Abstract
In an eHealth peer-to-peer database management system(P2PDBMS), peers exchange data in a pair-wise fashion on-the-fly in response to a query without any centralized control. Generally, the communication link between two peers is insecure and peers create a temporary session while exchanging data. When peers exchange highly confidential data in an eHealth network over an insecure communication link, the data might be tampered with or trapped and disclosed by intruders, which is a serious offence for the clients of an eHealth P2PDBMS. As there is no centralized control for data exchange in eHealth P2PDBMS, it is infeasible to assume a centralized third party security infrastructure to protect confidential data. So far, there is currently no available/existing security protocol for secured data exchange in eHealth P2PDBMS. In this paper we propose three models for secure data exchange in eHealth P2PDBMSs and the corresponding security protocols. The proposed protocol allows the peers to compute their secret session keys dynamically during data exchange based on the policies between them. Our proposed protocol is robust against the man-in-the middle attack, the masquerade attack, and the replay attack.