Skip to main content
SpringerLink
Log in

An attribute-based encryption scheme with multiple authorities on hierarchical personal health record in cloud

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

In the personal health record (PHR) system, the patient’s health records are usually outsourced to a large database, such as the cloud service provider. In order to guarantee the confidentiality of this data , achieve access control with flexibility and fine-grained property, it usually employs ciphertext-policy attribute-based encryption (CP-ABE) scheme in cloud computing. However, the outsourced data have the characteristic of multi-level hierarchy, and the general CP-ABE is inappropriate for being applied in distributed cloud service systems directly to provide the security of hierarchy structure of outsourced data. In this paper, to overcome this challenge, a PHR hierarch CP-ABE scheme with multiple authorities is presented. This protocol integrated some different access structures into a single one, which the hierarchical PHR is encrypted based on. There are multiple authorities to generate and distribute user’s private key all together. According to this mode, it enables to avoid the problem of key escrow and conform to the distributed characteristic of cloud service systems. However, it has no trusted single or central one in these authorities. Moreover, this proposed scheme resists \((N-1)\) corrupted authorities out of N authorities in the collusion attack. Based on the intractability of the standard decisional bilinear Diffie–Hellman problem, the security of this protocol is proven to be semantic secure. Finally, by comparison analysis, this protocol exhibits a better performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute based encryption. In: IEEE symposium on security and privacy—SP2007. IEEE, Berkeley, pp 321–334

  2. Chase M (2007) Multi-authority attribute based encryption. In: Proceedings of the 4th theory of cryptography conference—TCC2007. Springer, Amsterdam, pp 515–534

  3. Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM computer and communications security—CCS2009. ACM, Chicago, pp 121–130

  4. Chu CK, Zhu WT, Han J, Liu JK, Xu J, Zhou J (2013) Security concerns in popular cloud storage services. IEEE Pervasive Comput 12:50–57

    Article  Google Scholar 

  5. Deng H, Wu Q, Qin B, Domingo-Ferrer J, Zhang L, Liu J, Shi W (2014) Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf Sci 275:370–384

    Article  MathSciNet  Google Scholar 

  6. Fan CI, Huang VSM, Ruan HM (2014) Arbitrary-state attribute-based encryption with dynamic membership. IEEE Trans Comput 63:1951–1961

    Article  MathSciNet  Google Scholar 

  7. Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: Zheng Y (ed) Advances in cryptology—ASIACRYPT2011, vol 2501. Springer, Queenstown, pp 548–566

    Google Scholar 

  8. Google (2013) Google health. http://www.healthgoogle.com/

  9. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM computer and communications security—CCS2006. ACM, Virginia, pp 89–98

  10. Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of abe ciphertext. In: Proceedings of the 20th USENIX Security symposium, vol 49. USENIX Association Press, San Francisco, pp 1–16

  11. He D, Kumar N, Wang H, Wang L, Choo KKR, Vinel A (2018) A provably-secure cross-domain handshake scheme with symptoms-matching for mobile healthcare social network. IEEE Trans Depend Secure Comput 15:633–645

    Article  Google Scholar 

  12. He D, Zeadally S, Wu L (2018) Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Syst J 12:64–73

  13. Hu VC, Kuhn DR, Ferraiolo DF (2015) Attribute-based access control. Computer 48:85–88

    Article  Google Scholar 

  14. Jiang T, Chen X, Li J, Wong DS, Ma J, Liu JK (2014) Timer: secure and reliable cloud storage against data re-outsourcing. In: Proceedings of the 10th International conference on information security practice and experience—ISPE 2014, vol 8434. Springer, Fuzhou, pp 346–358

  15. Lai J, Deng RH, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 8:1343–1354

    Article  Google Scholar 

  16. Lewko A, Waters B (2011) Decentralizing attribute-based encryption. In: Advances in cryptology—EUROCRYPT2011, vol 6632. Springer, Berlin, pp 568–588

  17. Li J, Zhang Y, Chen X, Xiang Y (2018) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12

  18. Li P, Li J, Huang Z, Gao CZ, Chen WB, Chen K (2017) Privacy-preserving outsourced classification in cloud computing. Clust Comput. https://doi.org/10.1007/s10586-017-0849-9

  19. Li W, Xue K, Xue Y, Hong J (2016) TMACS: A robust and verifiable threshold multi-authority access control system in public cloud storage. IEEE Trans Parallel Distrib Syst 27:1484–1496

