Journal of Advanced Research in
Computer Science and Software Engineering 2014, Volume 4, pp. 832- Recent and Innovation Trend in Computing and Communication 2015,
834. Volume 3, pp. 3285-3288.
[21] Jonathan Voris, Jermyn Jill, Angelos Keromytis, and Salvatore Stolfo. [43] Pia Singh, Image Encryption and Decryption Using Blowfish Algorithm
Bait and Snitch: Defending Computer Systems with Decoys. Columbia in MATLAB. International Journal of Scientific & Engineering Research
University Academic Commons, 2013. 2013, Volume 4, pp. 150-154.
[22] J. Stolfo Salvator, Malek Ben Salem, and D.Angelos Kero. Fog Com- [44] Hien Ba Nguyen, ”An Overview of the NTRU Cryptographic System,”
puting: Mitigating Insider Data Theft Attacks in the Cloud. In IEEE CS M.S. thesis, Dept. Mathematics and Statistics, Univ. San Diego State,
Security and Privacy Workshops, 2012. 2014.
[23] Bhaludra Raveendranadh Singh, S. Sunanda, Moligi Sangeetha Y. Lak- [45] H. Gohel, ”Design and Development of Combined Algorithm Com-
shmi Kanth. A Secure Framework for Mollifying Attacks in Cloud. puting Technique to Enhance Web Security,” International Journal of
International Journal of Computer Trends and Technology 2014, Volume Innovative and Emerging Research in Engineering, vol. 2, no. 1, pp. 76-
16, pp. 204-207. 79, 2015.
[24] Siddhesh P Karekar and Sachin M Vaidya. Perspective of Decoy Tech- [46] N. Gura, A. Patel, A. Wander, H. Eberle and S. Shantz, ”Comparing
nique using Mobile Fog Computing with Effect to Wireless Environment. Elliptic Curve Cryptography and RSA on 8-bit CPUs,” in Lecture Notes
International Journal of Scientific Engineering and Technology Research in Computer Science, Berlin, 2004.
2015, Volume 4, pp. 2620 - 2626. [47] A. Awasthi and K. Singh, ”A Key Agreement Algorithm Based on
[25] Majid Hajibaba and Saeid Gorgin. A Review on Modern Distributed ECDSA for Wireless Sensor Network,” in 3rd International Conference
Computing Paradigm: Cloud Computing, Jungle Computing and Fog on Advanced Computing Networking and Informatics, 2015.
Computing. Journal of Computing and Information Technology 2014, [48] N. Jansma and B. Arrendondo, ”Performance comparison of elliptic-
Volume 2, pp. 69-84. curve and rsa digital signatures,” nicj. net/files, 2004.
[26] Flavio Bonomi, Rodolfo Milito, Jiang Zhu, and Sateesh Addepalli. Fog [49] N. Tyagi and A. Ganpati, ”Comparative Analysis of Symmetric Key
Computing and its Role in the Internet of Things. In Proceedings of the Encryption Algorithms,” International Journal of Advanced Research in
First Edition of the MCC Workshop on Mobile Cloud Computing, 2012. Computer Science and Software Engineering, vol. 4, no. 8, pp. 348-354,
[27] SK.Md. Mizanur Rahman, Khalil Elkhatib, ”Private Key agreement August 2014.
and secure comunication for heterogeneous sensor networks”, Journal of [50] N. Kumar and J. Thakur, ”DES, AES and Blowfish: Symmetric Key
Parallel and Distributed Computing 2010, pp. 858 - 870. Cryptography Algorithms Simulation Based Performance Analysis,” In-
[28] Dennis Meffert. Bilinear Pairing in Cryptography. M.S. thesis, Dept. ternational Journal of Emerging Technology and Advanced Engineering,
Computer Science, Radboud Univ., The Netherland, 2009. vol. 1, no. 1, pp. 6-12, December 2011.
[29] Alfred Menezes. An Introduction to Pairing-Based Cryptography. In [51] Sk. Mizanur Rahman, M. Masud, A. Noman, A. Alamri and M. Hassan,
Recent Trends in Cryptography, American Mathematical Society, 2009, ”Towards Secure Data Exchange in Peer-to-Peer Data Management Sys-
pp. 47-65. tems,” Applied Mathematics and Information Sciences, pp. 2775-2787,
2014.
[30] D. Moody, R. Perlner, A. Regenscheid, A. Roginsky and L. Chen. Report
[52] M. Scott, N. Costigan and W. Abdulwahab, ”Implementing Crypto-
on Pairing-based Cryptography. Journal of Research of the National
graphic Pairing on Smartcards,” Cryptographic Hardware and Embedded
Institute of Standards and Technology 2015, Volume 120, pp. 11-27.
Systems, Lecture Note in Computer Science, 2006.
[31] Wayne A. Jansen. Cloud Hooks: Security and Privacy Issues in Cloud
[53] B. Nayak, ”Signcryption Schemes Based on Elliptic Curve Cryptog-
Computing. In HAWAII International Conference on System Sciences,
raphy,” M.S. thesis, Dept. Computer Science and Engineering, Univ.
