Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity

ZHANG Xiaojun; WANG Xin; LIAO Wencai; ZHAO Jie; FU Xingbing

doi:10.11999/JEIT210971

Volume 44 Issue 12

Dec. 2022

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2022 > 44(12): 4348-4356

ZHANG Xiaojun, WANG Xin, LIAO Wencai, ZHAO Jie, FU Xingbing. Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971

Citation:

ZHANG Xiaojun, WANG Xin, LIAO Wencai, ZHAO Jie, FU Xingbing. Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971

Citation:

ZHANG Xiaojun, WANG Xin, LIAO Wencai, ZHAO Jie, FU Xingbing. Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity[J]. Journal of Electronics & Information Technology, 2022, 44(12): 4348-4356. doi: 10.11999/JEIT210971

PDF( 2155 KB)

Lightweight Integrity Verification Scheme for Outsourced Medical Data in Cloud Storage Supporting Conditional Identity Anonymity

doi: 10.11999/JEIT210971

1.
School of Computer Science, Research Center for Cyber Security, Southwest Petroleum University, Chengdu 610500, China
2.
Faculty of Science, Yibin University, Yibin 644000, China
3.
School of Cyberspace, Hangzhou Dianzi University, Hangzhou 310018, China

Funds: The National Natural Science Foundation of China (61902327), China Postdoctoral Science Foundation (2020M681316), Zhejiang Provincial Natural Science Foundation of China (LY19F020045), Chengdu Key R & D Project (2021-YF05-00965-SN), Southwest Petroleum University Graduate Teaching Research and Reform Project (JY20ZD06)

Received Date: 2021-09-13
Accepted Date: 2022-09-06
Rev Recd Date: 2022-08-25

Available Online: 2022-09-08

Publish Date: 2022-12-16

Abstract

Abstract

Medical cloud storage service is one of the most significant applications in cloud computing. Simultaneously, the integrity of outsourced medical data and users’ identity privacy-preservation have been more and more important. To this end, an outsourced cloud storage medical data lightweight integrity verification scheme is proposed for wireless medical sensor networks, supporting conditional identity anonymity. The scheme combines the homomorphic hash function to design an aggregated signature to enable a Third Party Auditor (TPA) to check the integrity of outsourced medical data effectively. The scheme stores auditing auxiliary information on TPA side and uses the homomorphic property of the homomorphic hash function to optimize the calculations on TPA side to a constant, which reduces greatly the computational costs of TPA. The scheme enables TPA to perform batch verification on multiple data files, and the verification costs are nearly constant, independent of the number of data files. In addition, this scheme prevents effectively TPA from recovering the original medical data by solving the linear equations, and a conditional identity anonymous algorithm is designed, thus the Private Key Generator (PKG) could generate the anonymous identity of a user and corresponding singing key. Even if the attacker intercepts the medical data transmitted by the user, it can not know the real identity of the data. In addition, the complex certificates management is efficiently avoided, and PKG could also trace and revoke the real identities of misbehaved users efficiently. The security analysis and performance evaluation demonstrate that this scheme could be securely and efficiently deployed in wireless medical sensor networks.
- Wireless medical sensor network,
- Cloud storage,
- Aggregate signature,
- Integrity verification,
- Conditional identity anonymity

FullText(HTML)

References(21)

