With the development of network technology, more and more data are transmitted over the network and privacy issues have become a research focus. In this paper, we study the privacy in health data collection of preschool children and present a new identity-based encryption protocol for privacy protection. The background of the protocol is as follows. A physical examination for preschool children is needed every year out of consideration for the children's health. After the examination, data are transmitted through the Internet to the education authorities for analysis. In the process of data collection, it is unnecessary for the education authorities to know the identities of the children. Based on this, we designed a privacy-preserving protocol, which delinks the children’s identities from the examination data. Thus, the privacy of the children is preserved during data collection. We present the protocol in detail and prove the correctness of the protocol. 1. Introduction With computers and networks having become an important tool in everyday life, more and more data need to be transmitted through networks. Meanwhile, privacy issues have drawn public attention. How to protect privacy in a network environment has become a research focus in the field of computer network. Privacy, broadly speaking, refers to private data held by organizations or individuals, which are confidential to others. For individuals, private information such as personal identification, physical condition, and geographical location is all private [1]. The spread of private information will cause a lot of negative consequences, even leading to crimes. Therefore, privacy-preserving technology becomes an important research direction. At present, researches of privacy-protection technology in the network include at least the following areas. Privacy Protection in Wireless Sensor Networks. Wireless sensor networks have broad application prospects in the fields of environmental monitoring, health care, national defense, and so on. However, in practical applications, wireless sensor networks are facing a serious risk of data disclosure or tampering that will lead to serious consequences [2–5]. For example, in the field of military, data collected by wireless sensor networks often contain important intelligence information which, if disclosed or tampered with, will pose a serious threat or military missteps. The privacy-protecting technology is an indispensable part of wireless sensor networks [6–10]. Privacy Preserving-Data Mining. Data mining is the most important knowledge discovery tool
References
[1]
R. Agrawal and R. Srikant, “Privacy-preserving data mining,” SIGMOD Record (ACM Special Interest Group on Management of Data), vol. 29, no. 2, pp. 439–450, 2000.
[2]
R. Bista and J.-W. Chang, “Privacy-preserving data aggregation protocols for wireless sensor networks: a survey,” Sensors, vol. 10, no. 5, pp. 4577–4601, 2010.
[3]
C. C. Tan, H. Wang, S. Zhong, and Q. Li, “IBE-lite: a lightweight identity-based cryptography for body sensor networks,” IEEE Transactions on Information Technology in Biomedicine, vol. 13, no. 6, pp. 926–932, 2009.
[4]
B. Carbunar, Y. Yu, W. Shi, M. Pearce, and V. Vasudevan, “Query privacy in wireless sensor networks,” ACM Transactions on Sensor Networks, vol. 6, no. 2, article 14, 2010.
[5]
S. Zhong, “Efficient, anonymous, and authenticated conference key setup in cellular wireless networks,” Computers and Electrical Engineering, vol. 34, no. 5, pp. 357–367, 2008.
[6]
C.-Y. Chow, M. F. Mokbel, and T. He, “A privacy-preserving location monitoring system for wireless sensor networks,” IEEE Transactions on Mobile Computing, vol. 10, pp. 94–107, 2011.
[7]
N. Li, N. Zhang, S. K. Das, and B. Thuraisingham, “Privacy preservation in wireless sensor networks: a state-of-the-art survey,” Ad Hoc Networks, vol. 7, no. 8, pp. 1501–1514, 2009.
[8]
S. Zhong and F. Wu, “A collusion-resistant routing scheme for noncooperative wireless Ad Hoc networks,” IEEE/ACM Transactions on Networking, vol. 18, no. 2, pp. 582–595, 2010.
[9]
J. Jose, M. Princy, and J. Jose, “Integrity protecting and privacy preserving data aggregation protocols in wireless sensor networks: a survey,” International Journal of Computer Network and Information Security, vol. 5, article 66, 2013.
[10]
S. Zhong and F. Wu, “On designing collusion-resistant routing schemes for non-cooperative wireless ad hoc networks,” in Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, pp. 278–289, ACM, can, September 2007.