    Article  Google Scholar 

  20. Li X, Ibrahim MH, Kumari S, Sangaiah AK, Gupta V, Choo KKR (2017) Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput Netw 129:429–443

  21. Li X, Niu J, Kumari S, Wu F, Choo KKR (2018) A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Future Gener Comput Syst 83:607–618

  22. Li X, Niu J, Kumari S, Wu F, Sangaiah AK, Choo KKR (2018) A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J Netw Comput Appl 103:194–204

  23. Liang K, Au MH, Liu JK, Susilo W, Wong DS, Yang G, Yu Y, Yang A (2015) A secure and eddicient ciphertext-policy attribute-based proxy re-encryption for cloud data sharing. Future Gener Comput Syst 52:95–108

    Article  Google Scholar 

  24. Microsoft (2007) Microsoft health vault. http://www.healthvault.com/

  25. PublicLaw (1996) Health insurance protability and accountability act of 1996. 104th Congress

  26. Qian H, Li J, Zhang Y, Han J (2015) Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation. Int J Inf Secur 14:487–497

    Article  Google Scholar 

  27. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in cryptology—EUROCRYPT2005, vol 3494. Springer, Aarhus, pp 457–473

    Google Scholar 

  28. Wan Z, Liu J, Deng RH (2012) HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans Inf Forensics Secur 7:743–754

    Article  Google Scholar 

  29. Wang G, Liu Q, Wu J (2010) Hierarchical attribute-based encryption for fine-grained access control in cloud storage service. In: Proceedings of the 17th ACM computer and communications security–CCS2010. ACM, Chicago, pp 735–737

  30. Wang H, Zheng Z, Wu L, He D (2016) New large-universe multi-authority ciphertext-policy abe scheme and its application in cloud storage systems. J High Speed Netw 22:153–167

  31. Wang S, Yu J, Zhang P, Wang P (2015) A novel file hierarchy access control scheme using attribute-based encryption. Appl Mech Mater 701–702:911–918

    Google Scholar 

  32. Wang S, Zhou J, Liu JK, Yu J, Chen J, Xie W (2016) An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans Inf Forensics Secur 11:1265–1277

  33. Zhang Y, Chen X, Li J, SWong D, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61

  34. Zhang Y, Li J, Zheng D, Chen X, Li H (2017) Towards privacy protection and malicious behavior traceability in smart health. Pers Ubiquit Comput 21:815–830

    Article  Google Scholar 

  35. Zhang Z, Li C, Gupta B, Niu D (2018) Efficient compressed ciphertext length scheme using multi-authority CP-ABE for hierarchical attributes. IEEE Access 6:38,273–38,284

    Article  Google Scholar 

  36. Zhong H, Zhu W, Xu Y, Cui J (2018) Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22:243–251

Download references

Acknowledgements

This work was supported by the National Key R&D Program of China under Grant 2017YFB0802000, the Natural Science Foundation of China under Grants 61802303, 61772418, 61772194 and 61472472, the Innovation Ability Support Program in Shaanxi Province of China under Grant 2017KJXX-47, the Natural Science Basic Research Plan in Shaanxi Province of China under Grant 2016JM6033, the Hunan Provincial Natural Science Foundation of China under Grant Nos. 2018JJ3191, 2017JJ2100, and the Open Foundation of State key Laboratory of Networking and Switching Technology (Beijing University of Posts and Telecommunications) under Grants SKLNST-2016-2-11, SKLNST-2018-1-12.

Author information

Authors and Affiliations

  1. National Engineering Laboratory for Wireless Security, Xi’an University of Posts and Telecommunications, Xi’an, 710121, China

    Rui Guo, Dong Zheng & Yinghui Zhang

  2. State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, 100876, China

    Rui Guo & Xiong Li

  3. School of Computer Science and Engineering, Hunan University of Science and Technology, Xiangtan, 411201, China

    Xiong Li

  4. Westone Cryptologic Research Center, Beijing, 100070, China

    Dong Zheng

Authors
  1. Rui Guo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dong Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yinghui Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiong Li.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Guo, R., Li, X., Zheng, D. et al. An attribute-based encryption scheme with multiple authorities on hierarchical personal health record in cloud. J Supercomput 76, 4884–4903 (2020). https://doi.org/10.1007/s11227-018-2644-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-018-2644-7

Keywords

Search

Navigation