Thursday 28th of March 2024
 

Secure Data Exchange in P2P Data Sharing Systems in eHealth Perspective


Mehedi Masud and Sk. Md. Mizanur Rahman

In P2P data sharing systems (P2PDSS) peers share data in a pair-wise fashion. Data are shared on-the-fly by establishing temporary data exchange session for user queries. Generally, the communication link between peers is unsecured while exchanging data. In P2P eHealth data sharing scenarios, peers may need to exchange highly confidential data among them. Hence, there are some security threats that need to be considered (e.g. data might be trapped and disclosed by the intruders). In a P2PDSS, we cannot assume any third party security infrastructure (e.g. PKI) to protect confidential data. Considering the need of secure data exchange in P2PDSS, in this paper we propose a secure data exchange model. The model is based on pairing-based cryptography and the data sharing policy between peers. Applying the model, peers compute secret session keys dynamically by computing pairing on elliptic curve, based on the data sharing policies while exchanging data. The proposed protocol is robust against the man-in-the middle attack, the masquerade attack and the replay attack.

Keywords: eHealth, P2P, data security, PKI

Download Full-Text


ABOUT THE AUTHORS

Mehedi Masud
Mehedi Masud received the Ph.D. degree in computer science from the University of Ottawa, ON, Canada. He is an Assistant Professor at the Department of Computer Science, Taif University, Taif, Saudi Arabia. He has published several research papers at international journals and conferences. His research interests include issues related to P2P and networked data management, query processing and optimization, e-Health, and information security. Dr. Masud has served as a member of the technical committees of several international conferences and workshops. He is on the editorial board of some journals including the Journal of Internet and Information Systems, Journal of Engineering and Computer Innovations, and Journal of Software. He served as a Guest Editor for the Journal of Computer Science and Information Science.

Sk. Md. Mizanur Rahman
Dr. Sk. Md. Mizanur Rahman is working as an Application Security Research Engineer in Irdeto –Canada, Inc. At his current work, he is responsible for designing white-box implementation of cryptographic algorithms. Prior to his current appointment, he worked for four years as a postdoctoral fellow in School of Electrical Engineering and Computer Science, University of Ottawa, University of Guelph, and University of Ontario Institute of Technology (UOIT), Canada. He completed a Ph.D. in Risk Engineering (Cyber Risk) in the Laboratory of Cryptography and Information Security, Department of Risk Engineering, University of Tsukuba, Japan, in 2007. Information Processing Society Japan (IPSJ) awarded Dr. Rahman with “IPSJ Digital Courier Funai Young Researcher Encouragement Award” for his excellent research work in IT security. He completed an M.Sc. and a B.Sc.(Hons) in Computer Science, securing first class first with distinction; as a result he was awarded with “Gold Medal”. He has published around 50 peer reviewed journals and conference proceedings on different topics of cryptography; a patent on “white-box cryptography for key agreement protocol” is also under evaluation. His research interests include Cryptography and Cryptographic Attack Models, Software Security and Reverse Engineering, Network Security, Computer Security, Access Control, and Privacy.


IJCSI Published Papers Indexed By:

 

 

 

 
+++
About IJCSI

IJCSI is a refereed open access international journal for scientific papers dealing in all areas of computer science research...

Learn more »
Join Us
FAQs

Read the most frequently asked questions about IJCSI.

Frequently Asked Questions (FAQs) »
Get in touch

Phone: +230 911 5482
Email: info@ijcsi.org

More contact details »