Abstract
Revocation of access control on private e-healthcare records (EHRs) allows to revoke the access rights of valid users. Most existing solutions rely on a trusted third party too much to generate and update decryption keys, or require the computations of non-revoked users during the revocation, which make them impractical for some more complicated scenarios. In this paper, we propose a new revocation model, referred to as non-interactive revocable identity-based access control (NRIBAC) on EHRs. In NRIBAC, a trusted third party only needs to generate secret keys for group authorities and each group authority can generate decryption keys for the users in its domain. The NRIBAC distinguishes itself from other revocation schemes by the advantageous feature that it does not require any participation of non-revoked users in the revocation. We construct an NRIBAC scheme with short ciphertexts and decryption keys by leveraging hierarchical identity-based encryption and introducing the version information. We formally prove the security of the NRIBAC scheme and conduct thorough theoretical analysis to evaluate the performance. The results reveal that the scheme provides favorable revocation procedure without disturbing non-revoked users.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Belsis, P., Vassis, D., Gritzalis, S., Skourlas, C.: W-ehr: a wireless distributed framework for secure dissemination of electronic healthcare records. In: IWSSIP 2009, pp. 1–4. IEEE (2009)
Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encrytion with efficient revocation. In: ACM CCS 2008, pp. 417–426. ACM (2008)
Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Deng, H., Wu, Q., Qin, B., Chow, S.S.M., Domingo-Ferrer, J., Shi, W.: Tracing and revoking leaked credentials: accountability in leaking sensitive outsourced data. In: ASIACCS 2014, pp. 425–434. ACM (2014)
Deng, H., Wu, Q., Qin, B., Domingo-Ferrer, J., Zhang, L., Liu, J., Shi, W.: Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Information Sciences 275, 370–384 (2014)
Deng, H., Wu, Q., Qin, B., Mao, J., Liu, X., Zhang, L., Shi, W.: Who is touching my cloud. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part I. LNCS, vol. 8712, pp. 362–379. Springer, Heidelberg (2014)
Jin, J., Ahn, G.-J., Hu, H., Covington, M.J., Zhang, X.: Patient-centric authorization framework for sharing electronic health records. In: SACMAT 2009, pp. 125–134. ACM (2009)
Lee, K., Choi, S.G., Lee, D.H., Park, J.H., Yung, M.: Self-updatable encryption: Time constrained access control with hidden attributes and better efficiency. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 235–254. Springer, Heidelberg (2013)
Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel and Distributed Systems 24(1), 131–143 (2013)
Liang, K., Liu, J.K., Wong, D.S., Susilo, W.: An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014, Part I. LNCS, vol. 8712, pp. 257–272. Springer, Heidelberg (2014)
Libert, B., Vergnaud, D.: Adaptive-ID secure revocable identity-based encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009)
Mashima, D., Ahamad, M.: Enabling robust information accountability in e-healthcare systems. In: 3rd USENIX Workshop on Health Security and Privacy (2012)
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001)
Park, S., Lee, K., Lee, D.H.: New constructions of revocable identity-based encryption from multilinear maps. In: Cryptology ePrint Archive, Report 2013/880 (2013), http://eprint.iacr.org/2013/880
Perumal, B., Rajasekaran, M.P., Duraiyarasan, S.: An efficient hierarchical attribute set based encryption scheme with revocation for outsourcing personal health records in cloud computing. In: ICACCS 2013, pp. 1–5. IEEE (2013)
Sahai, A., Seyalioglu, H., Waters, B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 199–217. Springer, Heidelberg (2012)
Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: Security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013)
Seo, J.H., Emura, K.: Efficient delegation of key generation and revocation functionalities in identity-based encryption. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 343–358. Springer, Heidelberg (2013)
Shoniregun, C.A., Dube, K., Mtenzi, F.: Secure e-healthcare information systems. In: Electronic Healthcare Information Security, pp. 101–121. Springer US (2010)
Sun, L., Wang, H., Yong, J., Wu, G.: Semantic access control for cloud computing based on e-Healthcare. In: CSCWD 2012, pp. 512–518. IEEE (2012)
Yi, X., Miao, Y., Bertino, E., Willemson, J.: Multiparty privacy protection for electronic health records. In: GLOBECOM 2013, pp. 2730–2735. IEEE (2013)
Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: ASIACCS 2010, pp. 261–270. ACM (2010)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Zhou, Y., Liu, J., Deng, H., Qin, B., Zhang, L. (2015). Non-interactive Revocable Identity-Based Access Control over e-Healthcare Records. In: Lopez, J., Wu, Y. (eds) Information Security Practice and Experience. ISPEC 2015. Lecture Notes in Computer Science(), vol 9065. Springer, Cham. https://doi.org/10.1007/978-3-319-17533-1_33
Download citation
DOI: https://doi.org/10.1007/978-3-319-17533-1_33
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17532-4
Online ISBN: 978-3-319-17533-1
eBook Packages: Computer ScienceComputer Science (R0)