FLHB-AC: Federated Learning History-Based Access Control Using Deep Neural Networks in Healthcare System
محورهای موضوعی : Data MiningNasibeh Mohammadi 1 , Afshin Rezakhani 2 , Hamid Haj Seyyed Javadi 3 , Parvaneh asghari 4
1 - Department of Computer Engineering, Islamic Azad University, Boroujerd Branch, Borujerd, Iran
2 - Department of Computer Engineering, Faculty of Engineering, Ayatollah Boroujerdi University, Boroujerd, Iran
3 - Department of Computer engineering, Shahed University, Tehran, Iran
4 - Department of Computer Engineering, Central Tehran Branch, Islamic Azad University, Tehran, Iran
کلید واژه: Healthcare System, History-based Access control, Intelligent Module, Deep Recurrent Networks, Federated Learning ,
چکیده مقاله :
Giving access permission based on histories of access is now one of the security needs in healthcare systems. However, current access control systems are unable to review all access histories online to provide access permission. As a result, this study first proposes a method to perform access control in healthcare systems in real time based on access histories and the decision of the suggested intelligent module. The data is used to train the intelligent module using the LSTM time series machine learning model. Medical data, on the other hand, cannot be obtained from separate systems and trained using different machine-learning models due to the sensitivity and privacy of medical records. As a result, the suggested solution employs the federated learning architecture, which remotely performs machine learning algorithms on healthcare systems and aggregates the knowledge gathered in the servers in the second phase. Based on the experiences of all healthcare systems, the servers communicate the learning aggregation back to the systems to control access to resources. The experimental results reveal that the accuracy of history-based access control in local healthcare systems before the application of the suggested method is lower than the accuracy of the access control in these systems after aggregating training with federated learning architecture.
Giving access permission based on histories of access is now one of the security needs in healthcare systems. However, current access control systems are unable to review all access histories online to provide access permission. As a result, this study first proposes a method to perform access control in healthcare systems in real time based on access histories and the decision of the suggested intelligent module. The data is used to train the intelligent module using the LSTM time series machine learning model. Medical data, on the other hand, cannot be obtained from separate systems and trained using different machine-learning models due to the sensitivity and privacy of medical records. As a result, the suggested solution employs the federated learning architecture, which remotely performs machine learning algorithms on healthcare systems and aggregates the knowledge gathered in the servers in the second phase. Based on the experiences of all healthcare systems, the servers communicate the learning aggregation back to the systems to control access to resources. The experimental results reveal that the accuracy of history-based access control in local healthcare systems before the application of the suggested method is lower than the accuracy of the access control in these systems after aggregating training with federated learning architecture.
[1] Haux, R. Health information systems–past, present, future. International journal of medical informatics, 75(3-4), 268-281, 2006.
[2] Ravidas, S., Lekidis, A., Paci, F., & Zannone, N. Access control in Internet-of-Things: A survey. Journal of Network and Computer Applications, 144, 79-101, 2019.
[3] Ding, S., Cao, J., Li, C., Fan, K., & Li, H. A novel attribute-based access control scheme using blockchain for IoT. IEEE Access, 7, 38431-38441, 2019.
[4] Hu, V. C., Kuhn, D. R., Ferraiolo, D. F., & Voas, J. Attribute-based access control. Computer, 48(2), 85-88, 2015.
[5] Wouters, O. J., Shadlen, K. C., Salcher-Konrad, M., Pollard, A. J., Larson, H. J., Teerawattananon, Y., & Jit, M. Challenges in ensuring global access to COVID-19 vaccines: production, affordability, allocation, and deployment. The Lancet, 397(10278), 1023-1034, 2021.
[6] Hu, V. C., Ferraiolo, D., Kuhn, R., Friedman, A. R., Lang, A. J., Cogdell, M. M., ... & Scarfone, K. Guide to attribute-based access control (abac) definition and considerations (draft). NIST special publication, 800(162), 1-54, 2013.
[7] Zaremba, W., Sutskever, I., & Vinyals, O. Recurrent neural network regularization. arXiv preprint arXiv:1409.2329, 2014.
[8] Sherstinsky, A. (2020). Fundamentals of recurrent neural network (RNN) and long short-term memory (LSTM) network. Physica D: Nonlinear Phenomena, 404, 132306, 2020.
[9] Salehinejad, H., Sankar, S., Barfett, J., Colak, E., & Valaee, S. Recent advances in recurrent neural networks. arXiv preprint arXiv:1801.01078, 2017.