[11]
D. Bogdanov, R. Jagom?gis, and S. Laur, A Universal Toolkit for Cryptographically Secure Privacy-Preserving Data Mining, Intelligence and Security Informatics: Springer, 2012.
[12]
A. Gurevich and E. Gudes, “Privacy preserving data mining algorithms without the use of secure computation or perturbation,” in Proceedings of the 10th International Database Engineering and Applications Symposium (IDEAS '06), pp. 121–128, December 2006.
[13]
Y. Li, M. Chen, Q. Li, and W. Zhang, “Enabling multilevel trust in privacy preserving data mining,” IEEE Transactions on Knowledge and Data Engineering, vol. 24, pp. 1598–1612, 2012.
[14]
D. Shah and S. Zhong, “Two methods for privacy preserving data mining with malicious participants,” Information Sciences, vol. 177, no. 23, pp. 5468–5483, 2007.
[15]
J. Vaidya, Y. M. Zhu, and C. W. Clifton, Privacy Preserving Data Mining, Springer, 2006.
[16]
N. Abou-el-ela Abdou Hussien and H. A. Hamza, “Attacks on anonymization-based privacy-preserving: a survey for data mining and data publishing,” Journal of Information Security, vol. 4, no. 2, 2013.
[17]
Z. Hao, S. Zhong, and N. Yu, “A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability,” IEEE Transactions on Knowledge and Data Engineering, vol. 23, no. 9, pp. 1432–1437, 2011.
[18]
C. C. Aggarwal and S. Y. Philip, A General Survey of Privacy-Preserving Data Mining Models and Algorithms, Springer, 2008.
[19]
T. Chen and S. Zhong, “Privacy-preserving backpropagation neural network learning,” IEEE Transactions on Neural Networks, vol. 20, no. 10, pp. 1554–1564, 2009.
[20]
S. Zhong, “Privacy-preserving algorithms for distributed mining of frequent itemsets,” Information Sciences, vol. 177, no. 2, pp. 490–503, 2007.
[21]
L. Chen, J. J. Yang, and Q. Wang, “Privacy-preserving data publishing for free text Chinese electronic medical records,” in Proceedings of the IEEE 36th Annual Computer Software and Applications Conference (COMPSAC '12), pp. 567–572, 2012.
[22]
I. V. Goldberg, “Electronic medical records and patient privacy,” The Health Care Manager, vol. 18, no. 3, pp. 63–69, 2000.
[23]
S. Haas, S. Wohlgemuth, I. Echizen, N. Sonehara, and G. Müller, “Aspects of privacy for electronic health records,” International Journal of Medical Informatics, vol. 80, no. 2, pp. e26–e31, 2011.
[24]
A. R. Miller and C. Tucker, “Privacy protection and technology diffusion: the case of electronic medical records,” Management Science, vol. 55, no. 7, pp. 1077–1093, 2009.
[25]
Z. Hao, S. Zhong, and N. Yu, “A time-bound ticket-based mutual authentication scheme for cloud computing,” International Journal of Computers, Communications and Control, vol. 6, no. 2, pp. 227–235, 2011.
[26]
V. Oleshchuk, “Internet of things and privacy preserving technologies,” in Proceedings of the 1st International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace and Electronic Systems Technology, Wireless (VITAE '09), pp. 336–340, May 2009.
[27]
B. C. M. Fung, K. Wang, R. Chen, and P. S. Yu, “Privacy-preserving data publishing: a survey of recent developments,” ACM Computing Surveys, vol. 42, no. 4, article 14, 2010.
[28]
B. Zhou, J. Pei, and W. Luk, “brief survey on anonymization techniques for privacy preserving publishing of social network data,” ACM SIGKDD Explorations Newsletter, vol. 10, pp. 12–22, 2008.
[29]
J. Krumm, “A survey of computational location privacy,” Personal and Ubiquitous Computing, vol. 13, no. 6, pp. 391–399, 2009.
[30]
E. Magkos, “Cryptographic approaches for privacy preservation in location-based services: a survey,” International Journal of Information Technologies and Systems Approach, vol. 4, pp. 48–69, 2011.
