Secure Information Sharing System for Online Patient Networks

Abstract

Recently, privacy emerged as a hot issue again, as the General Data Protection Regulation (GDPR) of EU has become enforceable since May 25, 2018. This paper deals with the problem of health information sharing on a website securely and with preserving privacy. In the context of patient networks (such as 'PatientsLikeMe' or 'CureTogether'), we propose the model Secure Information Sharing System (SISS) with the main method of group key cryptosystem. SISS addresses important problems of group key systems. (1) The new developed equations for encryption and decryption can eliminate the rekeying and redistribution process for every membership-change of the group, keeping the security requirements. (2) The new 3D Stereoscopic Image Mobile Security Technology with AR (augmented reality) solves the problem of conspiracy by group members. (3) SISS uses the reversed one-way hash chain to guarantee forward secrecy and backward accessibility (security requirements for information sharing in a group). We conduct a security analysis of SISS according to group information sharing secrecy and an experiment on its performance. Consequently, although current IT paradigm is changing to be more and more 'complicated', 'overlapped', and 'virtualized', SISS makes it possible to securely share sensitive information from collaborative work.