Authorized Encrypted Search for

Multi-Authority Medical Databases

ABSTRACT:
E-medical records are sensitive and should be stored in a medical database in encrypted form. However,
simply encrypting these records will eliminate data utility and interoperability of the existing medical
database system because encrypted records are no longer searchable. Moreover, multiple authorities could
be involved in controlling and sharing the private medical records of clients. However, authorizing
different clients to search and access records originating from multiple authorities in a secure and scalable
manner is a nontrivial matter. To address the above issues, we propose an authorized searchable encryption
scheme under a multi-authority setting. Specifically, our proposed scheme leverages the RSA function to
enable each authority to limit the search capability of different clients based on clients’ privileges. To
improve scalability, we utilize multi-authority attribute-based encryption to allow the authorization process
to be performed only once even over policies from multiple authorities. We conduct rigorous security and
cost analysis, and perform experimental evaluations to demonstrate that the proposed scheme introduces
moderate overhead to existing searchable encryption schemes.

SYSTEM REQUIREMENTS:
HARDWARE REQUIREMENTS:
 System : Pentium Dual Core.
 Hard Disk : 120 GB.
 Monitor : 15’’ LED
 Input Devices : Keyboard, Mouse
 Ram : 1 GB
SOFTWARE REQUIREMENTS:
 Operating system : Windows 7.
 Coding Language : JAVA/J2EE
 Tool : Netbeans 7.2.1
 Database : MYSQL

EXISTING SYSTEM:

PROPOSED SYSTEM
The most straightforward method of addressing data privacy concerns is to encrypt
data before uploading to the cloud. Subsequently, only the authorized client who has the key
or permissions can decrypt the data. Accordingly, in a PHR system, data owners are usually
required to encrypt their PHRs. As a practical consideration, data owners also need to provide
corresponding access policies to access their PHRs and determine which keywords they can
search. However, it is nontrivial to achieve the a fore mentioned requirements over encrypted
data. Once medical records are encrypted and outsourced, the cloud server can no longer
perform keyword search, because the server is not expected to obtain any informationabout
the records. Thus, to search the records of all patients with the keyword “Australia”, all the
records must be downloaded from the cloud and then decrypted to search

REFERENCE:
Lei Xu, Shifeng Sun, Xingliang Yuan, Joseph K. Liu, Cong Zuo, Chungen Xu, “Enabling Authorized
Encrypted Search for Multi-Authority Medical Databases”, IEEE Transactions on Emerging Topics in
Computing, 2019.