With the popularity of Internet of Things (IoT) and cloud computing technologies, mobile healthcare (mHealth) can offer remote, accurate, and effective medical services for patients according to their personal health records (PHRs). However, data security and efficient access of the PHR should be addressed. Attribute-based encryption (ABE) is regarded as a well-received cryptographic mechanism to simultaneously realize fine-grained access control and data confidentiality in mHealth. Nevertheless, existing works are either constructed in the single-authority setting which may be a performance bottleneck, or lack of efficient user decryption. In this paper, we propose SEMAAC, a secure and efficient multi-authority access control system for IoT-enabled mHealth. In SEMAAC, there are multiple independently worked attribute authorities (AAs). A new entity could be an AA without re-building the system. To reduce the user decryption overhead, most decryption is executed in cloud server, which whereafter returns a partial decryption ciphertext (PDC). The AAs can help the user to check if the PDC is correctly computed. Additionally, a restricted user can delegate his/her key to someone to outsource the decryption and check the returned result, without exposing the plaintext PHR file. The proposed SEMAAC is proved to be adaptively secure in the standard model. The numerical analysis and extensive experiments illustrate the efficiency and advantage of our scheme.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Hahn C, Kwon H, Hur J (2016) Efficient attribute-based secure data sharing with hidden policies and traceability in mobile health networks. Mob Inf Syst 2016:13
Xu LD, He W, Li S (2014) Internet of things in industries: a survey. IEEE Trans Ind Inf 10(4):2233–2243
Wu D, Shi H, Wang H, Wang R, Fang H (2018) A feature-based learning system for internet of things applications. IEEE Internet Things J 1–1. https://doi.org/10.1109/JIOT.2018.2884485
Xiong J, Ren J, Chen L et al (2018) Enhancing privacy and availability for data clustering in intelligent electrical service of iot. IEEE Internet Things J 1–10. https://doi.org/10.1109/JIOT.2018.2842773
Al-Janabi S, Al-Shourbaji I, Shojafar M, Shamshirband S (2017) Survey of main challenges (security and privacy) in wireless body area networks for healthcare applications. Egyptian Inf J 18(2):113–122
Zhang Y, Deng RH, Liu X, Zheng D (2018) Blockchain based efficient and robust fair payment for outsourcing services in cloud computing. Inf Sci 462:262–277
Yang YL, Liu R, Chen YL, Li T, Tang Y (2018) Normal cloud model-based algorithm for multi-attribute trusted cloud service selection. IEEE Access 7:37644–37652
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Cramer R (ed) Advances in cryptology – EUROCRYPT 2005, Lecture Notes in Computer Science, vol 3494. Springer, Berlin, pp 457–473
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security, CCS ’06. ACM, New York, pp 89– 98
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: IEEE symposium on security and privacy, 2007. SP ’07, pp 321–334
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42– 61
Chase M (2007) Multi-authority attribute based encryption. In: Vadhan S (ed) Theory of cryptography. Lecture Notes in Computer Science, vol 4392. Springer, Berlin, pp 515–534
Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM conference on computer and communications security, CCS ’09. ACM, New York, pp 121–130
Liu Z, Cao Z, Huang Q, Wong D, Yuen T (2011) Fully secure multi-authority ciphertext-policy attribute-based encryption without random oracles. In: Atluri V, Diaz C (eds) Computer security – ESORICS 2011. Lecture Notes in Computer Science, vol 6879. Springer, Berlin, pp 278–297
Li Q, Ma J, Li R, Xiong J, Liu X (2015) Large universe decentralized key-policy attribute-based encryption. Secur Commun Netw 8(3):501–509
Li Q, Ma J, Li R, Xiong J, Liu X (2015) Provably secure unbounded multi-authority ciphertext-policy attribute-based encryption. Secur Commun Netw 8(18):4098–4109
Xue K, Xue Y, Hong J, Li W, Yue H, Wei DSL, Hong P (2017) Raac: robust and auditable access control with multiple attribute authorities for public cloud storage. IEEE Trans Inf Forensics Secur 12(4):953–967
Green M, Hohenberger S, Waters B (2011) Outsourcing the decryption of abe ciphertexts. In: Proceedings of the 20th USENIX conference on security, SEC’11. USENIX Association, Berkeley, pp 34–34
Lai J, Deng R, Guan C, Weng J (2013) Attribute-based encryption with verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 8(8):1343–1354
