A searchable personal health records framework with fine-grained access control in cloud-fog computing

Fog computing can extend cloud computing to the edge of the network so as to reduce latency and network congestion. However, existing encryption schemes were rarely used in fog environment, resulting in high computational and storage overhead. Aiming at the demands of local information for terminal device and the shortcomings of cloud computing framework in supporting mobile applications, by taking the hospital scene as an example, a searchable personal health records framework with fine-grained access control in cloud-fog computing is proposed. The proposed framework combines the attribute-based encryption (ABE) technology and search encryption (SE) technology to implement keyword search function and fine-grained access control ability. When keyword index and trapdoor match are successful, the cloud server provider only returns relevant search results to the user, thus achieving a more accurate search. At the same time, the scheme is multi-authority, and the key leakage problem is solved by dividing the user secret key distribution task. Moreover, in the proposed scheme, we securely outsource part of the encryption and decryption operations to the fog node. It is effective both in local resources and in resource-constrained mobile devices. Based on the decisional q-parallel bilinear Diffie-Hellman exponent (q-DBDHE) assumption and decisional bilinear Diffie-Hellman (DBDH) assumption, our scheme is proven to be secure. Simulation experiments show that our scheme is efficient in the cloud-fog environment.

[1]  Zoe L. Jiang,et al.  A Revocable Outsourcing Attribute-Based Encryption Scheme , 2016, CloudComp.

[2]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[3]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[5]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[6]  Ivan Stojmenovic,et al.  The Fog computing paradigm: Scenarios and security issues , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[7]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[8]  Sun Lei,et al.  A Novel Attribute Based Keyword Search Scheme for Mobile Cloud Storage , 2017, 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).

[9]  Min Ji,et al.  CCA-secure ABE with outsourced decryption for fog computing , 2018, Future Gener. Comput. Syst..

[10]  Kai Zhang,et al.  Efficient large-universe multi-authority ciphertext-policy attribute-based encryption with white-box traceability , 2017, Science China Information Sciences.

[11]  Jiguo Li,et al.  KSF-OABE: Outsourced Attribute-Based Encryption with Keyword Search Function for Cloud Storage , 2017, IEEE Transactions on Services Computing.

[12]  Lei Sun,et al.  A Novel Attribute Based Keyword Search Scheme for Mobile Cloud Storage , 2017, CyberC.

[13]  Hao Wang,et al.  Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing , 2016, Soft Computing.

[14]  Dawei Li,et al.  Efficient CCA2 Secure Revocable Multi-authority Large-Universe Attribute-Based Encryption , 2017, CSS.

[15]  Robert H. Deng,et al.  Efficient and Expressive Keyword Search Over Encrypted Data in Cloud , 2016, IEEE Transactions on Dependable and Secure Computing.

[16]  Xiong Li,et al.  Verifiable keyword search over encrypted cloud data in smart city , 2017, Comput. Electr. Eng..

[17]  Ammar Muthanna,et al.  Study of fog computing structure , 2018, 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus).

[18]  Brent Waters,et al.  Efficient Statically-Secure Large-Universe Multi-Authority Attribute-Based Encryption , 2015, Financial Cryptography.

[19]  David C Kibbe,et al.  An introduction to personal health records. , 2006, Family practice management.

[20]  Milan Petkovic,et al.  Secure management of personal health records by applying attribute-based encryption , 2009, Proceedings of the 6th International Workshop on Wearable, Micro, and Nano Technologies for Personalized Health.

[21]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[22]  Jian Shen,et al.  Verifiable Outsourced Decryption of Attribute-Based Encryption with Constant Ciphertext Length , 2017, Secur. Commun. Networks.

[23]  Shahram Babaie,et al.  An optimized Bidding-based coverage improvement algorithm for hybrid wireless sensor networks , 2018, Comput. Electr. Eng..

[24]  Jianhua Wang,et al.  Verifiable Outsourced Ciphertext-Policy Attribute-Based Encryption for Mobile Cloud Computing , 2017, KSII Trans. Internet Inf. Syst..

[25]  Ting Wang,et al.  A Cloud-Based Access Control Scheme with User Revocation and Attribute Update , 2016, ACISP.

[26]  Yiwei Thomas Hou,et al.  Protecting Your Right: Verifiable Attribute-Based Keyword Search with Fine-Grained Owner-Enforced Search Authorization in the Cloud , 2016, IEEE Transactions on Parallel and Distributed Systems.

[27]  Kouichi Sakurai,et al.  Multi-User Keyword Search Scheme for Secure Data Sharing with Fine-Grained Access Control , 2011, ICISC.

[28]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[29]  Han Zhou,et al.  AKSER: Attribute-based keyword search with efficient revocation in cloud computing , 2018, Inf. Sci..

[30]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.