Top

Education and Information Technologies

Published in:

17-04-2018

A secure cloud framework to share EHRs using modified CP-ABE and the attribute bloom filter

Author: Gandikota Ramu

Published in: Education and Information Technologies | Issue 5/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

In recent years, the Internet of Things (IoT), cloud computing, and wireless body area networks (WBANs) have converged and become popular due to their potential to improve quality of life. This convergence has greatly promoted the industrialization of e-healthcare. With the flourishing of the e-healthcare industry, full electronic health records (EHRs) are expected to promote preventative health services as well as global health. However, the outsourcing of EHRs to third-party servers, like the cloud, involves many challenges, including securing health information and preserving privacy. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising scheme for storing and sharing information in third-party servers. This scheme enables patients and doctors to encrypt or decrypt their information using access policies defined by attributes. In this scheme, the access policy is tied with the ciphertext in the form of plaintext, which may risk leaking personal patient information. Earlier protocols only partially hide the attribute values in the access policies but leave the attribute names unprotected. To address these security issues, we propose a secure cloud framework using modified CP-ABE and an attribute Bloom filter (ABF). In modified CP-ABE, we can hide the entire attribute, including values, in the access policies. The ABFs assist in data decryption by evaluating the presence of an attribute in the access policy and pointing to its position. Security analysis and performance evaluation demonstrate the efficiency and effectiveness of the proposed framework. Finally, the proposed framework is explored to verify its feasibility.

previous article Effects of interactive whiteboard training programs on teacher efficacy and student outcomes in kindergartens

next article Effects of sociodemographic variables and Facebook group membership on students political participation

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Beimel, A. (1996). Secure schemes for secret sharing and key distribution. Ph.D. dissertation, Israel Inst. Technol. Technion, Haifa, Israel.

Boneh, D., & Waters, B. (2007). Conjunctive, subset, and range queries on encrypted data. In Theory of Cryptography. Heidelberg, Germany: Springer, pp. 535–554.

Frikken, K., Atallah, M., & Li, J. (2006). Attribute-based access control with hidden policies and hidden credentials. IEEE Transactions on Computers, 55(10), 1259–1270.CrossRef

Helmer, A., Lipprandt, M., Frenken, T., et al. (2011). Empowering patients through personal health records: a survey of existing third-party webbased PHR products. Electronic Journal of Health Informatics, 6(3), e26.

Hur, J. (2013). Attribute-based secure data sharing with hidden policies in smart grid. IEEE Transactions on Parallel and Distributed Systems, 24(11), 2171–2180.CrossRef

Jara, A.J., Zamora, M.A., Skarmeta, A.F.G. (2010). An architecture based on internet of things to support mobility and security in medical environments. Proceedings of 7th IEEE Consumer Communications and Networking Conference. pp: 1–5.

Jiang, R., Wu, X., & Bhargava, B. (2016). SDSS-MAC: Secure data sharing scheme in multi-authority cloud storage systems. Computers & Security, 62, 193–212. https://doi.org/10.1016/j.cose.2016.07.007.CrossRef

Katz, J., Sahai, A., & Waters, B. (2008). Predicate encryption supporting disjunctions, polynomial equations, and inner products. In Advances in cryptology–EUROCRYPT 2008. Heidelberg, Germany: Springer, pp. 146–162.

Lai, J., Deng, R. H., & Li, Y. (2011). Fully secure cipertext-policy hiding CPABE. In Information security practice and experience. Heidelberg, Germany: Springer, pp. 24–39.

Lai, J., Deng, R. H., & Li, Y. (2012) Expressive CP-ABE with partially hidden access structures. In Proc. ASIACCS, Seoul, South Korea, pp. 18–19.

Lei, L., Zhong, Z., Zheng, K., Chen, J., & Meng, H. (2013). Challenges on wireless heterogeneous networks for mobile cloud computing. IEEE Wireless Communications, 20(3), 34–44.CrossRef

Leng, C., Yu, H., Wang, J., & Huang, J. (2013). Securing personal health records in the cloud by enforcing sticky policies. Telkomnika Indonesian J Elect Eng, 11(4), 2200–2208.

Li, J., Ren, K., Zhu, Z., & Wan, Z. (2009). Privacy-aware attribute-based encryption with user accountability. In Proc. Inf. Security, Pisa, Italy, pp. 347–362.

Li, M., Yu, S., Zheng, Y., Ren, K., & Lou, W. (2013). Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems, 24(1), 131–143.CrossRef

Li, H., Liu, D., Alharbi, K., Zhang, S., & Lin, X. (2015a). Enabling fine-grained access control with efficient attribute revocation and policy updating in smart grid. KSII Transactions on Internet and Information Systems, 9(4), 1404–1423.

Li, H., Liu, D., Dai, Y., & Luan, T. H. (2015b). Engineering searchable encryption of mobile cloud networks: when QoE meets QoP. IEEE Wireless Communications, 22(4), 74–80.CrossRef

Li, Q., et al. (2016a). Secure, efficient and revocable multi-authority access control system in cloud storage. Computers & Security, 59, 45–59. https://doi.org/10.1016/j.cose.2016.02.002.CrossRef

Li, H., et al. (2016b). Enabling fine-grained multi-keyword search supporting classified sub-dictionaries over encrypted cloud data. IEEE Transactions on Dependable and Secure Computing, 13(3), 312–325. https://doi.org/10.1109/TDSC.2015.2406704.CrossRef

Lin, H., Cao, Z., Liang, X., & Shao, J. (2008). Secure threshold multi authority attribute based encryption without a central authority. In Proc. INDOCRYPT, Kharagpur, India, pp. 426–436.