Li J, Wang Y, Zhang Y, Han J (2017) Full verifiability for outsourced decryption in attribute based encryption. IEEE Trans Serv Comput PP(99):1–1
Ning J, Cao Z, Dong X, Liang K, Ma H, Wei L (2018) Auditable σ -time outsourced attribute-based encryption for access control in cloud computing. IEEE Trans Inf Forensics Secur 13(1):94– 105
Lewko A, Okamoto T, Sahai A, Takashima K, Waters B (2010) Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert H (ed) Advances in cryptology – EUROCRYPT 2010. Lecture Notes in Computer Science, vol 6110. Springer, Berlin, pp 62–91
Lewko A, Waters B (2011) Decentralizing attribute-based encryption. Advances in Cryptology – EUROCRYPT 2011. Lecture Notes in Computer Science, vol 6632. In: Paterson K (ed). Springer, Berlin, pp 568–588
Zhang Y, Zheng D, Deng RH (2018) Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Internet Things J 5(3):2130–2145
Li J, Huang Q, Chen X, Chow SSM, Wong DS, Xie D (2011) Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceedings of the 6th ACM symposium on information, computer and communications security, ASIACCS ’11. ACM, New York, pp 386–390
Qin B, Deng RH, Liu S, Ma S (2015) Attribute-based encryption with efficient verifiable outsourced decryption. IEEE Trans Inf Forensics Secur 10(7):1384–1393
Gao C, Lv S, Wei Y, Wang Z, Liu Z, Cheng X (2018) M-sse: an effective searchable symmetric encryption with enhanced security for mobile devices. IEEE Access 1–1
Wang X, Zhang Y, Zhu H, Jiang L (2018) An identity-based signcryption on lattice without trapdoor. J Univ Comput Sci 1–1
Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Gao C, Cheng Q, He P, Susilo W, Li J (2018) Privacy-preserving naive bayes classifiers secure against the substitution-then-comparison attack. Inf Sci 444:72–88
Yu Z, Gao CZ, Jing Z, Gupta BB, Cai Q (2018) A practical public key encryption scheme based on learning parity with noise. IEEE Access 6:31918–31923
Li J, Li YK, Chen X, Lee PPC, Lou W (2015) A hybrid cloud approach for secure authorized deduplication. IEEE Trans Parallel Distrib Syst 26(5):1206–1216
Yang L, Han Z, Huang Z, Ma J (2018) A remotely keyed file encryption scheme under mobile cloud computing. J Netw Comput Appl 106:90–99
Wang H, He D, Han J (2017) Vod-adac: anonymous distributed fine-grained access control protocol with verifiable outsourced decryption in public cloud. IEEE Trans Serv Comput PP(99):1–1
Wang H, He D, Yu J, Wang Z (2018) Incentive and unconditionally anonymous identity-based public provable data possession. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.2016.2633260
Yu S, Wang C, Ren K, Lou W (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp 1–9
Li Q, Ma J, Li R, Liu X, Xiong J, Chen D (2016) Secure, efficient and revocable multi-authority access control system in cloud storage. Comput Secur 59:45–59
Yang Y, Liu X, Deng RH (2017) Lightweight break-glass access control system for healthcare internet-of-things. IEEE Trans Ind Inf 14(8):3610–3617
Li J, Huang X, Li J, Chen X, Xiang Y (2014) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210
Wang H, Zheng Z, Wu L, Li P (2017) New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Clust Comput 20(3):2385– 2392
Li J, Chen X, Chow SS, Huang Q, Wong DS, Liu Z (2018) Multi-authority fine-grained access control with accountability and its application in cloud. J Netw Comput Appl 112:89– 96
Beimel A (1996) Secure schemes for secret sharing and key distribution. DSc dissertation
Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. Springer, Berlin, pp 53–70
Rahulamathavan Y, Veluru S, Han J, Li F, Rajarajan M, Lu R (2016) User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption. IEEE Trans Comput 65(9):2939–2946
De Caro A, Iovino V (2011) jpbc: Java pairing based cryptography. In: Proceedings of the 16th IEEE symposium on computers and communications, ISCC 2011, Kerkyra, Corfu, Greece, June 28–July 1, pp 850–855
We thank the reviewers for the helpful comments.
This research is supported by the National Natural Science Foundation of China under grant no. 61502248, 61872192, 61427801, u1405255, China Postdoctoral Science Foundation (Grant no. 2018M632350), Natural Science Foundation of Jiangsu Province (No. BK20181394) and Qing Lan Project.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Li, Q., Zhu, H., Xiong, J. et al. Fine-grained multi-authority access control in IoT-enabled mHealth. Ann. Telecommun. 74, 389–400 (2019). https://doi.org/10.1007/s12243-018-00702-6
- Mobile healthcare
- Attribute-based encryption
- Access control
- Multiple authorities
- Efficient decryption