Abstract
The modern medical system is convergence of cutting-edge technologies and advancements in the healthcare environment. In the modern medical system, the storage of electronic health records is generally leased out to third-party cloud service providers (CSPs). But, CSPs cannot be entirely relied upon due to the potential security and privacy issues. This article presents Multi-Authority and Hierarchical Attribute-Based Encryption Scheme (MH-ABE) scheme to promote secure information sharing and protect patient’s privacy. The utilization of CP-ABE in conjunction with multiple Attribute Authorities within the proposed MH-ABE scheme presents a scalable and fine-grained approach to data access control. The proposed MH-ABE scheme incorporates the utilization of a Hierarchical Access Tree to effectively encrypt numerous files concurrently, hence reducing the computational and storage cost. The proposed scheme has also been evaluated using a comparative analysis with existing schemes, emphasizing the assessment of computational and storage costs. The findings of this analysis demonstrate improved performance and efficiency of the proposed ciphertext policy based encryption scheme. The proposed MH-ABE scheme incorporates features such as policy hiding and revocation, and it exhibits resilience against attacks, including collusion resistance, Indistinguishability under chosen-plaintext attack and forward secrecy.
Similar content being viewed by others
Data availability
Not applicable.
References
Kaur, J., Rani, R., Kalra, N.: Attribute-based access control scheme for secure storage and sharing of ehrs using blockchain and ipfs. Clust. Comput. (2023). https://doi.org/10.1007/s10586-023-04038-2
Choksy, P., Chaurasia, A., Rao, U.P., et al.: Attribute based access control (abac) scheme with a fully flexible delegation mechanism for iot healthcare. Peer-to-Peer Netw. Applic. 16(3), 1445–1467 (2023)
Mahajan, H.B., Rashid, A.S., Junnarkar, A.A., et al.: Integration of healthcare 4.0 and blockchain into secure cloud-based electronic health records systems. Appl. Nanosci. 13(3), 2329–2342 (2023)
Liu, J., Fan, Y., Sun, R., et al.: Blockchain-aided privacy-preserving medical data sharing scheme for e-healthcare system. IEEE Internet Things J. 10, 21377 (2023)
Pandey, A.K., Arivazhagan, D., Rane, S., et al.: A novel digital mark cp-abe access control scheme for public secure efficient cloud storage technique. Int. J. Intell. Syst. Appl. Eng. 11(3s), 100–103 (2023)
Miao, Y., Li, F., Li, X., et al.: Verifiable outsourced attribute-based encryption scheme for cloud-assisted mobile e-health system. IEEE Trans. Depend. Secure Comput. (2023). https://doi.org/10.1109/TDSC.2023.3292129
Jiang, Y., Xu, X., Xiao, F.: Attribute-based encryption with blockchain protection scheme for electronic health records. IEEE Trans. Netw. Serv. Manag. 19(4), 3884–3895 (2022)
Edemekong, P.F., Annamaraju, P., Haydel, M.J.: Health insurance portability and accountability act of 1996. Public Law 104, 191 (2018)
Zhao, C., Xu, L., Li, J., et al.: Toward secure and privacy-preserving cloud data sharing: online/offline multiauthority cp-abe with hidden policy. IEEE Syst. J. 16(3), 4804–4815 (2022)
Singamaneni, K.K., Naidu, P.S.: An efficient quantum hash-based cp-abe framework on cloud storage data. Int. J. Adv. Intell. Paradig. 22(3–4), 336–347 (2022)
Saidi, A., Nouali, O., Amira, A.: Share-abe: an efficient and secure data sharing framework based on ciphertext-policy attribute-based encryption and fog computing. Clust. Comput. 25(1), 167–185 (2022)
Das, S., Namasudra, S.: Multiauthority cp-abe-based access control model for iot-enabled healthcare infrastructure. IEEE Trans. Ind. Inf. 19(1), 821–829 (2022)
Sethi, K., Pradhan, A., Bera, P.: Pmter-abe: a practical multi-authority cp-abe with traceability, revocation and outsourcing decryption for secure access control in cloud systems. Clust. Comput. 24, 1525–1550 (2021)
Chase, M.: Multi-authority attribute based encryption. In: Theory of cryptography conference, pp. 515–534. Springer, Berlin (2007)
Lin, H., Cao, Z., Liang, X., et al.: Secure threshold multi authority attribute based encryption without a central authority. Inform. Sci. 180(13), 2618–2632 (2010)
Chase, M., Chow, SS.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM conference on computer and communications security, pp. 121–130. (2009)
Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Annual international conference on the theory and applications of cryptographic techniques, pp. 568–588. Springer, Cham (2011)
