P3ASC: Privacy-Preserving Pseudonym and Attribute-Based Signcryption Scheme for Cloud-Based Mobile Healthcare System
With the development of wireless body sensor network and mobile cloud computing, cloud-based mobile healthcare, which extends the operation of healthcare provider into a pervasive environment for better health delivery and monitoring, has attracted considerable interest recently. However, how to keep data security and privacy in cloud-based mobile healthcare system is an important and challenging issue since personal health information is quite sensitive. In this paper, we introduce a new cryptographic primitive named privacy-preserving pseudonym and attribute-based signcryption (P3ASC) scheme, which can fulfill the functionality of pseudonym-based signature and key-policy attribute-based encryption in a logical step. We propose a provable secure P3ASC scheme from bilinear pairings and present a novel secure and efficient cloud-based mobile healthcare system by exploiting our proposed P3ASC scheme. The proposed system can ensure data confidentiality, integrity, source authentication and non-repudiation, but also can provide fine-grained access control and user anonymity.
KeywordsMobile healthcare Cloud computing Wireless body area network Pseudonym-based signature Key-policy attribute-based encryption Signcryption
This research is jointly funded by Science and Technology Program of Guangzhou (Grant No. 201707010358), and the Opening Project of Shanghai Key Laboratory of Integrated Administration Technologies for Information Security (Grant No. AGK201707).
- 4.Buchade, A.R., Ingle, R.: Key management for cloud data storage: methods and comparisons. In: Fourth International Conference on Advanced Computing Communication Technologies, pp. 263–270. IEEE Press (2014)Google Scholar
- 5.Patil, H.K., Seshadri, R.: Big data security and privacy issues in healthcare. In: IEEE International Congress on Big Data, pp. 762–765. IEEE (2014)Google Scholar
- 8.Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute based encryption for fine-grained access conrol of encrypted data. In ACM conference on Computer and Communications Security, pp. 89–98 (2006)Google Scholar
- 9.Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Press (2007)Google Scholar
- 10.Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_4CrossRefGoogle Scholar
- 11.Attrapadung, N., Libert, B., de Panafieu, E.: Expressive key-policy attribute-based encryption with constant-size ciphertexts. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 90–108. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-19379-8_6CrossRefMATHGoogle Scholar
- 15.Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings IEEE INFOCOM, pp. 1–9 (2010)Google Scholar
- 16.Tan, Y.L., Goi, B.M., Komiya, R., Phan, R.: Design and implementation of key-policy attribute-based encryption in body sensor network. Int. J. Cryptol. Res. 4(1), 84–101 (2013)Google Scholar