Skip to main content
Log in

Towards secure and flexible EHR sharing in mobile health cloud under static assumptions

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Electronic health record (EHR) systems are promising in the management of individual’s health. However, before widely deployed in practical applications, EHR systems have to tackle the privacy and efficiency challenges. Most of existing EHR sharing schemes suffer from severe efficiency drawbacks, resulting in inapplicability in mobile EHR system. Furthermore, the security assumptions in the previous schemes are usually based on non-static assumptions. In this paper, we propose a flexible EHR sharing scheme supporting offline encryption of EHR and outsourced decryption of EHR ciphertexts in mobile cloud computing. The proposed scheme is proven secure in the random oracle model under the static decisional bilinear Diffie–Hellman assumption. In our EHR sharing system, an EHR owner only need one multiplication in bilinear groups to generate the final EHR ciphertexts based on the offline ciphertexts computation, and an EHR user can easily decrypt the EHR cipheretext without requiring bilinear pairing operations based on the transformed ciphertexts from the EHR cloud. Our EHR sharing scheme allows access structures encoded in linear secret sharing schemes. Performance comparisons indicate that our scheme is very suitable for mobile health clouds.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Vaquero, L., Merino, L., Caceres, J., Lindner, M.: A break in the clouds: towards a cloud definition. ACM SIGCOMM Comput. Commun. Rev. 39(1), 50–55 (2008)

    Article  Google Scholar 

  2. Fox, A., Griffith, R., Joseph, A., Katz, R.: Above the clouds: a Berkeley view of cloud computing. Department of Electrical Engineering and Computer Sciences, University of California, Berkeley, Report No. UCB/EECS-2009-28(13) (2009)

  3. Fu, Z.J., Sun, X.M., Liu, Q., Zhou, L., Shu, J.G.: Achieving efficient cloud search services: multi-keyword ranked search over encrypted cloud data supporting parallel computing. IEICE Trans. Commun. E98–B(1), 190–200 (2015)

    Article  Google Scholar 

  4. Xia, Z.H., Wang, X.H., Sun, X.M., Wang, Q.: A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27(2), 340–352 (2015)

    Article  Google Scholar 

  5. Shen, J., Tan, H.W., Wang, J., Wang, J.W., Lee, S.Y.: A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Intern. Technol. 16(1), 171–178 (2015)

    Google Scholar 

  6. Guo, P., Wang, J., Li, B., Lee, S.Y.: A variable threshold-value authentication architecture for wireless mesh networks. J. Intern. Technol. 15(6), 929–936 (2014)

    Google Scholar 

  7. Ren, Y.J., Shen, J., Wang, J., Han, J., Lee, S.Y.: Mutual verifiable provable data auditing in public cloud storage. J. Intern. Technol. 16(2), 317–323 (2015)

    Google Scholar 

  8. Fu, Z.J., Ren, K., Shu, J.G., Sun, X.M., Huang, F.X.: Enabling personalized search over encrypted outsourced data with efficiency improvement. IEEE Trans. Parallel Distrib. Syst.(2015). doi:10.1109/TPDS.2015.2506573

  9. Linder, J., Ma, J., Bates, D.W., Middleton, B., Stafford, R.S.: Electronic health record use and the quality of ambulatory care in the United States. Arch. Intern. Med. 167(13), 1400–1405 (2007)

    Article  Google Scholar 

  10. Tang, P.C., Ash, J.S., Bates, D.W.: Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. J. Am. Med. Inform. Assoc. 13(2), 121–126 (2005)

    Article  Google Scholar 

  11. AHIMA e-HIM Personal Health Record Work Group: Practice brief. The role of the personal health record in the EHR. J. AHIMA/Am. Health Inform. Manag. Assoc. 76(7), 64A–64D (2005)

    Google Scholar 

  12. Li, J., Huang, X.Y., Li, J.W., Chen, X.F., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25(8), 2201–2210 (2014)

    Article  Google Scholar 

  13. Sahai, A., Waters, B.: Fuzzy identity based encryption. In: EUROCRYPT. LNCS vol. 3494. Springer, Dordrecht, pp. 457–473

  14. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: CRYPTO. LNCS vol. 2139. Springer, Dordrecht, pp. 213–229

  15. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute based encryption for fine-grained access control of encrypted data. In: ACM conference on computer and communications security, pp. 99–112 (2006)

  16. Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: The 14th ACM Conference on Computer and Communications Security, pp. 195-203 (2007)

  17. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334

  18. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: The 14th International Conference on Practice and Theory in Public Key Cryptography, pp. 53–70. Springer, Berlin (2011)

  19. Pirretti, M., Traynor, P., Mcdaniel, P.: Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 99–112. ACM, New York (2006)

  20. Li, J., Li, J.W., Chen, X.F., Jia, C.F., Lou, W.J.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 425–437 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  21. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM Conference on Computer and Communications Cecurity, pp. 417–426. ACM, New York (2008)

  22. Yu, S., Wang, C., Ren, K.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 261–270. ACM, New York (2010)

  23. Wen, X.Z., Shao, L., Xue, Y., Fang, W.: A rapid learning algorithm for vehicle classification. Inform. Sci. 295(1), 395–406 (2015)

    Article  Google Scholar 

  24. Lewis, N., Bayu, A.T., Youngho, P., Kyung, H.R.: A fine-grained privacy preserving protocol over attribute based access control for VANETs. J. Wirel. Mobile Netw. Ubiquitous Comput. Dependable Appl. 6(2), 98–112 (2015)

    Google Scholar 

  25. Li, J., Chen, X.F., Li, M.Q., Li, J.W., Lee, P., Lou, W.J.: Secure deduplication with efficient and reliable convergent key management. IEEE Trans. Parallel Distrib. Syst. 25(6), 1615–1625 (2014)

    Article  Google Scholar 

  26. Ramu, G., Eswara Reddy, B.: Secure architecture to manage EHRs in cloud using SSE and ABE. Health Technol. 5, 195–205 (2015)

    Article  Google Scholar 

  27. Qin, Bo, Deng, Hua, Qianhong, Wu, Domingo-Ferrer, Josep, Naccache, David, Zhou, Yunya: Flexible attribute-based encryption applicable to secure e-healthcare records. Int. J. Inform. Secur. 14(6), 499–511 (2015)

    Article  Google Scholar 

  28. Narayan, S., Gagn, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings of the 2nd ACM Cloud Computing Security Workshop 2010, pp. 47–52 (2010)

  29. Beimel, A.: Secure schemes for secret sharing and key distribution. Ph.D. Thesis, Technion-Israel Institute of technology, Faculty of computer science (1996)

  30. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) Public Key Cryptography-PKC 2011, pp. 53–70. Springer, Berlin (2011)

    Chapter  Google Scholar 

  31. Gritti, C., Susilo, W., Plantard, T., Liang, K., Wong, D.S.: J. Wirel. Mobile Netw. Ubiquitous Comput. Dependable Appl. 5(4), 3–28 (2014)

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Grant No. 61370185) and the Guangzhou scholars project for universities of Guangzhou (No. 1201561613).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Zhaoquan Cai.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cai, Z., Yan, H., Li, P. et al. Towards secure and flexible EHR sharing in mobile health cloud under static assumptions. Cluster Comput 20, 2415–2422 (2017). https://doi.org/10.1007/s10586-017-0796-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-017-0796-5

Keywords

Navigation