Secure Role-Based Access Control over Outsourced EMRs Against Unwanted Leakage

  • Xingguang Zhou
  • Jie Chen
  • Zongyang ZhangEmail author
  • Jianwei LiuEmail author
  • Qianhong WuEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10581)


Along with large scale deployment of electronic medical record systems, huge amount of health data is collected. To protect the sensitive information, it must be securely stored and accessed. Considering secure storage on cloud servers, we summary a series of attack behaviors and present the security model against many types of unwanted privacy leakage. In this model, the privacy of unleaked medical records is guaranteed, and the influences of privacy leakage are confined in a strict manner. We also propose a role-based access control scheme for hierarchical healthcare organizations to achieve flexible access on these private records. One can access medical records only if his role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.


Secure Medical records Leakage Role-based access control 



Zongyang Zhang is supported by the fund of the State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, under grant No. 2017-MS-02. Qianhong Wu is supported by the Natural Science Foundation of China through projects 61672083, 61370190, 61532021, 61472429, and 61402029, by the National Cryptography Development Fund through project MMJJ20170106, by the planning fund project of ministry of education through project 12YJAZH136 and by the Beijing Natural Science Foundation through project 4132056.


  1. 1.
    Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: CCS 2008, pp. 417–426. ACM (2008)Google Scholar
  2. 2.
    Li, M., Yu, S., Zheng, Y.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)CrossRefGoogle Scholar
  3. 3.
    Yao, X., Han, X., Du, X.: A lightweight multicast authentication mechanism for small scale iot applications. IEEE Sens. J. 13(10), 3693–3701 (2013)CrossRefGoogle Scholar
  4. 4.
    Mont, M.C., Bramhall, P., Harrison, K.: A flexible role-based secure messaging service: exploiting IBE technology for privacy in health care. In: International Workshop on Database and Expert Systems Applications, pp. 432–437. IEEE Computer Society (2003)Google Scholar
  5. 5.
    Akinyele, J.A., Lehmann, C.U., Green, M.D.: Self-protecting electronic medical records using attribute-based encryption (2010).
  6. 6.
    Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: CCSW 2010, pp. 47–52. ACM (2010)Google Scholar
  7. 7.
    Mao, B.B., Sun, Y.F.: Role based access control model. Comput. Sci. 30(1), 121–123 (2003)Google Scholar
  8. 8.
    Motta, G.H.M.B., Furuie, S.S.: A contextual role-based access control authorization model for electronic patient record. IEEE Trans. Inf. Technol. Biomed. 7(3), 202–207 (2003)CrossRefGoogle Scholar
  9. 9.
    Qin, B., Liu, S.: Leakage-flexible CCA-secure public-key encryption: simple construction and free of pairing. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 19–36. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-54631-0_2 CrossRefGoogle Scholar
  10. 10.
    Paterson, K.G., Schuldt, J.C.N., Sibborn, D.L.: Related randomness attacks for public key encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 465–482. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-54631-0_27 CrossRefGoogle Scholar
  11. 11.
    Hoang, V.T., Katz, J., O’Neill, A., Zaheri, M.: Selective-opening security in the presence of randomness failures. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10032, pp. 278–306. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-53890-6_10 CrossRefGoogle Scholar
  12. 12.
    Bellare, M., Tackmann, B.: Nonce-based cryptography: retaining security when randomness fails. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 729–757. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49890-3_28 CrossRefGoogle Scholar
  13. 13.
    Albrecht, M.R., Paterson, K.G.: Lucky microseconds: a timing attack on Amazon’s s2n implementation of TLS. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 622–643. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49890-3_24 CrossRefGoogle Scholar
  14. 14.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: CCS, CCS 2006, pp. 89–98 (2006)Google Scholar
  15. 15.
    Nabeel, M., Bertino, E.: Privacy preserving delegated access control in the storage as a service model. In: International Conference on Information Reuse and Integration 2012, pp. 645–652. IEEE (2012)Google Scholar
  16. 16.
    Wan, Z., e Liu, J., Deng, R.H.: Hasbe: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 7(2), 743–754 (2012)CrossRefGoogle Scholar
  17. 17.
    Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., Zhao, M.: Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput. 1–11 (2016)Google Scholar
  18. 18.
