CLOUD-BASED ENCRYPTED EHR SYSTEM WITH SEMANTICALLY RICH ACCESS CONTROL

Abstract

Cloud-based Electronic Health Record (EHR) systems provide essential security controls by encrypting patient data. However, the patient records cannot be queried without decrypting each record. As the volume of the data reaches Big Data levels, it is essential to search over these encrypted patient records without decrypting them to ensure that the medical caregivers can efficiently and quickly access the EHRs or find any particular record. These are often required in many situations, such as a physician who wants to find and treat patients having a contagious disease to prevent the spread among the community. A scenario like this requires a searchable encryption function in the EHR systems to reduce service delays. Moreover, Attribute-Based Encryption (ABE) is widespread in EHR systems to secure patient data. In such systems, the users' attributes keep changing with time; for example, users might leave an organization, get promotions, or move to other departments. These situations require user attributes to be revoked in the policy string of the encrypted data to protect patient privacy and data security. The current work does not address these issues in an EHR system. We have made two major contributions to this thesis. We have developed a novel cloud-based EHR system that uses ABE to secure patient data. Our system uses Semantic Web Technologies to facilitate Attribute-Based Access Control (ABAC) to an EHR, ensuring only users with valid attributes can access a particular EHR at a field level instead of a document level. The system also includes searchable encryption using keyword index and search trapdoor by adding an extra layer of protection, which allows querying EHR records without decrypting patients' EHR records in the system. Further, our system addresses all user attribute changes and revokes unwanted attributes in the policy string of the encrypted data. The attribute revocation feature is efficiently managed by delegating the secret key and ciphertext revision to the Cloud Service Provider (CSP). The second contribution is our novel approach to storing encrypted patient data in the nodes of a knowledge graph. Our system uses a comprehensive knowledge graph that stores all medical data in encrypted nodes, offering several advantages. For example, our system can handle heterogeneous patient data. It can also maintain good query performance, and we demonstrated it using the MIMIC-III dataset. The query performances were almost the same for different data sizes because, for a particular task, the graph never needs to touch other nodes. Each vertex only keeps the information about its immediate neighbors; there is no global index of vertex connections. As a result, the graph maintains its performance as the data amount expands. Moreover, using a knowledge graph in our system allows flexible expansion of schemas while serving queries.