Mppds: Multilevel privacy-preserving data sharing in a collaborative ehealth system

Abstract

With the development of smart healthcare services, there is a growing demand for healthcare environments in which a patient can be collaboratively treated by multiple healthcare providers. To enable such collaborative treatments, it is essential to have a collaborative eHealth system that is capable of storing and managing large-scale health data generated by multiple healthcare providers as well as patients themselves in one place. However, this system may raise serious privacy concerns because of unauthorized access to sensitive health data of a data owner by other users. Usually, such privacy concerns can be resolved using attribute-based encryption (ABE), which provides fine-grained data access control mechanisms. Through ABE, in which access control is expressed by a set of attributes, the sensitive data of a data owner can be selectively shared with a set of data users by encrypting it with a set of attributes. However, with the growing popularity of smart healthcare services, which are enabled by analyzing large-scale health data collected from diverse populations, a binary access control policy akin to this is not sufficient for supporting the ever-growing request for sharing health data. Hence, in this paper, we develop a novel collaborative eHealth system that supportsMultilevel Privacy-Preserving Data Sharing, MPPDS. In MPPDS, a data owner is able to share his or her health data with various data users within a collaborative eHealth system, under different levels of privacy protections. Specifically, our approach leverages local differential privacy to preserve the privacy of data owners in the process of data sharing and relies on ABE to support multilevel privacy guarantee mechanisms depending on the degree of trust between data owners and data users.We also present a method to effectively estimate aggregate statistics based on the collection of health data shared by different data owners under MPPDS. Experimental results with real and synthetic data sets demonstrate that the proposed MPPDS scheme enables more trusted data users to compute more accurate aggregate statistics than less trusted data users in a collaborative eHealth system.