Abstract
Secure data-sharing in fog–cloud computing is receiving greater attention in information communication systems since it provides users with efficient and effective data transmission. Data-sharing in a smart hospital management system provides a vital service that was previously unavailable or inaccessible. Sharing medical data over a centralized cloud through an insecure channel exposes insider threats and hostile attacks. Fog–cloud-based environments now offer improved data-sharing security. A secure multi-authority data-sharing technique for a smart hospital management system with attribute-based encryption, blowfish encryption, and Boneh–Lynn–Shacham signature is proposed in this paper. Data-sharing requires an additional layer of security even though Attribute-Based Encryption allows for flexible and fine-grained data access control. Hybrid encryption offers greater resistance against brute force assaults. To overcome the issue of user management and key revocation, the proposed work employs a multi-authority short signature scheme. According to the comparison and findings, the proposed approach offers secure and efficient data-sharing in a smart hospital management system.
Similar content being viewed by others
Availability of supporting data
Not Applicable.
References
Bercovitz, A., Moss, A., Sengupta, M., Park-Lee, E.Y., Jones, A., Harris-Kojetin, L.D.: An overview of home health aides: United States, 2007. Natl. Health Stat. Rep. 34, 1–31 (2011)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 457–473. Springer (2005)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy (SP’07), pp. 321–334. IEEE (2007)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on Computer and communications security, pp. 89–98 (2006)
Farahani, B., Firouzi, F., Chang, V., Badaroglu, M., Constant, N., Mankodiya, K.: Towards fog-driven iot ehealth: promises and challenges of iot in medicine and healthcare. Futur. Gener. Comput. Syst. 78, 659–676 (2018)
Mahmud Hossain, S.M., Islam, R., Ali, F., Kwak, K.-S., Hasan, R.: An internet of things-based health prescription assistant and its security system design. Future Gener. Comput. Syst. 82, 422–439 (2018)
Badawi, H.F., Dong, H., El Saddik, A.: Mobile cloud-based physical activity advisory system using biofeedback sensors. Future Gener. Comput. Syst. 66, 59–70 (2017)
Strielkina, A., Uzun, D., Kharchenko, V.: Modelling of healthcare iot using the queueing theory. In: 2017 9th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS), vol. 2, pp. 849–852. IEEE (2017)
Li, H., Dong, M., Ota, K.: Radio access network virtualization for the social Internet of Things. IEEE Cloud Comput. 2(6), 42–50 (2015)
Mahmoud, M.M.E., Rodrigues, J.J.P.C., Saleem, K., Al-Muhtadi, J., Kumar, N., Korotaev, V.: Towards energy-aware fog-enabled cloud of things for healthcare. Comput. Electr. Eng. 67, 58–69 (2018)
Kashani, M.H., Ahmadzadeh, A., Mahdipour, E.: Load balancing mechanisms in fog computing: a systematic review. arXiv preprint arXiv:2011.14706 (2020)
Mukherjee, M., Shu, L., Wang, D.: Survey of fog computing: fundamental, network applications, and research challenges. IEEE Commun. Surv. Tutor. 20(3), 1826–1857 (2018)
Ng, J.H.Y., Luk, B.H.K.: Patient satisfaction: concept analysis in the healthcare context. Patient Educ. Couns. 102(4), 790–796 (2019)
Mohammed, M.N., Syamsudin, H., Al-Zubaidi, S., Aks, R.R., Yusuf, E.: Novel covid-19 detection and diagnosis system using iot based smart helmet. Int. J. Psychosoc. Rehabil. 24(7), 2296–2303 (2020)
Chow, R., Golle, P., Jakobsson, M., Shi, E., Staddon, J., Masuoka, R., Molina, J.: Controlling data in the cloud: outsourcing computation without outsourcing control. In: Proceedings of the 2009 ACM workshop on Cloud computing security, pp. 85–90 (2009)
Mota, A.V., Azam, S., Shanmugam, B., Yeo, K.C., Kannoorpatti, K.: Comparative analysis of different techniques of encryption for secured data transmission. In: 2017 IEEE International Conference on Power, Control, Signals and Instrumentation Engineering (ICPCSI), pp. 231–237. IEEE (2017)
Muthi, V.K.R., Reddy, P., Manjula, S.H.: Secure data sharing in cloud computing: a comprehensive review. Int. J. Comput. (IJC) 25(1), 80–115 (2017)
Mamlin, B.W., Tierney, W.M.: The promise of information and communication technology in healthcare: extracting value from the chaos. Am. J. Med. Sci. 351(1), 59–68 (2016)
Yang, J.-J., Li, J., Mulder, J., Wang, Y., Chen, S., Hong, W., Wang, Q., Pan, H.: Emerging information technologies for enhanced healthcare. Comput. Ind. 69, 3–11 (2015)
Sakr, S., Elgammal, A.: Towards a comprehensive data analytics framework for smart healthcare services. Big Data Res. 4, 44–58 (2016)
Fang, L., Yin, C., Zhu, J., Ge, C., Tanveer, M., Jolfaei, A., Cao, Z.: Privacy protection for medical data sharing in smart healthcare. ACM Trans. Multimed. Comput. Commun. Appl. (TOMM) 16(3s), 1–18 (2020)
Meng, Y., Huang, Z., Shen, G., Ke, C.: Sdn-based security enforcement framework for data sharing systems of smart healthcare. IEEE Trans. Netw. Serv. Manag. 17(1), 308–318 (2019)
Khalid, U., Asim, M., Baker, T., Hung, P.C.K., Tariq, M.A., Rafferty, L.: A decentralized lightweight blockchain-based authentication mechanism for iot systems. Clust. Comput. 23(3), 2067–2087 (2020)
Boyes, H., Hallaq, B., Cunningham, J., Watson, T.: The industrial internet of things (iiot): an analysis framework. Comput. Ind. 101, 1–12 (2018)
Tsigkanos, C., Avasalcai, C., Dustdar, S.: Architectural considerations for privacy on the edge. IEEE Internet Comput. 23(4), 76–83 (2019)
Castelluccia, C., Cunche, M., Métayer, D.L., Morel, V.: Enhancing transparency and consent in the iot. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 116–119. IEEE (2018)
Wang, X., Wang, L., Li, Y., Gai, K.: Privacy-aware efficient fine-grained data access control in internet of medical things based fog computing. IEEE Access 6, 47657–47665 (2018)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Annual international cryptology conference, pp. 213–229. Springer (2001)
Xue, Y., Hong, J., Li, W., Xue, K., Hong, P.: Labac: a location-aware attribute-based access control scheme for cloud storage. In: 2016 IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2016)
Xue, K., Xue, Y., Hong, J., Li, W., Yue, H., Wei, D.S.L., Hong, P.: Raac: robust and auditable access control with multiple attribute authorities for public cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 953–967 (2017)
Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. J. Comput. Secur. 18(5), 799–837 (2010)
Li, J., Yao, W., Han, J., Zhang, Y., Shen, J.: User collusion avoidance cp-abe with efficient attribute revocation for cloud storage. IEEE Syst. J. 12(2), 1767–1777 (2017)
Shengmin, X., Yang, G., Yi, M., Deng, R.H.: Secure fine-grained access control and data sharing for dynamic groups in the cloud. IEEE Trans. Inf. Forensics Secur. 13(8), 2101–2113 (2018)
Wang, S., Guo, K., Zhang, Y.: Traceable ciphertext-policy attribute-based encryption scheme with attribute level user revocation for cloud storage. PLoS One. 13(9), e0203225 (2018). https://doi.org/10.1371/journal.pone.0203225 [Erratum in: PLoS One. 13(10), e0206952 (2018)]
Liu, Z., Cao, Z., Wong, D.S.: White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans. Inf. Forensics Secur. 8(1), 76–88 (2012)
Vengala, D.V.K., Kavitha, D., Kumar, A.P.: Secure data transmission on a distributed cloud server with the help of hmca and data encryption using optimized cp-abe-ecc. Clust. Comput. 23(3), 1683–1696 (2020)
Sajay, K.R., Babu, S.S., Vijayalakshmi, Y.: Enhancing the security of cloud data using hybrid encryption algorithm. J. Ambient Intell. Hum. Comput. (2019). https://doi.org/10.1007/s12652-019-01403-1
Patel, P., Patel, R., Patel, N.: Integrated ecc and blowfish for smartphone security. Procedia Comput. Sci. 78, 210–216 (2016)
Saidi, A., Nouali, O., Amira, A.: Share-abe: an efficient and secure data sharing framework based on ciphertext-policy attribute-based encryption and fog computing. Clust. Comput. 25(1), 167–185 (2022)
Yang, K., Jia, X.: Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Trans. Parallel Distrib. Syst. 25(7), 1735–1744 (2013)
Lai, J., Deng, R.H., Li, Y.: Fully secure cipertext-policy hiding cp-abe. In: International Conference on Information Security Practice and Experience, pp. 24–39. Springer (2011)
Chen, N., Li, J., Zhang, Y., Guo, Y.: Efficient cp-abe scheme with shared decryption in cloud storage. IEEE Trans. Comput. 71(1), 175–184 (2020)
Yuanfei, T., Yang, G., Wang, J., Qingjian, S.: A secure, efficient and verifiable multimedia data sharing scheme in fog networking system. Clust. Comput. 24(1), 225–247 (2021)
Zhao, Y., Zhang, X., Xie, X., Ding, Y., Kumar, S.: A verifiable hidden policy cp-abe with decryption testing scheme and its application in vanet. Trans. Emerg. Telecommun. Technol. 33(5), e3785 (2022)
Zuo, C., Shao, J., Wei, G., Xie, M., Ji, M.: Cca-secure abe with outsourced decryption for fog computing. Future Gener. Comput. Syst. 78, 730–738 (2018)
Hur, J.: Improving security and efficiency in attribute-based data sharing. IEEE Trans. Knowl. Data Eng. 25(10), 2271–2282 (2011)
Funding
The authors did not receive support from any organization for the submitted work.
Author information
Authors and Affiliations
Contributions
GAT and SMSB contributed to conceptualization; GAT and SMSB contributed to methodology; GAT contributed to formal analysis and investigation; GAT contributed to writing—original draft preparation; GAT, SMSB contributed to writing—review and editing; GAT and SMSB contributed to resources; SMSB contributed to supervision.
Corresponding author
Ethics declarations
Conflict of interest
The authors have no relevant financial or non-financial interests to disclose.
Ethical approval and consent to participate
Authors are responsible for correctness of the statements provided in the manuscript.
Consent for publication
Additional informed consent was obtained from all individual participants for whom identifying information is included in this article.
Human ethics
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Thushara, G.A., Bhanu, S.M.S. A new hybrid encryption in fog–cloud environment for secure medical data-sharing. Iran J Comput Sci 6, 169–183 (2023). https://doi.org/10.1007/s42044-022-00129-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s42044-022-00129-2