1

1. INTRODUCTION

1.1 CLOUD COMPUTING

The cloud computing is a model for enabling convenient on demand, network access to
shared pool of resources (network, server, storage, application). The technology of distributed
data processing in which some scalable information resources and capacities are provided as a
service to multiple external customer through internet.
The main aim of cloud computing is move to desktop computer to service oriented
platform. The cloud computing application, data and resources are provide to users as a services
over the web. The service provided may be based on low in cost, massively scalable, on demand
based.

Figure1: Basic Cloud Storage Model

2

1.2 REASON FOR ADAPTING CLOUD COMPUTING

On Demand Service
A consumer can have a provision of computer capabilities, such as a server time and
network storage, as needed automatically without requiring human interaction with each service
provider.
Working from Anywhere
The cloud computing is a model driven methodology that provides configurable
computing resources over the internet service. The cloud resources can be accessed from
anywhere in the world.
Rapid Elasticity and Cost Saving
The cloud capabilities can rapidly scale in and out the resource quickly. The main goal of
cloud can eliminate the capital and operational cost. Because it provides various pooling of
resource.

1.3 USAGE OF CLOUD IN THE HOSPITAL
The hospital environment, have multiple computers that can be used in medical rooms.
Each room needs proper network accessibility, hardware and software which is used to upload,
store and retrieve the patient information or other medical data. The electronic patient health
record contains the overall history of a patient.
Scalability
Real time health records are generated. Each hospital must keep the medical records for
at least 15 years.
Mobility
Cloud can increasing the demand of physicians time. The physicians are needed to access
the patient record in a remote way. So that doctors can access the patient record easily and verify
the patient situation.

3

Sharing
Cloud computing can provide the better relationship between the patient and doctor. The
healthcare service provider can access the complete patient information easily through online.
The electronic medical record in used to reduce the repeat diagnostic tests, saving time, memory,
and patient stress.
Many organizations now using daily updatable or changeable data. For keeping data both
security and usability cloud computing provide the environment to store data on different cluster.
Various organizations (e.g., Hospital authorities, industries and government organizations etc)
freeing person specific data, which called as private sensitive information. They provide
information of privacy of persons. The preserving privacy is protecting for individual’s sensitive
information on a public platform. Unluckily de-identification of persons even by neglecting
denotative identity like name, SSN, Voter Id number and license number. Data anonymization is
the best way to preserve privacy over the personal privacy sensitive information. The data
anonymization approach is very efficient technique but if the scalability of the data set like
private sensitive information is increased the anonymization technique fails to preserve privacy.
So scalable big data privacy preservation in cloud can be provided.
The purpose of this project is to develop an environment to provide privacy over the
personable sensitive data. The Major aim of the work is to develop a tool for patients to give
medical care providers more insight into your personal health information. Main aim of privacy
is provide secure data and for external knowledge. This application can helps to view the
patient’s health records only for authorized persons.

4

2. LITERATURE REVIEW

2.1 INTRODUCTION
In this literature review journals related to Privacy preservation and file encryption
techniques are revised to get an idea to carry out the process of this project. The revised survey
papers are listed.
2.2 LITERATURE REVIEW
J. Xu, W. Wang, J. Pei, X. Wang, B. Shi, and A.W.C. Fu, “Utilitybased Anonymization
using Local Recording”. This paper explained the clustering techniques has been improved or
enhanced to achieve a privacy preservation in localrecoding anonymization. From the utility
privacy preservation perspective the local-recoding anonymization has been studied. It also uses
the top-down counterpart and a bottom-up greedy approach are together pit-forth based on the
cluster size, the agglomerative clustering technique and divisive clustering techniques get
enhanced.
B. C. M. Fung, K. Wang, R. Chen, and P. S. Yu, “Privacy-Preserving Data Publishing:
A Survey of Recent Developments”. In this paper Data privacy preservation has been
investigated extensively, existing approaches for local-recoding anonymization and models for
privacy are reviewed briefly. Also, the research for scalability issues in existing anonymization
approaches are surveyed shortly. To address the local-recoding anonymization as the k member
clustering problem where the cluster size should not be less than k in order to achieve k-
anonymity, For that the simple greedy algorithm are used.
Xu. Zha , D. Won, Chi .Yang, Jini .Chan, “Proximity Aware Local Recording
Anonymization with Map Reduce for Scalable Bigdata Preservation in Cloud”. In this paper
local recording for big data anonymization against proximity privacy sensitive information is
discussed. In proximity preservation used the two pharse clustering approach of t-ancestor
algorithm. This method used to improve the scalability and time efficiency.
Xuyun Zhang, Chi Yang, Surya Nepal, Chang Liu, Wanchun Dou, Jinjun Chen, “A
MapReduce Based Approach of Scalable Multidimensional Anonymization for Big Data
Privacy Preservation on Cloud”, Xuyun Zhang investigated the scalability issue of

