Export file:


  • RIS(for EndNote,Reference Manager,ProCite)
  • BibTex
  • Text


  • Citation Only
  • Citation and Abstract

A survey of state-of-the-art methods for securing medical databases

1 School of Science, RMIT University, GPO Box 2476, Melbourne, VIC 3001, Australia
2 School of Computing, Engineering and Mathematics, Western Sydney University, Locked Bay 1797, Penrith, NSW 2751, Australia
3 Center for Research in Complex Systems and School of Community Health, Charles Sturt University, Albury, NSW, Australia

This review article presents a survey of recent work devoted to advanced state-of-the-art methods for securing of medical databases. We concentrate on three main directions, which have received attention recently: attribute-based encryption for enabling secure access to confidential medical databases distributed among several data centers; homomorphic encryption for providing answers to confidential queries in a secure manner; and privacy-preserving data mining used to analyze data stored in medical databases for verifying hypotheses and discovering trends. Only the most recent and significant work has been included.
  Article Metrics


1. Carter JH (2008) Electronic Health Records: A Guide for Clinicians and Administrators. ACP Press.

2. Anderson R (2012) Personal Medical Information: Security, Engineering, and Ethics. Springer, Cambridge.

3. Villalva CM, López-Alvarez XLM, Rodríguez MM, et al. (2017) Blood pressure monitoring in cardiovascular disease. AIMS Med Sci 4: 164–191.

4. Kara B, Tenekeci EG, Demirkaya S (2016) Factors associated with sleep quality in patients with multiple sclerosis. AIMS Med Sci 3: 203–212.    

5. Dillon C, Taragano FE (2016) Special Issue: Activity and Lifestyle Factors in the Elderly: Their Relationship with Degenerative Diseases and Depression. AIMS Med Sci 3: 213–216.    

6. Wilson D, Keith G, Harpal B, et al. (2017) Therapy through social medicine: cultivating connections and inspiring solutions for healthy living. AIMS Med Sci 4: 131–150.    

7. Panchal HB (2016) Percutaneous interventions for peripheral vascular disease. AIMS Med Sci 3: 234–236.    

8. Amraoui H, Mhamdi F, Elloumi M (2017) Survey of metaheuristics and statistical methods for multifactorial diseases analyses. AIMS Med Sci 4: 291–331.    

9. Petillo D, Orey S, Tan AC, et al. (2014) Parkinson's disease-related circulating microRNA biomarkers – a validation study. AIMS Med Sci 2: 7–14.

10. DeMarshall CA, Sarkar A, Nagele RG (2015) Serum autoantibodies as biomarkers for Parkinson's disease: background and utility. AIMS Med Sci 2: 316–327.    

11. Ervin K, Pallant J, Terry DR, et al. (2015) A descriptive study of health, lifestyle and sociodemographic characteristics and their relationship to known dementia risk factors in rural Victorian communities. AIMS Med Sci 2: 246–260.    

12. Shinde S, Mukhopadhyay S, Mohsen G, et al. (2015) Biofluid-based microRNA biomarkers for Parkinson's disease: an overview and update. AIMS Med Sci 2: 15–25.    

13. White VJ, Nayak RC (2015) Re-circulating phagocytes loaded with CNS debris: a potential marker of neurodegeneration in Parkinsons disease? AIMS Med Sci 2: 26–34.    

14. Fagere MO (2016) Diagnostic utility of pleural effusion and serum cholesterol, lactic dehydrogenase and protein ratios in the differentiation between transudates and exudates. AIMS Med Sci 3: 32–40.    

15. Khalid KE, Nsairat HN, Zhang JZ (2016) The presence of interleukin 18 binding protein isoforms in Chinese patients with rheumatoid arthritis. AIMS Med Sci 3: 103–113.    

16. Kirchengast S (2017) Diabetes and obesity-an evolutionary perspective. AIMS Med Sci 4: 28–51.

17. Tanhapour M, Vaisi-Raygani A, Khazaei M, et al. (2017) Cytotoxic T-lymphocyte associated antigen-4 (CTLA-4) polymorphism, cancer, and autoimmune diseases. AIMS Med Sci 4: 395–412.    

