Secure Outsourced Attribute-Based Sharing Framework for Lightweight Devices in Smart Health Systems

The rapid evolution of the Internet of Things has led to the development of smart health. As a form of medical care that uses advanced Internet technology to realize better diagnosis and treatment of patients, smart health transitions medical services move toward real intelligence and greatly helps users. And in smart health, the secure sharing of personal health records (PHRs) is one of the main concerns of patients and medical personnel. Many attribute-based sharing models have been proposed to secure the sharing of PHRs, but there are still two problems to resolve. One is the potential disclosure of the patient data. The attribute-based model achieves flexible access control, but the access policies contain sensitive information of patients. The disclosure of the policy will lead to the leakage of data of the users. The other is the high computational and storage overhead, particularly in smart health systems with limited computing power. In this article, we present a Smart Health-Lightweight Fine-Grained Sharing (SH-LFGS) framework based on attribute-based encryption (ABE). It achieves a fully hidden access policy by adopting Viéte's formula. SH-LFGS introduces an online/offline mechanism in the PHR encryption phase and the outsourced verifiable decryption mechanism. Because the decrypting test requires only one bilinear pair operation, the SH-LFGS can achieve the task of lightweight computation. Analysis of the performance and security of the proposed model confirm its efficiency and security.

[1]  Privacy-preserving Data Sharing with Attribute-based Private Matching Based on Edge Computation in the Internet-of-Things , 2020, 2020 Asia-Pacific Signal and Information Processing Association Annual Summit and Conference (APSIPA ASC).

[2]  Yingjiu Li,et al.  Lightweight Sharable and Traceable Secure Mobile Health System , 2020, IEEE Transactions on Dependable and Secure Computing.

[3]  Hao Zhang,et al.  Attribute-Based Privacy-Preserving Data Sharing for Dynamic Groups in Cloud Computing , 2019, IEEE Systems Journal.

[4]  Hao Zhang,et al.  Partially policy-hidden attribute-based broadcast encryption with secure delegation in edge computing , 2019, Future Gener. Comput. Syst..

[5]  Jiguo Li,et al.  Constant Size Ciphertext Distributed CP-ABE Scheme With Privacy Protection and Fully Hiding Access Structure , 2019, IEEE Access.

[6]  Qi Han,et al.  Efficient and robust attribute-based encryption supporting access policy hiding in Internet of Things , 2018, Future Gener. Comput. Syst..

[7]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[8]  Ting Wu,et al.  Large universe attribute based access control with efficient decryption in cloud storage system , 2018, J. Syst. Softw..

[9]  Jie Ling,et al.  Secure and fine-grained access control on e-healthcare records in mobile cloud computing , 2018, Future Gener. Comput. Syst..

[10]  Qiang Wang,et al.  Ciphertext-Policy Attribute-Based Encryption With Delegated Equality Test in Cloud Computing , 2018, IEEE Access.

[11]  Y. Sreenivasa Rao,et al.  A secure and efficient Ciphertext-Policy Attribute-Based Signcryption for Personal Health Records sharing in cloud computing , 2017, Future Gener. Comput. Syst..

[12]  Yi Mu,et al.  Privacy-Preserving and Secure Sharing of PHR in the Cloud , 2016, Journal of Medical Systems.

[13]  Xinyu Feng,et al.  Fully Secure Hidden Ciphertext Policy Attribute-Based Encryption with Short Ciphertext Size , 2016, ICCNS.

[14]  Robert H. Deng,et al.  An Efficient and Expressive Ciphertext-Policy Attribute-Based Encryption Scheme with Partially Hidden Access Structures , 2016, ProvSec.

[15]  Yinghui Zhang,et al.  Efficient and Expressive Anonymous Attribute-Based Encryption for Mobile Cloud Computing , 2016, BWCCA.

[16]  Weixin Xie,et al.  An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[17]  Zhiwei Wang,et al.  CP-ABE with Hidden Policy from Waters Efficient Construction , 2016, Int. J. Distributed Sens. Networks.

[18]  Guomin Yang,et al.  Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions , 2016, IEEE Transactions on Information Forensics and Security.

[19]  Mr. Tanveer K. Patel,et al.  An Efficient file Hierarchy Attribute Based Encryption Scheme in cloud Computing , 2016 .

[20]  Anish Mathuria,et al.  On Anonymous Attribute Based Encryption , 2015, ICISS.

[21]  Guomin Yang,et al.  Attribute Based Broadcast Encryption with Short Ciphertext and Decryption Key , 2015, ESORICS.

[22]  Jin Li,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2015, IEEE Transactions on Computers.

[23]  Guomin Yang,et al.  Efficient Hidden Vector Encryption with Constant-Size Ciphertext , 2014, ESORICS.

[24]  Robert H. Deng,et al.  Fully secure key-policy attribute-based encryption with constant-size ciphertexts and fast decryption , 2014, AsiaCCS.

[25]  Ratna Dutta,et al.  Recipient Anonymous Ciphertext-Policy Attribute Based Encryption , 2013, ICISS.

[26]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[27]  Jin Li,et al.  Anonymous attribute-based encryption supporting efficient decryption test , 2013, ASIA CCS '13.

[28]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[29]  Jonathan Katz,et al.  Predicate Encryption Supporting Disjunctions, Polynomial Equations, and Inner Products , 2008, Journal of Cryptology.

[30]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[31]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[32]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[33]  Pieter H. Hartel,et al.  Searching Keywords with Wildcards on Encrypted Data , 2010, SCN.

[34]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[35]  Atsuko Miyaji,et al.  A ciphertext-policy attribute-based encryption scheme with constant ciphertext length , 2009, Int. J. Appl. Cryptogr..

[36]  Elaine Shi,et al.  Delegating Capabilities in Predicate Encryption Systems , 2008, ICALP.

[37]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[38]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[39]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[40]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[41]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[42]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.