脑机接口技术中安全高效的属性基访问控制

屠袁飞; 杨庚; 袁冯杰

doi:10.11999/JEIT161362

脑机接口技术中安全高效的属性基访问控制

doi: 10.11999/JEIT161362

基金项目:

国家自然科学基金(61572263, 61272084)，江苏省高校自然科学研究重大项目(11KJA520002)，高等学校博士学科点专项科研基金(20113223110003)，中国博士后科学基金(2015M581794)，江苏省博士后科研资助计划(1501023C)，南京邮电大学校级科研基金(NY214127)

计量
- 文章访问数: 1105
- HTML全文浏览量: 107
- PDF下载量: 232
- 被引次数: 0
出版历程
- 收稿日期: 2016-12-13
- 修回日期: 2017-07-11
- 刊出日期: 2017-10-19

Secure and Efficient Attribute Based Access Control for Brain-computer Interface

Funds:

The National Natural Science Foundation of China (61572263, 61272084), The Natural Science Foundation of the Jiangsu Province Higher Education Institutions of China (11KJA520002), The Specialized Research Fund for the Doctoral Program of Higher Education (20113223110003), China Postdoctoral Science Foundation (2015M581794), Jiangsu Province Planned Projects for Postdoctoral Research Funds (1501023C), NUPTSF (NY214127)

摘要

摘要: 随着脑机接口技术(Brain-Computer Interface, BCI)在新兴医疗健康监测领域的广泛应用，其受到的安全威胁越来越多，导致其隐私保护问题受到了关注。该文针对BCI应用中的隐私保护问题提出一种通信模型，并为其设计了一种基于密文策略的属性基(Ciphertext-Policy Attribute Based Encryption, CP-ABE)访问控制方案，利用代理重加密技术实现细粒度的属性撤销。经分析表明，方案有效地解决了BCI模型中敏感数据的隐私保护问题，并且在能量损耗及通信计算开销等性能评估中表现优异。
- 脑机接口技术 /
- 隐私保护 /
- 访问控制方案 /
- 属性撤销 /
- 代理重加密
Abstract: Brain-Computer Interface (BCI) are expected to play a major role in field of medical-health monitoring in near future. Unfortunately, an increasing number of attacks to BCI applications underline the existence of security and privacy related issues, which gains tremendous attention amongst researchers. In this paper, a communication architecture is proposed for BCI applications, and an access control scheme is designed by employing Ciphertext-Policy Attribute Based Encryption (CP-ABE). The proposed scheme supports fully fine-grained attribute revocation by proxy re-encryption. The proposed scheme can efficiently and feasibly reduce the challenges of privacy preservation, and it works excellent in energy consumption and communication/ computation overhead.
- Brain-Computer Interface (BCI) /
- Privacy preservation /
- Access control scheme /
- Attribute revocation /
- Proxy re-encryption

HTML全文

参考文献(26)

WOLPAW J, BIRBAUMER N, MCFARLAND D J, et al. Brain-computer interfaces for communication and control[J]. Clinical Neurophysiology Official Journal of the International Federation of Clinical Neurophysiology, 2002, 113(6): 767-791. doi: 10.1016/S1388-2457(02)00057-3.

WOLPAW J, BIRBAUMER N, and HEETDERKS W. Brain-computer interface technology: A review of the first international meeting[J]. IEEE Transactions on Rehabilitation Engineering, 2000, 8(2): 164-173. doi: 10.1109/ TRE.2000.847807.

Abdulkader S N, ATIA A, and MOSTAFA M S M. Brain computer interfacing: Applications and challenges[J]. Egyptian Informatics Journal, 2015, 16(2): 213-230. doi: 10.1016/j.eij.2015.06.002.

BLONDET M V R, BADARINATH A, KHANNA C, et al. A wearable real-time BCI system based on mobile cloud computing[C]. International IEEE/EMBS Conference on Neural Engineering, San Diego, CA, USA, 2013: 739-742. doi: 10.1109/NER.2013.6696040.

ELSAWY A S and ELDAWLATLY S. P300-based applications for interacting with smart mobile devices[C]. International IEEE/EMBS Conference on Neural Engineering. IEEE, Montpellier, France, 2015: 166-169. doi: 10.1109/NER.2015.7146586.

HONDA K and KUDOH S N. Air brain: The easy telemetric system with smartphone for EEG signal and human behavior[C]. International Conference on Body Area Networks, Brussels, Belgium, 2013: 343-346. doi: 10.4108/ icst.bodynets.2013. 253918.