5

multidimensional anonymization over big data on cloud. The main issues of bigdata is
scalability to finding the median of multidimensional partitioning, But ensuring privacy
preservation of large scale data sets still needs extensive investigation, it is integrated into
scalable and cost effective privacy preserving framework based on mapreduce method.
R. Sreedhar, Dm. Uma, “Bigdata Processing with Privacy Map Reduce Cloud”,
According to the author the privacy preservation techniques use k- anonmity approach. This
paper introduces the map reduce framework to anonymize large scale of dataset using two pharse
top down algorithm. In map reduce framework of optimum balanced scheduling method is used
to improve the privacy of sensitive dataset. In privacy preservation map reduce method it use the
TP-TDS approach to improve the scalability of individual dataset in sensitive field.
D.Chha, H.A.Girija, K. K. Raja, “Data Anonymization Technique for Privacy
Preservation on Map Reduce Framework”. Describe the author of data anonymization
technique to hide sensitive data in the cloud to avoid risk. The existing review paper of privacy
preservation used the k-anonymity approach with two pharse top down algorithm. In additional
use the method of I diversity is used to access the data conveniently in the cloud.
N. Ken, Y. Masa , S. Hisa , S. Yoshi , “Privacy Preservation Analysis Technique for
Secure, Cloud Based Bigdata Analysis”. In this paper describe the privacy preservation in the
cloud based on statistical analysis and some secure mechanism. Hitachi has describe a privacy
preserving analysis technique . In this technique is used to analyze data based on sequence steps
for privacy preserving analysis. Encryption technique is used in the common key searchable
method. It provide the efficient access between the user and cloud provider.
S. S. Bhanu, D. Sakthi , “A Review of Privacy Preservation Data Publishing the
Health Care”. In this paper describe the privacy preservation data publishing of electronic
medical record system are used. They are used two different techniques are anonymization and
encryption approach. The healthcare data uses some anonymization approach namely single
anonymization and multiple anonymization technique.
P.Ashi, S.Tejas, J.Srini, D.Sun, “Medical Application of Privacy Preservation by
Bigdata Analysis using Hadoop Map Reduce Framework”. In this paper describe the large
scale of data analysis at optimum response time. The author implement the privacy terms at
medical application by using hadoop frame work. The proposed system is divided into two major

