Skip to main content
SpringerLink
Log in

Efficient Fine-Grained Access Control for Secure Personal Health Records in Cloud Computing

  • Conference paper
  • First Online:
Network and System Security (NSS 2016)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9955))

Included in the following conference series:

Abstract

In this paper, we propose an efficient fine-grained access control system for secure Personal Health Records (PHRs) in cloud computing. In this system, the patients have fine-grained access control for their health records. The underlying primitive of this system is a newly designed identity-based conditional proxy re-encryption scheme with chosen-ciphertext security, which is the first of its kind that achieves the highest security level. It is also highly efficient. The public parameters size and also, the private key and ciphertext size are constant and our experimental results indicate that the computational cost does not rely on the message size.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007, Alexandria, Virginia, USA, 28–31 October 2007, pp. 185–194 (2007)

    Google Scholar 

  2. De Caro, A., Iovino, V.: jPBC: Java pairing based cryptography. In: Proceedings of the 16th IEEE Symposium on Computers andCommunications, ISCC 2011, Kerkyra, Corfu, Greece, 28 June – 1 July 2011, pp. 850–855 (2011)

    Google Scholar 

  3. Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, 9–13 November 2009, pp. 121–130 (2009)

    Google Scholar 

  4. Chow, S.S.M., Weng, J., Yang, Y., Deng, R.H.: Efficient unidirectional proxy re-encryption. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 316–332. Springer, Heidelberg (2010). doi:10.1007/978-3-642-12678-9_19

    Chapter  Google Scholar 

  5. Chu, C.-K., Weng, J., Chow, S.S.M., Zhou, J., Deng, R.H.: Conditional proxy broadcast re-encryption. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 327–342. Springer, Heidelberg (2009). doi:10.1007/978-3-642-02620-1_23

    Chapter  Google Scholar 

  6. Deng, R.H., Weng, J., Liu, S., Chen, K.: Chosen-ciphertext secure proxy re-encryption without pairings. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 1–17. Springer, Heidelberg (2008). doi:10.1007/978-3-540-89641-8_1

    Chapter  Google Scholar 

  7. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theor. 22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  8. Fernandes, D.A.B., Soares, L.F.B., Gomes, J.V.P., Freire, M.M., Inácio, P.R.M.: Security issues in cloud environments: a survey. Int. J. Inf. Sec. 13(2), 113–170 (2014)

    Article  Google Scholar 

  9. Gouglidis, A., Mavridis, I., Vincent, C.H.: Security policy verification for multi-domains in cloud systems. Int. J. Inf. Sec. 13(2), 97–111 (2014)

    Article  Google Scholar 

  10. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, 30 October – 3 November 2006, pp. 89–98 (2006)

    Google Scholar 

  11. Hanaoka, G., Kawai, Y., Kunihiro, N., Matsuda, T., Weng, J., Zhang, R., Zhao, Y.: Generic construction of chosen ciphertext secure proxy re-encryption. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 349–364. Springer, Heidelberg (2012). doi:10.1007/978-3-642-27954-6_22

    Chapter  Google Scholar 

  12. Huang, K.-H., Chang, E.-C., Wang, S.-J.: A patient-centric access control scheme for personal health records in the cloud. In: 2013 Fourth International Conference on Networking and Distributed Computing (ICNDC), pp. 85–88, December 2013

    Google Scholar 

  13. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)

    Article  Google Scholar 

  14. Ibraimi, L., Asim, M., Petkovic, M.: Secure management of personal health records by applying attribute-based encryption. In: 2009 6th International Workshop on Wearable Micro and Nano Technologies for Personalized Health (pHealth), pp. 71–74, June 2009

    Google Scholar 

  15. Isshiki, T., Nguyen, M.H., Tanaka, K.: Proxy re-encryption in a stronger security model extended from CT-RSA2012. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 277–292. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36095-4_18

    Chapter  Google Scholar 

  16. Leng, C., Huiqun, Y., Wang, J., Huang, J.: Securing personal health records in the cloud by enforcing sticky policies. TELKOMNIKA Indonesian J. Electr. Eng. 11(4), 2200–2208 (2013)

    Google Scholar 

  17. Li, J., Chen, X., Li, J., Jia, C., Ma, J., Lou, W.: Fine-grained access control system based on outsourced attribute-based encryption. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 592–609. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40203-6_33

    Chapter  Google Scholar 

  18. Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 89–106. Springer, Heidelberg (2010). doi:10.1007/978-3-642-16161-2_6

    Chapter  Google Scholar 

  19. Li, M., Shucheng, Y., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)

    Article  Google Scholar 

  20. Liang, K., Chu, C.-K., Tan, X., Wong, D.S., Tang, C., Zhou, J.: Chosen-ciphertext secure multi-hop identity-based conditional proxy re-encryption with constant-size ciphertexts. Theor. Comput. Sci. 539, 87–105 (2014)

    Article  MathSciNet  MATH  Google Scholar 

  21. Liang, K., Liu, Z., Tan, X., Wong, D.S., Tang, C.: A CCA-secure identity-based conditional proxy re-encryption without random oracles. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 231–246. Springer, Heidelberg (2013). doi:10.1007/978-3-642-37682-5_17

    Chapter  Google Scholar 

  22. Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 360–379. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78440-1_21

    Chapter  Google Scholar 

  23. Matsuda, T., Nishimaki, R., Tanaka, K.: CCA proxy re-encryption without bilinear maps in the standard model. In: Nguyen, P.Q., Pointcheval, D. (eds.) PKC 2010. LNCS, vol. 6056, pp. 261–278. Springer, Heidelberg (2010). doi:10.1007/978-3-642-13013-7_16

