Skip to main content
SpringerLink
Log in

Lightweight, verifiable and revocable EHRs sharing with fine-grained bilateral access control

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

EHRs sharing systems provide a secure and efficient way for patients and doctors to share information in smart healthcare. Due to the concern about data confidentiality and authorized access, the exploitation of attribute-based encryption (ABE) is widely adopted for EHRs sharing in cloud storage. However, most ABE-based EHRs sharing system only considered unilateral access control or supported non-flexible bilateral access control. Hence, we propose a lightwight and flexible healthcare data sharing system, LiVeRe, which enables fine-grained bilateral access control and moreover supports efficient user revocation and ciphertext integrity verification for the access control property. Technically, we employ the dual-policy framework to specify the access policy and pre-decryption techniques to alleviate the computational burden, and efficient revocation of user access rights by the KUNode algorithm. We also provide formal security models and correspondingly prove its security. Moreover, we conduct experiments on the cloud to demonstrate the practicality of our LiVeRe scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Algorithm 1
Algorithm 2
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data Availability

No datasets were generated or analysed during the current study.

References

  1. Kanwal, T., Anjum, A., Khan, A.: Privacy preservation in e-health cloud: taxonomy, privacy requirements, feasibility analysis, and opportunities. Clust. Comput. 24, 293–317 (2021)

    Article  Google Scholar 

  2. Pournaghi, S.M., Bayat, M., Farjami, Y.: Medsba: a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption. J. Ambient Intell. Humaniz. Computi. 11, 4613–4641 (2020)

    Article  Google Scholar 

  3. Cynerio’s 2022 state of healthcare iot device security report. https://www.cynerio.com/blog (2022). Accessed 20 December 2023

  4. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology–EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005. Proceedings 24, pp. 457–473. Springer (2005)

  5. Si, X., Wang, P., and Zhang, L.: Kp-abe based verifiable cloud access control scheme. In: 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 34–41. IEEE (2013)

  6. Zhang, L., You, W., Yi, M.: Secure outsourced attribute-based sharing framework for lightweight devices in smart health systems. IEEE Trans. Serv. Comput. 15(5), 3019–3030 (2021)

    Article  Google Scholar 

  7. Wei, J., Chen, X., Huang, X., Xuexian, H., Susilo, W.: Rs-habe: revocable-storage and hierarchical attribute-based access scheme for secure sharing of e-health records in public cloud. IEEE Trans. Dependable Secure Comput. 18(5), 2301–2315 (2019)

    Google Scholar 

  8. Qin, B., Deng, R.H., Liu, S., Ma, S.: Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans. Inf. Forensics Secur. 10(7), 1384–1393 (2015)

    Article  Google Scholar 

  9. Lai, J., Deng, R.H., Guan, C., Weng, J.: Attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Inf. Forensics Secur. 8(8), 1343–1354 (2013)

    Article  Google Scholar 

  10. Yang, Y., Liu, X., Deng, R.H., Li, Y.: Lightweight sharable and traceable secure mobile health system. IEEE Trans. Dependable Secure Comput. 17(1), 78–91 (2017)

    Article  Google Scholar 

  11. He, Q., Zhang, N., Wei, Y., Zhang, Y.: Lightweight attribute based encryption scheme for mobile cloud assisted cyber-physical systems. Comput. Netw. 140, 163–173 (2018)

    Article  Google Scholar 

  12. Xu, S., Zhang, Y., Li, Y., Liu, X., Yang, G.: Generic construction of elgamal-type attribute-based encryption schemes with revocability and dual-policy. In: Security and Privacy in Communication Networks: 15th EAI International Conference, SecureComm 2019, Orlando, FL, USA, October 23–25, 2019, Proceedings, Part II 15, pp. 184–204. Springer (2019)

  13. Cui, H., Deng, R.H., Li, Y., Qin, B.: Server-aided revocable attribute-based encryption. In: Computer Security–ESORICS 2016: 21st European Symposium on Research in Computer Security, Heraklion, Greece, September 26-30, 2016, Proceedings, Part II 21, pp. 570–587. Springer (2016)

