Skip to main content
SpringerLink
Log in

Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation

  • Special Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Personal health record (PHR) service is an emerging model for health information exchange. In PHR systems, patient’s health records and information are maintained by the patient himself through the Web. In reality, PHRs are often outsourced to be stored at the third parties like cloud service providers. However, there have been serious privacy concerns about cloud service as it may expose user’s sensitive data like PHRs to those cloud service providers or unauthorized users. Using attribute-based encryption (ABE) to encrypt patient’s PHRs in cloud environment, secure and flexible access control can be achieved. Yet, problems like scalability in key management, fine-grained access control, and efficient user revocation remain to be addressed. In this paper, we propose a privacy-preserving PHR, which supports fine-grained access control and efficient revocation. To be specific, our scheme achieves the goals (1) scalable and fine-grained access control for PHRs by using multi-authority ABE scheme, and (2) efficient on-demand user/attribute revocation and dynamic policy update. In our scheme, we consider the situation that multiple data owners exist, and patient’s PHRs are encrypted and stored in semi-trust servers. The access structure in our scheme is expressive access tree structure, and the security of our scheme can be reduced to the standard decisional bilinear Diffie–Hellman assumption.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Fernandes, Diogo A.B., Soares, Liliana F.B., et al.: Security issues in cloud environments: a survey. Int. J. Inf. Secur. 13(2), 113–170 (2014)

    Article  Google Scholar 

  2. Gouglidis, A., Mavridis, I., Hu, V.C.: Security policy verification for multi-domains in cloud systems. Int. J. Inf. Secur. 13(2), 97–111 (2014)

    Article  Google Scholar 

  3. Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted personal health records in cloud computing. In: Proceedings of the 31st IEEE International Conference on Distributed Computing Systems (ICDCS’11), pp. 383–392 (2011)

  4. Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24, 131–143 (2013)

    Article  Google Scholar 

  5. Health insurance portability and accountability act of 1996. U.S. Government Printing Office (1996)

  6. Sahai, A., Waters, B.: Fuzzy identity based encryption. In: Advances in Cryptology—EUROCRYPT 2005, LNCS 3494, pp. 457–473 (2005)

  7. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy 2007 (SP’07), LNCS 6571, pp. 321–334 (2007)

  8. Cheung, L., Newport, C.: Provably secure ciphertext policy ABE. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07) pp. 456–465 (2007)

  9. Herranz, J., Laguillaumie, F., R\(\grave{a}\)fols, C.: Constant size ciphertexts in threshold attribute-based encryption. In: Proceedings of 13th International Conference on Practice and Theory in Public Key Cryptography (PKC’10) pp. 19–34 (2010)

  10. Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Proceedings of 14th International Conference on Practice and Theory in Public Key Cryptography (PKC’11), LNCS, Vol. 6571, pp. 53–70. Springer-Verlag, Berlin Heidelberg New York (2011)

  11. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted Data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS’06) x, pp. 89–98 (2006)

  12. Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS’07) pp. 195–203 (2007)

  13. Mandl, K.D., Szolovits, P., Kohane, I.S.: Public standards and patients control: how to keep electronic medical records accessible but private. BMJ 322(7281), 283–287 (2001)

    Article  Google Scholar 

  14. Chase, M.: Multi-authority attribute based encryption. In: Proceedings of the 4th Theory of Cryptography Conference (TCC’07) pp. 515–534 (2007)

  15. Lin, H., Cao, Z., Liang, X., Shao, J.: Secure threshold multi-authority attribute based encryption without a central authority. In: Proceedings of the 9th International Conference on Cryptology in India (INDOCRYPT’08), pp. 426–436. (2008)

  16. Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS’09) pp. 121–130 (2009)

  17. Pirretti, M., Traynor, P., McDaniel, P., Waters, B.: Secure attribute-based systems. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS’06) pp. 99–112 (2006)

  18. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS’05) pp. 417–426 (2008)

  19. Liang, X., Lu, R., Lin, X., Shen, X.S.: Ciphertext Policy Attribute Based Encryption with Efficient Revocation. Univ. of Waterloo, Technical report (2010)

  20. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS’10) pp. 261–270 (2010)

  21. Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing system. IEEE Trans. Parallel Distrib. Syst. 22, 1214–1221 (2011)

  22. Jahid, S., Mittal, P., Borisov, N.: Easier: encryption-based access control in social networks with efficient revocation. In: Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS’11) pp. 411–415 (2011)

  23. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of the 29th IEEE International Conference on Computer Communications (INFOCOM’10) pp. 534–542 (2010)

  24. Ibraimi, L., Petkovic, M., Nikova, S., Hartel, P., Jonker, W.: Ciphertext-Policy Attribute-Based Threshold decryption with Flexible Delegation and Revocation of User Attributes. University of Twente, Technical report (2009)

  25. Ibraimi, L., Asim, M., Petkovic, M.: Secure Management of Personal Health Records by Applying Attribute-Based Encryption. University of Twente, Technical report (2009)

  26. Akinyele, A., Lehmann, C.U., Green, M.D., Pagano, M.W., Peterson, Z.N.J., Rubin, A.D.: Self-Protecting Electronic Medical Records using Attribute-Based Encryption on Mobile Device. Technical report. Cryptology ePrint Archive, Report 2010/565 (2010)

  27. Beimel, A.: Secure schemes for secret sharing and key distribution. PhD thesis, Israel Institute of Technology. Technion, Haifa, Israel (1996)

  28. Jung, T., Li, X., Wan, Z., Wan, M.: Privacy preserving cloud data access with multi-authorities. In: Proceedings of the 32th IEEE International Conference on Computer Communications (INFOCOM’13) pp. 2625–2633 (2013)

  29. Boneh, D., Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. In: Advances in Cryptology—EUROCRYPT 2004, LNCS 3027, pp. 223–238 (2004)

  30. Xiao, M., Yuan, S.: Achieving fine-grained access control and integrity auditing in cloud storage. J. Comput. Inf. Syst. 9, 5477–5484 (2013)

    Google Scholar 

  31. Fiore, D., Gennaro, R.: Publicly verifiable delegation of large polynomials and matrix computations, with applications. In: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS’12) pp. 501–512 (2012)

  32. Zheng, Q., Xu, S., Ateniese, G.: VABKS: verifiable attribute-based keyword search over outsourced encrypted data. IACR Cryptology ePrint Archive 462 (2013)

Download references

Acknowledgments

We would like to thank anonymous referees for their helpful comments and suggestions. This work is supported by the National Natural Science Foundation of China (61272542, 61300213), the Fundamental Research Funds for the Central Universities (2013B07014).

Author information

Authors and Affiliations

  1. College of Computer and Information, Hohai University, Nanjing, 211100, Jiangsu, China

    Huiling Qian, Jiguo Li & Yichen Zhang

  2. Jiangsu Provincial Key Laboratory of E-Business, Nanjing University of Finance and Economics, Nanjing, 210003, Jiangsu, China

    Jinguang Han

Authors
  1. Huiling Qian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jiguo Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yichen Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jinguang Han
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jiguo Li.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Qian, H., Li, J., Zhang, Y. et al. Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation. Int. J. Inf. Secur. 14, 487–497 (2015). https://doi.org/10.1007/s10207-014-0270-9

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-014-0270-9

Keywords

Search

Navigation