Cryptography on Untrustworthy Cloud Storage for Healthcare Applications: A Performance Analysis

  • Lúcio H. A. Reis University Medical Centers University of Amsterdam / Universidade Federal Fluminense
  • Marcela T. de Oliveira University Medical Centers University of Amsterdam
  • James Bowden Hochschule für Technik und Wirtschaft
  • Dagmar Krefting Hochschule für Technik und Wirtschaft / University Medical Center
  • Sílvia D. Olabarriaga University Medical Centers University of Amsterdam
  • Diogo M. F. Mattos Universidade Federal Fluminense

Resumo


For cross-sectoral sharing of health data, cloud services provide benefits regarding the availability of relevant information in critical situations. Nevertheless, storing electronic health records in the cloud may impact patient’s privacy, since the cloud service provider might lack trustworthiness. Client-side cryptography mitigates the privacy risk by encrypting data in the user’s computational environment before transmitting them to the cloud. However, client-side cryptography raises performance concerns. This paper investigates Web Assembly and JavaScript solutions that enable client-side cryptography in web applications and compares their performance against server-side cryptography. We contextualize the study within two healthcare web applications: a prototype for patient record sharing during acute stroke care and an application for sharing data in sleep medicine treatment. Our results show that JavaScript and Web Assembly libraries add more time to encryption and decryption than server-side cryptography. However, due to the concurrency introduced by simultaneous users, the performance of server-side cryptography is worse than client-side, taking longer times to attend to the demand and requiring a larger infrastructure to be effective. Moreover, the JavaScript library asmCrypto and Web Assembly approaches perform better than other libraries and are feasible candidates for application development.
Palavras-chave: Cloud computing, Privacy, Prototypes, Medical services, Computer architecture, Systems engineering and theory, Libraries, Cloud, Web Application, Electronic Health Records, Security, Encryption
Publicado
22/11/2021
REIS, Lúcio H. A.; OLIVEIRA, Marcela T. de; BOWDEN, James; KREFTING, Dagmar; OLABARRIAGA, Sílvia D.; MATTOS, Diogo M. F.. Cryptography on Untrustworthy Cloud Storage for Healthcare Applications: A Performance Analysis. In: SIMPÓSIO BRASILEIRO DE ENGENHARIA DE SISTEMAS COMPUTACIONAIS (SBESC), 11. , 2021, Evento Online. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2021 . p. 48-55. ISSN 2237-5430.