Skip to main content
SpringerLink
Log in

Privacy-aware attribute-based PHR sharing with user accountability in cloud computing

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

As an emerging patient-centric model of health information exchange, personal health record (PHR) is often outsourced to be stored at a third party. The value of PHR data is its long-term cumulative record relevant with personal health which can be significant in the future when faced with disease occurrences. As a promising public key primitive, attribute-based encryption (ABE) has been used to design PHR sharing systems. However, the existing solutions fail to achieve several important security objectives, that is, no need for a single authority to issue private keys to all PHR users, user access privacy protection, and user accountability. In this paper, we propose a multi-authority ciphertext-policy ABE scheme with user accountability and apply it to design an attribute-based PHR sharing system. In the proposed solution, the access policy is hidden and hence user access privacy is protected. In particular, the global identity of a misbehaving PHR user who leaked the decryption key to other unauthorized users can be traced, and thus the trust assumptions on both the authorities and the PHR users are reduced. Extensive analysis shows that the proposed scheme is provably secure and efficient.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Kaelber DC, Jha AK, Johnston D, Middleton B, Bates DW (2008) A research agenda for personal health records (phrs). J Am Med Inform Assoc 15(6):729–736

    Article  Google Scholar 

  2. Ibraimi L, Asim M, Petkovic M (2009) Secure management of personal health records by applying attribute-based encryption. In: Proceeding of the pHealth’09, IEEE, pp 71–74

  3. Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: Proceeding of the SP’07, IEEE, pp 321–334

  4. Akinyele JA, Pagano MW, Green MD, Lehmann CU, Peterson ZN, Rubin AD (2011) Securing electronic medical records using attribute-based encryption on mobile devices. In: Proceeding of the SPSM’11, ACM, pp 75–86

  5. Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143

    Article  Google Scholar 

  6. Chase M (2007) Multi-authority attribute based encryption. In: Proceeding of the TCC’07, LNCS, vol 4392. Springer, New York, pp 515–534

  7. Lu R, Lin X, Shen X (2013) Spoc: a secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency. IEEE Trans Parallel Distrib Syst 24(3):614–624

    Article  Google Scholar 

  8. Chen TS, Liu CH, Chen TL, Chen CS, Bau JG, Lin TC (2012) Secure dynamic access control scheme of phr in cloud computing. J Med Syst 36(6):4005–4020

    Article  Google Scholar 

  9. Zhang R, Liu L (2010) Security models and requirements for healthcare application clouds. In: Proceeding of the CLOUD’10, IEEE, pp 268–275

  10. Sun J, Fang Y (2010) Cross-domain data sharing in distributed electronic health record systems. IEEE Trans Parallel Distrib Syst 21(6):754–764

    Article  MathSciNet  Google Scholar 

  11. Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Proceeding of the EUROCRYPT’05, LNCS, vol 3494. Springer, New York, pp 557–557

  12. Li J, Chen X, Li J, Jia C, Ma J, Lou W (2013) Fine-grained access control based on outsourced attribute-based encryption. In: Proceeding of the European symposium on research in computer security (ESORICS). LNCS, vol 3184, pp 592–609

  13. Li J, Kim K (2010) Hidden attribute-based signatures without anonymity revocation. Inform Sci 180(9):1681–1689

    Article  MATH  MathSciNet  Google Scholar 

  14. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceeding of the CCS’06, ACM, pp 89–98

  15. Kapadia A, Tsang PP, Smith SW (2007) Attribute-based publishing with hidden credentials and hidden policies. In: Proceeding of the NDSS’07, The Internet Society, pp 179–192

  16. Nishide T, Yoneyama K, Ohta K (2008) Abe with partially hidden encryptor-specified access structure. In: Proceeding of the ACNS’08, LNCS, vol 5037. Springer, New York, pp 111–129

  17. Zhang Y, Chen X, Li J, Wong DS, Li H (2013) Anonymous attribute-based encryption supporting efficient decryption test. In: Proceeding of the ASIACCS’13, ACM, New York, pp 511–516

  18. Yu S, Ren K, Lou W, Li J (2009) Defending against key abuse attacks in kp-abe enabled broadcast systems. In: Proceeding of the Securecomm’09, Springer, New York, pp 311–329

  19. Li J, Ren K, Zhu B, Wan Z (2009) Privacy-aware attribute-based encryption with user accountability. In: Proceeding of the ISC’09. Springer, LNCS, vol 5735, pp 347–362

  20. Li J, Zhao G, Chen X, Xie D, Rong C, Li W, Tang L, Tang Y (2010) Fine-grained data access control systems with user accountability in cloud computing. In: Proceeding of the CloudCom’10, IEEE, pp 89–96

  21. Li J, Huang Q, Chen X, Chow SSM, Wong DS, Xie D (2011) Multi-authority ciphertext-policy attribute-based encryption with accountability. In: Proceeding of the ASIACCS’11, ACM, pp 386–390

  22. Yu S, Wang C, Ren K, Lou W (2010) Attribute based data sharing with attribute revocation. In: Proceeding of the ASIACCS’10, ACM, New York, pp 261–270

  23. Boyen X, Waters B (2006) Anonymous hierarchical identity-based encryption (without random oracles). In: Proceeding of the CRYPTO’06, Springer, LNCS, vol 4117, pp 290–307

  24. Chase M, Chow SS (2009) Improving privacy and security in multi-authority attribute-based encryption. In: Proceeding of the CCS’09, ACM, New York, pp 121–130

Download references

Acknowledgments

We are grateful to the anonymous referees for their invaluable suggestions. This work is supported by the National Natural Science Foundation of China (Nos. 61272455, 61100224 and 61272037), and the Natural Science Foundation of Shaanxi Province (No. 2013JZ020). The work of Fatos Xhafa is supported by Project COMMAS (Computational Models and Methods for Massive Structured Data), TIN2013-46181-C2-1-R.

Author information

Authors and Affiliations

  1. Department de Llenguatges i Sistemes Informatics, Universitat Politécnica de Cataunya, Barcelona, Spain

    Fatos Xhafa

  2. Department of Mathematics, College of Management Science, Chengdu University of Technology, Chengdu, People’s Republic of China

    Jianglang Feng

  3. National Engineering Laboratory for Wireless Security, Xi’an University of Posts and Telecommunications, Xi’an, People’s Republic of China

    Yinghui Zhang

  4. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, People’s Republic of China

    Yinghui Zhang

  5. State Key Laboratory of Integrated Service Networks (ISN), Xidian University, Xi’an, People’s Republic of China

    Xiaofeng Chen

  6. School of Computer Science and Educational Software, Guangzhou University, Guangzhou, People’s Republic of China

    Jin Li

Authors
  1. Fatos Xhafa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianglang Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yinghui Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiaofeng Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jin Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fatos Xhafa.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xhafa, F., Feng, J., Zhang, Y. et al. Privacy-aware attribute-based PHR sharing with user accountability in cloud computing. J Supercomput 71, 1607–1619 (2015). https://doi.org/10.1007/s11227-014-1253-3

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-014-1253-3

Keywords

Search

Navigation