6

components sensitive disclosure flag and sensitive weight. Classification algorithm is used to
indicate the efficiency of work.
K. Priyanka, P. Sneha, “Securing Personal Health Records in Cloud Using Attribute
Based Encryption”. According to the author his aim is secure access of personal health records
based on attribute based encryption. In PHR scenario there are multiple security mechanism,
particularly CD-ABE and MA-ABE approach are used. The security mechanism is used to
transmit the personal health records securely.
Zhang X, Liu C, Nepal S, Pandey S, Chen J. ” A Privacy Leakage Upper Bound
Constraint-Based Approach for Cost-Effective Privacy Preserving of Intermediate Data
sets in Cloud”. In this paper, proposed an approach that identifies which part is intermediate of
datasets. And its needs to be encrypted. Generate a tree structure based on relationship between
the intermediate datasets to analyze privacy propagation among datasets. Main problem of
existing system is analyze the intermediate dataset. Because it is need the intensive investigation.
Contributions of this paper, planning to investigate privacy. Efficient scheduling of intermediate
datasets in cloud take privacy preserving. Optimized balanced scheduling strategies are expected
to developed highly efficient privacy aware dataset scheduling.
G. Aggarwal, R. Panigrahy, T. Feder, D. Thomas, K. Kenthapadi, S. Khuller, and A. Zhu
published paper on “Achieving Anonymity via Clustering”. This paper explained Existing
clustering approach for local-recoding anonymization mainly concentrate on record linkage
attacks mainly under the k-anonymity privacy model, without any importance to privacy
breaches incurred by sensitive attribute linkage. Relatively propose a constant factor
approximation algorithm for two clustering based anonymization problem, ie, r-GATHER and r-
CELLULAR CLUSTERING, here the centers for clusters are published without generalization
or suppression.
2.3 SUMMARY

Literature survey is most important part of the thesis that helps to improve the analysis
and it provides many statistic and strategies were followed by various research persons. It gives
multiple angles for a specified technique to analyze the research topic. In this literate review the
concepts are revised and it gives clarity to apply the technique on this research.

7

3. PROBLEM DEFINITION

In cloud computing, all the user data are stored in the cloud resources. The results are
distributed to the user through the network when they needed. Most of the industrial data stored
in cloud computing, but cannot predict all stored data must have secured, hence most of cloud
data are encrypted. Even more encryption algorithm invented, sensitive information can leak if
that one key is leaked so, less secure. Most of the encryption key is managed by cloud providers,
so providers may break all information. This can bring considerable economic loss or severe
social reputation impairment to data owners.
As such, sharing or releasing privacy-sensitive data sets to third-parties in cloud will
bring about potential privacy concerns, and therefore requires strong privacy preservation. The
problems identified from the existing approaches are analyzed for privacy preserving and
scalability. Some importance will gave to the local recoding technique for the record linkage
attacks over the data sets.

8

4. METHODOLOGY

This system is mainly concentrated on anonymization method with is used to provide
privacy to the dataset so that the attacker will not gain any sensitive information about the
individuals. Anonymization is the best method to provide privacy when compared to the other
methods like randomization, perturbation etc. Anonymization can be done in many ways, there
are several tools available to perform anonymization. Health care and financial data are very
sensitive. There are many methods to provide privacy to the dataset. The objective of this system
is to run the k-anonymity method.
A hospital dataset which contains the patient’s information with attributes of Patient id,
Patient Name, Age, Sex and disease as shown in table 1. In this table, Name attribute is the
personal identification, Disease is the sensitive attribute. If suppose we want to provide the
privacy of the data set, the patient consultancy field of a table is removed and it will be modified
to another table as follows.

Name Patient Id Age Sex Disease
Alice 47677 29 M Ovarian Cancer
Boby 47678 22 M Ovarian Cancer
Peter 47602 27 M Prostate Cancer
Emelee 47909 43 M Flu
Holdon 47905 32 F Heart Disease
Cloyce 47906 47 M Heart Disease

Table 1: Patient dataset.

9

Zipcode Age Sex Disease
47677 29 M Ovarian Cancer
47678 22 M Ovarian Cancer
47602 27 M Prostate Cancer
47909 43 M Flu
47905 32 F Heart Disease
47906 47 M Heart Disease

Table 2: Patient dataset after removing Name attribute

So removing the personal identification information will not provide complete privacy to
the data. To provide privacy to the dataset first we have to remove the personal Identification
information and then we have to anonymize the quasi identifiers. The sensitive attributes should
always be released directly because researcher’s want this information. Different privacy
preserving methods have been proposed. To anonymize the quasi-identifiers, K-anonymity.

