Enhancing Data Security in Healthcare 4.0 Using Selective Encryption
摘要
With the frequency of cyberattacks increasing in Health 4.0, a growing concern over the security and privacy of Electronic Health Records (EHR) in medical cyber-physical systems (MCPS) has arisen. Most classical encryption algorithms mostly deal with defending against exposure attacks on encryption keys and, hence, leave themselves exposed to such attacks. To counteract this threat, we introduce a secure data storage and sharing solution that combines selective encryption, fragmentation, and dispersion to provide data privacy, even under key or cloud compromise scenarios. The system encrypts only the most sensitive EHR fragment via AES-128, whereas public fragments are safeguarded through a lightweight hashing and XOR-based method, incurring minimal computational overhead. In addition, Shamir’s Secret Sharing (SSS) is used to share the encryption key between multiple parties such that no one can recover it in unauthorized form. The key is reconstructed using Lagrange’s interpolation, allowing authorized users to recover it. Through the use of decentralized key management and user-controlled access to data, the proposed solution presents a highly secure, scalable, and efficient solution for protecting EHR data within cloud-based healthcare settings.