Security and privacy in smart health: Efficient policy-hiding attribute-based access control

Security and privacy in smart health: Efficient policy-hiding attribute-based access control

With the rapid development of the Internet of Things (IoT) and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received so...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHANG, Yinghui, ZHENG, Dong, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2018
Subjects:
Access control
Attribute-based encryption
Cloud computing
Cryptography
Decryption test
Full security
Hospitals
Internet of Things
Large universe
Privacy protection
Smart health
Urban areas
Health Information Technology
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/4000
https://ink.library.smu.edu.sg/context/sis_research/article/5002/viewcontent/08334589.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-5002
record_format dspace
spelling sg-smu-ink.sis_research-50022020-06-02T05:14:28Z Security and privacy in smart health: Efficient policy-hiding attribute-based access control ZHANG, Yinghui ZHENG, Dong DENG, Robert H. With the rapid development of the Internet of Things (IoT) and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received solution to realize fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has the potential to ensure data security in s-health. Nevertheless, direct adoption of the traditional CP-ABE in s-health suffers two flaws. For one thing, access policies are in cleartext form and reveal sensitive health-related information in the encrypted s-health records (SHRs). For another, it usually supports small attribute universe, which places an undesirable limitation on practical deployments of CP-ABE because the size of its public parameters grows linearly with the size of the universe. To address these problems, we introduce PASH, a privacy-aware s-health access control system, in which the key ingredient is a large universe CP-ABE with access policies partially hidden. In PASH, attribute values of access policies are hidden in encrypted SHRs and only attribute names are revealed. In fact, attribute values carry much more sensitive information than generic attribute names. Particularly, PASH realizes an efficient SHR decryption test which needs a small number of bilinear pairings. The attribute universe can be exponentially large and the size of public parameters is small and constant. Our security analysis indicates that PASH is fully secure inthe standard model. Performance comparisons and experimental results show that PASH is more efficient and expressive than previous schemes. 2018-06-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/4000 info:doi/10.1109/JIOT.2018.2825289 https://ink.library.smu.edu.sg/context/sis_research/article/5002/viewcontent/08334589.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Access control Attribute-based encryption Cloud computing Cryptography Decryption test Full security Hospitals Internet of Things Large universe Privacy protection Smart health Urban areas Health Information Technology Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic Access control
Attribute-based encryption
Cloud computing
Cryptography
Decryption test
Full security
Hospitals
Internet of Things
Large universe
Privacy protection
Smart health
Urban areas
Health Information Technology
Information Security
spellingShingle Access control
Attribute-based encryption
Cloud computing
Cryptography
Decryption test
Full security
Hospitals
Internet of Things
Large universe
Privacy protection
Smart health
Urban areas
Health Information Technology
Information Security
ZHANG, Yinghui
ZHENG, Dong
DENG, Robert H.
Security and privacy in smart health: Efficient policy-hiding attribute-based access control
description With the rapid development of the Internet of Things (IoT) and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received solution to realize fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has the potential to ensure data security in s-health. Nevertheless, direct adoption of the traditional CP-ABE in s-health suffers two flaws. For one thing, access policies are in cleartext form and reveal sensitive health-related information in the encrypted s-health records (SHRs). For another, it usually supports small attribute universe, which places an undesirable limitation on practical deployments of CP-ABE because the size of its public parameters grows linearly with the size of the universe. To address these problems, we introduce PASH, a privacy-aware s-health access control system, in which the key ingredient is a large universe CP-ABE with access policies partially hidden. In PASH, attribute values of access policies are hidden in encrypted SHRs and only attribute names are revealed. In fact, attribute values carry much more sensitive information than generic attribute names. Particularly, PASH realizes an efficient SHR decryption test which needs a small number of bilinear pairings. The attribute universe can be exponentially large and the size of public parameters is small and constant. Our security analysis indicates that PASH is fully secure inthe standard model. Performance comparisons and experimental results show that PASH is more efficient and expressive than previous schemes.
format text
author ZHANG, Yinghui
ZHENG, Dong
DENG, Robert H.
author_facet ZHANG, Yinghui
ZHENG, Dong
DENG, Robert H.
author_sort ZHANG, Yinghui
title Security and privacy in smart health: Efficient policy-hiding attribute-based access control
title_short Security and privacy in smart health: Efficient policy-hiding attribute-based access control
title_full Security and privacy in smart health: Efficient policy-hiding attribute-based access control
title_fullStr Security and privacy in smart health: Efficient policy-hiding attribute-based access control
title_full_unstemmed Security and privacy in smart health: Efficient policy-hiding attribute-based access control
title_sort security and privacy in smart health: efficient policy-hiding attribute-based access control
publisher Institutional Knowledge at Singapore Management University
publishDate 2018
url https://ink.library.smu.edu.sg/sis_research/4000
https://ink.library.smu.edu.sg/context/sis_research/article/5002/viewcontent/08334589.pdf
_version_ 1770574116007444480

Similar Items