Attribute-Based Encryption for Reliable and Secure Sharing of PHR in Cloud Computing
Main Article Content
Abstract
In this paper we investigating on Personal health record (PHR),which is a patient-centric model of health information exchange, and is stored at a third party i.e., cloud providers. But there are concerns such as personal health information can be exposed to third party servers and to unauthorized parties. In order to assure the patients’ authority over approach to their personal PHRs, it is an assuring method to encrypt the PHRs before outsourcing. These are issues like elastic access, reliability in key management; privacy exposure and efficient user revocation have continued to be the most significant dispute towards accomplishing fine-grained, cryptographically imposed data access control. Sequentially to have control for data access to PHRs stored in semi trusted severs, a novel patient-centric structure and a suite of methods is proposed in this paper. We leverage attribute-based encryption (ABE) practices to attain scalable and fine grained data access control for personal health records to encrypt each patient’s PHR file. In this paper, we concentrate on the several data owner situation, which is different from earlier works in secure data outsourcing. It divides the users in the PHR system into several security domains which decreases the key management complexity for owners and users. Simultaneously, patient confidentiality is maintained and guaranteed by exploiting multiauthority ABE.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
IJCERT Policy:
The published work presented in this paper is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. This means that the content of this paper can be shared, copied, and redistributed in any medium or format, as long as the original author is properly attributed. Additionally, any derivative works based on this paper must also be licensed under the same terms. This licensing agreement allows for broad dissemination and use of the work while maintaining the author's rights and recognition.
By submitting this paper to IJCERT, the author(s) agree to these licensing terms and confirm that the work is original and does not infringe on any third-party copyright or intellectual property rights.
References
V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data,”Proc. 13th ACM Conf. Computer and Comm. Security (CCS ‟ 06),pp. 89-98, 2006.
Ming LiShucheng Yu, Yao Zheng,Kui Ren, and Wenjing Lou, “Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using AttributeBased Encryption”, IEEE transactions on parallel and distributed systems, vol. 24, no. 1, january 2013.
Y. Zheng, “Privacy-Preserving Personal Health Record System Using Attribute-Based Encryption”, master‟ s thesis, Worcester Polytechnic Inst., 2011.
L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker, “Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes”, 2009.
S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute Based Data Sharing with Attribute Revocation,” Proc. Fifth ACM Symp. Information, Computer and Comm. Security (ASIACCS ‟ 10), 2010.
S. Narayan, M. Gagne´, and R. Safavi-Naini, “Privacy Preserving EHR System Using Attribute-Based Infrastructure”, Proc. ACM Cloud Computing Security Workshop (CCSW ‟ 10), pp. 47-52, 2010.
J. Bethencourt, A. Sahai, and B. Waters, “CiphertextPolicy Attribute-Based Encryption”, Proc. IEEE Symp. Security and Privacy (SP ‟ 07), pp. 321-334, 2007.
Q.Wang et al.,“Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing,” Proc. ESORICS „09, Sept. 2009, pp. 355–70.
S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in IEEE INFOCOM‟ 10, 2010.
A. Boldyreva, V. Goyal, and V. Kumar, “Identitybased encryption with efficient revocation,” in ACM CCS, ser. CCS ‟ 08, 2008, pp.417–426.
J. Hur and D. K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE Transactions on Parallel and Distributed Systems, vol. 99, no. PrePrints, 2010
J. Bethencourt, A. Sahai, and B. Waters,“Ciphertext-policy attribute-based encryption,” in IEEE S& P ’07, 2007, pp. 321–334.
Melissa Chase “Multi-authority Attribute based Encryption,” Computer Science Department Brown University Providence, RI 02912