  14. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: International Workshop on Public Key Cryptography, pp. 53–70. Springer (2011)

  15. Xu, S., Ning, J., Li, Y., Zhang, Y., Xu, G., Huang, X., Deng, R.: A secure emr sharing system with tamper resistance and expressive access control. IEEE Trans. Dependable Secure Comput. 20(1), 53–67 (2021)

  16. Bao, Y., Qiu, W., Tang, P., Cheng, X.: Efficient, revocable, and privacy-preserving fine-grained data sharing with keyword search for the cloud-assisted medical iot system. IEEE J. Biomed. Health Inform. 26(5), 2041–2051 (2021)

    Article  Google Scholar 

  17. Ibraimi, L., Asim, M., Petković, M.: Secure management of personal health records by applying attribute-based encryption. In: Proceedings of the 6th International Workshop on Wearable, Micro, and Nano Technologies for Personalized Health, pp. 71–74. IEEE (2009)

  18. Li, M., Shucheng, Yu., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2012)

    Article  Google Scholar 

  19. Xhafa, F., Li, J., Zhao, G., Li, J., Chen, X., Wong, D.S.: Designing cloud-based electronic health record system with attribute-based encryption. Multimed. Tools Appl. 74, 3441–3458 (2015)

    Article  Google Scholar 

  20. Kim, H., Song, H., Lee, S., Kim, H., Song, I.: A simple approach to share users’ own healthcare data with a mobile phone. In: 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 453–455. IEEE (2016)

  21. Sun, J., Wang, X., Wang, S., Ren, L.: A searchable personal health records framework with fine-grained access control in cloud-fog computing. PLoS One 13(11), e0207543 (2018)

    Article  Google Scholar 

  22. Saidi, A., Nouali, O., Amira, A.: Share-abe: an efficient and secure data sharing framework based on ciphertext-policy attribute-based encryption and fog computing. Clust. Comput. 25(1), 167–185 (2022)

    Article  Google Scholar 

  23. Peng, G., Zhang, A., Lin, X.: Patient-centric fine-grained access control for electronic medical record sharing with security via dual-blockchain. IEEE Trans. Netw. Sci. Eng. 10(6), 3908–3921 (2023)

  24. Park, Y., Jeon, M.H., Shin, S.U.: Blockchain-based secure and fair iot data trading system with bilateral authorization. Comput. Mater. Continua 76(2), 1871–1890 (2023)

  25. Wu, A., Luo, W., Yang, A., Zhang, Y., Zhu, J.: Efficient bilateral privacy-preserving data collection for mobile crowdsensing. IEEE Trans. Serv. Comput. (2023). https://doi.org/10.1109/TSC.2023.3308261

  26. Liu, J.K, Yuen, T.H., Zhang, P., Liang, K.: Time-based direct revocable ciphertext-policy attribute-based encryption with short revocation list. In: Applied Cryptography and Network Security: 16th International Conference, ACNS 2018, Leuven, Belgium, July 2–4, 2018, Proceedings 16, pp. 516–534. Springer (2018)

  27. Li, J., Yao, W., Zhang, Y., Qian, H., Han, J.: Flexible and fine-grained attribute-based data storage in cloud computing. IEEE Trans. Serv. Comput. 10(5), 785–796 (2016)

    Article  Google Scholar 

  28. Ge, C., Susilo, W., Baek, J., Liu, Z., Xia, J., Fang, L.: Revocable attribute-based encryption with data integrity in clouds. IEEE Trans. Dependable Secure Comput. 19(5), 2864–2872 (2021)

    Article  Google Scholar 

  29. Zhang, Z., Huang, W., Yang, L., Liao, Y., and Zhou, S.: A stronger secure ciphertext fingerprint based commitment scheme for robuster verifiable od-cp-abe in imcc. IEEE Internet Things J. 10(18), 16531–16547 (2023)

  30. Yang, K., Zhang, J., Xiaohua, H., Anwar, M., Shen, X.S.: Privacy-preserving attribute-keyword based data publish-subscribe service on cloud platforms. Inf. Sci. 387, 116–131 (2017)

