Empowering Personal Health Records with Cloud Computing: How to encrypt with forthcoming fine-grained policies efficiently

The issue of empowering patients to be well informed with regards to their health records has been well accepted in the community, which is known as the Personal Health Record (PHR). PHR has been believed as the solution for better management of an individual’s health, and as the tool that will empower the patient in correlation with healthcare providers through the ability to provide his/her own medical history. In this work, we aim to take one step further by equipping patients with the ability to “control” the access to their PHR efficiently and easily, by incorporating the emerging cloud technology. Specifically, we aim to provide the patients with the luxury of using the power of the cloud to conduct the outsourced work efficiently. To realize this, we present the notion of online/offline ciphertext-policy attribute-based proxy re-encryption scheme, which is very useful primitive in empowering personal health records in cloud computing. We present such a notion as well as a set of security requirements. More specifically, we define two security models covering both outsider and insider attacks. Furthermore, we present a concrete construction of such a scheme, and prove that it is secure under the well known complexity assumptions and following our security models.

[1]  Brent Waters,et al.  Online/Offline Attribute-Based Encryption , 2014, IACR Cryptol. ePrint Arch..

[2]  Matthew Green,et al.  Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[3]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[4]  Xiaohui Liang,et al.  Attribute based proxy re-encryption with delegating capabilities , 2009, ASIACCS '09.

[5]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[6]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[7]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[8]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[9]  Dan Suciu,et al.  Controlling Access to Published Data Using Cryptography , 2003, VLDB.

[10]  Hiroshi Doi,et al.  Hybrid Proxy Re-encryption Scheme for Attribute-Based Encryption , 2009, Inscrypt.

[11]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[12]  Allison Bishop,et al.  Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting , 2012, EUROCRYPT.

[13]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[14]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[15]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[16]  Kent E. Seamons,et al.  Concealing complex policies with hidden credentials , 2004, CCS '04.

[17]  Zhong Chen,et al.  Ciphertext Policy Attribute-Based Proxy Re-encryption , 2010, ICICS.

[18]  Nigel P. Smart Access Control Using Pairing Based Cryptography , 2003, CT-RSA.

[19]  Yevgeniy Dodis,et al.  Proxy Cryptography Revisited , 2003, NDSS.

[20]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[21]  M. Mambo,et al.  Proxy Cryptosystems: Delegation of the Power to Decrypt Ciphertexts (Special Section on Cryptography and Information Security) , 1997 .

[22]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[23]  Willy Susilo,et al.  A Ciphertext-Policy Attribute-Based Proxy Re-encryption with Chosen-Ciphertext Security , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[24]  Sherman S. M. Chow,et al.  Improving privacy and security in multi-authority attribute-based encryption , 2009, CCS.

[25]  Yael Tauman Kalai,et al.  Improved Online/Offline Signature Schemes , 2001, CRYPTO.

[26]  Fuchun Guo,et al.  Identity-Based Online/Offline Encryption , 2008, Financial Cryptography.

[27]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[28]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[29]  Ran Canetti,et al.  Chosen-ciphertext secure proxy re-encryption , 2007, CCS '07.

[30]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[31]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[32]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..