nach oben

The Journal of Supercomputing

Erschienen in:

01.05.2015

Privacy-aware attribute-based PHR sharing with user accountability in cloud computing

verfasst von: Fatos Xhafa, Jianglang Feng, Yinghui Zhang, Xiaofeng Chen, Jin Li

Erschienen in: The Journal of Supercomputing | Ausgabe 5/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

As an emerging patient-centric model of health information exchange, personal health record (PHR) is often outsourced to be stored at a third party. The value of PHR data is its long-term cumulative record relevant with personal health which can be significant in the future when faced with disease occurrences. As a promising public key primitive, attribute-based encryption (ABE) has been used to design PHR sharing systems. However, the existing solutions fail to achieve several important security objectives, that is, no need for a single authority to issue private keys to all PHR users, user access privacy protection, and user accountability. In this paper, we propose a multi-authority ciphertext-policy ABE scheme with user accountability and apply it to design an attribute-based PHR sharing system. In the proposed solution, the access policy is hidden and hence user access privacy is protected. In particular, the global identity of a misbehaving PHR user who leaked the decryption key to other unauthorized users can be traced, and thus the trust assumptions on both the authorities and the PHR users are reduced. Extensive analysis shows that the proposed scheme is provably secure and efficient.

Vorheriger Artikel Special section on support technology and architecture for networked and distributed applications in big data era

Nächster Artikel Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Kaelber DC, Jha AK, Johnston D, Middleton B, Bates DW (2008) A research agenda for personal health records (phrs). J Am Med Inform Assoc 15(6):729–736CrossRef

Ibraimi L, Asim M, Petkovic M (2009) Secure management of personal health records by applying attribute-based encryption. In: Proceeding of the pHealth’09, IEEE, pp 71–74

Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceeding of the SP’07, IEEE, pp 321–334

Akinyele JA, Pagano MW, Green MD, Lehmann CU, Peterson ZN, Rubin AD (2011) Securing electronic medical records using attribute-based encryption on mobile devices. In: Proceeding of the SPSM’11, ACM, pp 75–86

Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143CrossRef

Chase M (2007) Multi-authority attribute based encryption. In: Proceeding of the TCC’07, LNCS, vol 4392. Springer, New York, pp 515–534

Lu R, Lin X, Shen X (2013) Spoc: a secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency. IEEE Trans Parallel Distrib Syst 24(3):614–624CrossRef

Chen TS, Liu CH, Chen TL, Chen CS, Bau JG, Lin TC (2012) Secure dynamic access control scheme of phr in cloud computing. J Med Syst 36(6):4005–4020CrossRef

Zhang R, Liu L (2010) Security models and requirements for healthcare application clouds. In: Proceeding of the CLOUD’10, IEEE, pp 268–275

10.

Sun J, Fang Y (2010) Cross-domain data sharing in distributed electronic health record systems. IEEE Trans Parallel Distrib Syst 21(6):754–764CrossRefMathSciNet

11.

Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Proceeding of the EUROCRYPT’05, LNCS, vol 3494. Springer, New York, pp 557–557

12.

Li J, Chen X, Li J, Jia C, Ma J, Lou W (2013) Fine-grained access control based on outsourced attribute-based encryption. In: Proceeding of the European symposium on research in computer security (ESORICS). LNCS, vol 3184, pp 592–609

13.

Li J, Kim K (2010) Hidden attribute-based signatures without anonymity revocation. Inform Sci 180(9):1681–1689CrossRefMATHMathSciNet

14.

Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceeding of the CCS’06, ACM, pp 89–98

15.

Kapadia A, Tsang PP, Smith SW (2007) Attribute-based publishing with hidden credentials and hidden policies. In: Proceeding of the NDSS’07, The Internet Society, pp 179–192

16.

Nishide T, Yoneyama K, Ohta K (2008) Abe with partially hidden encryptor-specified access structure. In: Proceeding of the ACNS’08, LNCS, vol 5037. Springer, New York, pp 111–129

17.

Zhang Y, Chen X, Li J, Wong DS, Li H (2013) Anonymous attribute-based encryption supporting efficient decryption test. In: Proceeding of the ASIACCS’13, ACM, New York, pp 511–516

18.

Yu S, Ren K, Lou W, Li J (2009) Defending against key abuse attacks in kp-abe enabled broadcast systems. In: Proceeding of the Securecomm’09, Springer, New York, pp 311–329

19.

Li J, Ren K, Zhu B, Wan Z (2009) Privacy-aware attribute-based encryption with user accountability. In: Proceeding of the ISC’09. Springer, LNCS, vol 5735, pp 347–362

20.

Li J, Zhao G, Chen X, Xie D, Rong C, Li W, Tang L, Tang Y (2010) Fine-grained data access control systems with user accountability in cloud computing. In: Proceeding of the CloudCom’10, IEEE, pp 89–96

21.

Li J, Huang Q, Chen X, Chow SSM, Wong DS, Xie D (2011) Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceeding of the ASIACCS’11, ACM, pp 386–390

22.

Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceeding of the ASIACCS’10, ACM, New York, pp 261–270

23.

Boyen X, Waters B (2006) Anonymous hierarchical identity-based encryption (without random oracles). In: Proceeding of the CRYPTO’06, Springer, LNCS, vol 4117, pp 290–307

24.

Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceeding of the CCS’09, ACM, New York, pp 121–130

Titel: Privacy-aware attribute-based PHR sharing with user accountability in cloud computing
verfasst von: Fatos Xhafa
Jianglang Feng
Yinghui Zhang
Xiaofeng Chen
Jin Li
Publikationsdatum: 01.05.2015
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 5/2015
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-014-1253-3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 5/2015

Modern network traffic modeling based on binomial multiplicative cascades

An approach of fast data manipulation in HDFS with supplementary mechanisms

Energy-oriented denial of service attacks: an emerging menace for large cloud infrastructures

Parallelization of a method for dense 3D object reconstruction in structured light scanning

An SLA and power-saving scheduling consolidation strategy for shared and heterogeneous clouds

Hierarchical task mapping for parallel applications on supercomputers