4.1 K-ANONYMITY

This approach is as follows: The information for each person contained in the released
dataset cannot be distinguished from at least k-1 individuals whose information also appears in
the data. For example: if an attacker with the only information of birthdates and gender is trying
to identify a person in the released dataset. There are k persons in the table with the same birth
date and gender. In k anonymity any quasi-identifier present in the released table must appear in
at least k records. The goal of K-anonymity is to make each record indistinguishable from at
least k-1 other records. These K records form an equivalence class.

10

K-anonymity uses generalization and suppression. Using generalization, k anonymity
replaces specific quasi-identifiers with less specific values until it gets K identical values. And it
uses suppression when generalization causes too much information loss, which is referred as
outliers. Form the table 1 we have 3 quasi-identifiers which can be generalized as shown in the
figure 1

Figure 1: Generalization on Quasi-identifiers like patient id, age and sex

By applying k=2 anonymity and quasi-identifier { patient id , Age, sex} on table 2 we
will get the new table 3. Now if we compare table 2 and table 3 it is difficult for an outsider to
find the sensitive information because there are three people with generalized patient id and age.
In table 3 first three records form one equivalence class and last two records are another
equivalence class.

Table 3: k-anonymity on table 2

Zipcode Age Sex Disease
476** 2* M OvarianCancer
476** 2* M OvarianCancer
476** 2* M ProstateCancer
479** 3* F HeartDisease
479** 4* M Flu
479** 4* M HeartDisease

11

Any records which has not come into any equivalence class should be suppressed. In this
table record 4 will not fall into any of the equivalence class so it should be suppressed. By
applying the generalization and suppression to all fields on table 3 it results to another Table 5.

table 4 : Generalization and suppression

The problem with the k-anonymity is, it will not provide privacy if sensitive values in an
equivalence class lack diversity and also if the attacker has background knowledge. Consider
Table 4 the first 3 records which form an equivalence class have the same sensitive attribute
values where there is no privacy and attacker can direct to gain the information. And last three
records if attacker has some background knowledge about the person (ex. The person father is a
heart patient) then this information may be useful for the attacker to gain the sensitive
information.

4.2 Triple DES Algorithm

Triple DES is another mode of DES operation. It takes three 64-bit keys, for an overall
key length of 192 bits. In Stealth, you simply type in the entire 192-bit (24 character) key rather
than entering each of the three keys individually. The Triple DES DLL then breaks the user-
provided key into three sub keys, padding the keys if necessary so they are each 64 bits long.
Zipcode Age Sex Disease
476** 2* M OvarianCancer
476** 2* M OvarianCancer
476** 2* M ProstateCancer
* * * *
479** 4* M Flu
479** 4* M Heart Disease
Equivalence
Class
Equivalence
Class
Suppressed
Record

12

The procedure for encryption is exactly the same as regular DES, but it is repeated three
times, hence the name Triple DES. The data is encrypted with the first key, decrypted with the
second key, and finally encrypted again with the third key.
Triple DES runs three times slower than DES, but is much more secure if used properly. The
procedure for decrypting something is the same as the procedure for encryption, except it is
executed in reverse. Like DES, data is encrypted and decrypted in 64-bit chunks.
Although the input key for DES is 64 bits long, the actual key used by DES is only 56
bits in length. The least significant (right-most) bit in each byte is a parity bit, and should be set
so that there are always an odd number of 1s in every byte. These parity bits are ignored, so only
the seven most significant bits of each byte are used, resulting in a key length of 56 bits. This
means that the effective key strength for Triple DES is actually 168 bits because each of the
three keys contains 8 parity bits that are not used during the encryption process.

