2/2017 - 5 |
Hybrid Solution for Privacy-Preserving Access Control for Healthcare DataSMITHAMOL, M. B. , RAJESWARI, S. |
Extra paper information in |
Click to see author's profile in SCOPUS, IEEE Xplore, Web of Science |
Download PDF (1,342 KB) | Citation | Downloads: 1,335 | Views: 3,767 |
Author keywords
data privacy, electronic medical records, internet of things, cloud, access control
References keywords
encryption(11), cloud(10), attribute(9), security(7), secure(7), data(7), control(6), privacy(5), policy(5), grained(5)
Blue keywords are present in both the references section and the paper title.
About this article
Date of Publication: 2017-05-31
Volume 17, Issue 2, Year 2017, On page(s): 31 - 38
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2017.02005
Web of Science Accession Number: 000405378100005
SCOPUS ID: 85020138510
Abstract
The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs) to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET) for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE) minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use. |
References | | | Cited By «-- Click to see who has cited this paper |
[1] I. Ungurean, N.C. Gaitan, and V. G. Gaitan, "An IoT architecture for things from industrial environment," in In Communications (COMM), 2014 10th International Conference on, 2014, pp. 14. [CrossRef] [Web of Science Times Cited 65] [SCOPUS Times Cited 88] [2] P.M. Mell and T. Grance, "The NIST Definition of Cloud Computing," National Institute of Standards and Technology, Gaithersburg, MD, NIST SP 800-145, 2011. [3] Q. Zhang, L. Cheng, and R. Boutaba, "Cloud Computing: State-of-the-art and Research Challenges," J. Internet Serv. Appl., vol. 1, no. 1, pp. 718, May 2010. [CrossRef] [Web of Science Times Cited 1762] [SCOPUS Times Cited 2575] [4] G. Corotinschi and V. G. Gaitan, "Smart cities become possible thanks to the Internet of Things," In System Theory, Control and Computing (ICSTCC), 19th International Conference on, IEEE, 2015, pp. 291296. [CrossRef] [SCOPUS Times Cited 6] [5] Y. Lee, P. Kim, and Y. Park, "Secure Multi-Keyword Search with User/Owner-side Efficiency in the Cloud," Adv. Electr. Comput. Eng.,vol. 16, no. 2, pp. 1118, 2016. [CrossRef] [Full Text] [Web of Science Times Cited 2] [SCOPUS Times Cited 2] [6] J. L. Fernández-Alemán, I. C. Señor, P. Á. O. Lozoya, and A. Toval, "Security and Privacy in Electronic Health Records: A systematic literature review," J. Biomed. Inform., vol. 46, no. 3, pp. 541562, June 2013. [CrossRef] [Web of Science Times Cited 372] [SCOPUS Times Cited 512] [7] A. Sahai and B. Waters, "Fuzzy Identity-Based Encryption," in Advances in Cryptology EUROCRYPT 2005, vol. 3494, Springer Berlin Heidelberg, 2005, pp. 457473. [CrossRef] [Web of Science Times Cited 2832] [SCOPUS Times Cited 3687] [8] V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-based Encryption for Fine-grained Access Control of Encrypted Data," In Proceedings of the 13th ACM conference on Computer and communications security,2006, pp.89 [CrossRef] [SCOPUS Times Cited 4319] [9] J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-Policy Attribute-Based Encryption," In Security and Privacy, 2007. SP'07. IEEE Symposium on, 2007, pp. 321334. [CrossRef] [Web of Science Times Cited 2967] [SCOPUS Times Cited 4430] [10] S. Yu, C. Wang, K. Ren, and W. Lou, "Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing," Proceedings,IEEE2010,pp.19. [CrossRef] [Web of Science Times Cited 763] [SCOPUS Times Cited 1321] [11] F. Han, J. Qin, H. Zhao, and J. Hu, "A general Transformation from KP-ABE to Searchable Encryption," Future Gener. Comput. Syst., vol. 30, pp. 107115, Jan. 2014. [CrossRef] [Web of Science Times Cited 50] [SCOPUS Times Cited 70] [12] L. Touati and Y. Challal, "Collaborative KP-ABE for cloud-based Internet of Things applications,"In Communications(ICC), IEEE 2016, pp. 17. [CrossRef] [Web of Science Times Cited 14] [SCOPUS Times Cited 33] [13] L. Cheung and C. Newport, "Provably secure ciphertext policy ABE," Proceedings of 14th ACM on Computer and communications Security,2007,pp.456-465. [CrossRef] [SCOPUS Times Cited 754] [14] V. Goyal, A. Jain, O. Pandey, and A. Sahai, "Bounded Ciphertext Policy Attribute Based Encryption," in Automata, Languages and Programming, vol. 5126, Springer Berlin Heidelberg, 2008, pp. 579591. [CrossRef] [SCOPUS Times Cited 463] [15] G. Wang, Q. Liu, and J. Wu, "Hierarchical attribute-based encryption for fine-grained access control in cloud storage services," In Proceedings of 17th ACM on Computer and communications security, 2010. pp.735-737, [CrossRef] [Web of Science Times Cited 205] [SCOPUS Times Cited 408] [16] B. Waters, "Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization," in Public Key Cryptography PKC 2011, vol. 6571, Springer Berlin Heidelberg, 2011, pp. 5370. [CrossRef] [Web of Science Times Cited 1239] [SCOPUS Times Cited 1581] [17] Fuchun Guo, Yi Mu, W. Susilo, D. S. Wong, and V. Varadharajan, "CP-ABE With Constant-Size Keys for Lightweight Devices," IEEE Trans. Inf. Forensics Secur., vol. 9, no. 5, pp. 763771, May 2014. [CrossRef] [Web of Science Times Cited 123] [SCOPUS Times Cited 155] [18] J. Li, W. Yao, J. Han, Y. Zhang, and J. Shen, "User Collusion Avoidance CP-ABE with Efficient Attribute Revocation for Cloud Storage," IEEE Syst. Journal., pp. 111, 2017. [CrossRef] [Web of Science Times Cited 144] [SCOPUS Times Cited 204] [19] S. Alshehri, S. P. Radziszowski, and R. K. Raj, "Secure Access for Healthcare Data in the Cloud Using Ciphertext-Policy Attribute-Based Encryption," In Data Engineering Workshops (ICDEW), IEEE, 2012., pp. 143146. [CrossRef] [SCOPUS Times Cited 76] [20] M. Li, W. Lou, and K. Ren, "Data security and privacy in wireless body area networks," IEEE Wirel. Commun., vol. 17, no. 1, pp. 5158, Feb. 2010. [CrossRef] [SCOPUS Times Cited 506] [21] J. A. Akinyele, M. W. Pagano, M. D. Green, C. U. Lehmann, Z. N. J. Peterson, and A. D. Rubin, "Securing Electronic Medical Records using Attribute-based Encryption on Mobile Devices," Proceedings of ACM workshop on Security and privacy in smartphones and mobile devices, 2011, pp. 75-86. [CrossRef] [SCOPUS Times Cited 127] [22] B. Fabian, T. Ermakova, and P. Junghanns, "Collaborative and Secure Sharing of Healthcare Data in Multi-Clouds," Inf. Syst., vol. 48, pp. 132150, Mar. 2015. [CrossRef] [Web of Science Times Cited 139] [SCOPUS Times Cited 191] [23] J. J. Yang, J. Q. Li, and Y. Niu, "A hybrid Solution for Privacy Preserving Medical Data Sharing in the Cloud Environment," Future Gener. Comput. Syst., vol. 4344, pp. 7486, Feb. 2015. [CrossRef] [Web of Science Times Cited 187] [SCOPUS Times Cited 259] [24] C. Guo, R. Zhuang, Y. Jie, Y. Ren, T. Wu, and K.-K. R. Choo, "Fine-grained Database Field Search Using Attribute-Based Encryption for E-Healthcare Clouds," J. Med. Syst., vol. 40, no. 11, Nov. 2016. [CrossRef] [Web of Science Times Cited 70] [SCOPUS Times Cited 93] [25] Y. Liu, Y. Zhang, J. Ling, and Z. Liu, "Secure and Fine-grained Access Control on e-healthcare Records in Mobile Cloud Computing," Future Gener. Comput. Syst., Jan. 2017. [CrossRef] [Web of Science Times Cited 94] [SCOPUS Times Cited 117] [26] E. A. Bossanyi, "Wind Turbine Control for Load Reduction," Wind Energy, vol. 6, no. 3, pp. 229244, Jul. 2003 [CrossRef] [Web of Science Times Cited 127] [SCOPUS Times Cited 435] [27] R. E. Precup and S. Preitl, "Optimisation criteria in development of fuzzy controllers with dynamics," Eng. Appl. Artif. Intell., vol. 17, no. 6, pp. 661674, Sep. 2004. [CrossRef] [Web of Science Times Cited 67] [SCOPUS Times Cited 85] [28] M. A. Ramírez-Ortegón, V. Märgner, E. Cuevas, and R. Rojas, "An optimization for binarization methods by removing binary artifacts," Pattern Recognit. Lett., vol. 34, no. 11, pp. 12991306, Aug. 2013 [CrossRef] [Web of Science Times Cited 11] [SCOPUS Times Cited 25] [29] S. B. Ghosn, F. Drouby, and H. M. Harmanani, "A Parallel Genetic Algorithm for the Open-Shop Scheduling Problem Using Deterministic and Random Moves," Int. J. Artif. Intell., vol. 14, no. 1, pp. 130144, 2016. [30] D. Boneh and M. Franklin, "Identity-Based Encryption from the Weil Pairing," in Advances in Cryptology - CRYPTO 2001, vol. 2139, Springer Berlin Heidelberg, 2001, pp. 213229. [CrossRef] [SCOPUS Times Cited 6006] Web of Science® Citations for all references: 11,233 TCR SCOPUS® Citations for all references: 28,528 TCR Web of Science® Average Citations per reference: 351 ACR SCOPUS® Average Citations per reference: 892 ACR TCR = Total Citations for References / ACR = Average Citations per Reference We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more Citations for references updated on 2024-11-18 06:21 in 188 seconds. Note1: Web of Science® is a registered trademark of Clarivate Analytics. Note2: SCOPUS® is a registered trademark of Elsevier B.V. Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site. |
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania
All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.
Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.
Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.