    Article  MathSciNet  Google Scholar 

  31. Mahdavi, M., Tadayon, M.H., Haghighi, M.S., Ahmadian, Z.: Iot-friendly, pre-computed and outsourced attribute based encryption. Future Gener. Comput. Syst. 150, 115–126 (2024)

    Article  Google Scholar 

  32. Tao, Q., Cui, X.: B-flacs: blockchain-based flexible lightweight access control scheme for data sharing in cloud. Clust. Comput. 26(6), 3931–3941 (2023)

    Article  Google Scholar 

  33. Zong, J., Wang, C., Shen, J., Su, C., and Wang, W.: Relac: Revocable and lightweight access control with blockchain for smart consumer electronics. IEEE Trans. Consum. Electron. (2023). https://doi.org/10.1109/tce.2023.3279652

  34. Chen, S., Li, J., Zhang, Y., Han, J.: Efficient revocable attribute-based encryption with verifiable data integrity. IEEE Internet Things J. 11(6), 10441–10451 (2023)

  35. Xue, J., Shi, L., Zhang, W., Li, W., Zhang, X., Zhou, Yu.: Poly-abe: A traceable and revocable fully hidden policy cp-abe scheme for integrated demand response in multi-energy systems. J. Syst. Architect. 143, 102982 (2023)

    Article  Google Scholar 

  36. Xu, S., Li, Y., Deng, R.H., Zhang, Y., Luo, X., Liu, X.: Lightweight and expressive fine-grained access control for healthcare internet-of-things. IEEE Trans. Cloud Comput. 10(1), 474–490 (2019)

    Article  Google Scholar 

  37. Jiang, Z., Wang, X., Zhang, K., Gong, J., Chen, J., Qian, H.: Revocable identity-based matchmaking encryption in the standard model. IET Inf. Secur. 17(4), 567–581 (2023)

  38. Waters, B.: Efficient identity-based encryption without random oracles. In: Advances in Cryptology–EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005. Proceedings 24, pp. 114–127. Springer (2005)

  39. Rouselakis, Y., Waters, B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 463–474 (2013)

  40. Han, D., Pan, N., Li, K.-C.: A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection. IEEE Trans. Dependable Secure Comput. 19(1), 316–327 (2020)

    Article  Google Scholar 

  41. The Stanford pairing based crypto library. https://crypto.stanford.edu/pbc/ (2006). online

Download references

Acknowledgements

The authors would like to thank the editors and reviewers for their comments and suggestions.

Funding

Funding was provided by National Natural Science Foundation of China (62372285, 61972241), Shanghai Rising-Star Program (22QA1403800), Shanghai Sailing Program (21YF1415000), Natural Science Foundation of Shanghai (22ZR1427100), Program of Shanghai Academic Research Leader (No. 21XD1421500) and Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province (No. SKLACSS-202310).

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Shanghai University of Electric Power, Shanghai, China

    Kai Zhang, Tao Chen & Siyuan Chen

  2. Advanced Cryptography and System Security Key Laboratory of Sichuan Province, Chengdu, Sichuan, China

    Kai Zhang

  3. College of Information Engineering, Shanghai Maritime University, Shanghai, China

    Lifei Wei

  4. College of Computer and Cyber Security, Fujian Normal University, Fuzhou, Fujian, China

    Jianting Ning

Authors
  1. Kai Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tao Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Siyuan Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lifei Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jianting Ning
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Kai Zhang: conceptualization, supervision, funding acquisition, writing—review and editing. Tao Chen: conceptualization, methodology, writing—original draft, writing—review and editing, software. Siyuan Chen: conceptualization, supervision, funding acquisition, project administration. Lifei Wei: Funding acquisition, writing—review and editing. Jianting Ning: conceptualization, methodology, writing—review and editing.

Corresponding author

Correspondence to Lifei Wei.

Ethics declarations

Conflict of interest

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, K., Chen, T., Chen, S. et al. Lightweight, verifiable and revocable EHRs sharing with fine-grained bilateral access control. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04464-w

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10586-024-04464-w

Keywords

Search

Navigation