The process of encryption is as follows –
1. Encrypt the data using DES Algorithm with the help of first key.
2. Now, decrypt the output generated from the first step using DES Algorithm with the help
of second key.
3. Finally, encrypt the output of second step using DES Algorithm with the help of third
key.
The decryption process of any cipher text that was encrypted using Triple DES Algorithm is the
reverse of the encryption process i.e.,
1. Decrypt the cipher text using DES Algorithm with the help of third key.
2. Now, encrypt the output generated from the first step using the DES Algorithm with the
help of second key.
3. Finally, decrypt the output of the second step using DES Algorithm with the help of first
key.
The process of encrypt – decrypt – encrypt help complexing things and securing the data.
The three keys can also be same or two of them can be same. But it is recommended to use all
the three keys different.

13

4.3 SYSTEM SPECIFICATION

Hardware Specification
Processor : Intel Pentium i3.
RAM : 4GB
Hard drive : 500 GB
Monitor : 17″ Flat L.G color SVGA
Keyboard : Multimedia keyboard
Mouse : Optical scroll mouse

Software Specification
Operating System : Windows XP and Above
Front-End : ASP.Net 2010
Database Server : Microsoft SQL Server
Application Server : IIS

14

4.4 SOFTWARE DESCRIPTION
ASP.NET
ASP.NET is more than the next version of Active Server Pages (ASP), it is a unified web
development platform that provides the services necessary for developers to build enterprise-
class web applications. While ASP.NET is largely syntax compatible with ASP, it also provides
a new programming model and infrastructure for more secure, scalable, and stable applications.
User can feel free to augment user existing ASP applications by incrementally adding ASP.NET
functionality to them.
ASP.NET is a compiled, NET-based environment; user can author applications in any
.NET compatible language, including Visual Basic .NET, C#, and JScript .NET. Additionally,
the entire .NET Framework is available to any ASP.NET application runtime environment, type
safety, inheritance, and so on.
ASP.NET has been designed to work seamlessly with WYSIWYG (What you see is what
you get) HTML editors and other programming tools, including Microsoft Visual Studio .NET.
Not only does this make web development easier, but it also provides all the benefits that these
tools have to offer, including a GUI that developers can use to drop server controls onto a web
page and fully integrated debugging support.
Developers can choose from the following two features when creating an ASP.NET
application, web Forms and web services, or combine these in any way they see fit. Each is
supported by the same infrastructure that allows user to use authentication schemes, cache
frequently used data, or customize user application’s configuration, to name only a few
possibilities.

15

ADO.NET
ADO.NET provides consistent access to data sources such as Microsoft Access, as well
as data sources exposed via OLEDB. Data sharing consumer applications can use ADO.NET to
connect to these data sources and retrieve, manipulate and update data.
ADO.NET cleanly factors data access from data manipulation into discrete component
that can be separately or in random. ADO.NET includes .NET data providers for connecting to
the database, executing commands, and retrieving results.
Features of ASP.NET
? Web forms allows user to build powerful forms based web pages. When building these
pages, user can use ASP.NET server controls to create common GUI elements and program
them for common tasks.
? Using web services, business can expose programmatic interfaces to their data or business
logic which in turn can be obtained and manipulated by client-server or server-server
scenarios.
? If users have ASP development skills, the ASP.NET programming model will be seem very
familiar to user however the ASP.NET object model has changed significantly from ASP,
making it more structured and object-oriented.
? ASP.NET provides easy-to-use application and session – state facilities that are familiar to
ASP developers.
? ASP.NET code is compiled, rather than interpreted, which allow early binding, strong typing
and just-in-time (JIT) compilation to native code to name only a few of its benefits.