[10] Lipton, Z. C., Berkowitz, J., & Elkan, C. A critical review of recurrent neural networks for sequence learning. arXiv preprint arXiv:1506.00019, 2015.
[11] Zhang, C., Xie, Y., Bai, H., Yu, B., Li, W., & Gao, Y. A survey on federated learning. Knowledge-Based Systems, 216, 106775, 2021.
[12] Aledhari, M., Razzak, R., Parizi, R. M., & Saeed, F. Federated learning: A survey on enabling technologies, protocols, and applications. IEEE Access, 8, 140699-140725, 2020.
[13] Dhanvijay, M. M., & Patil, S. C. Internet of Things: A survey of enabling technologies in healthcare and its applications. Computer Networks, 153, 113-131, 2019.
[14] Alam, M. M., Malik, H., Khan, M. I., Pardy, T., Kuusik, A., & Le Moullec, Y. A survey on the roles of communication technologies in IoT-based personalized healthcare applications. IEEE Access, 6, 36611-36631, 2018.
[15] Wang, H., Zhang, X., Xia, Y., & Wu, X. An intelligent blockchain-based access control framework with federated learning for genome-wide association studies. Computer Standards & Interfaces, 84, 103694, 2023.
[16] Shojafar, M., Mukherjee, M., Piuri, V., & Abawajy, J. Guest editorial: Security and privacy of federated learning solutions for industrial IoT applications. IEEE Transactions on Industrial Informatics, 18(5), 3519-3521, 2021.
[17] Mazzocca, C., Romandini, N., Colajanni, M., & Montanari, R. FRAMH: A Federated Learning Risk-Based Authorization Middleware for Healthcare. IEEE Transactions on Computational Social Systems, 2022.
[18] Bhansali, P. K., Hiran, D., Kothari, H., & Gulati, K. Cloud-based secure data storage and access control for the internet of medical things using federated learning. International Journal of Pervasive Computing and Communications, (ahead-of-print), 2022.
[19] Dhiman, G., Juneja, S., Mohafez, H., El-Bayoumy, I., Sharma, L. K., Hadizadeh, M., ... & Khandaker, M. U. Federated learning approach to protect healthcare data over big data scenario. Sustainability, 14(5), 2500, 2022.
[20] Jabal, A. A., Bertino, E., Lobo, J., Verma, D., Calo, S., & Russo, A. FLAP--A Federated Learning Framework for Attribute-based Access Control Policies. arXiv preprint arXiv:2010.09767, 2020.
[21] Ghimire, B., & Rawat, D. B. Recent advances on federated learning for cybersecurity and cybersecurity for federated learning for internet of things. IEEE Internet of Things Journal, 2022.
[22] Savazzi, S., Nicoli, M., Bennis, M., Kianoush, S., & Barbieri, L. Opportunities of federated learning in connected, cooperative, and automated industrial systems. IEEE Communications Magazine, 59(2), 16-21, 2021.
[23] Geng, J., Kanwal, N., Jaatun, M. G., & Rong, C. DID-eFed: Facilitating Federated Learning as a Service with Decentralized Identities. In Evaluation and Assessment in Software Engineering (pp. 329-335), 2021.
[24] Alam, T., & Gupta, R. Federated Learning and Its Role in the Privacy Preservation of IoT Devices. Future Internet, 14(9), 246, 2022.
[25] Kim, T. Y., & Cho, S. B. Optimizing CNN-LSTM neural networks with PSO for anomalous query access control. Neurocomputing, 456, 666-677, 2021.
[26] Ye, X., Yu, Y., & Fu, L. Multi-Channel Opportunistic Access for Heterogeneous Networks Based on Deep Reinforcement Learning. IEEE Transactions on Wireless Communications, 21(2), 794-807, 2021.
[27] Otoum, Y., Liu, D., & Nayak, A. DL‐IDS: a deep learning–based intrusion detection framework for securing IoT. Transactions on Emerging Telecommunications Technologies, 33(3), e3803, 2022.
[28] Kumar, A., Abhishek, K., Bhushan, B., & Chakraborty, C. Secure access control for manufacturing sector with application of ethereum blockchain. Peer-to-Peer Networking and Applications, 14(5), 3058-3074, 2021.
[29] Zhong, H., Zhou, Y., Zhang, Q., Xu, Y., & Cui, J. An efficient and outsourcing-supported attribute-based access control scheme for edge-enabled smart healthcare. Future Generation Computer Systems, 115, 486-496, 2021.
