Cloud computing allows functional separation between the resources used and the computing environment. This has enabled new business models and computing applications. It is estimated that cloud computing in healthcare will reach $5.4 billion by 2017. The switch to cloud is inevitable. While storing and processing medical data on the cloud offers great promise for increasing the efficiency of healthcare, it is not without challenges. Data security and privacy are major obstacles. Medical data transmitted in the network and processed in the cloud are vulnerable to a broad range of adversaries. Success of these new cloud applications depends on the security they can guarantee. Data breaches cost the U.S. healthcare industry nearly $7 billion annually. Ensuring patient confidentiality is a pressing need as computing becomes a service that allows anyone who possesses a networked device to upload data for fast processing and receive the results within minutes if not sooner; secure computing is hence required to expand the horizon of cloud computing.
To ensure confidentiality, encryption is usually employed, which encodes data to avoid content exposure to any party without access privilege. In such a scheme, any third party can be shielded from viewing either the data or the results during transmission. However, when encrypted data needs to be processed, e.g., object segmentation and recognition, its original form needs to be recovered via a decryption process. The intermediate decrypted data then becomes vulnerable to duplication and even alteration.
To address this security issue, this chapter describes our framework of encryption that enables image analysis of the encoded data based on homomorphic encryption. Homomorphic encryption systems allow computations to be performed on the ciphertext directly without having to decrypt them to plaintext. Such systems can form the building block of providing security to cloud computing applications. Our method for secure image processing is rooted in homomorphic encryption. It exploits the inherent parallelism present in the cloud and uses the residue number system to create multiple ciphertext shares. The computations can be done in parallel. In addition, the encryption is semi-perfectly secret. That is, the adversary gains no partial information about the plaintext from observing a subset of the ciphertext shares. Since homomorphic encryption systems allow computations to be performed on the ciphertext without a decryption process, images residing in the cloud will not be mapped into plaintext form, i.e., the decrypted original image, during the image processing operations. The processed images remain encrypted, and the results can only be revealed via decryption. The layer of encryption ensures the confidentiality of the images, and a second party is shielded from access to the original image, the intermediate data, and the processed results. Following this framework, data processed by any computing service is encrypted, and the results can be recovered via decryption of the processed data.
Online access to SPIE eBooks is limited to subscribing institutions.