PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System

Distributed m-healthcare cloud computing system significantly facilitates efficient patient treatment for medical consultation by sharing personal health information among healthcare providers. However, it brings about the challenge of keeping both the data confidentiality and patients' identity privacy simultaneously. Many existing access control and anonymous authentication schemes cannot be straightforwardly exploited. To solve the problem, in this paper, a novel authorized accessible privacy model (AAPM) is established. Patients can authorize physicians by setting an access tree supporting flexible threshold predicates. Then, based on it, by devising a new technique of attribute-based designated verifier signature, a patient self-controllable multi-level privacy-preserving cooperative authentication scheme (PSMPA) realizing three levels of security and privacy requirement in distributed m-healthcare cloud computing system is proposed. The directly authorized physicians, the indirectly authorized physicians and the unauthorized persons in medical consultation can respectively decipher the personal health information and/or verify patients' identities by satisfying the access tree with their own attribute sets. Finally, the formal security proof and simulation results illustrate our scheme can resist various kinds of attacks and far outperforms the previous ones in terms of computational, communication and storage overhead.

[1]  Zhenfu Cao,et al.  Efficient remote user authentication scheme using smart card , 2005, Comput. Networks.

[2]  Thomas Neubauer,et al.  A Secure e-Health Architecture based on the Appliance of Pseudonymization , 2008, J. Softw..

[3]  Yuguang Fang,et al.  HCPP: Cryptography Based Secure EHR System for Patient Privacy and Emergency Healthcare , 2011, 2011 31st International Conference on Distributed Computing Systems.

[4]  Zhenfu Cao,et al.  A secure identity-based multi-proxy signature scheme , 2009, Comput. Electr. Eng..

[5]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[6]  L. Gatzoulis,et al.  Wearable and Portable eHealth Systems , 2007, IEEE Engineering in Medicine and Biology Magazine.

[7]  Xiaohui Liang,et al.  A Secure Handshake Scheme with Symptoms-Matching for mHealthcare Social Network , 2011, Mob. Networks Appl..

[8]  Jelena V. Misic,et al.  Implementation of security policy for clinical information systems over wireless sensor networks , 2007, Ad Hoc Networks.

[9]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[10]  Xiaodong Lin,et al.  Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems , 2009, IEEE Journal on Selected Areas in Communications.

[11]  Jun Zhou,et al.  An Improved Distributed Key Management Scheme in Wireless Sensor Networks , 2008, WISA.

[12]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[13]  Stuart E. Schechter,et al.  Anonymous Authentication of Membership in Dynamic Groups , 1999, Financial Cryptography.

[14]  Elena Villalba,et al.  A new solution for a Heart Failure Monitoring system based on Wearable and Information Technologies , 2006, BSN.

[15]  Yunhao Liu,et al.  Pseudo Trust: Zero-Knowledge Authentication in Anonymous P2Ps , 2008, IEEE Transactions on Parallel and Distributed Systems.

[16]  Cong Wang,et al.  Privacy-Preserving Query over Encrypted Graph-Structured Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[17]  Xiaolei Dong,et al.  Securing m-healthcare social networks: challenges, countermeasures and future directions , 2013, IEEE Wireless Communications.

[18]  Noboru Sonehara,et al.  A privacy management architecture for patient-controlled personal health record system , 2009 .

[19]  Jelena V. Misic,et al.  Enforcing patient privacy in healthcare WSNs through key distribution algorithms , 2008, Secur. Commun. Networks.

[20]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[21]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[22]  Yuguang Fang,et al.  Privacy and emergency response in e-healthcare leveraging wireless body sensor networks , 2010, IEEE Wireless Communications.

[23]  Yi Mu,et al.  Short Designated Verifier Signature Scheme and Its Identity-based Variant , 2008, Int. J. Netw. Secur..

[24]  Dario Salvi,et al.  A new solution for a heart failure monitoring system based on wearable and information technologies , 2006, International Workshop on Wearable and Implantable Body Sensor Networks (BSN'06).

[25]  Ilias Iakovidis,et al.  Towards personal health record: current situation, obstacles and trends in implementation of electronic healthcare record in Europe , 1998, Int. J. Medical Informatics.

[26]  Yuguang Fang,et al.  Cross-Domain Data Sharing in Distributed Electronic Health Record Systems , 2010, IEEE Transactions on Parallel and Distributed Systems.

[27]  Feike W. Dillema,et al.  Rendezvous-based access control for medical records in the pre-hospital environment , 2007, HealthNet '07.

[28]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[29]  Daniel Slamanig,et al.  Anonymity and Application Privacy in Context of Mobile Computing in eHealth , 2008, Mobile Response.

[30]  Jun Zhou,et al.  TIS: A threshold incentive scheme for secure and reliable data forwarding in vehicular Delay Tolerant Networks , 2012, 2012 IEEE Global Communications Conference (GLOBECOM).