Lin, H., Shao, J., Zhang, C., & Fang, Y. (2013). CAM: cloud-assisted privacy preserving mobile health monitoring. IEEE Transactions on Information Forensics and Security, 8(6), 985–997.CrossRef

Liu, H., Ning, H., Xiong, Q., & Yang, L. T. (2015). Shared authority based privacypreserving authentication protocol in cloud computing. IEEE Transactions on Parallel and Distributed Systems, 26(1), 241–251.CrossRef

Lu, R., Zhu, H., Liu, X., Liu, J. K., & Shao, J. (2014). Toward efficient and privacy-preserving computing in big data era. IEEE Network, 28(4), 46–50.CrossRef

Mell, P. & Grance, T. (2011). The NIST definition of cloud computing. Recommendations Nat. Inst. Standards Technol., NIST,Washington, DC, USA, Tech. Rep. 800–145.

Nishide, T., Yoneyama, K., & Ohta, K. (2008). Attribute-based encryption with partially hidden encryptor-specified access structures. In Applied Cryptography and Network Security. Heidelberg, Germany: Springer, pp. 111–129.

Park, E., & Nam, H. S. (2009). A service-oriented medical framework for fast and adaptive information delivery in mobile environment. IEEE Transactions on Information Technology in Biomedicine, 13(6), 1049–1056.CrossRef

Ramu, G. & Eswara Reddy, B. (2015). Secure architecture to manage EHR’s in cloud using SSE and ABE. Springer, Health Technol. https://doi.org/10.1007/s12553-015-0116-0.

Sawand, Djahel, S., Zhang, Z., & Naїt-Abdesselam, F. (2015). Toward energyefficient and trustworthy ehealth monitoring system. China Commun, 12(1), 46–65.CrossRef

Shin, M. S., Jeon, H. S., Ju, Y. W., Lee, B. J., & Jeong, S. P. (2015). Constructing RBAC based security model in u-healthcare service platform. The Scientific World Journal, 2015, Art. no. 937914. https://doi.org/10.1155/2015/937914.

Su, Z., Xu, Q., & Qi, Q. (2016). Big data in mobile social networks: A QoE-oriented framework. IEEE Network, 30(1), 52–57.CrossRef

Subashini, S., & Kavitha, V. (2011). A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications, 34(1), 1–11.CrossRef

Vossberg, M., Tolxdorff, T., & Krefting, D. (2008). DICOM image communication in globus-based medical grids. IEEE Transactions on Information Technology in Biomedicine, 12(2), 145–153.CrossRef

Wang, Zhang, B., Ren, K., Roveda, J. M., Chen, C. W., & Xu, Z. (2014). A privacy-aware cloud-assisted healthcare monitoring system via compressive sensing. In Proc. 33rd IEEE INFOCOM Conf., pp. 2130–2138.

Waters, B. (2011). Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In Proc. PKC, Taormina, Italy, pp. 53–70.

Weber, R. H. (2010). Internet of things – New security and privacy challenges. Computer Law & Security Review, 26(1), 23–30.CrossRef

Yang, K., & Jia, X. (2014). Expressive, efficient, and revocable data accesscontrol for multi-authority cloud storage. IEEE Transactions on Parallel and Distributed Systems, 25(7), 1735–1744.CrossRef

Yang, K., Jia, X., & Ren, K. (Dec. 2015). Secure and verifiable policy update outsourcing for big data access control in the cloud. IEEE Transactions on Parallel and Distributed Systems, 26(12), 3461–3470.CrossRef

Yang, K., Liu, Z., Jia, X., & Shen, X. S. (2016). Time-domain attribute-based access control for cloud-based video content sharing: a cryptographic approach. IEEE Transactions on Multimedia, 18(5), 940–950.CrossRef

Yu, S., Ren, K., & Lou, W. (2008). Attribute-based content distribution with hidden policy. In Proc. Secure Netw. Protocols (NPSec), Orlando, FL, USA, pp. 39–44.

Zheng, K., Yang, Z., Zhang, K., Chatzimisios, P., Yang, K., & Xiang, W. (2016). Big data-driven optimization for mobile networks toward 5G. IEEE Network, 30(1), 44–51.CrossRef

Title: A secure cloud framework to share EHRs using modified CP-ABE and the attribute bloom filter
Author: Gandikota Ramu
Publication date: 17-04-2018
Publisher: Springer US
Published in: Education and Information Technologies / Issue 5/2018
Print ISSN: 1360-2357
Electronic ISSN: 1573-7608
DOI: https://doi.org/10.1007/s10639-018-9713-7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 5/2018

Editorial for EAIT Issue 5, 2018

Browsing the internet to solve information problems: A study of students’ search actions and behaviours using a ‘think aloud’ protocol

Faculty technology beliefs and practices in teacher preparation through a TPaCK lens

Social media networks and pedagogy at the University of Jordan

From a student perspective, what constitutes a good (or less good) use of ICT in teaching?

Effects of sociodemographic variables and Facebook group membership on students political participation

Premium Partner