16

SQL Server

Microsoft SQL Server is a relational database server, developed by Microsoft. It is a
software product whose primary function is to store and retrieve data as requested by other
software applications, be it those on the same computer or those running on another computer
across a network (including the Internet).
There are at least a dozen different editions of Microsoft SQL Server aimed at different
audiences and for different workloads (ranging from small applications that store and retrieve
data on the same computer, to millions of users and computers that access huge amounts of data
from the Internet at the same time).
Microsoft SQL Server is an application used to create computer databases for the
Microsoft Windows family of server operating systems. Microsoft SQL Server provides an
environment used to generate databases that can be accessed from workstations, the Internet, or
other media such as a personal digital assistant (PDA).
Whenever a query is submitted to SQL Server, the SQL engine must make decisions
about how to go about retrieving the data for the user. Inside the SQL Server query processing
engine, there is a section of code called the query optimizer whose function is to find the most
efficient means of retrieving data at that particular time. This query optimizer compares different
possible methods of retrieving the data (called execution plans) and then chooses one. Once this
is done, the query engine goes about using this plan to retrieve the data requested by the query.
In any database system, returning data to the client must be done as efficiently and
quickly as possible to minimize contention. If the database server spends an inordinate amount of
time processing one query, the performance of other queries will suffer. In order for the server to
find the most efficient method of satisfying the query, it must spend resources examining the
query and comparing different methods of retrieving the data. This overhead, however, is often
returned to the user in overall time savings when the most efficient method of satisfying the
query is chosen. This is similar to climbing an unfamiliar mountain.
There are different types of query optimizers used in various relational database
management systems. Microsoft SQL Server uses a “cost-based” query optimizer in determining
which of the various methods of retrieving data it will pick and send to the query engine. A cost-
based optimizer assigns a cost to each method of retrieving data based on the resources required

17

to process the query. Processor time, disk I/O, etc. are all assigned costs based on the number of
rows that must be examined in a particular operation.
Once the optimizer has assigned the costs, it sums up the total cost for each execution
plan that was investigated. Based on the design of the system, the query optimizer chooses an
execution plan, which is then sent to the query engine for processing. SQL Server does not
always choose the execution plan with the lowest total resource cost as one might expect.
Instead, SQL Server is designed to pick the execution plan that is reasonably close to the
theoretical minimum and will return results to the client as quickly as possible with a reasonable
cost. The definition of reasonable will change as conditions within the SQL Server and the load
changes. This results in a dynamic, efficient query optimizer that delivers some of the best
performance in the industry.

18

5. STRUCTURAL DESIGN

5.1 INPUT DESIGN
The input to the system was designed So that the required information can be collected
and corrected quickly. The data collected are entered into the system through input screens, when
a data is to be entered the description of the data is displayed at the bottom of the screen.
Input design is given through selection-based links. The input design is the process of
converting an external user oriented description of the input to a system in to a machine-oriented
format. Data processing involves the usage of accurate data. Errors entered by the data entry
operation can be controlled by the input design. The goal of designing input data is to make data
entry an easy operation. An efficient input designing will avoid the frequent occurrence of
errors.
? To provide a cost effective method of input.
? To achieve the highest possible level of accuracy.
? To ensure that the input is acceptable to and understood by the user.
In this system following input screens are designed to get user’s information.
? Authentication
? Patient Details
? Staff details
? Privacy details
? Staff registration
? Patient Registration
Authentication
Authentication screen provide the security to the system. It get username and password
from the users.
Patient Details
Patient details screen is used to get the patient details and it includes the details of patient
id, name, address, contact, email. Admin can enter the details of the patient and admin only have
permission to add, edit and delete permissions.

19

Staff Details
Staff details screen is used to get the staff details and it includes the details of staff id,
name, address, contact, email and department. Admin can enter the details of the staff and admin
only have permission to add, edit and delete permissions.
Privacy Details
Privacy details screen get sensitive information from the admin. In this screen admin can
enter privacy data of the patient. This screen includes the details of the patient id, consultation
date and medical history. These details are encrypted on this screen.
Staff Registration
Staff registration screen allow staff to register on this site. In this screen staff can enter
staff id, it will show staff name and it get the username and password from the staff.
Patient Registration
Patient registration screen allow Patient to register on this site. In this screen patient can
enter patient id, it will show patient name and it get the username and password from the patient.

