CP-ABE for Selective Access with Scalable Revocation: A Case Study for Mobile-based Healthfolder

With the recent advancement in computational and storage capabilities on mobile devices and Internet of Things (IoT), Ciphertext policy Attributed-based Encryption (CP-ABE) can provide confidentiality and direct selective fine-grained access control. There must be an ease of maintaining ciphertext, capability to share and protection against breach of trust. We present a novel revocation scheme Scalable Proxy-based Immediate Revocation for CP-ABE (SPIRC) which does not require prior revocation list, re-encryption and re-distribution of keys. It improves the Proxy-based Immediate Revocation of ATTribute based Encryption (PIRATTE) scheme for scalable revocation with reduced overheads for proxy data and master key generation. The paper also demonstrates the practical implementation of SPIRC for a case study of a portable Mobile-based Healthfolder on a patient mobile device for direct local access as well as sharing with medical professionals using reader application on their mobile devices. The performance evaluation on mid-range Android devices indicates acceptable overheads for access and security.

[1]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[2]  Liaojun Pang,et al.  A Survey of Research Progress and Development Tendency of Attribute-Based Encryption , 2014, TheScientificWorldJournal.

[3]  Min-Shiang Hwang,et al.  A Survey of Attribute-based Access Control with User Revocation in Cloud Data Storage , 2016, Int. J. Netw. Secur..

[4]  Devesh C. Jinwala,et al.  A Secure Communication Model for Expressive Access Control Using CP-ABE , 2017, Int. J. Netw. Secur..

[5]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[6]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[7]  Wei Chen,et al.  Developing Electronic Health Records in Taiwan , 2010, IT Professional.

[8]  Nur Izura Udzir,et al.  Extending TLS with Mutual Attestation for Platform Integrity Assurance , 2014, J. Commun..

[9]  Busra Ozdenizci,et al.  A Survey on Near Field Communication (NFC) Technology , 2012, Wireless Personal Communications.

[10]  Tooska Dargahi,et al.  On the Feasibility of Attribute-Based Encryption on Smartphone Devices , 2015, IoT-Sys@MobiSys.

[11]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[12]  Ye Tian,et al.  Role-based Access Control for Body Area Networks Using Attribute-based Encryption in Cloud Storage , 2017, Int. J. Netw. Secur..

[13]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[14]  Hideki Imai,et al.  Attribute-Based Encryption Supporting Direct/Indirect Revocation Modes , 2009, IMACC.

[15]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[16]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[17]  Prateek Mittal,et al.  EASiER: encryption-based access control in social networks with efficient revocation , 2011, ASIACCS '11.

[18]  Luc Bouganim,et al.  A Tamper-Resistant and Portable Healthcare Folder , 2008, International journal of telemedicine and applications.

[19]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[20]  Shlomi Dolev,et al.  Permanent Revocation in Attribute Based Broadcast Encryption , 2012, 2012 International Conference on Cyber Security.

[21]  Nikita Borisov,et al.  PIRATTE: Proxy-based Immediate Revocation of ATTribute-based Encryption , 2012, ArXiv.

[22]  Chiu-Shu Pan,et al.  An Improved Password Authentication Scheme for Smart Card , 2016 .

[23]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.

[24]  Pieter H. Hartel,et al.  Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application , 2009, WISA.

[25]  Tooska Dargahi,et al.  On the Feasibility of Attribute-Based Encryption on Internet of Things Devices , 2016, IEEE Micro.

[26]  Mohammed Achemlal,et al.  Host-Based Card Emulation: Development, Security, and Ecosystem Impact Analysis , 2014, 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS).

[27]  Daya Gupta,et al.  Security framework for portable NFC mobile based health record system , 2016, 2016 IEEE 12th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).