18. Fitzmaurice MJ, Adams K, Eisenberg JM (2002) Three decades of research on computer applications in health care: medical informatics support at the agency for healthcare research and quality. JAMIA 9:144–160.

19. Hage I, Hamade R (2015) Automatic detection of cortical bone's Haversian osteonal boundaries. AIMS Med Sci 2: 328–346.    

20. Zhang Q, Zhou D, Zeng X (2017) Machine learning-empowered biometric methods for biomedicine applications. AIMS Med Sci 4: 274–290.    

21. Abawajy J, Kelarev A, Chowdhury M (2013) Multistage approach for clustering and classification of ECG data. Comput Meth Prog Biomed 112: 720–730.    

22. Abawajy J, Kelarev A, Chowdhury M, Jelinek HF, et al. (2013) Predicting cardiac autonomic neuropathy category for diabetic data with missing values. Comput Biol Med 43: 1328–1333.    

23. Stranieri A, Abawajy J, Kelarev A, et al. (2013) An approach for Ewing test selection to support the clinical assessment of cardiac autonomic neuropathy. Artif Intell Med 58: 185–193.    

24. Abawajy J, Kelarev A, Chowdhury MU, et al. (2016) Enhancing predictive accuracy of cardiac autonomic neuropathy using blood biochemistry features and iterative multi-tier ensembles. IEEE J Biomed Health Informatics 20: 408–415.    

25. Chowdhury M, Abawajy J, Kelarev A, et al. (2016) A clustering-based multi-layer distributed ensemble for neurological diagnostics in cloud services. IEEE Trans Cloud Comp. DOI10.1109/TCC.2016.2567389.

26. Jelinek HF, Abawajy JH, Kelarev AV, et al. (2014) Decision trees and multi-level ensemble classifiers for neurological diagnostics. AIMS Med Sci 1: 1–12.

27. Jelinek HF, Abawajy JH, Cornforth D, et al. (2015) Multi-layer attribute selection and classification algorithm for the diagnosis of cardiac autonomic neuropathy based on HRV attributes. AIMS Med Sci 2: 396–409.    

28. Jelinek HF, Kelarev AV (2016) A survey of data mining methods for automated diagnosis of cardiac autonomic neuropathy progression. AIMS Med Sci 3: 217–233.    

29. Jelinek HF, Cornforth DJ, Kelarev AV (2016) Machine learning methods for automated detection of severe diabetic neuropathy. J. Diab Compl Med 1: 1–7.

30. Menezes AJ, van Oorschot PC, Vanstone SA (2001) Handbook of Applied Cryptography (Discrete Mathematics and Its Applications), Fifth Edition, CRC Press, Taylor & Francis Group, London, New York.

31. Pieprzyk J, Hardjono T, Seberry J (2003) Fundamentals of Computer Security. Springer-Verlag, Berlin.

32. Domingo-Ferrer J (2002) Inference Control in Statistical Databases. Sixth edition, Springer, Berlin.

33. Batten LM (2013) Public Key Cryptography: Applications and Attacks. Wiley-IEEE Press, New York.

34. Yi X, Paulet R, Bertino E (2013) Private Information Retrieval. Morgan and Claypool, United States.

35. Zhu Y, Peng L (2007) Study on K-anonymity Models of Sharing Medical Information. International Conference on Service Systems and Service Management. IEEE: 1–8.

36. El Emam K, Dankar FK, Issa R, et al. (2009) A globally optimal k-anonymity method for the de-identification of health data. J Am Med Inform Association 16: 670–682.    

37. Shin M, Yoo S, Lee KH, et al. (2013) Electronic medical records privacy preservation through k-anonymity clustering method. Joint, International Conference on Soft Computing and Intelligent Systems. IEEE: 1119–1124.

38. Belsis P, Pantziou G (2014) A k-anonymity privacy-preserving approach in wireless medical monitoring environments. Person Ubiquitous Comput 18: 61–74.    

39. Panackal JJ, Pillai AS, Krishnachandran VN (2014) Disclosure risk of individuals: a k-anonymity study on health care data related to Indian population. International Conference on Data Science & Engineering. IEEE: 200–205.

40. Wei D, Ramamurthy KN, Varshney KR (2016) Health insurance market risk assessment: Covariate shift and k-anonymity. SIAM Data Mining: 226–234.

