Session-wise private data exchange in eHealth peer-to-peer database management systems

In a peer-to-peer database management system(P2PDBMS) system, peers exchange data in a pair-wise fashion on-the-fly in response to a query without any centralized control. Generally, peers create a temporary session during data exchange. The data might be trapped and disclosed by the intruders while exchanged over an insecure communication network. As there is no centralized control for data exchange among peers, we cannot assume any central third party security infrastructure (e.g. PKI) to protect confidential data of an eHealth P2PDBMS. So far, there is currently no available/existing security protocol for secured data exchange in eHealth P2PDBMS. In this paper we propose a security protocol for data exchange in eHealth P2PDBMSs based on pairing-based cryptography and data exchange policy. The proposed protocol allows the peers to compute their secret session keys dynamically by computing pairing on elliptic curve based on the policies between them during data exchange. Our proposed protocol is robust against the man-in-the middle attack, the masquerade attack and the replay attack.