nach oben

Health and Technology

Erschienen in:

03.04.2019 | Original Paper

Fine-grained access control of EHRs in cloud using CP-ABE with user revocation

verfasst von: Gandikota Ramu, B. Eswara Reddy, Appawala Jayanthi, L. V. Narasimha Prasad

Erschienen in: Health and Technology | Ausgabe 4/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Cloud computing is a novel model for computing and storing. It enables elasticity, on-demand and low-cost usage of computing resources. Electronic health record (EHR) is an emerging patient-oriented paradigm for sharing of medical data. With the arrival of cloud computing, health care industries outsource their EHR to the cloud servers but, at the same time there is increased demand and concern for outsourced EHR’s security also. The major concerns in data outsourcing are the implementation of access policies and policies modification. To address these issues, the optimal solution is Ciphertext Policy Attribute Based Encryption (CP-ABE). CP-ABE allows the patients to describe their own access policies and implement those policies on their data before outsourcing into the cloud servers. But there are major limitations like key escrow and user revocation problems. In this paper, we proposed a modified CP-ABE scheme with user revocation to strengthen data outsourcing system in cloud architecture. The proposed system addresses the key-escrow and revocation problems. 1) The key-escrow problem is solved by using two-authority computation between the key generator authority and cloud server and 2) An immediate attribute modification method is used to achieve fine-grained user revocation. Security analysis and performance evaluation demonstrates that the proposed system is efficient to achieve security in outsourced EHRs in cloud servers.

Vorheriger Artikel An insight into the bilateral readiness towards telemedicine

Nächster Artikel MedDietCalc: multi calculator to compute scores of adherence to Mediterranean Diet

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Li M et al. Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings,” Proceedings 6th international icst conference security and privacy in Comm. Networks (Secure Comm ‘10), pp. 89–106, 2010.

Cao N et al LT Codes-based secure and reliable cloud storage service, Proceedings IEEE INFOCOM,pp. 693–701, 2012.

India Personal Data (Protection) Act. http://cis-india.org/internet-governance/blog/the-personal-data-protection-bill-20132013.

Sahai A et al Fuzzy identity-based encryption, ProceedingsInternational conference theory and applications of cryptographic techniques(Eurocrypt ‘05), pp. 457–473, 2005.

Goyal V, et al Attribute-based encryption for fine-grained access control of encrypted data, Proceedings ACM Conference Computer and Comm. Security, pp. 89–98, 2006.

Bethencourt J., et al. Ciphertext-policy attribute-based encryption, Proceedings IEEE symposium security and privacy, pp. 321–334, 2007.

Ostrovsky R., et al. Attribute-based encryption with non-monotonic access structures, Proceedings ACM conference computer and comm. security, pp. 195–203, 2007.

Cheung L., et al. Provably secure ciphertext policy ABE, Proceedings ACM conference computer and comm. security, pp. 456–465, 2007.

Goyal V., et al. Bounded ciphertext policy attribute-based encryption, Proceedings international colloquium automata, languages and programming (ICALP), pp. 579–591, 2008.

10.

Liang X, et al. Provably secure and efficient bounded ciphertext policy attribute based encryption, Proceedings international symposium information, computer, and comm. security(ASIACCS), pp. 343–352, 2009.

11.

Chow SSM, Removing escrow from identity-based encryption,” Proceedings international conference practice and theory in public key cryptography (PKC ‘09), pp. 256–276, 2009.

12.

Jung T, et al. Control cloud data access privilege and anonymity with fully anonymous attribute-based encryption. IEEE Transactions on Information Forensics and Security. 2015;10(1).

13.

Boldyreva A, et al. Identity-based encryption with efficient revocation, Proceedings ACM conference computer and comm. security, pp. 417–426, 2008.

14.

Rafaeli S, et al. A survey of key management for secure group communication. ACM Comput Surv. 2003;35(3):309–29.CrossRef

15.

Lewko A., et al. Revocation systems with very small private keys, Proceedings IEEE symposium security and privacy, 273–285, 2010.

16.

Golle P., et al. A Content-driven access control system, Proceedings symposium identity and trust onthe internet, pp. 26–35, 2008.

17.

Yu S., et al. Attribute based data sharing with attribute revocation, Proceedings ACM symposium. information, computer and comm. security (ASIACCS ‘10), 2010.

18.

Mandl KD, et al. Public standards and patients’ control: how to keep electronic medical RecordsAccessible but private. BMJ. 2001;322(7281):283–7.CrossRef

19.

Attrapadung N et al. Conjunctive broadcast and attribute-based encryption, Proceedings international conference palo alto on pairing-based cryptography (Pairing), pp. 248–265, 2009.

20.

Ramu G et al. Secure architecture to manage EHRs in cloud using SSE and ABE, Springer, Health Technol, Doi: 10.1007/s12553-015-0116-0, 2015.

21.

The Pairing-Based Cryptography Library, http://crypto.stanford.edu/pbc/.

Titel: Fine-grained access control of EHRs in cloud using CP-ABE with user revocation
verfasst von: Gandikota Ramu
B. Eswara Reddy
Appawala Jayanthi
L. V. Narasimha Prasad
Publikationsdatum: 03.04.2019
Verlag: Springer Berlin Heidelberg
Erschienen in: Health and Technology / Ausgabe 4/2019
Print ISSN: 2190-7188
Elektronische ISSN: 2190-7196
DOI: https://doi.org/10.1007/s12553-019-00304-9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 4/2019

MedDietCalc: multi calculator to compute scores of adherence to Mediterranean Diet

Clinical risk groups and patient complexity: a case study with a primary care clinic in Alberta

Ensemble method based predictive model for analyzing disease datasets: a predictive analysis approach

Variation in electronic health record adoption in European public hospitals: a configurational analysis of key functionalities

An insight into the bilateral readiness towards telemedicine

Using socially assistive robots for monitoring and preventing frailty among older adults: a study on usability and user experience challenges