41. Xie Y, He Q, Zhang D, et al. (2016) Medical ethics privacy protection based on combining distributed randomization with k-anonymity. International Congress on Image and Signal Processing. IEEE: 1577–1582.

42. Simi MS, Nayaki KS, Elayidom MS (2017) An extensive study on data anonymization algorithms based on k-anonymity. IOP Conf Ser Mater Sci Eng 225: 1–10.

43. Mehta BB, Rao UP (2017) Privacy preserving big data publishing: A scalable k-anonymization approach using MapReduce. IET Software 11: 271–276.    

44. Lu Y, Sinnott RO, Verspoor K (2017) A semantic-based k-anonymity scheme for health record linkage. Studies Health Technology Informatics 239: 84–90.

45. Sahai A, Waters B (2005) Fuzzy identity-based encryption. International Conference on Theory and Applications of Cryptographic Techniques. Springer-Verlag. Lect Notes Comp Sci 3494: 457–473.

46. Goyal V, Pandey O, Sahai A, et al. (2006) Attribute-based encryption for fine-grained access control of encrypted data. ACM Conference on Computer and Communications Security. ACM: 89–98.

47. Shamir A (1984) Identity-based cryptosystems and signature schemes. Lecture Notes Comput Sci 21: 47–53.

48. Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Lecture Notes Comput Sci 2008: 321–334.

49. Cui H, Deng RH (2016) Revocable and decentralized attribute-based encryption. Comput J 59: 1220–1235.    

50. Chase M (2007) Multi-authority attribute based encryption. Theory of Cryptography. Springer Berlin Heidelberg, 515–834.

51. Muller S, Katzenbeisser S, Eckert C (2008) Distributed attribute-based encryption. Information Security and Cryptology-Icisc 2008, International Conference, Seoul, Korea, December 3–5, Revised Selected Papers. DBLP: 20–36.

52. Cui H, Deng RH, Li Y, et al. (2016) Server-Aided Revocable Attribute-Based Encryption. Europ Symp Res Comptu Sec: 570–587.

53. Cui H, Deng RH, Ding X, et al. (2016) Attribute-based encryption with granular revocation. International Conference on Security and Privacy in Communication Systems. Springer: 165–181

54. Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of ABE ciphertexts. Proc USENIX Security Symposium, USENIX Association.

55. Lai J, Deng RH, Guan C, et al. (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Info Forensics Sec 8: 1343–1354.    

56. Camenisch J, Dubovitskaya M, Enderlein RR, et al. (2012) Oblivious transfer with hidden access control from attribute-based encryption. Int Conf Security Crypt Networks: 559–579.

57. Cui H, Deng RH, Wu G, et al. (2016) An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures. International Conference on Provable Security. Springer-Verlag New York: 19–38.

58. Liu L, Lai J, Deng RH, et al. (2016) Ciphertext-policy attribute-based encryption with partially hidden access structure and its application to privacy-preserving electronic medical record system in cloud environment. Security Comm Networks 9: 4897–4913.    

59. Lewko AB, Okamoto T, Sahai A, et al. (2010). Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. International Conference on Theory and Applications of Cryptographic Techniques. Springer-Verlag: 62–91.

60. Li M, Yu S, Zheng Y, et al. (2013) Scalable and Secure Sharing of Personal Health Records in Cloud Computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24: 131–143.    

61. Qian H, Li J, Zhang Y, et al. (2014) Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation. Int J Inf Sec 14: 487–497.

62. Tian Y, Peng Y, Peng X, et al. (2014) An attribute-based encryption scheme with revocation for fine-grained access control in wireless body area networks. Int J Distrib Sensor Networks: 1–9.

63. Radhini MP, Prabha PA, Parthasarathi P (2014) Encryption for secure sharing of personal medical records in cloud. Int J Sci Eng Technol Res (IJSETR) 3: 1308–1414.

64. Lambay MA, Lakshmi MJ, Gamare PS (2014) Sharing of personal health records securely in cloud computing with attribute based encryption. Int J Comp Sci Info Tech (IJCSIT) 5: 6864–6866.