5.2 OUTPUT DESIGN
The ultimate goal of the development of the system is to produce effective outputs. In
output design, it is determined how the information is to be displayed for immediate need. It is
the most important and direct source of information to the user. Efficient and intelligent output
design improves the system’s relationships with the user and help in decision making.
This system produces following reports.
? Patient Details
? Privacy Details
Patient Details
Patient details screen is used to display the patient details and it includes the details of
patient id, name, address, contact, email. All users can see this report.
Privacy Details
Privacy details screen shows the sensitive information. In this screen admin and user can
view privacy data and their medical history. These details are decrypted and download by the
patient.

20

5.3 DATABASE DESIGN
Database design is the process of producing a detailed data model of a database. This data
model contains all the needed logical and physical design choices and physical storage
parameters needed to generate a design in a data definition language, which can then be used to
create a database. A fully attributed data model contains detailed attributes for each entity. The
term database design can be used to describe many different parts of the design of an
overall database system. Principally, and most correctly, it can be thought of as the logical design
of the base data structures used to store the data. In the relational model these are the tables
and views. In an object database the entities and relationships map directly to object classes and
named relationships. However, the term database design could also be used to apply to the
overall process of designing, not just the base data structures, but also the forms and queries used
as part of the overall database application within the database management system (DBMS).
The process of doing database design generally consists of a number of steps which will be
carried out by the database designer. Usually, the designer must:
? Determine the data to be stored in the database.
? Determine the relationships between the different data elements.
? Superimpose a logical structure upon the data on the basis of these
relationships.

Table Name : Doctor
Primary Key : Dcode

Field Name Data Type Size Description
Dcode Varchar 5 Doctor Code
Dname Varchar 30 Doctor name
Special Varchar 50 Specialization
Cont Varchar 15 Contact
Email Varchar 30 Email

21

Table Name : Patient
Primary Key : Patid

Field Name Data Type Size Description
Patid Varchar 5 Patient Id
Pname Varchar 30 Patient name
Dob DateTime 8 Date of Birth
Gender Varchar 7 Gender
Cont Varchar 15 Contact
Addr Varchar 150 Address
Email Varchar 30 Email Id

Table Name : Staff
Primary Key : staffed

Field Name Data Type Width Description
StaffId Varchar 5 Staff Id
Sname Varchar 30 Staff name
Desi Varchar 30 Designation
Cont Varchar 15 Contact
Email Varchar 30 Email Id

Table Name : regtable

Field Name Data Type Width Description
Uname Varchar 30 Username
Pwd Varchar 30 Password
Utype Varchar 30 User Type(Staff or patient)
Uid Varchar 5 User Id

22

Table Name : metadata
Reference Key : Patid

Field Name Data Type Width Description
Patid Varchar 5 Patient Id
Condate DateTime 8 Consulting date
Dcode Varchar 5 Doctor code
Condet Varchar 300 Consultation details

5.4 Entity Relationship Diagram

Patient
PatientId pname
Doctor
Dcode Dname
metadata
PatientId Dcode

Admin

Dcode

23

5.5 Data Flow Diagram

Product
Mainte
nance

Stores Admin
Meta Data
User
Registration

Stores

Patient

Register Doctor

View

24

6. RESULTS AND DISCUSSION

A triple DES algorithm is followed in the proposed system. Since a three level security
mechanism is used to encrypt the patient diagnostics file. The encrypted file is uploaded
successfully to the cloud. From the cloud, patient receiver can download the data which is the
form of cipher text. Each patient then decrypts the cipher text to the original data.
Any number of patient, doctor and staff can be registered first. Then all the register details
are stored in the cloud. Once the user registered, each time they can access the details based on
id. Only the registered users can access the file, otherwise they are not allowed to access site. K-
anonymity algorithm is used to protect the privacy information.