References

[1]	BARATI M, AUJLA G S, LLANOS J T, et al. Privacy-aware cloud auditing for GDPR compliance verification in online healthcare[J]. IEEE Transactions on Industrial Informatics, 2022, 18(7): 4808–4819. doi: 10.1109/TII.2021.3100152
[2]	NAYAK S K and TRIPATHY S. SEPDP: Secure and efficient privacy preserving provable data possession in cloud storage[J]. IEEE Transactions on Services Computing, 2021, 14(3): 876–888. doi: 10.1109/TSC.2018.2820713
[3]	LI Hongzhi, HAN Dezhi, and TANG Mingdong. A privacy-preserving storage scheme for logistics data with assistance of blockchain[J]. IEEE Internet of Things Journal, 2022, 9(6): 4704–4720. doi: 10.1109/JIOT.2021.3107846
[4]	SUBRAMANI J, MARIA A, RAJASEKARAN A S, et al. Lightweight privacy and confidentiality preserving anonymous authentication scheme for WBANs[J]. IEEE Transactions on Industrial Informatics, 2022, 18(5): 3484–3491. doi: 10.1109/TII.2021.3097759
[5]	REN Kui, WANG Cong, and WANG Qian. Security challenges for the public cloud[J]. IEEE Internet Computing, 2012, 16(1): 69–73. doi: 10.1109/MIC.2012.14
[6]	SUN Jinyuan, FANG Yuguang, and ZHU Xiaoyan. Privacy and emergency response in e-healthcare leveraging wireless body sensor networks[J]. IEEE Wireless Communications, 2010, 17(1): 66–73. doi: 10.1109/MWC.2010.5416352
[7]	ATENIESE G, BURNS R, CURTMOLA R, et al. Provable data possession at untrusted stores[C]. The 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007: 598–609.
[8]	JUELS A and KALISKI B S. PORs: Proofs of retrievability for large files[C]. The 14th ACM Conference on Computer and Communications Security, Alexandria, USA, 2007: 584–597.
[9]	WANG Cong, CHOW S S M, WANG Qian, et al. Privacy-preserving public auditing for secure cloud storage[J]. IEEE Transactions on Computers, 2013, 62(2): 362–375. doi: 10.1109/TC.2011.245
[10]	马华, 党乾龙, 王剑锋, 等. 基于属性加密的高效密文去重和审计方案[J]. 电子与信息学报, 2019, 41(2): 355–361. doi: 10.11999/JEIT170935 MA Hua, DANG Qianlong, WANG Jianfeng, et al. Efficient ciphertext deduplication and auditing scheme with attribute-based encryption[J]. Journal of Electronics &Information Technology, 2019, 41(2): 355–361. doi: 10.11999/JEIT170935
[11]	YEH L Y, CHIANG P Y, TSAI Y L, et al. Cloud-based fine-grained health information access control framework for LightweightIoT devices with dynamic auditing and attribute revocation[J]. IEEE Transactions on Cloud Computing, 2018, 6(2): 532–544. doi: 10.1109/TCC.2015.2485199
[12]	HAHN C, KWON H, KIM D, et al. Enabling fast public auditing and data dynamics in cloud services[J]. IEEE Transactions on Services Computing, 2022, 15(4): 2047–2059. doi: 10.1109/TSC.2020.3030947
[13]	田俊峰, 井宣. 多方参与高效撤销组成员的共享数据审计方案[J]. 电子与信息学报, 2020, 42(6): 1534–1541. doi: 10.11999/JEIT190468 TIAN Junfeng and JING Xuan. Shared data auditing scheme for efficient revocation of group members via multi-participation[J]. Journal of Electronics &Information Technology, 2020, 42(6): 1534–1541. doi: 10.11999/JEIT190468
[14]	SHAMIR A. Identity-based cryptosystems and signature schemes[C]. Workshop on the Theory and Application of Cryptographic Techniques, Santa Barbara, USA, 1984: 47–53.
[15]	NI Jianbing, ZHANG Kuan, YU Yong, et al. Identity-based provable data possession from RSA assumption for secure cloud storage[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(3): 1753–1769. doi: 10.1109/TDSC.2020.3036641
[16]	ZHANG Xiaojun, ZHAO Jie, XU Chunxiang, et al. CIPPPA: Conditional identity privacy-preserving public auditing for cloud-based WBANs against malicious auditors[J]. IEEE Transactions on Cloud Computing, 2021, 9(4): 1362–1375. doi: 10.1109/TCC.2019.2927219
[17]	GAO Xiang, YU Jia, CHANG Yan, et al. Checking only when it is necessary: Enabling integrity auditing based on the keyword with sensitive information privacy for encrypted cloud data[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 19(6): 3774–3789.
[18]	XUE Jingting, XU Chunxiang, ZHAO Jining, et al. Identity-based public auditing for cloud storage systems against malicious auditors via blockchain[J]. Science China Information Sciences, 2019, 62(3): 32104. doi: 10.1007/s11432-018-9462-0
[19]	ALI S T, SIVARAMAN V, OSTRY D, et al. Securing first-hop data provenance for bodyworn devices using wireless link fingerprints[J]. IEEE Transactions on Information Forensics and Security, 2014, 9(12): 2193–2204. doi: 10.1109/TIFS.2014.2357998
[20]	ZHANG Yinghui, ZHANG Tiantian, GUO Rui, et al. Traceable dynamic public auditing with identity privacy preserving for cloud storage[J]. KSII Transactions on Internet and Information Systems, 2019, 13(11): 5653–5672. doi: 10.3837/tiis.2019.11.021
[21]	YU Yong, AU M H, ATENIESE G, et al. Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(4): 767–778. doi: 10.1109/TIFS.2016.2615853