[31]
S. A. Buckovich, H. E. Rippen, and M. J. Rozen, “Driving toward guiding principles: a goal for privacy, confidentiality, and security of health information,” Journal of the American Medical Informatics Association, vol. 6, no. 2, pp. 122–133, 1999.
[32]
J. A. Diaz, R. A. Griffith, J. J. Ng, S. E. Reinert, P. D. Friedmann, and A. W. Moulton, “Patients' use of the internet for medical information,” Journal of General Internal Medicine, vol. 17, no. 3, pp. 180–185, 2002.
[33]
L. J. Damschroder, J. L. Pritts, M. A. Neblo, R. J. Kalarickal, J. W. Creswell, and R. A. Hayward, “Patients, privacy and trust: Patients' willingness to allow researchers to access their medical records,” Social Science and Medicine, vol. 64, no. 1, pp. 223–235, 2007.
[34]
S. Zhong, Z. Yang, and R. N. Wright, “Privacy-enhancing k-anonymization of customer data,” in Proceedings of the 24th ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS '05), pp. 139–147, ACM, June 2005.
[35]
R. Agrawal and C. Johnson, “Securing electronic health records without impeding the flow of information,” International Journal of Medical Informatics, vol. 76, no. 5-6, pp. 471–479, 2007.
[36]
G. Szarvas, R. Farkas, and R. Busa-Fekete, “State-of-the-art anonymization of medical records using an iterative machine learning framework,” Journal of the American Medical Informatics Association, vol. 14, no. 5, pp. 574–580, 2007.
[37]
G. Loukides, A. Gkoulalas-Divanis, and B. Malin, “Anonymization of electronic medical records for validating genome-wide association studies,” Proceedings of the National Academy of Sciences of the United States of America, vol. 107, no. 17, pp. 7898–7903, 2010.
[38]
T.-S. Chen, C.-H. Liu, T.-L. Chen, C.-S. Chen, J.-G. Bau, and T.-C. Lin, “Secure Dynamic access control scheme of PHR in cloud computing,” Journal of Medical Systems, vol. 36, pp. 4005–4020, 2012.
[39]
A. Ferreira, R. Cruz-Correia, D. Chadwick, and L. Antunes, “Improving the implementation of access control in EMR,” in Proceedings of the 42nd Annual 2008 IEEE International Carnahan Conference on Security Technology (ICCST '08), pp. 47–50, October 2008.
[40]
N. Gunti, W. Sun, M. Xu, Z. Liu, M. Niamat, and M. Alam, “A healthcare information system with augmented access controls,” Web Technologies and Applications, vol. 7235, pp. 792–795, 2012.
[41]
L. D. Martino, Q. Ni, D. Lin, and E. Bertino, “Multi-domain and privacy-aware role based access control in eHealth,” in Proceedings of the 2nd International Conference on Pervasive Computing Technologies for Healthcare 2008, PervasiveHealth, pp. 131–134, February 2008.
[42]
S. Jieun and C. Myungae, “SHOES: secure healthcare oriented environement service model,” in Proceedings of the IEEE Biomedical Circuits and Systems Conference Healthcare Technology (BioCAS '06), pp. 89–93, December 2006.
[43]
J. Gardner and L. Xiong, “HIDE: an integrated system for health information DE-identification,” in Proceedings of the 21st IEEE International Symposium on Computer-Based Medical Systems (CBMS '08), pp. 254–259, June 2008.
[44]
X. Lin, R. Lu, X. Shen, Y. Nemoto, and N. Kato, “Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems,” IEEE Journal on Selected Areas in Communications, vol. 27, no. 4, pp. 365–378, 2009.
[45]
A. Shamir, Identity-Based Cryptosystems and Signature Schemes. Advances in Cryptology, Springer, 1985.
[46]
D. Boneh and M. Franklin, Identity-Based Encryption from the Weil Pairing. Advances in Cryptology-CRYPTO 2001, Springer, 2001.
[47]
S. Chatterjee and P. Sarkar, Identity-Based Encryption, Springer, 2011.
