You are here

Security and privacy of data in the cloud

SenseI (Sensor based Engagement for Improved Health)

Description/Objectives

Sensor driven coaching involves a huge volume of diverse data collection, transportation, storage and analysis at the Cloud. Personal, healthcare and coaching data are sensitive information. They need to be protected and only specified users shall have access to different parts of data on a need to know basis. The existing encryption and access control schemes provide data security and privacy but they limit usability. WP6 analyses and addresses the challenges in ensuring the availability, security and privacy of the data collected. This work package studies the following questions:

o Encryption of diverse set of data in distributed environment
o Search over the encrypted data
o Fine grained access control to the data

The goal of this work package is to propose a novel security solution that eliminates potential security threats on health and related personal data hosted in public cloud, assures privacy and also supports fine grained access control. In particular, we will propose techniques for search in encrypted data that would allow different participating entities to access data privileged to them, while preserving the users’ privacy. The existing systems support single user search on encrypted data or multi-user setting by sharing common encryption key between different users. These schemes introduce burden in key management and entire data needs to be re- encrypted with new key if any user leaves the group. Our objective is to develop a system that addresses the above mentioned challenges while considering the diversity of coaching sensor data in distributed environment.

The healthcare and coaching data are collected from different users and sources and hence each dataset must be accessible only by a specific group of users. The researchers will also propose fine grained need-based access control, which will allow the participating entities to search and access the encrypted data based on their roles. We provide mechanism for dynamic classification of the healthcare / coaching data under different categories and also assign role for different participating entities. We define access policy that associates each dataset with the roles that can access the data. This facilitates search over the encrypted data within the scope of the participating entity, while preserving the users’ privacy.

WP Leader: