Journal ArticleDOI
RS-HABE: Revocable-Storage and Hierarchical Attribute-Based Access Scheme for Secure Sharing of e-Health Records in Public Cloud
TLDR
The theoretical analysis indicates that the proposed RS-HABE scheme surpasses existing similar works in terms of functionality and security, at the acceptable cost of computation overhead, and is proved to be selectively secure.Abstract:
Personal e-health records (EHR) enable medical workers (e.g., doctors and nurses) to conveniently and quickly access each patient’s medical history through the public cloud, which greatly facilitates patients’ visits and makes telemedicine possible. Additionally, since EHR involve patients’ personal privacy information, EHR holders would hesitate to directly outsource their data to cloud servers. A natural and favorite manner of conquering this issue is to encrypt these outsourced EHR such that only authorized medical workers can access them. Specifically, the ciphertext-policy attribute-based encryption (CP-ABE) supports fine-grained access over encrypted data and is considered to be a perfect solution of securely sharing EHR in the public cloud. In this paper, to strengthen the system security and meet the requirement of specific applications, we add functionalities of user revocation, secret key delegation and ciphertext update to the original ABE, and propose a revocable-storage hierarchical attribute-based encryption (RS-HABE) scheme, as the core building of establishing a framework for secure sharing of EHR in public cloud. The proposed RS-HABE scheme features of forward security (a revoked user can no longer access previously encrypted data) and backward security (a revoked user also cannot access subsequently encrypted data) simultaneously, and is proved to be selectively secure under a complexity assumption in bilinear groups, without random oracles. The theoretical analysis indicates that the proposed scheme surpasses existing similar works in terms of functionality and security, at the acceptable cost of computation overhead. Moreover, we implement the proposed scheme and present experiments to demonstrate its practicability.read more
Citations
More filters
Journal ArticleDOI
Data Security and Privacy Protection for Cloud Storage: A Survey
Pan Yang,Naixue Xiong,Jingli Ren +2 more
TL;DR: This paper makes a comprehensive review of the literatures on data security and privacy issues, data encryption technology, and applicable countermeasures in cloud storage system, and gives an overview of cloud storage, including definition, classification, architecture and applications.
Journal ArticleDOI
O 3 -R-CP-ABE: An Efficient and Revocable Attribute-Based Encryption Scheme in the Cloud-Assisted IoMT System
TL;DR: This article presents an efficient, outsourcing online/offline revocable ciphertext policy attribute-based encryption scheme with the aid of cloud servers and blockchains in the IoMT ecosystem that achieves the characteristics of fine-grained access control, fast encryption, outsourced decryption, user revocation, and ciphertext verification.
Journal ArticleDOI
Quantum-Safe Round-Optimal Password Authentication for Mobile Devices
TL;DR: This article resorts tosmooth projective hash functions, which enable the server to store a hash of the user's password with a random salt, providing guarantees that the user’s password is never transmitted in plain-text to the server when login.
Journal ArticleDOI
Lightweight Revocable Hierarchical Attribute-Based Encryption for Internet of Things
TL;DR: This paper proposes a lightweight revocable hierarchical ABE (LW-RHABE) scheme, and proves its security in the standard model and under the hardness assumption of the decisional bilinear Diffie-Hellman (DBDH) problem.
Journal ArticleDOI
A Verifiable and Fair Attribute-Based Proxy Re-Encryption Scheme for Data Sharing in Clouds
TL;DR: Wang et al. as discussed by the authors proposed a verifiable and fair attribute-based proxy re-encryption (VF-ABPRE) scheme to support verifiability and fairness, which enables a shared user to verify whether the re-encrypted ciphertext returned by the server is correct.
References
More filters
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Book ChapterDOI
Fuzzy identity-based encryption
Amit Sahai,Brent Waters +1 more
TL;DR: In this article, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.
Book ChapterDOI
Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization
TL;DR: A new methodology for realizing Ciphertext-Policy Attribute Encryption (CP-ABE) under concrete and noninteractive cryptographic assumptions in the standard model is presented.
Journal ArticleDOI
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
TL;DR: A novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers are proposed and a high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE.
Book ChapterDOI
Hierarchical identity based encryption with constant size ciphertext
TL;DR: In this article, a Hierarchical Identity Based Encryption (HIBE) scheme is presented, where the ciphertext consists of just three group elements and decryption requires only two bilinear map computations, regardless of the hierarchy depth.