IJSRD - International Journal for Scientific Research & Development| Vol. 3, Issue 09, 2015 | ISSN (online): 2321-0613 All rights reserved by www.ijsrd.com 587 A Data Security Application in Cloud Environment using CP-ABE Encryption: PHR systems Anu Maria Sebastian 1 Deepu Job 2 Anjali Nair 3 Shalin Elizabeth 4 1,2,3,4 Department of Computer Science & Engineering 1,2,3,4 SJCET Palai, Kerala, India Abstract— MyPHR machines were created based on the remote virtual machines hosted in the cloud. It takes the support of medical software to feed in the data which makes it more trustworthy. The reuse of valuable legacy software eases the task rebuilding the entire platform from scratch. For each patient a set of attributes are maintained at the database. While their data are stored in the encrypted form in a server. MyPHR Machines have different units which include hospitals, doctors, patients and emergency users. All the users need to register to the corresponding units and the PHR admin grants permission to operate in their environment. The doctors can register via the registered hospitals. Emergency users are allowed access only with explicit delegation by the patient. While registration the information related to each user is stored as attributes in the database. These attributes are taken during the encryption of their respective data based on the policy. Cipher Policy Based ABE encryption method[4] uses the attributes, based on the policy defined and decided by the provider and client. The final encryption is done using Blow Fish algorithm. The encrypted data is stored in servers. The decryption key is generated during the time of encryption. Only the patient could view his data unless he entrusts a trustworthy person to access the shared data in case of emergency. The implemented system mainly focuses on this encryption and decryption of data. Rests of the features of MyPHR Machines are maintained. This work has great applications in the future where the Health centres prefer to use a unified record of heath information regarding a person irrespective of his location. Key words: Data Encryption, PHR Systems, Cloud Security Application, Privacy of Data, Electronic Health Records I. INTRODUCTION This paper is part of this project which specifically works on ensuring the privacy of health information related to a person. Any leakage of these data could threaten the personal life of that individual. Unlike HER systems the patient is responsible for the data in MyPHR systems. To avoid false details Medical softwares are installed in this system while feeding the data. If a third party manages to access and manipulate the data then it could adversely affect the persons health and future. Mainly enterprises are aiming to subscribe the cloud services since they reduce the initial investments on constructing data centres, hiring skilled IT employees within their business to the pay as you go expenses of cloud services [10]. In addition to this it helps to escape from the confines of application upgrading and expense on maintenance of data centres. As the demand of cloud is increasing the risks of threat for cloud and its users increases. Security thereby becomes a prime concern of both the cloud providers and its users [6]. The basic security depends on the cloud provider since they are responsible for the control of hardware and the hypervisors on which the data resides and application runs. The resources in cloud environment are shared among its clients. If the isolation between the users fails, privacy of the user’s data and application is under threat. Cloud utility is available only through the internet so it is essential that the reliability and availability must be ensured. The international nature of cloud environment raises many legal and regulatory issues. Like issues related to restriction of data exporting out of a jurisdiction and dominance of rules in case of conflicts, liability in case of security breaches[5]. The safety measures of traditional data centre are focused on the edge of the platform. However, there are maybe a few of virtual servers in a physical server in the cloud computing. And every virtual server may belong to different logical server cluster. So attacking each other is possible, there are security risks in the virtual server[7]. Using virtual machines in the cloud makes the network's edge disappears, which affects almost all aspects of the safety. The traditional protection physical hardware is powerless in this environment. 1) Issues raised when using virtual technology: The advantages of virtual technology are obvious: it makes the servers run on the virtual server, not depend on the physical machines anymore; therefore, change or migration of the machine can't impact the services of the server. Whenever the users need services virtual servers can provide services without caring about the physical hardware. However, data security in cloud computing is more different from the traditional data centre. 2) Control and authority on data: The company who provides cloud computing has the authority to manage and maintain the data. The existence of super users simplifies the data management but brings serious threat to privacy. It must be controlled in the cloud computing. 3) Security and data consistency: Cloud computing is a dynamic environment. Data from data centre passed to the users' client over Internet. In the system, data is almost changed all the time. Data accessing involves users' certification and limits of authority. There are different user's data on a virtual machine· it must be strictly controlled the accessing limits. Traditional accessing controls are configured outside the machine, which is not suitable for the cloud computing. 4) Challenges of using neew technology: Cloud computing is built on new architectures. New technology brings new risks as long as the improvement of performance. Frequent interaction between different virtual nodes brings safe problems to the data. To improve understanding on the problems and solutions a deep investigation in the cloud model has to be carried out. Through which the root causes and key factors