LI Q Q, DING D, and CONTI M. Brain-computer interface applications: Security and privacy challenges[C]. IEEE Communications and Network Security, Florence, Italy, 2015: 663-666. doi: 10.1109/CNS.2015.7346884.

MARTINOVIC I, DAVIES D, FRANK M, et al. On the feasibility of side-channel attacks with brain-computer interfaces[C]. Usenix Conference on Security Symposium, Berkeley CA USA, 2012: 34.

LUBER B, FISHER C, APPELBAUM P S, et al. Non- invasive brain stimulation in the detection of deception: scientific challenges and ethical consequences[J]. Behavioral Sciences the Law, 2009, 27(2): 191-208. doi: 10.1002/bsl. 860.

U.S. Centers for Medicare Medicaid Services. Hippa basics for providers: privacy, security, and breach notification rules[OL]. https://www.cms.gov/Outreach-and-Education/ Medicare-Learning-Network-MLN/MLNProducts/Downloads/HIPAAPrivacyandSecurityTextOnly.pdf. 2016.

U.S. Federal Trade Commission. Federal trade commission act[OL]. https://www.ftc.gov/enforcement/statutes/federal- trade-commission-act.Apr.12, 2015.

CHIZECK H J and BONACI T. Brain-computer interface anonymizer[OL]. https://docs.google.com/viewer?url= patentimages.storage.googleapis.com/pdfs/US20140228701.pdf. Aug.14, 2014.

BONACI T, CALO R, and CHIZECK H. App stores for the brain: privacy and security in brain-computer interfaces[J]. Technology Society Magazine IEEE, 2015, 34(2): 32-39. doi: 10.1109/MTS.2015.2425551.

VENKATASUBRAMANIAN K K, BANERIEE A, and GUPTA S K S. EKG-based key agreement in body sensor networks[C]. INFOCOM Workshops. IEEE, Phoenix, AZ, USA, 2008: 1-6. doi: 10.1109/INFOCOM.2008.4544608.

CHERUKURI S, VENKATASUBRAMANIAN K K, and GUPTA S K S. BioSec: A biometric based approach for securing communication in wireless networks of biosensors implanted in the human body[C]. International Conference on Parallel Processing Workshops, Kaohsiung, 2003: 432-439. doi: 10.1109/ICPPW.2003.1240399.

TAN C C, WANG H, ZHONG S, et al. Body sensor network security: An identity-based cryptography approach[C]. ACM Conference on Wireless Network Security, Alexandria, VA, USA, 2008: 148-153. doi: 10.1145/1352533.1352557.

MALEK B and MIRI A. Combining attribute-based and access systems[C]. 2009 International Conference on Computational Science and Engineering, Vancouver, BC, Canada, 2009, 3: 305-312. doi: 10.1109/CSE.2009.157.

HAN R F, WANG H X, XIAO Q, et al. A united access control model for systems in collaborative commerce[J]. Journal of Networks, 2009, 4(4): 279-289. doi: 10.4304/jnw. 4.4.279-289.

WAN Z, LIU J, and DENG R H. HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing[J]. IEEE Transactions on Information Forensics Security, 2012, 7(2): 743-754. doi: 10.1109/TIFS.2011.2172209.

GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data [C]. ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, 2006: 89-98. doi: 10.1145/1180405.1180418.

冯登国, 陈成. 属性密码学研究[J]. 密码学报, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.

FENG Dengguo and CHEN Cheng. Research on attribute- based cryptography[J]. Journal of Cryptologic Research, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.

YU S, WANG C, REN K, et al. Attribute based data sharing with attribute revocation[C]. ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, Beijing, China, 2010: 261-270. doi: 10.1145/ 1755688.1755720.

NARUSE T, MOHRI M, and SHIRAISHI Y. Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating[J]. Human-centric Computing and Information Sciences, 2015, 5(1): 1-13. doi: 10.1186/s13673-015-0027-0.

WANDER A S, GURA N, EBERLE H, et al. Energy analysis of public-key cryptography for wireless sensor networks[C]. Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications, Kauai Island, HI, USA, 2005: 324-331. doi: 10.1109/PERCOM.2005.18.

REN Kui, ZENG Kai, LOU Wenjing, et al. On broadcast authentication in wireless sensor networks[C]. International Conference on Wireless Algorithms, Systems, and Applications, Xian, China, 2006: 502-514. doi: 10.1007/ 11814856_48.

施引文献

资源附件(0)

访问统计