Exploring Type-and-Identity-Based Proxy Re-Encryption Scheme to Securely Manage Personal Health Records

Commercial Web-based Personal-Health Record (PHR) systems can help patients to share their personal health records (PHRs) anytime from anywhere. PHRs are very sensitive data and an inappropriate disclosure may cause serious problems to an individual. Therefore commercial Web-based PHR systems have to ensure that the patient health data is secured using state-of-the-art mechanisms. In current commercial PHR systems, even though patients have the power to define the access control policy on who can access their data, patients have to trust entirely the access-control manager of the commercial PHR system to properly enforce these policies. Therefore patients hesitate to upload their health data to these systems as the data is processed unencrypted on untrusted platforms. Recent proposals on enforcing access control policies exploit the use of encryption techniques to enforce access control policies. In such systems, information is stored in an encrypted form by the third party and there is no need for an access control manager. This implies that data remains confidential even if the database maintained by the third party is compromised. In this paper we propose a new encryption technique called a type-and-identity-based proxy re-encryption scheme which is suitable to be used in the healthcare setting. The proposed scheme allows users (patients) to securely store their PHRs on commercial Web-based PHRs, and securely share their PHRs with other users (doctors).

[1]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[2]  Aryya Gangopadhyay,et al.  A Partial Optimization Approach for Privacy Preserving Frequent Itemset Mining , 2010, Int. J. Comput. Model. Algorithms Medicine.

[3]  M. Mambo,et al.  Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts (Special Section on Cryptography and Information Security) , 1997 .

[4]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[5]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.

[6]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[7]  Peter J. Denning,et al.  Protection: principles and practice , 1972, AFIPS '72 (Spring).

[8]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[9]  D. Koo,et al.  HIPAA privacy rule and public health; guidance from CDC and the U.S. Department of Health and Human Services , 2003 .

[10]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[11]  David W. Bates,et al.  White Paper: Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption , 2006, J. Am. Medical Informatics Assoc..

[12]  Matthew Green,et al.  Identity-Based Proxy Re-encryption , 2007, ACNS.

[13]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[14]  Yevgeniy Dodis,et al.  Proxy Cryptography Revisited , 2003, NDSS.

[15]  Liqun Chen,et al.  An Interpretation of Identity-Based Cryptography , 2007, FOSAD.

[16]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[17]  Zhenfu Cao,et al.  Authorization-Limited Transformation-Free Proxy Cryptosystems and Their Security Analyses , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[18]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[19]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[20]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[21]  Markus Jakobsson,et al.  On Quorum Controlled Asymmetric Proxy Re-encryption , 1999, Public Key Cryptography.

[22]  Toshihiko Matsuo,et al.  Proxy Re-encryption Systems for Identity-Based Encryption , 2007, Pairing.

[23]  Yevgeniy Dodis,et al.  Proxy cryptography revisted , 2003 .

[24]  Pieter H. Hartel,et al.  Efficient and Provable Secure Ciphertext-Policy Attribute-Based Encryption Schemes , 2008, ISPEC.

[25]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).