Koloa, 2011.
National Inistitute of Technology, India, 2014.
[32] Ahmad A Aldaraiseh, Diana Alomari, Hadeal Alhamid, Nada Hamad,
and Rawan Althemali. Effectiveness of iPhone’s Touch ID: KSA Case
Study. Advances in Computer Science: an International Journal 2015,
Volume 6, pp. 154-161.
[33] Hadeal Abdulaziz Al-Hamid, Sk Md Mizanur Rahman, ”Securing Pho-
tos in the Cloud Using Decoy Photo Gallery”, 2017 International Con-
ference on Wireless Communications, Signal Processing and Networking
Hadeal A. Al Hamid received the B.Sc. in Information Technology form
(WiSPNET), Chennai, India, 22-24 March 2017
King Saud University (KSU), Riyadh, KSA in 2014. Currently she is pursuing
[34] Solanke Vikas, Kulkarni Gurudatt, Katgaonkar Pawan, and Gupta
master in Information Science in KSU. Her field of interest are big data
Shyam. Mobile Cloud Computing: Security Threats. In International
privacy, cloud security, information security and machine learning.
Conference on Electronic and Communication Systems, Coimbatore,
2014.
[35] Etikala Aruna, Dr. Ch Prasad, and Malla A Reddy. Securing the
cloud using Decoy Information Technology to preventing them from
distinguishing the Real Sensitive data from Fake Worthless data. Interna-
tional Journal of Advanced Research in Computer Science and Software
Engineering 2013, Volume 3, pp. 292-299. Sk Md Mizanur Rahman is an Assistant Professor in Information System
[36] Dnyanesh Patil, Suyash Patil, Deepak Pote, and Nilesh Koli. Secured Department in the College of Computer and Information Sciences at King
Cloud Computing With Decoy Documents. International Journal of Ad- Saud University, KSA. Prior to his current appointment, he worked for
vances in Computer Science and Cloud Computing 2014, Volume 2, pp. several years in cryptography and security engineering in the high-tech
43-45. industry in Ottawa, Canada. He also worked as a postdoctoral researcher
[37] Sonali Khairnar and Dhanashree Borkar. Fog Computing: A New for several years in University of Ottawa, University of Ontario Institute
Concept to Minimize the Attacks and to Provide Security in Cloud of Technology (UOIT), and University of Guelph, Canada. He completed
Computing environment. International Journal of Research in Engineering a Ph.D. in Risk Engineering (Major: Cyber Security Engineering) in the
and Technology 2014, Volume 3, pp. 124-127. Laboratory of Cryptography and Information Security, Department of Risk
[38] M. Sriram, V. Patel, D. Harishma, and N Lakshmanan. A Hybrid Engineering, University of Tsukuba, Japan, in March 2007. Information
Protocol to Secure the Cloud from Insider Threats. In Cloud Computing in Processing Society Japan (IPSJ) awarded Dr. Rahman with ”IPSJ Digital
Emerging Markets (CCEM), IEEE International Conference, Bangalore, Courier Funai Young Researcher Encouragement Award” for his excellent
2014. contribution in IT security research. He is awarded with ”Gold Medal”
[39] Arabat Rashmi Vinod, Bhalke Sumit Sunidatta, Kumari Uma Rani, for the distinction marks in his undergraduate and graduate program. He
and Pillai Preethy Sasidharan. Hindering Data Theft Attacks Through has published around hundred scientific articles in peer reviewed renowned
Fog Computing. International Journal of Research in Engineering and journals and conferences including IEEE TPDS, IEEE Access, IEEE WC,
Technology 2014, Volume 3, pp. 427-429. IEEE Commun. Mag, ELSEVIER FGCS, Elsevier JPDC, Wiley CCPE, Wiley
[40] Wentao Liu. Research on cloud computing security problem and strategy. SCN, Wiley WCMC, Springer Multimedia Systems, Springer P2P Net. Appl.,
In IEEE Conference, Yichang, 2012. etc. He has a US patent on white-box implementation for a NIST Standard Key
[41] Ayse Cufoglu. User Profiling- A Short Review. International Journal of Exchange Protocol. Dr. Rahman’s primary research interests are cybersecurity,
Computer Applications 2014, Volume 108, pp. 1-9. cryptography, software and network security, privacy enhancing technology,
[42] Preeti Gaur and Neeraj Manglani, A Survey on Image Encryption and sensor networks security, application security, cloud and the Internet of Things
Decryption using Blowfish & Watermarking. International Journal on security.
M. Shamim Hossain (SM 09) is an Associate Professor at the King

