A new privacy homomorphism and applications
Information Processing Letters
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Knowledge-Based Systems
CryptDB: protecting confidentiality with encrypted query processing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Computer Security Fundamentals
Computer Security Fundamentals
A new remote user authentication scheme using smart cards
IEEE Transactions on Consumer Electronics
Access control: principle and practice
IEEE Communications Magazine
A More Secure Authentication Scheme for Telecare Medicine Information Systems
Journal of Medical Systems
A Secure Authentication Scheme for Telecare Medicine Information Systems
Journal of Medical Systems
Executing SQL queries over encrypted character strings in the Database-As-Service model
Knowledge-Based Systems
An Efficient Authentication Scheme for Telecare Medicine Information Systems
Journal of Medical Systems
An Improved Authentication Scheme for Telecare Medicine Information Systems
Journal of Medical Systems
Hi-index | 0.00 |
In medical information systems, there are a lot of confidential information about patient privacy. It is therefore an important problem how to prevent patient's personal privacy information from being disclosed. Although traditional security protection strategies (such as identity authentication and authorization access control) can well ensure data integrity, they cannot prevent system's internal staff (such as administrators) from accessing and disclosing patient privacy information. In this paper, we present an effective scheme to protect patients' personal privacy for a medical information system. In the scheme, privacy data before being stored in the database of the server of a medical information system would be encrypted using traditional encryption algorithms, so that the data even if being disclosed are also difficult to be decrypted and understood. However, to execute various kinds of query operations over the encrypted data efficiently, we would also augment the encrypted data with additional index, so as to process as much of the query as possible at the server side, without the need to decrypt the data. Thus, in this paper, we mainly explore how the index of privacy data is constructed, and how a query operation over privacy data is translated into a new query over the corresponding index so that it can be executed at the server side immediately. Finally, both theoretical analysis and experimental evaluation validate the practicality and effectiveness of our proposed scheme.