Fine-grained Access Control with User Revocation in Cloud-based Personal Health Record System

LIU Qin; LIU Xuhui; HU Baishuang; ZHANG Shaobo

doi:10.11999/JEIT160621

Volume 39 Issue 5

May 2017

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2017 > 39(5): 1206-1212

LIU Qin, LIU Xuhui, HU Baishuang, ZHANG Shaobo. Fine-grained Access Control with User Revocation in Cloud-based Personal Health Record System[J]. Journal of Electronics & Information Technology, 2017, 39(5): 1206-1212. doi: 10.11999/JEIT160621

Citation:

LIU Qin, LIU Xuhui, HU Baishuang, ZHANG Shaobo. Fine-grained Access Control with User Revocation in Cloud-based Personal Health Record System[J]. Journal of Electronics & Information Technology, 2017, 39(5): 1206-1212. doi: 10.11999/JEIT160621

Citation:

PDF( 286 KB)

Fine-grained Access Control with User Revocation in Cloud-based Personal Health Record System

doi: 10.11999/JEIT160621

1.
(College of Computer Science and Electronic Engineering, Hunan University, Changsha 410082, China)
2.

Funds:

The National Natural Science Foundation of China (61632009, 61402161), The Hunan Provincial Natural Science Foundation of China (2015JJ3046), The CERNET Innovation Project (NGII20150408)

Received Date: 2016-06-12
Rev Recd Date: 2016-12-07
Publish Date: 2017-05-19

Abstract

Abstract

With the development of cloud computing, more and more users employ cloud-based Personal Health Record (PHR) systems. The PHR is correlated with patient privacy, thus existing research suggests to encrypt PHRs before outsourcing. Comparison-Based Encryption (CBE) realizes time comparison in attribute-based access policy, however, the time for encryption is linearly with the number of attributes in the access policy. Therefore, the cost of the scheme is extensive; besides, the scheme is difficult to revoke the user's access privileges in real time. To realize efficiently a fine-grained access control and user revocation for PHRs in clouds, a Fine-Grained access control with User Revocation (FGUR) scheme is proposed by incorporating Broadcast Ciphertext-Policy Attribute-Based Encryption (BCP-ABE) and an attribute hierarchy into CBE. The experiment results show that the FGUR scheme has better performance in terms of the encryption cost and dynamic access privilege, compared with CBE.
- Cloud computing,
- Personal Health Record (PHR),
- Comparison-Based Encryption (CBE),
- Attribute hierarchy,
- User revocation

FullText(HTML)

References(14)

References

TANG P C, ASH J S, and BATES D W. Personal health records: Definitions, benefits, and strategies for overcoming barriers to adoption[J]. Journal of the American Medical Informatics Association, 2006, 13(2): 121-126. doi: 10.1197/ jamia.M2025.

GUO L, ZHANG C, SUN J, et al. PAAS: A privacy- preserving attribute-based authentication system for ehealth networks[C]. Distributed Computing Systems (ICDCS), 2012 IEEE 32nd International Conference, Macau, China, 2012: 224-233.

ARMBRUST M, FOX A, GRIFFITH R, et al. A view of cloud computing[J]. Communications of the ACM, 2010, 53(4): 50-58. doi: 10.1145/1721654.1721672.

WANG G, LIU Q, and WU J. Hierarchical attribute-based encryption for fine-grained access control in cloud storage services[C]. Proceedings of the 17th ACM Conference on Computer and Communications Security, Chicago, USA, 2010: 735-737.

BALAMURUGAN B, KRISHNA P V, KUMAR N S, et al. An Efficient Framework for Health System Based on Hybrid Cloud with ABE-Outsourced Decryption[M]. India: Springer India, 2015: 41-49.

SANGEETHA D, VIJAYAKUMAR V, THIRUNAVUKKARASU V, et al. Enhanced Security of PHR System in Cloud Using Prioritized Level Based Encryption[M]. Germany: Springer Berlin Heidelberg, 2014: 57-69.

YAO X, LIN Y, LIU Q, et al. Efficient and privacy-preserving search in multi-source personal health record clouds[C]. 2015 IEEE Symposium on Computers and Communication(ISCC), Larnaca, Cyprus, 2015: 803-808.

BOLDYREVA A, CHENETTE N, and ONEILL A. Order-preserving Encryption Revisited: Improved Security Analysis and Alternative Solutions[M]. Germany: Springer Berlin Heidelberg, 2011: 578-595.

王尚平, 余小娟, 张亚玲. 具有两个可撤销属性列表的密钥策略的属性加密方案[J]. 电子与信息学报, 2016, 38(6): 1406-1411. doi: 10.11999/JEIT150845.

WANG Shangping, YU Xiaojuan, and ZHANG Yaling. Revocable key-policy attribute-based encryption scheme with two revocation lists[J]. Journal of Electronics Information Technology, 2016, 38(6): 1406-1411. doi: 10.11999/JEIT 150845.

李双, 徐茂智. 基于属性的可搜索加密方案[J]. 计算机学报, 2014, 37(5): 1017-1024. doi: 10.3724/SP.J.1016.2014.01017.

LI Shuang and XU Maozhi. Attribute-based public encryption with keyword search[J]. Chinese Journal of Computers, 2014, 37(5): 1017-1024. doi: 10.3724/SP.J.1016. 2014.01017.

ZHU Y, HU H, AHN G J, et al. Comparison-based encryption for fine-grained access control in clouds[C]. Proceedings of the Second ACM Conference on Data and Application Security and Privacy, San Antonio, USA, 2012: 105-116.

ATTRAPADUNG N and IMAI H. Conjunctive Broadcast and Attribute-based Encryption[M]. Germany: Springer Berlin Heidelberg, 2009: 248-265.

Relative Articles

Supplements(0)

Cited By

Cited by

Periodical cited type(11)

1.	毛伟，余刃，王天舒，殷少轩. 核动力装置运行参数缺失值填充方法研究. 海军工程大学学报. 2023(03): 8-14 .
2.	袁珊珊，刘智勇. 基于供方调查电子健康档案的“互联网+医疗健康”便民服务研究. 重庆医学. 2023(16): 2548-2552 .
3.	龙浩，张书奎，张力. 基于属性加密的雾协同云数据共享方案. 计算机工程与设计. 2021(01): 31-37 .
4.	肖人彬，林文广，赖荣燊，李妍. 数据驱动的产品大规模个性化设计研究. 机械设计. 2021(10): 1-14 .
5.	周慧颖，侯胜超，马敬东. 患者共享个人健康档案数据意愿实证研究. 中华医学图书情报杂志. 2020(03): 1-10 .
6.	赵斌，肖创柏，张问银，古雪. 基于博弈理论的访问控制奖惩激励约束机制. 电子与信息学报. 2019(04): 1002-1009 . 本站查看
7.	周治平，李智聪. 无可信第三方的数据匿名化收集协议. 电子与信息学报. 2019(06): 1442-1449 . 本站查看
8.	乔毛，秦岭. 云存储服务中一种高效属性撤销的AB-ACCS方案. 计算机科学. 2019(07): 96-101 .
9.	王璇，邹军，杜军. 改进的HABE算法在基于雾计算的PHR系统中的研究. 高技术通讯. 2019(09): 852-861 .
10.	杨浩，张俊锋，谢昕. 网络第三方服务器中用户信息的细粒度访问控制方法. 科学技术与工程. 2018(04): 82-87 .
11.	王玮，苏琦，周伟，刘荫，张宾. 不同类别非完整大数据中缺失数据填充算法. 科学技术与工程. 2018(08): 91-96 .