Abstract
Data access control is of critical importance in cloud computing, in particular for e-health systems, where a patient Personal Health Records (PHR) data, have a serious privacy concerns about outsourcing to the cloud servers. Presently Key policy attribute based encryption (KP-ABE) is promising advanced cryptographic system for fine-grained access control in cloud computing systems. Yet, Existing access control schemes based on attribute based encryption (ABE), are no longer applicable due to the heavy cryptographic computation and communication overhead of key management. Existing ABE schemes are based on expensive bilinear pairing that make its not scalable and not suitable for cloud e-health systems. In this paper we propose a new Scalable lightweight LKP-ABE scheme based on elliptic curve integrated encryption scheme (ECIES), The best known encryption scheme based on Elliptic Curve Cryptography, applied in e-health system, in order to ensure fine grained access control and data confidentiality of personal health records, and present an advanced secure and scalable encryption/decryption system based on Key Policy Attribute Based Encryption (KP-ABE) for PHR’s. our scheme provide semantic security against chosen cipher-text attacks (CCAs), guaranteed resistance collusion and provide hight level data confidentiality of sharing PHR, by using elliptic curve integrated encryption scheme (ECIES) that has much stronger bit security than RSA as well as other exponential-based public key algorithm and the advanced attribute based encryption KP-ABE. The proof security, performance comparison among LKP-ABE and related schemes is given to prove the performance, low cost communication and execution efficiency of LKP-ABE.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Li, J., Chen, X., Li, J., Jia, C., Ma, J., Lou, W.: Fine-grained access control system based on outsourced attribute-based encryption. In: European Symposium on Research in Computer Security, pp. 592–609. Springer (2013)
Kobrinskii, B.A.: E-health and telemedicine: current state and future steps. E-Health Telecommun. Syst. Netw. 3(4), 50–56 (2014)
Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: SecureComm 2010, pp. 89–106. Springer (2010)
Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parall. Distrib. Syst. 24(1), 131–143 (2013)
Tan, Y.-L., Goi, B.-M., Komiya, R.: Real-time/store-and-forward telemedicine with patients data protection by KP-ABE encryption. In: The International Conference on E-Technologies and Business on the Web (EBW2013), pp. 79–84. The Society of Digital Information and Wireless Communication (2013)
Yang, Y., Liu, X., Deng, R.H., Li, Y.: Lightweight sharable and traceable secure mobile health system. IEEE Trans. Dependable Secure Comput., 11 (2017)
Meddah, N., Toumanari, A.: Reinforce cloud computing access control with key policy attribute-based anonymous proxy reencryption. Int. J. Cloud Comput. 5(3), 187–197 (2016)
Rivest, R., Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Sahai, A., Waters, B., et al.: Fuzzy identity-based encryption. In: Eurocrypt, vol. 3494, pp. 457–473. Springer (2005)
Odelu, V., Das, A.K., Goswami, A.: An Efficient CP-ABE with Constant Size Secret Keys using ECC for Lightweight Devices. IACR Cryptology ePrint Archive 2015, 841 (2015)
Martnez, V.G., Hernndez Encinas, L., Snchez Ávila, C.: A survey of the elliptic curve integrated encryption scheme. Ratio 80(1024), 160–223 (2010)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy, SP07, pp. 321–334. IEEE Computer Society, Washington, DC, USA (2007)
Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Advances in Cryptology-EUROCRYPT 2010. LNCS, vol. 6110, pp. 62–91. Springer, Heidelberg (2010)
Singh, S., Jeong, Y.-S., Park, J.H.: A survey on cloud computing security: Issues, threats and solutions. J. Netw. Comput. Appl. 75, 200–222 (2016). Elsevier
Attrapadung, N., Liber, B., de Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: PKC 2011. LNCS, vol. 6571, pp. 90–108 (2011)
Rafath, N., Ghouri, W., Raziuddin, S.: Security in cloud using ciphertext policy attribute-based encryption with checkability. Int. J. Innov. Res. Comput. Commun. Eng. 3(5), 4427–4434 (2015)
Zhen, Y.: Privacy-preserving personal health record system using attribute-based encryption. Worcester Polytechnic Institute (2011)
Delov, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 98–208 (1983)
Odelu, V., Das, A.K., Sreenivasa Rao, Y., Kumari, S., Khan, M.K., Choo, K.-K.R.: Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment. Comput. Stand. Interfaces (2016). doi:10.1016/j.csi.2016.05.002
Yao, X., Chen, Z., Tian, Y.: A lightweight attribute-based encryption scheme for the internet of things. Future Gener. Comput. Syst. 49, 104–112 (2015). Elsevier
Muthurajan, V., Narayanasamy, B.: An elliptic curve based schnorr cloud security model in distributed environment. Sci. World J. 2016, 18 (2016)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for finegrained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS06, pp. 89–98. ACM, New York (2006)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Meddah, N., Jebrane, A., Toumanari, A. (2018). Scalable Lightweight ABAC Scheme for Secure Sharing PHR in Cloud Computing. In: Ezziyyani, M., Bahaj, M., Khoukhi, F. (eds) Advanced Information Technology, Services and Systems. AIT2S 2017. Lecture Notes in Networks and Systems, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-319-69137-4_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-69137-4_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69136-7
Online ISBN: 978-3-319-69137-4
eBook Packages: EngineeringEngineering (R0)