    Barua, M., Liang, X., Lu, R., Shen, X.: Peace: an efficient and secure patient-centric access control scheme for ehealth care system. In: INFOCOM WKSHPS 2011, pp. 970–975. IEEE (2011)Google Scholar
  19. 19.
    Yeh, L.Y., Chiang, P.Y., Tsai, Y.L., Huang, J.L.: Cloud-based fine-grained health information access control framework for lightweight IOT devices with dynamic auditing and attribute revocation. IEEE Trans. Cloud Comput. 1(1) (2015)Google Scholar
  20. 20.
    Guo, L., Zhang, C., Sun, J., Fang, Y.: Paas: a privacy-preserving attribute-based authentication system for ehealth networks. In: ICDCS 2012, pp. 224–233. IEEE (2012)Google Scholar
  21. 21.
    Liu, W., Liu, X., Liu, J., Wu, Q., Zhang, J., Li, Y.: Auditing and revocation enabled role-based access control over outsourced private ehrs. In: HPCC 2015, pp. 336–341. IEEE (2015)Google Scholar
  22. 22.
    Zhou, X., Liu, J., Liu, W., Wu, Q.: Anonymous role-based access control on e-health records. In: AsiaCCS 2016, pp. 559–570. ACM (2016)Google Scholar
  23. 23.
    Liu, W., Liu, J., Wu, Q., Qin, B.: Hierarchical identity-based broadcast encryption. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 242–257. Springer, Cham (2014). doi: 10.1007/978-3-319-08344-5_16 Google Scholar
  24. 24.
    Qin, B., Liu, S.: Leakage-resilient chosen-ciphertext secure public-key encryption from hash proof system and one-time lossy filter. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 381–400. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-42045-0_20 CrossRefGoogle Scholar
  25. 25.
    Yilek, S.: Resettable public-key encryption: how to encrypt on a virtual machine. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 41–56. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-11925-5_4 CrossRefGoogle Scholar
  26. 26.
    Fehr, S., Hofheinz, D., Kiltz, E., Wee, H.: Encryption schemes secure against chosen-ciphertext selective opening attacks. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 381–402. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13190-5_20 CrossRefGoogle Scholar
  27. 27.
    Hemenway, B., Libert, B., Ostrovsky, R., Vergnaud, D.: Lossy encryption: constructions from general assumptions and efficient selective opening chosen ciphertext security. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 70–88. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25385-0_4 CrossRefGoogle Scholar
  28. 28.
    Zhang, Z., Chow, S.S.M., Cao, Z.: Post-challenge leakage in public-key encryption. Theor. Comput. Sci. 572, 25–49 (2015)CrossRefzbMATHMathSciNetGoogle Scholar
  29. 29.
    Bellare, M., Waters, B., Yilek, S.: Identity-based encryption secure against selective opening attack. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 235–252. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-19571-6_15 CrossRefGoogle Scholar
  30. 30.
    Lai, J., Deng, R.H., Liu, S., Weng, J., Zhao, Y.: Identity-based encryption secure against selective opening chosen-ciphertext attack. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 77–92. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-55220-5_5 CrossRefGoogle Scholar
  31. 31.
    Chen, Y., Zhang, Z., Lin, D., Cao, Z.: Generalized (identity-based) hash proof system and its applications. Secur. Commun. Netw. 9(12), 1698–1716 (2016)CrossRefGoogle Scholar
  32. 32.
    Gentry, C.: Practical identity-based encryption without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006). doi: 10.1007/11761679_27 CrossRefGoogle Scholar
  33. 33.
    Gentry, C., Halevi, S.: Hierarchical identity based encryption with polynomially many levels. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 437–456. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00457-5_26 CrossRefGoogle Scholar
  34. 34.
    Canetti, R., Dwork, C., Naor, M., Ostrovsky, R.: Deniable encryption. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 90–104. Springer, Heidelberg (1997). doi: 10.1007/BFb0052229 CrossRefGoogle Scholar
  35. 35.
    Du, X., Xiao, Y., Guizani, M., Chen, H.H.: An effective key management scheme for heterogeneous sensor networks. Ad Hoc Netw. 5(1), 24–34 (2007)CrossRefGoogle Scholar
  36. 36.
    Du, X., Guizani, M., Xiao, Y., Chen, H.H.: A routing-driven elliptic curve cryptography based key management scheme for heterogeneous sensor networks. IEEE Trans. Wireless Commun. 2(5), 1223–1229 (2011)Google Scholar
  37. 37.
    Hohenberger, S., Waters, B.: Online/offline attribute-based encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 293–310. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-54631-0_17 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.School of Electronic and Information EngineeringBeihang UniversityBeijingChina
  2. 2.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina

Personalised recommendations