Securing medical data by role-based user policy with partially homomorphic encryption in AWS cloud

Cloud technology provides services for storing and accessing a large amount of data with ease of access and less cost. Sensitive data such as patients' electronic health information should be encrypted before outsourcing into the cloud. Many traditional encryption methods are used for protecting data in the cloud, but unable to perform computation on encrypted data. Homomorphic encryption operates directly on the ciphertext. In this study, a Secure Partially Homomorphic Encryption (SPHE) algorithm is proposed to secure the outsourced data and perform multiplication and division operations on the ciphertext. The access control policy in the cloud environment is more flexible. An attacker can easily collect sensitive data by abusing the access policy of another user. Therefore, the database privacy is compromised. Creating a role hierarchy and managing the session is difficult in the cloud environment. The above issues motivate us to develop a model which is the integration of the proposed scheme SPHE with role-based user policy. The model is implemented in Eclipse IDE (Integrated Development Environment) and AWS (Amazon Web Service) Toolkit for Eclipse and deployed in Amazon Elastic Beanstalk (EB) environment. This model is particularly used for securing the patient e-health details and performing computation on outsourced data. The patient details are encrypted by the algorithm SPHE and uploaded in AWS S3 (Simple Storage Service) bucket. The users are created by AWS Identity and Access Management (IAM) service and the access level policy is defined based on user roles in EB environment. The proposed model performance is studied by comparing with other partially homomorphic methods Elgamal, Pailler, and Benaloh. This model achieves data integrity and data confidentiality using the role-based user policy with SPHE.