Fig 6.1 Upload Privacy File

25

Fig 6.2 Download Privacy File

26

7. CONCLUSION AND FUTURE WORK
Privacy is very important to protect the sensitive data from the attacker. To provide
privacy to the data anonymization methods can be used. In this system is done by using K-
anonymity method and Triple DES algorithm using .net. These techniques are applied in the
hospital domain and its works efficiently and secure patient data are shared with in the hospital
environment. In Future the system will add advance security techniques to used patient details.

27

8. REFERENCES

1 Dr.Kumar saurah, “cloud computing”, Wiley india pvt Ltd,First Edition.

2 J. Xu, W. Wang, J. Pei, X. Wang, B. Shi, and A. W. C. Fu, “Utility based Anonymization
using Local Recoding” KDD’06,Aug 2006

3 B. C. M. Fung, K. Wang, R. Chen, and P. S. Yu, “Privacy-Preserving Data Publishing: A
Survey of Recent Developments”, ACM Computing Surveys, Vol. 42, No. 4, Article 14,
Publication date: June 2010.

4 Xu. Zha , D. Won, Chi .Yang, Jini .Chan, “Proximity Aware Local Recording
Anonymization with Map Reduce for Scalable Bigdata Preservation in Cloud”, IEEE
TRANSACTIONS ON COMPUTERS, TC-2013-12-0869

5 Xuyun Zhang, Chi Yang, Surya Nepal, Chang Liu, Wanchun Dou, Jinjun Chen, “A Map
Reduce Based Approach of Scalable Multidimensional Anonymization for Big Data
Privacy Preservation on Cloud”, IEEEE TRANSACTIONS CGC 2013

6 R. Sreedhar, Dm. Uma, “Big data Processing with Privacy Map Reduce Cloud”, IJIRS
Volume 3, Special Issue 1, February 2014.

7 D.Chha, H.A.Girija, K. K. Raja, “Data Anonymization Technique for Privacy
Preservation on Map Reduce Framework”, ISSN Volume -3, Issue-1 2015

8 N. Ken, Y. Masa , S. Hisa , S. Yoshi , “Privacy Preservation Analysis Technique for
Secure, Cloud Based Bigdata Analysis” Review Vol. 63 (2014), No. 9.

9 S. S. Bhanu, D. Sakthi , table “A Review of Privacy Preservation Data Publishing the
Health Care”, Int J Pharm Bio Sci 2016 Oct ; 7(4).

28

10 P.Ashi, S.Tejas, J.Srini, D.Sun, ” Medical Application of Privacy Preservation by
Bigdata Analysis using Hadoop Map Reduce Framework”, ISSN (Print): 2319-2526, Volume
-4, Issue -4, 2015

11 K. Priyanka, P. Sneha, “Securing Personal Health Records in Cloud Using Attribute
Based Encryption” ISSN: 2249 – 8958, Volume-2, Issue-4, April 2013.

12 Zhang X, Liu C, Nepal S, Pandey S, Chen J. ” A Privacy Leakage Upper Bound
Constraint-Based Approach for Cost-Effective Privacy Preserving of Intermediate Data
sets in Cloud”, IEEE VOL. 24, NO. 6, JUNE 2013

13 G. Aggarwal, R. Panigrahy, T. Feder, D. Thomas, K. Kenthapadi, S. Khuller, and A. Zhu,
“Achieving Anonymity via Clustering”, ACM Transactions on Algorithms June 2010
DOI:10.1145

14 Abraham Silbarschatz, “Database System Concepts”, Tata MC-Graw Hill Companies,
Third Edition.

15 Chutney Heber, “ASP.Net”, Addison Wesley Publications, January 1996.

16 Donfox, “Pure ASP.Net”, BPB Publications, First Edition.

17 David Soloman, “Sams Teach Yourself Asp.Net in 21 days”, Crimpson Publications,
Second Edition March 2001.

18 William Stallings, “Cryptography and Network Security”, Pearson Publication, Fourth
Edition,
19 Elias. M. Award, “System Analysis and Design”, Golgatia Publications, Second Edition.
Websites
? www.msdn.microsoft.com
? www.w3schools.com

29