nach oben

Soft Computing

Erschienen in:

01.09.2014 | Focus

An efficient PHR service system supporting fuzzy keyword search and fine-grained access control

verfasst von: Fatos Xhafa, Jianfeng Wang, Xiaofeng Chen, Joseph K. Liu, Jin Li, Paul Krause

Erschienen in: Soft Computing | Ausgabe 9/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Outsourcing of personal health record (PHR) has attracted considerable interest recently. It can not only bring much convenience to patients, it also allows efficient sharing of medical information among researchers. As the medical data in PHR is sensitive, it has to be encrypted before outsourcing. To achieve fine-grained access control over the encrypted PHR data becomes a challenging problem. In this paper, we provide an affirmative solution to this problem. We propose a novel PHR service system which supports efficient searching and fine-grained access control for PHR data in a hybrid cloud environment, where a private cloud is used to assist the user to interact with the public cloud for processing PHR data. In our proposed solution, we make use of attribute-based encryption (ABE) technique to obtain fine-grained access control for PHR data. In order to protect the privacy of PHR owners, our ABE is anonymous. That is, it can hide the access policy information in ciphertexts. Meanwhile, our solution can also allow efficient fuzzy search over PHR data, which can greatly improve the system usability. We also provide security analysis to show that the proposed solution is secure and privacy-preserving. The experimental results demonstrate the efficiency of the proposed scheme.

Vorheriger Artikel Trustworthiness in P2P: performance behaviour of two fuzzy-based systems for JXTA-overlay platform

Nächster Artikel Cooperative-Filter: countering Interest flooding attacks in named data networking

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

We assume that the edit distance \(d\) is implicitly defined by the private cloud.

Here we assume that the edit distance \(d\) is implicited defineded by the private cloud. If it is dynamically set by the user, SearchQueryGen further takes \(d\) as an additional input.

Abdalla M, Bellare M, Catalano D, Kiltz E, Kohno T, Lange T, Malone-Lee J, Neven G, Paillier P, Shi H (2005) Searchable encryption revisited: consistency properties, relation to anonymous ibe, and extensions. In: Proceedings of advances in cryptology—CRYPTO 2005, pp 205–222

Agudo I, Nuñez D, Giammatteo G, Rizomiliotis P, Lambrinoudakis C (2011) Cryptography goes to the cloud. In: Lee C, Seigneur JM, Park J, Wagner R (eds) Secure and trust computing, data management, and applications, communications in computer and information science, vol 187. Springer, New York, pp 190–197

Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy 2007, pp 321–334

Boneh D, Crescenzo G, Ostrovsky R, Persiano G (2004) Public key encryption with keyword search. In: Proceedings of advances in cryptology—EUROCRYPT 2004. Springer, Interlaken, pp 506–522

Boneh D, Waters B (2007) Conjunctive, subset, and range queries on encrypted data. In: Proceedings of the 4th theory of cryptography conference, vol 4392. Springer, Amsterdam, pp 535–554

Chang Y, Mitzenmacher M (2005) Privacy preserving keyword searches on remote encypted data. In: Proceedings of the 3rd applied cryptography and network security, New York, pp 391–421

Curtmola R, Garay J, Kamara S, Ostrovsky R (2006) Searchable symmetric encryption: improved definition and efficient constrcutions. In: Proceedings of the 13th ACM conference on computer and communications security. ACM, Alexandria, pp 79–88

Goh E (2003) Secure indexes. In: Report 2003/216, cryptology ePrint archive. http://eprint.iacr.org/2003/216

Li J, Wang Q, Wang C, Cao N, Ren K, Lou W (2010) Fuzzy keyword search over encrypted data in cloud computing. In: Proceedings of the 29th IEEE international conference on computer communications (INFOCOM ’10). IEEE, San Diego, pp 441–445

Li J, Li J, Chen X, Jia C, Liu Z (2012) Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud. In: Proceedings of the 6th international conference on network and system security (NSS ’12). Lecture notes in computer science, vol 7645. Springer, New York, pp 490–502

Lu Y, Tsudik G (2011) Privacy-preserving cloud database querying. J Internet Serv Inf Secur 1(4):5–25

Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in cryptology—EUROCRYPT 2005, vol 3494. Lecture notes in computer science. Springer, Berlin/Heidelberg, pp 457–473

Song D, Wagner D, Perrig A (2000) Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE symposium on security and privacy. IEEE, Berkeley, pp 44–55

Tang PC, Ash JS, Bates DW, Overhage JM, Sands DZ (2006) Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. J Am Med Inform Assoc 13(2):121–126

Yu S, Ren K, Lou W (2008) Attribute-based content distribution with hidden policy. In: 4th Workshop on secure network protocols, 2008 (NPSec 2008), pp 39–44

Zhang Y, Chen X, Li J, Wong DS, Li H (2013) Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the 8th ACM SIGSAC symposium on information, computer and communications security(ASIACCS ’13). ACM, Hangzhou, pp 511–516

Titel: An efficient PHR service system supporting fuzzy keyword search and fine-grained access control
verfasst von: Fatos Xhafa
Jianfeng Wang
Xiaofeng Chen
Joseph K. Liu
Jin Li
Paul Krause
Publikationsdatum: 01.09.2014
Verlag: Springer Berlin Heidelberg
Erschienen in: Soft Computing / Ausgabe 9/2014
Print ISSN: 1432-7643
Elektronische ISSN: 1433-7479
DOI: https://doi.org/10.1007/s00500-013-1202-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 9/2014

Cooperative-Filter: countering Interest flooding attacks in named data networking

Soft computing for security services in smart and ubiquitous environments

Towards cognitive economy

State filters on fuzzy structures with internal states

A method of DDoS attack detection using HTTP packet pattern and rule engine in cloud computing environment

The simulation of an emotional robot implemented with fuzzy logic

Premium Partner