65. Gondkar DA, Kadam VS (2014) Attribute based encryption for securing personal health record on cloud. Int Conf Devices Circuits Systems (ICDCS): 1–5.

66. Alias AE, Roy N (2014) Improved security of attribute based encryption for securing sharing of personal health records. Int J Adv Comp Technol 3: 1224–1227.

67. Mohanan L, Varghese AB (2015) Flexible, scalable and fine grained access control for medical data in cloud using attribute based encryption. Int J Appl Eng Res 10: 43378–43383.

68. Bhuvaneshwari M, Sasikumar S (2015) Secure and isolated personal health records using cipher text policy attribute based encryption. Int J App Eng Res 10: 23022–23026.

69. Wang C, Xu X, Shi D, et al. (2015) Privacy-preserving cloud-based personal health record system using attribute-based encryption and anonymous multi-receiver identity-based encryption. Informatica 39: 375–382.

70. Raseena M, Harikrishnan GR (2014) Secure sharing of personal health records in cloud computing using attribute-based broadcast encryption. Int J Comp App 102: 13–19.

71. Shubhangi G, Priyanka J, Pranjali K, et al. (2015) Scalable and secure sharing of data in cloud computing using attribute based encryption. Int J Multidisc Res Develop 2: 416–420.

72. Lounis A, Hadjidj A, Bouabdallah A, et al. (2016) Healing on the cloud: Secure cloud architecture for medical wireless sensor networks. Future Gen Computer System 55: 266–277.    

73. Eom J, Lee DH, Lee K (2016) Patient-controlled attribute-based encryption for secure electronic health records system. J Med Syst 40. Article number 253.

74. Saxena AR, Swarnalatha P (2016) Attribute based encryption and decryption of medical records. Int J Pharmacy Technology 8: 22192–22199.

75. Reddy MR, Anusha N, Shankar BNV (2016) Secured health records storage & retrieval system using keyword based key generation and Attribute Based Encryption (ABE). Res J Pharm Bio Chem Sci 7: 1420–1426.

76. Saravanan T (2016) Energy efficient attribute based encryption technique for health records via virtual machines in the cloud. J. Chem. Pharmaceutical Sci 9: 1654–1657.

77. Elmogazy H, Bamasag O (2016) Securing healthcare records in the cloud using attribute-based encryption. Comp Info Sci 9: 60–67.

78. Yan H, Li J, Li X, et al. (2016) Secure access control of e-health system with attribute-based encryption. Intell Automation Soft Comput 22: 345–352.    

79. Paillier P (1999) Public-key cryptosystems based on composite degree residuosity classes. International Conference on Theory and Application of Cryptographic Techniques. Springer-Verlag: 223–238.

80. ElGamal T (1985) A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31: 469–472.    

81. Yi X, Bouguettaya A, Georgakopoulos D, et al. (2016) Privacy protection for wireless medical sensor data. IEEE Trans Dep Sec Comp 13: 369–380.    

82. Yi X, Paulet R, Bertino E (2014) Homomorphic Encryption and Applications. New York, Springer.

83. HElib, An open-source homomorphic encryption library for C++, https://github.com/shaih/HElib.

84. FHEW. An open source homomorphic encryption library for C and C++, https://github.com/lducas/FHEW.

85. Ames S, Venkitasubramaniam M, Kocabas O, et al. (2015) Secure health monitoring in the cloud using homomorphic encryption: a branching-program formulation. Enabling Real-Time Mobile Cloud Comput Emerg Technol 1: 116–152.

86. Page A, Kocabas O, Ames S, et al. (2014) Cloud-based secure health monitoring: Optimizing fully-homomorphic encryption for streaming algorithms. Globecom Workshops. IEEE: 48–52.

87. Kocabas O, Soyata T, Couderc JP, et al. (2013) Assessment of cloud-based health monitoring using homomorphic encryption. International Conference on Computer Design. IEEE: 443–446.

88. Kocabas O, Soyata T (2014) Medical data analytics in the cloud using homomorphic encryption. Handbook Res Cloud Infrastructures Big Data Analytics: 471–488.

89. Kocabas O, Soyata T (2015) Medical data analytics in the cloud using homomorphic encryption. E-Health Telemed Concept Methodolog Tool Application 2: 751–768.

