CFP last date
20 January 2025
Reseach Article

Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Broadcast Encryption

by Raseena M, Harikrishnan G R
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 102 - Number 16
Year of Publication: 2014
Authors: Raseena M, Harikrishnan G R
10.5120/17898-8764

Raseena M, Harikrishnan G R . Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Broadcast Encryption. International Journal of Computer Applications. 102, 16 ( September 2014), 13-19. DOI=10.5120/17898-8764

@article{ 10.5120/17898-8764,
author = { Raseena M, Harikrishnan G R },
title = { Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Broadcast Encryption },
journal = { International Journal of Computer Applications },
issue_date = { September 2014 },
volume = { 102 },
number = { 16 },
month = { September },
year = { 2014 },
issn = { 0975-8887 },
pages = { 13-19 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume102/number16/17898-8764/ },
doi = { 10.5120/17898-8764 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T22:33:16.072301+05:30
%A Raseena M
%A Harikrishnan G R
%T Secure Sharing of Personal Health Records in Cloud Computing using Attribute-based Broadcast Encryption
%J International Journal of Computer Applications
%@ 0975-8887
%V 102
%N 16
%P 13-19
%D 2014
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Personal Health Record (PHR) service is an emerging model for health information exchange. It allows patients to create, update and manage personal and medical information. Also they can control and share their medical information with other users as well as health care providers. PHR data is hosted to the third party cloud service providers in order to enhance its interoperability. However, there have been serious security and privacy issues in outsourcing these data to cloud server. For security, encrypt the PHRs before outsourcing. So many issues such as risks of privacy exposure, scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. To achieve fine-grained and scalable data access control for client's data, a novel patient-centric framework is used. This frame work is mainly focus on the multiple data owner scenario. A high degree of patient privacy is guaranteed simultaneously by exploiting multi authority ABE. This scheme also enables dynamic modification of access policies or file attributes, support efficient on demand user/attribute revocation. However some practical limitations are in building PHR system. If consider the workflow based access control scenarios, the data access right could be given based on users identities rather than their attributes, while ABE does not handle that efficiently. For solving these problem in this thesis proposed PHR system, based on Attribute Based Broadcast Encryption (ABBE).

References
  1. J. Hur and D. K. Noh, "Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems", IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, 2011
  2. X. Liang, R. Lu, X. Lin, and X. S. Shen, "Ciphertext Policy Attribute Based Encryption with Efficient Revocation", technical report, Univ. of Waterloo, 2010
  3. M. Chase and S. S. Chow, " Improving Privacy and Security in Multi-Authority Attribute-Based Encryption", Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), pp. 121- 130 ,2009
  4. J. Bethencourt, A. Sahai, and B. Waters, " Ciphertext-Policy Attribute-Based Encryption " , Proc. IEEE Symp. Security and Privacy (SP 07), pp. 321-334 ,2007
  5. S. Yu, C. Wang, K. Ren, and W. Lou, "Attribute Based Data Sharing with Attribute Revocation", Proc. Fifth ACM Symp. Information, Computer and Comm. Security (ASIACCS 10) 2010
  6. L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker, "Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes", IEEE Trans. Image process,Jun, 2009
  7. A. Boldyreva, V. Goyal, and V. Kumar, "Identity-Based Encryption with Efficient Revocation", Proc. 15th ACM Conf. Computer and Comm. Security (CCS), pp. 417-426, 2008
  8. V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute- Based Encryption for Fine-Grained Access Control of Encrypted Data", Proc. 13th ACM Conf. Computer and Comm. Security (CCS 06), pp. 89-98, 2006
  9. Ming Li, Shucheng Yu,Yao Zheng, Kui Ren, and Wenjing Lou, "Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption", Ieee transaction on parallel and distributed systems, vol. 24,no. 1,january , 2013
  10. G. Wang, Q. Liu, and J. Wu, "Hierachical attibute-based encryption for fine-grained access control in cloud storage services", in Proc. ACM Conf. Computer and Communications Security (ACM CCS), Chicago, IL , 2010
  11. Melissa Chase, "Multi-authority Attribute Based Encryption", In TCC, volume 4392 of LNCS, pages 515534. Springer , 2007
  12. J. Benaloh, M. Chase, E. Horvitz and K. Lauter, Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records, CCSW 09, 2009, pp. 103114
  13. C. Dong, G. Russello and N. Dulay, Shared and Searchable Encrypted Data for Untrusted Servers, Journal of Computer Security, 2010.
  14. Pascal Junod,Alexandre Karlov "An Efficient Public-Key Attribute-Based Broadcast Encryption Scheme Allowing Arbitrary Access Policies"
  15. D. Lubicz and T. Sirvent. Attribute-based broadcast encryption scheme made efficient. First International Conference on Cryptology in Africa, Casablanca, Morocco, June 11-14,2008
  16. Jin Sun, Yupu Hu, and Leyou Zhang. A Key-Policy Attribute- Based Broadcast Encryption, The International Arab Journal of nformation Technology, Vol. 10, No. 5, September 2013
  17. Boneh D. , Gentry C. , and Waters B. , Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys, in Proceedings of the 25th Annual International Cryptology Conference, USA, pp. 258-275, 2005.
  18. Giovanni Russello, Changyu Dong, Naranker Dulay. A Workflow-based Access Control Framework for e-Health Applications, 22nd International Conference on Advanced Information Networking and Applications - Workshops 2013
  19. Giovanni Russello, Changyu Dong, Naranker Dulay. A Workflow-based Access Control Framework for e-Health Applications, 22nd International Conference on Advanced Information Networking and Applications - Workshops 2013
  20. M. Chase and S. S. Chow Improving Privacy and Security in Multi-Authority Attribute-Based Encryption, Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), pp. 121- 130,2009.
  21. S. Chow, "New Privacy-Preserving Architectures for Identity- / Attribute-Based Encryption," PhD thesis, NYU, 2010
  22. S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, "Over-Encryption: Management of Access Control Evolution on Outsourced Data, " Proc. 33rd Intl Conf. Very Large Data Bases (VLDB 07), pp. 123-134, 2007.
  23. N. Attrapadung and H. Imai, Conjunctive Broadcast and Attribute-Based Encryption, Proc. Third Intl Conf. Palo Alto on Pairing-Based Cryptography-Pairing, pp. 248-265, 2009.
  24. M. Chase and S. S. Chow, Improving Privacy and Security in Multi-Authority Attribute-Based Encryption, Proc. 16th ACM Conf. Computer and Comm. Security (CCS 09), pp. 121- 130, 2009.
  25. X. Liang, R. Lu, X. Lin, and X. S. Shen, Ciphertext Policy Attribute Based Encryption with Efficient Revocation, technical report, Univ. of Waterloo, 2010.
  26. J. Hur and D. K. Noh, Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems, IEEE Trans. Parallel and Distributed Systems, vol. 22, no. 7, pp. 1214-1221, July 2011.
  27. S. Jahid, P. Mittal, and N. Borisov, Easier: Encryption-Based Access Control in Social Networks with Efficient Revocation, Proc. ACM Symp. Information, Computer and Comm. Security (ASIACCS), Mar. 2011.
  28. S. Ruj, A. Nayak, and I. Stojmenovic, DACC: Distributed Access Control in Clouds, Proc. IEEE 10th Intl Conf. Trust, Security and Privacy in Computing and Comm. (TrustCom), 2011.
Index Terms

Computer Science
Information Sciences

Keywords

Cloud computing Data privacy Fine grained access control Attribute based encryption