Cloud Bio Secure: A Scalable Biometric-Based Data Management Architecture for Privacy-Preserving Healthcare Services

Abstract

The growing health-related data digitization calls for strong protection and privacy-protection methods, especially in patient identification and access control. CloudBioSecure suggests a cloud-native, elastic multimodal biometric-based data management paradigm that can securely and compliantly process health-related data. Through the integration of multimodal biometrics iris and fingerprint modalities and strong cryptography and federated techniques, CloudBioSecure achieves a proper balance between convenience, security, and user privacy. Two principal operational phases of the architecture are enrolment and authentication. At enrolment, biometric samples are captured, pre-processed, and transformed by Gabor-based feature extraction. Features are encrypted homomorphically and stored within a secure decentralized cloud environment. During authentication, a new biometric sample is processed and securely matched against the stored template via encrypted similarity computation under confidentiality preservation. To enforce data governance and HIPAA and GDPR compliance, CloudBioSecure employs role-based access control using smart contracts and immutable audit trails using blockchain. Federated Learning (FL) is applied for distributed model training over several healthcare institutions without exchanging raw data, and Differential Privacy (DP) and Secure Multi-Party Computation (SMPC) are applied for privacy in statistical analysis and collaborative inference tasks. Performance testing illustrates a 99.5% accuracy in verification, outperforming standard biometric systems in precision as well as privacy-enforcing capability. The system also demonstrates low FAR/FRR and high scalability, with the possibility of deployment on large scales. Component-level impact analysis reveals FL and homomorphic encryption to be crucial drivers of system effectiveness. CloudBioSecure is an end-to-end, holistic biometric security infrastructure for the modern healthcare infrastructure with a solution to the problem of secure identification of patients and access to patient data in a cloud infrastructure, which is future-proof.