nach oben

Erschienen in:

2017 | OriginalPaper | Buchkapitel

DABEHR: Decentralized Attribute-Based Electronic Health Record System with Constant-Size Storage Complexity

verfasst von : Ye Li, Kaitai Liang, Chunhua Su, Wei Wu

Erschienen in: Green, Pervasive, and Cloud Computing

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Under the trend of cloud computing, Internet users tend to outsource their electronic personal data to remote cloud to enjoy efficient data storage and processing services. In recent years, Electronic Health Record (EHR) system has been designed to provide cost-effective health-care data management for patients, doctors, and other professional bodies. How to guarantee the security and privacy of personal health data while the record is stored, accessed and shared in open network that has gain widely attention in both academic and industrial communities. Attribute-Based Encryption (ABE), nowadays, is one of the promising techniques to secure personal health record. However, the access expressiveness, storage cost and privacy concern incurred by the usage of EHR systems still cannot be fully tackled by leveraging the existing ABE technologies. In this paper, we, for the first time, propose a novel decentralized key-policy ABE scheme for circuits. Based on the scheme, we build up an EHR system that allows access policy to be extreme expressive, and ciphertext to be maintained in constant level, so that doctors and other professionals can gain access to health record conveniently. Besides, our system supports white-box traceability so that malicious professionals (e.g., the one “selling” the access rights of health record) can be traced and identified. Furthermore, we present the formal security (in the selective-set model) and efficiency analysis for our system.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A Trust Application in Participatory Sensing: Elder Reintegration

Nächstes Kapitel Automatic Diagnosis Metabolic Syndrome via a Nearest Neighbour Classifier

Akinyele, J., Pagano, M.: Securing electronic medical records using attribute-based encryption on mobile devices. In: SPSM, pp. 75–86 (2011)

Armbrust, M., Fox, A., Griffith, R.: A view of cloud computing. Commun. ACM 53, 50–58 (2010)CrossRef

Attrapadung, N., Libert, B., Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: PKC, pp. 90–108 (2011)

Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: S&P, pp. 321–334. IEEE (2007)

Chase, M.: Multi-authority attribute based encryption. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 515–534. Springer, Heidelberg (2007)CrossRef

Chase, M., Chow, S.: Improving privacy and security in multi-authority attribute-based encryption. In: CCS, pp. 121–130 (2009)

Emura, K., Miyaji, A., Nomura, A., Omote, K., Soshi, M.: A ciphertext-policy attribute-based encryption scheme with constant ciphertext length. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 13–23. Springer, Heidelberg (2009)CrossRef

Garg, S., Gentry, C., Halevi, S.: Candidate multilinear maps from ideal lattices. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 1–17. Springer, Heidelberg (2013)CrossRef

Garg, S., Gentry, C., Halevi, S.: Attribute-Based Encryption for Circuits from Multilinear Maps. In: Crypto, pp. 479–499 (2013)

10.

Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: USENIX11, pp. 34–49 (2011)

11.

Han, J., Susilo, W., Mu, Y.: Privacy-preserving decentralized key-policy attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 23(11), 2150–2162 (2012)CrossRef

12.

Ibraimi, L., Asim, M., Petkovic, M.: Secure management of personal health records by applying attribute-based encryption. In: IEEE, pp. 71–74 (2009)

13.

Jiang, P., Mu, Y., Guo, F., Wen, Q.: Secure-channel free keyword search with authorization in manager-centric databases. Comput. Secur. (2016). doi:10.1016/j.cose.2016.11.015

14.

Jiang, P., Mu, Y., Guo, F., Wang, X., Lai, J.: Centralized keyword search on encrypted data for cloud applications. Secur. Commun. Netw. (2016). doi:10.1002/sec.1679

15.

Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011)CrossRef

16.

Li, J., Chen, X., Li, J., Jia, C., Ma, J., Lou, W.: Fine-grained access control system based on outsourced attribute-based encryption. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 592–609. Springer, Heidelberg (2013)CrossRef

17.

Li, M., Yu, S.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)CrossRef

18.

Li, J., Qin, C., Lee, P., Li, J.: Rekeying for encrypted deduplication In: DSN, pp. 618–629 (2016)

19.

