Role-based Access Control for Body Area Networks Using Attribute-based Encryption in Cloud Storage

In order to save storage space, the data collected from body area networks can be stored in a third party. However, this may bring security problems. The common method is encrypting data before outsourcing. In this paper, we design a role-based access control scheme (RACS) used in the cloud. Firstly, we classify the data which are collected from body area networks into different types, and use the ciphertext-policy attribute-based encryption to encrypt them. Secondly, we divide the ciphertext into two parts, one part is stored in cloud, and the other is in the owner. Different users own different attributes, therefore, they only can access the data when their attributes satisfy the corresponding access structure. The security of medical data is assured in this way. Thirdly, we also add the user revocation to prevent the vicious user from obtaining and modifying the data. Lastly, when the emergency happens, users can obtain the temporary key to access medical data, so as to cure the patients in the first time. We analyze the correctness, security, storage and computation overhead of the scheme. The results show that RACS can resist the ciphertext attack and superior to others in the storage space and computation overhead.

[1]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[2]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[3]  Weixin Xie,et al.  An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[4]  Zhibin Zhou,et al.  On Efficient and Scalable Attribute Based Security Systems , 2011 .

[5]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[6]  Wang Zhenyu,et al.  A Policy-based De-duplication Mechanism for Securing Cloud Storage , 2015 .

[7]  Divya Sharma,et al.  Body area networks: A survey , 2016, 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom).

[8]  Xiang-Yang Li,et al.  Control Cloud Data Access Privilege and Anonymity With Fully Anonymous Attribute-Based Encryption , 2016, IEEE Transactions on Information Forensics and Security.

[9]  Hyunsoo Yoon,et al.  Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage , 2013, Comput. Electr. Eng..

[10]  Wei Li,et al.  TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage , 2016, IEEE Transactions on Parallel and Distributed Systems.

[11]  Min-Shiang Hwang,et al.  A Survey of Attribute-based Access Control with User Revocation in Cloud Data Storage , 2016, Int. J. Netw. Secur..

[12]  Min-Shiang Hwang,et al.  A Study of Attribute-based Proxy Re-encryption Scheme in Cloud Environments , 2014, Int. J. Netw. Secur..

[13]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[14]  Robert H. Deng,et al.  HASBE: A Hierarchical Attribute-Based Solution for Flexible and Scalable Access Control in Cloud Computing , 2012, IEEE Transactions on Information Forensics and Security.