    Chapter  Google Scholar 

  24. Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings of the 2nd ACM Cloud Computing Security Workshop, CCSW 2010, Chicago, IL, USA, 8 October 2010, pp. 47–52 (2010)

    Google Scholar 

  25. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). doi:10.1007/11426639_27

    Chapter  Google Scholar 

  26. Shao, J., Wei, G., Ling, Y., Xie, M.: Identity-based conditional proxy re-encryption. In: Proceedings of IEEE International Conference onCommunications, ICC 2011, Kyoto, Japan, 5–9 June 2011, pp. 1–5 (2011)

    Google Scholar 

  27. Smith, E., Eloff, H.P.: Security in health-care information systemscurrent trends. Int. J. Med. Inform. 54(1), 39–54 (1999)

    Article  Google Scholar 

  28. Wang, C.-J., Xu, X.-L., Shi, D.-Y., Lin, W.-L.: An efficient cloud-based personal health records system using attribute-based encryption and anonymous multi-receiver identity-based encryption. In: 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, Guangdong, China, 8–10 November 2014, pp. 74–81 (2014)

    Google Scholar 

  29. Wang, S., Liang, K., Liu, J.K., Chen, J., Jianping, Y., Xie, W.: Attribute-based data sharing scheme revisited in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(8), 1661–1673 (2016)

    Article  Google Scholar 

  30. Wang, S., Zhou, J., Liu, J.K., Jianping, Y., Chen, J., Xie, W.: An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(6), 1265–1277 (2016)

    Article  Google Scholar 

  31. Weng, J., Chen, M.-R., Yang, Y., Deng, R.H., Chen, K., Bao, F.: CCA-secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles. Sci. China Inf. Sci. 53(3), 593–606 (2010)

    Article  MathSciNet  Google Scholar 

  32. Weng, J., Deng, R.H., Ding, X., Chu, C-K., Lai, J.: Conditional proxy re-encryption secure against chosen-ciphertext attack. In: Proceedings of the 2009 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2009, Sydney, Australia, 10–12 March 2009, pp. 322–332 (2009)

    Google Scholar 

  33. Weng, J., Yang, Y., Tang, Q., Deng, R.H., Bao, F.: Efficient conditional proxy re-encryption with chosen-ciphertext security. In: Samarati, P., Yung, M., Martinelli, F., Ardagna, C.A. (eds.) ISC 2009. LNCS, vol. 5735, pp. 151–166. Springer, Heidelberg (2009). doi:10.1007/978-3-642-04474-8_13

    Chapter  Google Scholar 

  34. Weng, J., Zhao, Y., Hanaoka, G.: On the security of a bidirectional proxy re-encryption scheme from PKC 2010. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 284–295. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19379-8_18

    Chapter  Google Scholar 

  35. Yang, K., Jia, X., Ren, K.: Attribute-based fine-grained access control with efficient revocation in cloud storage systems. In: 8th ACM Symposium on Information, Computer and Communications Security, ASIA CCS 2013, Hangzhou, China, 08–10 May 2013, pp. 523–528 (2013)

    Google Scholar 

  36. Yang, Y., Lu, H., Weng, J., Zhang, Y., Sakurai, K.: Fine-grained conditional proxy re-encryption and application. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 206–222. Springer, Heidelberg (2014). doi:10.1007/978-3-319-12475-9_15

    Google Scholar 

  37. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control incloud computing. In: 29th IEEE International Conference on Computer Communications, Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 2010, San Diego, CA, USA, 15–19 March 2010, pp. 534–542 (2010)

    Google Scholar 

Download references

Acknowledgments

This work was supported by National Science Foundation of China (Grant Nos. 61272413, 61133014, 61272415 and 61472165), Research Fund for the Doctoral Program of Higher Education of China (Grant No. 20134401110011), the 2016 special fund for Applied Science & Technology Development and Transformation of Major Scientific and Technological Achievements, the fund for Zhuhai City Predominant Disciplines, and the Open Project Program of the Guangdong Provincial Big Data Collaborative Innovation Center.

Author information

Authors and Affiliations

  1. Department of Computer Science, Jinan University, Guangzhou, China

    Kai He, Jian Weng & Jia-Nan Liu

  2. Faculty of Information Technology, Monash University, Melbourne, Australia

    Kai He & Joseph K. Liu

  3. Guangdong Provincial Big Data Collaborative Innovation Center, Shenzhen University, Shenzhen, China

    Jian Weng

  4. School of Information Technology, Deakin University, Melbourne, Australia

    Wanlei Zhou

Authors
  1. Kai He
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jian Weng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joseph K. Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wanlei Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jia-Nan Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian Weng .

Editor information

Editors and Affiliations

  1. Central China Normal University , Wuhan, China

    Jiageng Chen

  2. Università degli Studi di Milano , Crema (CR), Italy

    Vincenzo Piuri

  3. Osaka University , Osaka, Japan

    Chunhua Su

  4. Columbia University , New York, New York, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

He, K., Weng, J., Liu, J.K., Zhou, W., Liu, JN. (2016). Efficient Fine-Grained Access Control for Secure Personal Health Records in Cloud Computing. In: Chen, J., Piuri, V., Su, C., Yung, M. (eds) Network and System Security. NSS 2016. Lecture Notes in Computer Science(), vol 9955. Springer, Cham. https://doi.org/10.1007/978-3-319-46298-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-46298-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-46297-4

  • Online ISBN: 978-3-319-46298-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation