Harsha S. Gardiyawasam Pussewalage
ABSTRACT
Personal health records (PHR) are an emerging health information exchange model, which facilitates PHR owners to efficiently manage their health data. Typically, PHRs are outsourced and stored in third-party cloud platforms. Although, outsourcing private health data to third-party platforms is an appealing solution for PHR owners, it may lead to significant privacy concerns, because there is a higher risk of leaking private data to unauthorized parties. As a way of ensuring PHR owners' control of their outsourced PHR data, attribute based encryption (ABE) mechanisms have been considered due to the fact that such schemes facilitate a mechanism of sharing encrypted data among a set of intended recipients. However, such existing PHR solutions suffer from inflexibility and scalability issues due to the limitations associated with the adopted ABE mechanisms. To address these issues, we propose a distributed multi-authority ABE scheme and thereby we show how a patient-centric, attribute based PHR sharing scheme which can provide flexible access for both professional users such as doctors as well as personal users such as family and friends is realized. We have shown that the proposed scheme supports on-demand user revocation as well as secure under standard security assumptions. In addition, the simulation results provide evidence for the fact that our scheme can function efficiently in practice. Furthermore, we have shown that the proposed scheme can cater the access requirements associated with distributed multiuser PHR sharing environments as well as more realistic and scalable compared with similar existing PHR sharing schemes.
- S. Alshehri, S. P. Radziszowski, and R. K. Raj. 2012. Secure Access for Healthcare Data in the Cloud Using Ciphertext-Policy Attribute-Based Encryption. In Proc. of the 28th International Conference on Data Engineering Workshops. IEEE, 143--146. Google Scholar
Digital Library
- E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. 2012. Recommendation for Key Management - Part 1: General (Revision 3). NIST Special Publication 800--57 (2012).Google Scholar
- M. Barua, X. Liang, R. Lu, and X. Shen. 2011. ESPAC: Enabling Security and Patient-Centric Access Control for eHealth in Cloud Computing. International Journal of Security and Networks 6, 2/3 (2011), 67--76. Google ScholarDigital Library
- M. Barua, X. Liang, R. Lu, and X. Shen. 2011. PEACE: An Efficient and Secure Patient-Centric Access Control Scheme for eHealth Care System. In Proc. of the IEEE Conference on Computer Communications Workshops. IEEE, 970--975.Google Scholar
- J. Bethencourt, A. Sahai, and B. Waters. 2007. Ciphertext-Policy Attribute-Based Encryption. In Proc. of the IEEE Symp. on Security and Privacy. IEEE, 321--334. Google ScholarDigital Library
- S. Bleikertz, M. Schunter, C. W. Probst, D. Pendarakis, and K. Eriksson. 2010. Security Audits of Multi-tier Virtual Infrastructures in Public Infrastructure Clouds. In Proc. of the ACM Workshop on Cloud Computing Security Workshop. ACM, 93--102. Google ScholarDigital Library
- M. Chase and S. S. M. Chow. 2009. Improving Privacy and Security in Multi-authority Attribute-based Encryption. In Proc. of the 16th ACM Conference on Computer and Communications Security. ACM, 121--130. Google ScholarDigital Library
- D. Chen, L. Chen, X. Fan, L. He, S. Pan, and R. Hu. 2014. Securing Patient-Centric Personal Health Records Sharing System in Cloud Computing. China Communications 11, 13 (2014), 121--127.Google ScholarCross Ref
- H. Cohen, G. Frey, R. Avanzi, C. Doche, T. Lange, K. Nguyen, and F. Vercauteren. 2005. Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapman & Hall/CRC.Google Scholar
- V. Goyal, O. Pandey, A. Sahai, and B. Waters. 2006. Attribute-based Encryption for Fine-grained Access Control of Encrypted Data. In Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, 89--98. Google ScholarDigital Library
- B. Grobauer, T. Walloschek, and E. Stocker. 2011. Understanding Cloud Computing Vulnerabilities. IEEE Security & Privacy 9, 2 (2011), 50--57. Google ScholarDigital Library
- L. Ibraimi, M. Asim, and M. Petkovic. 2009. Secure Management of Personal Health Records by Applying Attribute-Based Encryption. In Proc. of the 6th International Workshop on Wearable Micro and Nano Technologies for Personalized Health. IEEE, 71--74.Google Scholar
- L. Ibraimi, Q. Tang, P. Hartel, and W. Jonker. 2009. Efficient and Provable Secure Ciphertext-Policy Attribute-Based Encryption Schemes. In Information Security Practice and Experience. Springer Berlin Heidelberg, 1--12. Google ScholarDigital Library
- M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou. 2013. Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. IEEE Transactions on Parallel and Distributed Systems 24, 1 (2013), 131--143. Google ScholarDigital Library
- H. S. G. Pussewalage and V. A. Oleshchuk. 2016. Privacy preserving mechanisms for enforcing security and privacy requirements in E-health solutions. International Journal of Information Management 36, 6, Part B (2016), 1161--1173. Google ScholarDigital Library
- C. J. Wang, X. L. Xu, D. Y. Shi, and W. L. Lin. 2014. An Efficient Cloud-Based Personal Health Records System Using Attribute-Based Encryption and Anonymous Multi-receiver Identity-Based Encryption. In Proc. 9th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing. IEEE, 74--81. Google ScholarDigital Library
- B. Waters. 2011. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. In Public Key Cryptography - PKC 2011. Springer Berlin Heidelberg, 53--70. Google ScholarDigital Library
Index Terms
- A Distributed Multi-Authority Attribute Based Encryption Scheme for Secure Sharing of Personal Health Records
Recommendations
Multi-authority ciphertext-policy attribute-based encryption with accountability
ASIACCS '11: Proceedings of the 6th ACM Symposium on Information, Computer and Communications SecurityAttribute-based encryption (ABE) is a promising tool for implementing fine-grained cryptographic access control. Very recently, motivated by reducing the trust assumption on the authority, and enhancing the privacy of users, a multiple-authority key-...
Improving privacy and security in multi-authority attribute-based encryption
CCS '09: Proceedings of the 16th ACM conference on Computer and communications securityAttribute based encryption (ABE) [13] determines decryption ability based on a user's attributes. In a multi-authority ABE scheme, multiple attribute-authorities monitor different sets of attributes and issue corresponding decryption keys to users, and ...
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health ...
Comments