Liang, P., Zhang, L., Kang, L., et al.: Privacy-preserving decentralized abe for secure sharing of personal health records in cloud storage. J. Inform. Secur. Appl. 47, 258–266 (2019)
Hur, J.: Attribute-based secure data sharing with hidden policies in smart grid. IEEE Trans. Parallel Distrib. Syst. 24(11), 2171–2180 (2013)
Zhang, Y., Chen, X., Li, J., et al.: Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the 8th ACM SIGSAC symposium on information, computer and communications security, pp. 511–516 (2013)
Zhou, Z., Huang, D., Wang, Z.: Efficient privacy-preserving ciphertext-policy attribute based-encryption and broadcast encryption. IEEE Trans. Comput. 1(64), 126–138 (2015)
Phuong, T.V.X., Yang, G., Susilo, W.: Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans. Inform. Forensics Secur. 11(1), 35–45 (2015)
Belguith, S., Kaaniche, N., Laurent, M., et al.: Phoabe: securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted iot. Comput. Netw. 133, 141–156 (2018)
Miao, Y., Liu, X., Choo, K.K.R., et al.: Privacy-preserving attribute-based keyword search in shared multi-owner setting. IEEE Trans. Depend. Secure Comput. 18(3), 1080–1094 (2019)
Li, J., Zhang, Y., Ning, J., et al.: Attribute based encryption with privacy protection and accountability for cloudiot. IEEE Trans. Cloud Comput. 10(2), 762–773 (2020)
Zhang, Z., Zhang, W., Qin, Z.: A partially hidden policy cp-abe scheme against attribute values guessing attacks with online privacy-protective decryption testing in iot assisted cloud computing. Future Gener. Comput. Syst. 123, 181–195 (2021)
Nasiraee, H., Ashouri-Talouki, M.: Anonymous decentralized attribute-based access control for cloud-assisted iot. Future Gener. Comput. Syst. 110, 45–56 (2020)
Zhang, L., Ren, J., Mu, Y., et al.: Privacy-preserving multi-authority attribute-based data sharing framework for smart grid. IEEE Access 8, 23294–23307 (2020)
Zeng, P., Zhang, Z., Lu, R., et al.: Efficient policy-hiding and large universe attribute-based encryption with public traceability for internet of medical things. IEEE Internet Things J. 8(13), 10963–10972 (2021)
Zhang, L., Gao, X., Kang, L., et al.: Distributed ciphertext-policy attribute-based encryption with enhanced collusion resilience and privacy preservation. IEEE Syst. J. 16(1), 735–746 (2021)
Sabitha, S., Rajasree, M.: Multi-level on-demand access control for flexible data sharing in cloud. Clust. Comput. 24(2), 1455–1478 (2021)
Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: Advances in cryptology-ASIACRYPT 2002: 8th international conference on the theory and application of cryptology and information security Queenstown, New Zealand, pp. 548–566, December 1–5, 2002 Proceedings 8, Springer (2002)
Wang, G., Liu, Q., Wu, J.: Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of the 17th ACM conference on computer and communications security, pp. 735–737 (2010)
Wan, Z., Deng, R.H., et al.: Hasbe: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inform. Forensics Secur. 7(2), 743–754 (2011)
Tang, W., Zhang, K., Ren, J., et al.: Lightweight and privacy-preserving fog-assisted information sharing scheme for health big data. In: GLOBECOM 2017-2017 IEEE global communications conference, pp. 1–6. IEEE (2017)
Li, J., Yu, Q., Zhang, Y.: Hierarchical attribute based encryption with continuous leakage-resilience. Inform. Sci. 484, 113–134 (2019)
Riad, K., Huang, T., Ke, L.: A dynamic and hierarchical access control for iot in multi-authority cloud storage. J. Netw. Comput. Appl. 160, 102633 (2020)
Luo, E., Liu, Q., Wang, G.: Hierarchical multi-authority and attribute-based encryption friend discovery scheme in mobile social networks. IEEE Commun. Lett. 20(9), 1772–1775 (2016)
Wang, S., Zhou, J., Liu, J.K., et al.: An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans. Inform. Forensics Secur. 11(6), 1265–1277 (2016)
Li, J., Chen, N., Zhang, Y.: Extended file hierarchy access control scheme with attribute-based encryption in cloud computing. IEEE Trans. Emerg. Top. Comput. 9(2), 983–993 (2019)
Fu, J., Wang, N.: A practical attribute-based document collection hierarchical encryption scheme in cloud computing. IEEE Access 7, 36218–36232 (2019)
Guo, R., Li, X., Zheng, D., et al.: An attribute-based encryption scheme with multiple authorities on hierarchical personal health record in cloud. J. Supercomput. 76(7), 4884–4903 (2020)
Sandhia, G., Kasmir Raja, S., Jansi, K.: Multi-authority-based file hierarchy hidden cp-abe scheme for cloud security. SOCA 12(3), 295–303 (2018)
Liu, Q., Wang, G., Wu, J.: Time-based proxy re-encryption scheme for secure data sharing in a cloud environment. Inform. Sci. 258, 355–370 (2014)
Bethencourt, J., Sahai, A., Water, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP’07), pp. 321–334. IEEE, (2007)
Xu, S., Yang, G., Mu, Y., et al.: A secure iot cloud storage system with fine-grained access control and decryption key exposure resistance. Future Gener. Comput. Syst. 97, 284–294 (2019)
Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2010)
Xiong, H., Huang, X., Yang, M., et al.: Unbounded and efficient revocable attribute-based encryption with adaptive security for cloud-assisted internet of things. IEEE Internet Things J. 9(4), 3097–3111 (2021)
Wang, H., Zheng, Z., Wu, L., et al.: New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Clust. Comput. 20, 2385–2392 (2017)
Wu, A., Zheng, D., Zhang, Y., et al.: Hidden policy attribute-based data sharing with direct revocation and keyword search in cloud computing. Sensors 18(7), 2158 (2018)
Yu, S., Wang, C., Ren, K., et al.: (2010) Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM symposium on information, computer and communications security, pp. 261–270
Wang, G., Liu, Q., Wu, J., et al.: Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Comput. Secur. 30(5), 320–331 (2011)
Liang, K., Au, M.H., Liu, J.K., et al.: A secure and efficient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. Future Gener. Comput. Syst. 52, 95–108 (2015)
Xu, X., Zhou, J., Wang, X., et al.: Multi-authority proxy re-encryption based on cpabe for cloud storage systems. J. Syst. Eng. Electron. 27(1), 211–223 (2016)
Deng, H., Qin, Z., Wu, Q., et al.: Flexible attribute-based proxy re-encryption for efficient data sharing. Inf. Sci. 511, 94–113 (2020)
Li, Q., Xia, B., Huang, H., et al.: Trac: traceable and revocable access control scheme for mhealth in 5g-enabled iiot. IEEE Trans. Ind. Inf. 18(5), 3437–3448 (2021)
Yin, H., Zhang, L.: Security analysis and improvement of an anonymous attribute-based proxy re-encryption. In: Security, privacy, and anonymity in computation, communication, and storage: 10th international conference, SpaCCS 2017, Guangzhou, China, pp. 344–352. December 12-15, 2017, Proceedings 10, Springer (2017)
Fan, K., Xu, H., Gao, L., et al.: Efficient and privacy preserving access control scheme for fog-enabled iot. Futur. Gener. Comput. Syst. 99, 134–142 (2019)
Zhang, Z., Li, C., Gupta, B.B., et al.: Efficient compressed ciphertext length scheme using multi-authority cp-abe for hierarchical attributes. IEEE Access 6, 38273–38284 (2018)
Qian, H., Li, J., Zhang, Y., et al.: Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation. Int. J. Inform. Secur. 14(6), 487–497 (2015)
Liu, X., Yang, X., Luo, Y., et al.: Anonymous electronic health record sharing scheme based on decentralized hierarchical attribute-based encryption in cloud environment. IEEE Access 8, 200180–200193 (2020)
Zhong, H., Zhu, W., Xu, Y., et al.: Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft. Comput. 22, 243–251 (2018)
Shen, J., Liu, D., Liu, Q., et al.: Secure authentication in cloud big data with hierarchical attribute authorization structure. IEEE Trans. Big Data 7(4), 668–677 (2017)
Funding
The authors have not disclosed any funding.
Author information
Authors and Affiliations
Contributions
The authors collectively participated in formulating the problem and preparing the manuscript. SR and JA played a crucial role in the project, as they drafted the initial version of the paper and conducted a comprehensive literature review of the existing CP-ABE based schemes. JA came up with a proposed solution to the drawbacks of the existing scheme. SR was responsible for carrying out the empirical evaluation of the approach to determine its effectiveness. AK and UPR provided supervision and guidance throughout the project to ensure that all aspects were completed to a high standard. The team worked collaboratively to produce a thorough and well-rounded piece of research.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Ethical approval
Not applicable.
Consent to publish
All the authors are agreed for the publication.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Roy, S., Agrawal, J., Kumar, A. et al. Mh-abe: multi-authority and hierarchical attribute based encryption scheme for secure electronic health record sharing. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04283-z
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10586-024-04283-z