Searchable Encryption for Healthcare Clouds: A Survey

Outsourcing medical data and their search services to a third party cloud have been a popular trend for many medical practices, because using healthcare cloud services can help cut down the cost of Electronic Health Records (EHR) systems in terms of front-end ownership cost and IT maintenance burdens. Healthcare cloud applications need searchable encryption with the following two capabilities for protecting data privacy and access privacy: (1) the healthcare providers need to share the encrypted data with authorized users and enable querying over encrypted data, and (2) they also need to keep the query keywords and associated search operations private such that healthcare data hosting service providers cannot gain access to unauthorized content or trace and infer sensitive data stored in the healthcare cloud. This survey paper describes the notion of searchable encryption (SE) in the context of healthcare applications and characterize the SE use cases into four scenarios in healthcare. Then we provide a comprehensive overview of the four representative SE techniques: searchable symmetric encryption (SSE), public key encryption with keyword search (PEKS), attribute-based encryption with keyword search (ABKS), and proxy re-encryption with keyword search (PRES) according to different EHR retrieving scenarios and requirements. We categorize and compare the different SE schemes in terms of their security, efficiency, and functionality. The survey is designed to benefit both experienced researchers in the computer science (CS) field and non-specialists who are domain scientists or healthcare professionals with limited CS and information security background. Thus, we are in favor of technological overview of the state of art searchable encryption models and the underlying key techniques, instead of detailed proofs and constructions of the respective SE algorithms. We describe how the existing SE schemes relate to and differ from one another, and point out the connections between the SE techniques and the security and privacy requirements of healthcare applications and the open research problems.