Non-interactive Revocable Identity-Based Access Control over e-Healthcare Records

详细信息    查看全文

• 作者：Yunya Zhou (15) (16) (17)
  Jianwei Liu (15) (18)
  Hua Deng (19)
  Bo Qin (16) (20)
  Lei Zhang (21)
  
  15. School of Electronic and Information Engineering ; Beihang University ; Beijing ; China
  16. State Key Laboratory of Integrated Services Networks ; Xidian University ; Xi鈥檃n ; China
  17. State Key Laboratory of Information Security ; Institute of Information Engineering ; Chinese Academy of Sciences ; Beijing ; China
  18. The Academy of Satellite Application ; Beijing ; China
  19. School of Computer ; Wuhan University ; Wuhan ; China
  20. Knowledge Engineering (Renmin University of China) Ministry of Education ; School of Information ; Renmin University of China ; Beijing ; China
  21. Software Engineering Institute ; East China Normal University ; Shanghai ; China
  
• 关键词：E ; healthcare records ; Identity ; based access control ; Revocation ; Non ; interaction
• 刊名：Lecture Notes in Computer Science
• 出版年：2015
• 出版时间：2015
• 年：2015
• 卷：9065
• 期：1
• 页码：485-498
• 全文大小：302 KB
• 参考文献：1. Belsis, P., Vassis, D., Gritzalis, S., Skourlas, C.: W-ehr: a wireless distributed framework for secure dissemination of electronic healthcare records. In: IWSSIP 2009, pp. 1鈥?. IEEE (2009)
  2. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encrytion with efficient revocation. In: ACM CCS 2008, pp. 417鈥?26. ACM (2008)
  3. Boneh, D., Boyen, X., Goh, E.-J. Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. eds. (2005) Advances in Cryptology 鈥?EUROCRYPT 2005. Springer, Heidelberg, pp. 440-456 26639_26" target="_blank" title="It opens in new window">CrossRef
  4. Boneh, D., Franklin, M. Identity-based encryption from the weil pairing. In: Kilian, J. eds. (2001) Advances in Cryptology - CRYPTO 2001. Springer, Heidelberg, pp. 213-229 CrossRef
  5. Deng, H., Wu, Q., Qin, B., Chow, S.S.M., Domingo-Ferrer, J., Shi, W.: Tracing and revoking leaked credentials: accountability in leaking sensitive outsourced data. In: ASIACCS 2014, pp. 425鈥?34. ACM (2014)
  6. Deng, H., Wu, Q., Qin, B., Domingo-Ferrer, J., Zhang, L., Liu, J., Shi, W. (2014) Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Information Sciences 275: pp. 370-384 2014.01.035" target="_blank" title="It opens in new window">CrossRef
  7. Deng, H., Wu, Q., Qin, B., Mao, J., Liu, X., Zhang, L., Shi, W. Who is touching my cloud. In: Kuty艂owski, M., Vaidya, J. eds. (2014) Computer Security - ESORICS 2014. Springer, Heidelberg, pp. 362-379 203-9_21" target="_blank" title="It opens in new window">CrossRef
  8. Jin, J., Ahn, G.-J., Hu, H., Covington, M.J., Zhang, X.: Patient-centric authorization framework for sharing electronic health records. In: SACMAT 2009, pp. 125鈥?34. ACM (2009)
  9. Lee, K., Choi, S.G., Lee, D.H., Park, J.H., Yung, M. Self-updatable encryption: Time constrained access control with hidden attributes and better efficiency. In: Sako, K., Sarkar, P. eds. (2013) Advances in Cryptology - ASIACRYPT 2013. Springer, Heidelberg, pp. 235-254 2-42033-7_13" target="_blank" title="It opens in new window">CrossRef
  10. Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W. (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel and Distributed Systems 24: pp. 131-143 2012.97" target="_blank" title="It opens in new window">CrossRef
  11. Liang, K., Liu, J.K., Wong, D.S., Susilo, W. An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In: Kuty艂owski, M., Vaidya, J. eds. (2014) Computer Security - ESORICS 2014. Springer, Heidelberg, pp. 257-272 203-9_15" target="_blank" title="It opens in new window">CrossRef
  12. Libert, B., Vergnaud, D. Adaptive-ID secure revocable identity-based encryption. In: Fischlin, M. eds. (2009) Topics in Cryptology 鈥?CT-RSA 2009. Springer, Heidelberg, pp. 1-15 2-00862-7_1" target="_blank" title="It opens in new window">CrossRef
  13. Mashima, D., Ahamad, M.: Enabling robust information accountability in e-healthcare systems. In: 3rd USENIX Workshop on Health Security and Privacy (2012)
  14. Naor, D., Naor, M., Lotspiech, J. Revocation and tracing schemes for stateless receivers. In: Kilian, J. eds. (2001) Advances in Cryptology - CRYPTO 2001. Springer, Heidelberg, pp. 41-62 CrossRef
  15. Park, S., Lee, K., Lee, D.H.: New constructions of revocable identity-based encryption from multilinear maps. In: Cryptology ePrint Archive, Report 2013/880 (2013), 2013/880" class="a-plus-plus"> http://eprint.iacr.org/2013/880
  16. Perumal, B., Rajasekaran, M.P., Duraiyarasan, S.: An efficient hierarchical attribute set based encryption scheme with revocation for outsourcing personal health records in cloud computing. In: ICACCS 2013, pp. 1鈥?. IEEE (2013)
  17. Sahai, A., Seyalioglu, H., Waters, B. Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R., Canetti, R. eds. (2012) Advances in Cryptology 鈥?CRYPTO 2012. Springer, Heidelberg, pp. 199-217 2-32009-5_13" target="_blank" title="It opens in new window">CrossRef
  18. Seo, J.H., Emura, K. Revocable identity-based encryption revisited: Security model and construction. In: Kurosawa, K., Hanaoka, G. eds. (2013) Public-Key Cryptography 鈥?PKC 2013. Springer, Heidelberg, pp. 216-234 2-36362-7_14" target="_blank" title="It opens in new window">CrossRef
  19. Seo, J.H., Emura, K. Efficient delegation of key generation and revocation functionalities in identity-based encryption. In: Dawson, E. eds. (2013) Topics in Cryptology 鈥?CT-RSA 2013. Springer, Heidelberg, pp. 343-358 2-36095-4_22" target="_blank" title="It opens in new window">CrossRef
  20. Shoniregun, C.A., Dube, K., Mtenzi, F.: Secure e-healthcare information systems. In: Electronic Healthcare Information Security, pp. 101鈥?21. Springer US (2010)
  21. Sun, L., Wang, H., Yong, J., Wu, G.: Semantic access control for cloud computing based on e-Healthcare. In: CSCWD 2012, pp. 512鈥?18. IEEE (2012)
  22. Yi, X., Miao, Y., Bertino, E., Willemson, J.: Multiparty privacy protection for electronic health records. In: GLOBECOM 2013, pp. 2730鈥?735. IEEE (2013)
  23. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: ASIACCS 2010, pp. 261鈥?70. ACM (2010)
  
