Journal ArticleDOI
Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption
TLDR
A novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers are proposed and a high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE.Abstract:
Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.read more
Citations
More filters
Proceedings ArticleDOI
Health Monitoring and Management Using Internet-of-Things (IoT) Sensing with Cloud-Based Processing: Opportunities and Challenges
Moeen Hassanalieragh,Alex Page,Tolga Soyata,Gaurav Sharma,Mehmet K. Aktas,Gonzalo Mateos,Burak Kantarci,Silvana Andreescu +7 more
TL;DR: The availability of data at hitherto unimagined scales and temporal longitudes coupled with a new generation of intelligent processing algorithms can facilitate an evolution in the practice of medicine and help reduce the cost of health care while simultaneously improving outcomes.
Journal ArticleDOI
Blockchain: A Panacea for Healthcare Cloud-Based Data Security and Privacy?
TL;DR: The potential to use the Blockchain technology to protect healthcare data hosted within the cloud and the practical challenges of such a proposition are described and further research is described.
Journal Article
The Health Insurance Portability and Accountability Act.
TL;DR: The Health Insurance Portability and Accountability Act, also known as HIPAA, was designed to protect health insurance coverage for workers and their families while between jobs and establishes standards for electronic health care transactions.
Journal ArticleDOI
Securing Fog Computing for Internet of Things Applications: Challenges and Solutions
TL;DR: The architecture and features of fog computing are reviewed and critical roles of fog nodes are studied, including real-time services, transient storage, data dissemination and decentralized computation, which are expected to draw more attention and efforts into this new architecture.
Journal ArticleDOI
Industry 4.0 and Health: Internet of Things, Big Data, and Cloud Computing for Healthcare 4.0
TL;DR: By selectively analyzing the literature, this paper systematically survey how the adoption of the above-mentioned Industry 4.0 technologies (and their integration) applied to the health domain is changing the way to provide traditional services and products.
References
More filters
Proceedings ArticleDOI
Ciphertext-Policy Attribute-Based Encryption
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Proceedings ArticleDOI
Attribute-based encryption for fine-grained access control of encrypted data
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Posted Content
Fuzzy Identity Based Encryption.
Amit Sahai,Brent Waters +1 more
TL;DR: In this paper, a new type of identity-based encryption called Fuzzy Identity-Based Encryption (IBE) was introduced, where an identity is viewed as set of descriptive attributes, and a private key for an identity can decrypt a ciphertext encrypted with an identity if and only if the identities are close to each other as measured by the set overlap distance metric.
Proceedings ArticleDOI
SPINS: security protocols for sensor networks
TL;DR: A suite of security building blocks optimized for resource-constrained environments and wireless communication, and shows that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of the network.
Journal ArticleDOI
SPINS: security protocols for sensor networks
TL;DR: A suite of security protocols optimized for sensor networks: SPINS, which includes SNEP and μTESLA and shows that they are practical even on minimal hardware: the performance of the protocol suite easily matches the data rate of the network.