Saud University, Riyadh, KSA. Dr. Shamim Hossain received his Ph.D. in
Electrical and Computer Engineering from the University of Ottawa, Canada.
His research interests include serious games, social media, IoT, cloud and
multimedia for healthcare, smart health, and resource provisioning for big
data processing on media clouds. He has authored and coauthored around
120 publications including refereed IEEE/ACM/Springer/Elsevier journals,
conference papers, books, and book chapters. He has served as a member of
the organizing and technical committees of several international conferences
and workshops. He has served as co-chair, general chair, workshop chair,
publication chair, and TPC for over 12 IEEE and ACM conferences and
workshops. Currently, he serves as a co-chair of the 6th IEEE ICME workshop
on Multimedia Services and Tools for E-health MUST-EH 2016. He is a
recipient of a number of awards including, the Best Conference Paper Award,
the 2016 ACM Transactions on Multimedia Computing, Communications
and Applications (TOMM) Nicolas D. Georganas Best Paper Award, and
the Research in Excellence Award from King Saud University. He is on
the editorial board of IEEE Access, Computers and Electrical Engineering
(Elsevier), Games for Health Journal and International Journal of Multimedia
Tools and Applications (Springer). Previously, he served as a guest editor
of IEEE Transactions on Information Technology in Biomedicine (currently
JBHI), International Journal of Multimedia Tools and Applications (Springer),
Cluster Computing (Springer), Future Generation Computer Systems (Else-
vier), Computers and Electrical Engineering (Elsevier), Sensors (MDPI). and
International Journal of Distributed Sensor Networks. Currently, he serves as
a lead guest editor of IEEE Communication Magazine, IEEE Transactions
on Cloud Computing, Future Generation Computer Systems (Elsevier), IEEE
and Access. Dr. Shamim is a Senior Member of IEEE, a member of ACM
and ACM SIGMM
Ahmad Almogren obtained his PhD degree in computer sciences from

Southern Methodist University, Dallas, Texas, USA in 2002. Previously, he
worked as an assistant professor of computer science and the head of the
scientific council at Riyadh College of Technology. He also served as the dean
of Computer College and the head of the council of academic accreditation at
Al Yamamah University. Presently, he works as an associate professor and the
vice dean for development and quality at King Saud University. His research
areas of interest include networking, security, mobile computing and data
consistency.
Atif Alamri is an Associate Professor in the Software Engineering De-

partment at the College of Computer and Information Sciences, King Saud
University. Riyadh, Saudi Arabia. His research interests include multimedia
assisted health systems, ambient intelligence, and service-oriented architec-
ture. Dr. Alamri was Guest Associate Editor of the IEEE Transactions on
Instrumentation and Measurement, a co-chair of the first IEEE International
Workshop on Multimedia Services and Technologies for E-health, a technical
program co-chair for the 10th IEEE International Symposium on Haptic
Audio Visual Environments and Games, and serves as a program committee
member for many conferences in multimedia, virtual environments, and
medical applications.
View publication stats http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

A Security Model For Preserving The Privacy of Med

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

A Security Model For Preserving The Privacy of Med

Uploaded by

Copyright:

Available Formats

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

Article in IEEE Access · September 2017

Sk Md Mizanur Rahman M. Shamim Hossain

SEE PROFILE SEE PROFILE

Ahmad S. Almogren Atif Alamri

SEE PROFILE SEE PROFILE

The user has requested enhancement of the downloaded file.

IEEE ACCESS. VOL.XXX, NO.XX, 2017 1

A Security Model for Preserving the Privacy of

IEEE ACCESS. VOL.XXX, NO.XX, 2017 2

Other Professional System Administrator

Fig. 1. High level illustration of healthcare cloud

IEEE ACCESS. VOL.XXX, NO.XX, 2017 3

IEEE ACCESS. VOL.XXX, NO.XX, 2017 4

Fig. 2. Fog computing architecture

IEEE ACCESS. VOL.XXX, NO.XX, 2017 5

IEEE ACCESS. VOL.XXX, NO.XX, 2017 6

be added automatically while he/she is uploading the original G1 × G1 → G2

IEEE ACCESS. VOL.XXX, NO.XX, 2017 7

Private Key Generator

Fig. 3. Proposed system architecture

it’s secret keys that are {ρ0 , ρ1 , ρ2 , · · · , ρk }. On top of the g(IDD ).

IEEE ACCESS. VOL.XXX, NO.XX, 2017 8

Service OMBD DMBD

Fig. 4. Upload photo/image process

Proposed Pretended Server

Monitor the user Healthcare

Fig. 5. How the illusion technique works

IEEE ACCESS. VOL.XXX, NO.XX, 2017 9

Symbols Corresponding meaning

Fig. 6. Collection of secret keys from the PKG

The DMBD computes the shared secret key: KD =

IEEE ACCESS. VOL.XXX, NO.XX, 2017 10

Fig. 7. Three parties’ secure communication

IEEE ACCESS. VOL.XXX, NO.XX, 2017 11

PKG User OMBD DMBD

VerR3  H 2 ( K R IDR IDD RR1 RD1 )

Fig. 8. Three parties’ authentication

V. J USTIFICATION FOR S ELECTING C RYPTOGRAPHIC

IEEE ACCESS. VOL.XXX, NO.XX, 2017 12

Plain Medical Image

Photo Encryption Cipher Image

Plain Medical Image

Fig. 9. Encryption / Decryption process

IEEE ACCESS. VOL.XXX, NO.XX, 2017 13

Security Level (bits) Operation RSA ECC

Key Generation Time Memory requirement Encrypt /Decrypt Time

IEEE ACCESS. VOL.XXX, NO.XX, 2017 14

1) E(Fpm ) : y 2 = x3 + ax + b operations, three elliptic curve point addition operations, three

IEEE ACCESS. VOL.XXX, NO.XX, 2017 15

Schemes MUL DIV ADD ECPM ECPA HASH

IEEE ACCESS. VOL.XXX, NO.XX, 2017 16

IEEE ACCESS. VOL.XXX, NO.XX, 2017 17

M. Shamim Hossain (SM 09) is an Associate Professor at the King

Ahmad Almogren obtained his PhD degree in computer sciences from

Atif Alamri is an Associate Professor in the Software Engineering De-

You might also like