90. Yi X, Miao Y, Bertino E, et al. (2013) Multiparty privacy protection for electronic health records. GLOBECOM-IEEE Global Telecomm: 2730–2735.

91. Wang X, Zhang Z (2015) Data division scheme based on homomorphic encryption in WSNs for health care. J Med Syst 39: 1–7.    

92. Kocabas O, Soyata T (2015) Towards privacy-preserving medical cloud computing using homomorphic encryption. Enabling Real-Time Mobile Cloud Comput Emerging Technol 1: 213–246.

93. Nagapriya G, Retnaraj J (2015) Securing the privacy of sensitive data on health management system using ElGamal encryption. ARPN J Eng Appl Sci 10: 5802–5806.

94. Yi X, Paulet R, Bertino E, et al. (2014) Practical k nearest neighbor queries with location privacy. Proc Int Conf Data Eng: 640–651.

95. Paulet R, Kaosar MG, Yi X, et al. (2014) Privacy-preserving and content-protecting location based queries. IEEE Trans Knowledge Data Eng 26: 1200–1210.    

96. Yi X, Paulet R, Bertino E, et al. (2016) Practical approximate k nearest neighbor queries with location and query privacy. IEEE Trans Knowledge Data Eng 28: 1546–1559.    

97. Vasukidevi A, Jayalakshmi M, Gomathi V (2016) Secure communication between wireless medical sensor networks and data servers using Paillier and ElGamal key cryptosystem. Int Conf Comp Technol Intel Data Eng. Article number 7725333.

98. Carpov S, Nguyen TH, Constantino G, et al. (2017) Practical privacy-preserving medical diagnosis using homomorphic encryption. IEEE Int Conf Cloud Comput: 593–599.

99. Muralidhar K, Sarathy R, Parsa RA (1999) A general additive perturbation method for database security. Management Sci 45: 1399–1415.    

100. Agrawal D, Aggarwal CC (2001) On the design and quantification of privacy preserving data mining algorithms. Principle Database System: 247–255.

101. Agrawal R, Srikant R (2000) Privacy-preserving data mining. Proc ACM SIGMOD Conf Management Data: 439–450.

102. Rizvi SJ, Haritsa JR (2002) Maintaining data privacy in association rule mining. Proc 28th Int Conf Very Large Data Bases: 682–693.

103. Evfimievski A, Srikant R, Agrawal R, et al. (2002) Privacy preserving mining of association rules. Proc 8th ACM SIGKDD Int Conf Knowledge Discovery Data Mining: 217–228.

104. Sweeney L (2002) K-anonymity: a model for protecting privacy. Int J Uncert Fuzz Knowledge-Based Syst 10: 557–570.    

105. Lindell Y, Pinkas B (2002) Privacy preserving data mining. J Cryptology 15: 177–206.    

106. Kantarcioglu M, Clifton C (2004) Privacy-preserving distributed mining of association rules on horizontally partitioned data. IEEE Trans Knowledge Data Engineering 16: 1026–1037.    

107. Yi X, Zhang Y (2007) Privacy-preserving distributed association rule mining via semi-trusted mixer. Data Knowl Eng 63: 550–567.    

108. Yi X, Zhang Y (2009) Privacy-preserving naive Bayes classification on distributed data via semi-trusted mixers. Inf Syst 34: 371–380.    

109. Yi X, Zhang Y (2013) Equally contributory privacy-preserving k-means clustering over vertically partitioned data. Inf Syst 38: 97–107.    

110. Yi X, Rao FY, Bertino E, et al. (2015) Privacy-preserving association rule mining in cloud computing. Proc 10th ACM Sym Inf Comp Comm Sec: 439–450.

111. Rao FY, Samanthula BK, Bertino E, et al. (2015) Privacy-preserving and outsourced multi-user k-means clustering. Proc IEEE Conf Collab Internet Comp: 80–89.

112. Liu D, Bertino E, Yi X (2014) Privacy of outsourced k-means clustering. Proc 9th ACM Symp Inf Comp Comm Sec: 123–133.

© 2018 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution Licese (http://creativecommons.org/licenses/by/4.0)

Download full text in PDF

Export Citation

Article outline

Show full outline
Copyright © AIMS Press All Rights Reserved