융합정보논문지 (Journal of Convergence for Information Technology)

중소기업융합학회 (Convergence Society for SMB)
권호 표지
DOI QR코드

DOI QR Code

클라우드 환경에서 헬스케어 데이터를 위한 효율적인 암호화 기법

An Efficient cryptography for healthcare data in the cloud environment

  • 조성남 (한국과학기술정보연구원 학술정보공유센터) ;
  • 정윤수 (목원대학교 정보통신융합공학부) ;
  • 오충식 (한국과학기술정보연구원 과학기술사이버안전센터)
  • Cho, Sung-Nam (Korea Institute of Science and Technology Information) ;
  • Jeong, Yoon-Su (Dept. of information Communication Convergence Engineering, Mokwon University) ;
  • Oh, ChungShick (Korea Institute of Science and Technology Information)
  • 투고 : 2018.05.15
  • 심사 : 2018.06.20
  • 발행 : 2018.06.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

최근 의료 서비스 분야는 사용자의 헬스케어 데이터를 효율적으로 관리하기 위해서 클라우드 서비스를 이용하고 있다. 그러나, 클라우드 환경에서 처리되는 사용자의 헬스케어 데이터의 안정성을 보장하는 연구는 미진한 상태이다. 본 논문에서는 클라우드 환경에서 헬스케어 데이터를 효율적으로 암호화하는 부분 랜덤 암호화 기법을 제안한다. 제안 기법은 병원 의료 서비스에 최적화하도록 사용자가 생성하는 랜덤키(p, q)를 2개 생성하여 공개키와 개인키 생성에 반영한다. 제안 기법에서 사용되는 랜덤 키는 데이터를 전체 암호화하지 않고 일부분만을 암호화하여 사용자의 헬스케어 데이터 처리 효율을 향상시켰다. 성능평가 결과, 제안 기법은 암호화 생성 비용을 평가한 결과 기존 기법에 비해 21.6% 낮추었고, 병원 내 사용자 헬스케어 데이터 처리 시간도 18.5% 향상된 결과를 얻었다.

Recently, healthcare services are using cloud services to efficiently manage users' healthcare data. However, research to ensure the stability of the user's healthcare data processed in the cloud environment is insufficient. In this paper, we propose a partial random encryption scheme that efficiently encrypts healthcare data in a cloud environment. The proposed scheme generates two random keys (p, q) generated by the user to optimize for the hospital medical service and reflects them in public key and private key generation. The random key used in the proposed scheme improves the efficiency of user 's healthcare data processing by encrypting only part of the data without encrypting the whole data. As a result of the performance evaluation, the proposed method showed 21.6% lower than the existing method and 18.5% improved the user healthcare data processing time in the hospital.

키워드

참고문헌

  1. R. H. Weber. (2010). Internet of Things: New Security and Privacy Challenges. Computer Law & Security Review, 26(1), 23-30. DOI : 10.1016/j.clsr.2009.11.008
  2. S. C. Choi, M. W. Ryu, M, Jin & J. H. Kim. (2014). Internet of Things platform and service trends. Information and Communications Magazine(Information and Communication), 31(4), 20-27.
  3. S. Haller, S. Karnouskos & C. Schroth. (2009). The Internet of Things in an Enterprise Context. Future Internet-FIS 2008 Lecture Notes in Computer Science, 5468, 14-28. DOI : 10.1007/978-3-642-00985-3_2
  4. S. Raza, H. Shafagh, K. Hewage, R. Hummen & T. Voigt. (2013). Lithe: Lightweight Secure CoAP for the Internet of Things. IEEE Sensors Journal, 13(10), 1-1. DOI : 10.1109/jsen.2013.2277656
  5. Y. S. Jeong & S. H. Lee. (2012). U-Healthcare user's privacy protection protocol with Implantable medical Device of State Information. Journal of the Korean Institue of Communicaitons and Information Sciences, 37(4), 277-353. DOI : 10.7840/kics.2012.37c.4.297
  6. P. Phunchongharn, D. Niyato, E. Hossain & S. Camorlinga. (2009). An EMI-Aware Prioritized Wireless Access Scheme for e-Health Application in Hospital Environments. IEEE transactions on information technology in biomedicine, 14(5), 1247-1258. DOI : 10.1109/titb.2010.2047507
  7. P. Phunchongharn, E. Hossain & S. Camorlinga. (2011). Electromagnetic Interference-Aware Transmission Scheduling and Power Control for Dynamic Wireless Access in Hospital Environments. IEEE Transactions on Information Technology in Biomedicine, 15(6), 890-899. DOI : 10.1109/titb.2011.2164258
  8. Q. Shen, X. Liang, X. Shen, X. Lin & H. Y. Luo. (2004). Exploiting Geo-Distributed Clouds for a E-health Monitoring System With Minimum Service Delay and Privacy Preservation. IEEE Journal of Biomedical and Health Informatics, 18(2), 430-439. DOI : 10.1109/jbhi.2013.2292829
  9. X. Shen. (2012). Emerging technologies for e-healthcare. IEEE Journals & Managines Network, 26(5), 2-3. https://doi.org/10.1109/MNET.2012.6172267
  10. H. B. Kim, Y. J. Jeon & S. J. Kim. (2011). Study on security management in cloud computing environment. Kongju University KNU Management Consulting Institute, Management Consulting Review, 2(1), 127-144.
  11. H. S. Kim & C. S. Park. (2010). Cloud computing and personal authentication services. Review of KIISC , 20(2), 11-19.
  12. K. H. Lee, H. S. Choi & Y. D. Chung. (2011). Massive Data Processing and Management in Cloud Computing: A Survey. Journal of KIISE, 38(2), 104-125.
  13. Z. A. Khattak, S. Sulaiman & J. A. Manan. (2010). A study on threat model for federated identities in federated identity management system, Proceedings of the 2010 International Symposium in Information Technology(ITSim), 2, 618-623. DOI : 10.1109/itsim.2010.5561611
  14. H. Gao, J. Yan & Y. Mu. (2010). Dynamic Trust Model for Federated Identity Management. Proceedings of the 4th International Conference on Network and System Security(NSS), 55-61. DOI : 10.1109/nss.2010.40
  15. Y. Zhou, Z. Cao & R. Lu. (2005). Provably secure proxy-protected signature schemes based on factoring. Appl. Math. Comput., 164(1), 83-98. DOI : 10.1016/j.amc.2004.04.032
  16. M. Mambo, K. Usuda & E. Okamoto. (1996). Proxy signatures for delegating signing operation. Proceedings of the Third ACM Conference on Computer and Communications Security, 48-57. DOI : 10.1145/238168.238185
  17. Y. Yu, Y. Mu, W. Susilo, Y. Sun & Y Ji. (2012). Provably secure proxy signature scheme from factorization. Mathematical and Computer Modelling, 1160-1168.