• 作者单位：Information Security Practice and Experience
• 丛书名：978-3-319-17532-4
• 刊物类别：Computer Science
• 刊物主题：Artificial Intelligence and Robotics
  Computer Communication Networks
  Software Engineering
  Data Encryption
  Database Management
  Computation by Abstract Devices
  Algorithm Analysis and Problem Complexity
  
• 出版者：Springer Berlin / Heidelberg
• ISSN：1611-3349

文摘

Revocation of access control on private e-healthcare records (EHRs) allows to revoke the access rights of valid users. Most existing solutions rely on a trusted third party too much to generate and update decryption keys, or require the computations of non-revoked users during the revocation, which make them impractical for some more complicated scenarios. In this paper, we propose a new revocation model, referred to as non-interactive revocable identity-based access control (NRIBAC) on EHRs. In NRIBAC, a trusted third party only needs to generate secret keys for group authorities and each group authority can generate decryption keys for the users in its domain. The NRIBAC distinguishes itself from other revocation schemes by the advantageous feature that it does not require any participation of non-revoked users in the revocation. We construct an NRIBAC scheme with short ciphertexts and decryption keys by leveraging hierarchical identity-based encryption and introducing the version information. We formally prove the security of the NRIBAC scheme and conduct thorough theoretical analysis to evaluate the performance. The results reveal that the scheme provides favorable revocation procedure without disturbing non-revoked users.