Liang, K., Huang, X., Guo, F., Liu, J.: Privacy-preserving and regular language search over encrypted cloud data. IEEE Trans. Inf. Forensics Secur. 11(10), 2365–2376 (2016)CrossRef

20.

Liang, K., Su, C., Chen, J., Liu, J.: Efficient multi-function data sharing and searching mechanism for cloud-based encrypted data. In: AsiaCCS, pp. 83–94 (2016)

21.

Liang, K., Fang, L., Susilo, W., Wong, D. A Ciphertext-Policy Attribute-Based Proxy Re-encryption with Chosen-Ciphertext Security. In: INCoS, pp. 552–559 (2013)

22.

Liang, K., Au, M., Liu, K., Susilo, W., Wong, D., Yang, G., Phuong, T., Xie, Q.: A DFA-based functional proxy re-encryption scheme for secure public cloud data sharing. IEEE Trans. Inf. Forensics Secur. 9(10), 1667–1680 (2014)CrossRef

23.

Liang, K., Susilo, W.: Searchable attribute-based mechanism with efficient data sharing for secure cloud storage. IEEE Trans. Inf. Forensics Secur. 10(9), 1981–1992 (2015)CrossRef

24.

Liu, Z., Cao, Z.: White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans. Inf. Forensics Secur. 8(1), 76–88 (2013)CrossRef

25.

Liu, Z., Cao, Z., Huang, Q.: Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles. In: ESORICS, pp. 278–297 (2011)

26.

Liu, X., Liu, Q.: Dynamic access policy in cloud-based Personal Health Record (PHR) systems. Inf. Sci. 379, 62–81 (2017)CrossRef

27.

Muller, S., Katzenbeisser, S., Eckert, C.: On multi- authority ciphertext-policy attribute-based encryption. Bull. Korean Math. Soc. 46(4), 803–819 (2009)MathSciNetCrossRefMATH

28.

Ning, J., Dong, X., Cao, Z.: White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes. IEEE Trans. Inf. Forensics Secur. 10(6), 1274–1288 (2015)CrossRef

29.

Sahai, A., Waters, B.: Fuzzy identity based encryption. In: Eurocrypt, pp. 457–473 (2005)

30.

Sergey, G., Vinod, V., Hoeteck, W.: Attribute-based encryption for circuits. J. ACM 62(6), 1–33 (2015)MathSciNetMATH

31.

Tamizharasi, G.S., Balamurugan, B., Manjula, R.: Attribute based encryption with fine-grained access provision in cloud computing. In: proceedings of the International Conference on Informatics and Analytics, Article No. 88 (2016)

32.

The Cloud Security Alliance Top Threats Working Group. The Notorious Nine: Cloud Computing Top Threats in 2013 (2013). https://cloudsecurityalliance.org/research/top-threats

33.

Wang, C., Luo, F.: An efficient key-policy attribute-based encryption scheme with constant ciphertext length. Math. Problems Eng. 2013, 7 p. (2013). Article ID 810969

34.

Wang, S., Liang, K., Liu, K., Chen, J., Yu, J., Xie, W.: Attribute-based data sharing scheme revisited in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(8), 1661–1673 (2016)CrossRef

35.

Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: PKC, pp. 53–70 (2011)

36.

Yang, Y., Liu, J., Liang, K., Choo, K., Zhou, J.: Extended proxy-assisted approach: achieving revocable fine-grained encryption of cloud data. In: ESORICS, pp. 146–166 (2015)

37.

Zhang, P., Chen, Z., Liang, K., Wang, S., Wang, T.: A cloud-based access control scheme with user revocation and attribute update. In: ACISP, pp. 525–540 (2016)

Titel: DABEHR: Decentralized Attribute-Based Electronic Health Record System with Constant-Size Storage Complexity
verfasst von: Ye Li
Kaitai Liang
Chunhua Su
Wei Wu
Verlag: Springer International Publishing
Buch: Green, Pervasive, and Cloud Computing
Print ISBN: 978-3-319-57185-0

Electronic ISBN: 978-3-319-57186-7

Copyright-Jahr: 2017
DOI: https://doi.org/10.1007/978-3-319-57186-7_44

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"