[30] Kumar, R., & Tripathi, R. Scalable and secure access control policy for healthcare system using blockchain and enhanced Bell–LaPadula model. Journal of Ambient Intelligence and Humanized Computing, 12(2), 2321-2338, 2021.
[31] Egala, B. S., Pradhan, A. K., Badarla, V., & Mohanty, S. P.Fortified-chain: a blockchain-based framework for security and privacy-assured internet of medical things with effective access control. IEEE Internet of Things Journal, 8(14), 11717-11731, 2021.
[32] Singh, A., & Chatterjee, K. LoBAC: A Secure Location-Based Access Control Model for E-Healthcare System. In Advances in Machine Learning and Computational Intelligence (pp. 621-628). Springer, Singapore, 2021.
[33] Younis, M., Lalouani, W., Lasla, N., Emokpae, L., & Abdallah, M. Blockchain-enabled and data-driven smart healthcare solution for secure and privacy-preserving data access. IEEE Systems Journal, 2021.
[34] Ghayvat, H., Pandya, S., Bhattacharya, P., Zuhair, M., Rashid, M., Hakak, S., & Dev, K. CP-BDHCA: Blockchain-based Confidentiality-Privacy preserving Big Data scheme for healthcare clouds and applications. IEEE Journal of Biomedical and Health Informatics, 26(5), 1937-1948, 2021.
[35] Yaqoob, I., Salah, K., Jayaraman, R., & Al-Hammadi, Y. Blockchain for healthcare data management: opportunities, challenges, and future recommendations. Neural Computing and Applications, 34(14), 11475-11490, 2022.
[36] Azad, M. A., Arshad, J., Mahmoud, S., Salah, K., & Imran, M.. A privacy‐preserving framework for smart context‐aware healthcare applications. Transactions on Emerging Telecommunications Technologies, 33(8), e3634, 2022.
[37] Balaji, N. V. An attack Resistant Privacy-Preserving Access Control Scheme for Outsourced E-pharma Data in Cloud. International Journal of Next-Generation Computing, 13(3), 2022.
[38] Tao, Q., & Cui, X. B-FLACS: blockchain-based flexible lightweight access control scheme for data sharing in cloud. Cluster Computing, 1-11, 2022.
[39] Pal, S., Dorri, A., & Jurdak, R. Blockchain for IoT access control: Recent trends and future research directions. Journal of Network and Computer Applications, 103371, 2022.
[40] Ghillani, D. Deep Learning and Artificial Intelligence Framework to Improve the Cyber Security. Authorea Preprints, 2022.
[41] Chinnasamy, P., & Deepalakshmi, P. HCAC-EHR: hybrid cryptographic access control for secure EHR retrieval in healthcare cloud. Journal of Ambient Intelligence and Humanized Computing, 13(2), 1001-1019, 2022.
[42] Astillo, P. V., Duguma, D. G., Park, H., Kim, J., Kim, B., & You, I. Federated intelligence of anomaly detection agent in IoTMD-enabled Diabetes Management Control System. Future Generation Computer Systems, 128, 395-405, 2022.
[43] Li, Q., Wen, Z., Wu, Z., Hu, S., Wang, N., Li, Y., ... & He, B. A survey on federated learning systems: vision, hype and reality for data privacy and protection. IEEE Transactions on Knowledge and Data Engineering, 2021.
[44] Karimi, L., Aldairi, M., Joshi, J., & Abdelhakim, M. An automatic attribute based access control policy extraction from access logs. IEEE Transactions on Dependable and Secure Computing, 2021.
[45] Hu, V. Machine Learning for Access Control Policy Verification (No. NIST Internal or Interagency Report (NISTIR) 8360 (Draft)). National Institute of Standards and Technology, 2021.
[46] Cotrini, C., Weghorn, T., & Basin, D. Mining ABAC rules from sparse logs. In 2018 IEEE European Symposium on Security and Privacy (EuroS&P) (pp. 31-46). IEEE, 2018.
[47] Amazon.com, “Amazon employee access challenge.” Kaggle.
[48] Montanez, Ken, “Amazon access samples.” UCI Machine Learning Repository: Amazon Access Samples Data Set.
[49] Rikhtechi, L., Rafe, V., & Rezakhani, A. Secured access control in security information and event management systems. Journal of Information Systems and Telecommunication, 9(33), 67-78, 2021.
[50] Rathna, R., Gladence, L. M., Cynthia, J. S., & Anu, V. M Energy efficient cross layer MAC protocol for wireless sensor networks in remote area monitoring applications. Journal of Information Systems and Telecommunication (JIST), 3(35), 207, 2021.