Lightweight and Expressive Fine-Grained Access Control for Healthcare Internet-of-Things

Healthcare Internet-of-Things (IoT) is an emerging paradigm that enables embedded devices to monitor patients vital signals and allows these data to be aggregated and outsourced to the cloud. The cloud enables authorized users to store and share data to enjoy on-demand services. Nevertheless, it als...

Full description

Saved in:
Bibliographic Details
Published inIEEE transactions on cloud computing Vol. 10; no. 1; pp. 474 - 490
Main Authors Xu, Shengmin, Li, Yingjiu, Deng, Robert H., Zhang, Yinghui, Luo, Xiangyang, Liu, Ximeng
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.01.2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Access control
attribute-based encryption
Cloud computing
Cryptography
Cybersecurity
Edge computing
Electronic devices
Encryption
Health care
Internet of medical things
Internet of Things
Lightweight
Medical services
Security management
Servers
Online AccessGet full text
ISSN2168-7161
2372-0018
DOI10.1109/TCC.2019.2936481

Cover

Abstract Healthcare Internet-of-Things (IoT) is an emerging paradigm that enables embedded devices to monitor patients vital signals and allows these data to be aggregated and outsourced to the cloud. The cloud enables authorized users to store and share data to enjoy on-demand services. Nevertheless, it also causes many security concerns because of the untrusted network environment, dishonest cloud service providers and resource-limited devices. To preserve patients' privacy, existing solutions usually apply cryptographic tools to offer access controls. However, fine-grained access control among authorized users is still a challenge, especially for lightweight and resource-limited end-devices. In this paper, we propose a novel healthcare IoT system fusing advantages of attribute-based encryption, cloud and edge computing, which provides an efficient, flexible, secure fine-grained access control mechanism with data verification in healthcare IoT network without any secure channel and enables data users to enjoy the lightweight decryption. We also define the formal security models and present security proofs for our proposed scheme. The extensive comparison and experimental simulation demonstrate that our scheme has better performance than existing solutions.
AbstractList Healthcare Internet-of-Things (IoT) is an emerging paradigm that enables embedded devices to monitor patients vital signals and allows these data to be aggregated and outsourced to the cloud. The cloud enables authorized users to store and share data to enjoy on-demand services. Nevertheless, it also causes many security concerns because of the untrusted network environment, dishonest cloud service providers and resource-limited devices. To preserve patients' privacy, existing solutions usually apply cryptographic tools to offer access controls. However, fine-grained access control among authorized users is still a challenge, especially for lightweight and resource-limited end-devices. In this paper, we propose a novel healthcare IoT system fusing advantages of attribute-based encryption, cloud and edge computing, which provides an efficient, flexible, secure fine-grained access control mechanism with data verification in healthcare IoT network without any secure channel and enables data users to enjoy the lightweight decryption. We also define the formal security models and present security proofs for our proposed scheme. The extensive comparison and experimental simulation demonstrate that our scheme has better performance than existing solutions.
Author Zhang, Yinghui
Luo, Xiangyang
Liu, Ximeng
Deng, Robert H.
Xu, Shengmin
Li, Yingjiu
Author_xml – sequence: 1
  givenname: Shengmin
  surname: Xu
  fullname: Xu, Shengmin
  email: smxu@smu.edu.sg
  organization: Secure Mobile Centre, School of Information Systems, Singapore Management University, Singapore
– sequence: 2
  givenname: Yingjiu
  orcidid: 0000-0001-8256-6988
  surname: Li
  fullname: Li, Yingjiu
  email: yjli@smu.edu.sg
  organization: Secure Mobile Centre, School of Information Systems, Singapore Management University, Singapore
– sequence: 3
  givenname: Robert H.
  orcidid: 0000-0003-3491-8146
  surname: Deng
  fullname: Deng, Robert H.
  email: robertdeng@smu.edu.sg
  organization: Secure Mobile Centre, School of Information Systems, Singapore Management University, Singapore
– sequence: 4
  givenname: Yinghui
  orcidid: 0000-0002-5764-3272
  surname: Zhang
  fullname: Zhang, Yinghui
  email: yhzhaang@163.com
  organization: Secure Mobile Centre, School of Information Systems, Singapore Management University, Singapore
– sequence: 5
  givenname: Xiangyang
  orcidid: 0000-0003-3225-4649
  surname: Luo
  fullname: Luo, Xiangyang
  email: Luoxy_ieu@sina.com
  organization: State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou, P.R. China
– sequence: 6
  givenname: Ximeng
  orcidid: 0000-0002-4238-3295
  surname: Liu
  fullname: Liu, Ximeng
  email: snbnix@gmail.com
  organization: College of Mathematics and Computer Science, Fuzhou University, Fuzhou, P.R. China
BookMark eNp9kLtrwzAQxkVJoWmavdDF0NmpTn5JYzB5QaBLCt2MIp8TBVdOJaWP_74yCR069Ib7juP77uB3SwamM0jIPdAJABVPm7KcMApiwkSSpxyuyJAlBYspBT4IM-Q8LiCHGzJ27kBD8QwEiCF5Xevd3n9i3yNp6mj2dbTonP7AaK4Nxgsrg9TRVKmwjsrOeNu1UdPZaImy9XslLUYr49Ea9HHXxJu9Njt3R64b2TocX3REXuazTbmM18-LVTldx4oJ8PFWMClQsjpTsk5yBmGmVOVJDlSKWhU1KMVSqhqVCr5VadLwrNlmKcOCcdUkI_J4vnu03fsJna8O3cma8LJieVKkKaVCBBc9u5TtnLPYVEer36T9roBWPcIqIKx6hNUFYYjkfyJKe-l1D0Dq9r_gwzmoEfH3D-e0gJQmP7QPf_Y
CODEN ITCCF6
CitedBy_id crossref_primary_10_1109_TDSC_2021_3126532
crossref_primary_10_3390_electronics13040687
crossref_primary_10_1109_JIOT_2023_3328382
crossref_primary_10_1109_TCC_2020_3031209
crossref_primary_10_1007_s10586_022_03782_1
crossref_primary_10_1109_JBHI_2021_3100871
crossref_primary_10_1109_TSC_2019_2961992
crossref_primary_10_1109_TSC_2023_3321314
crossref_primary_10_1109_ACCESS_2022_3153120
crossref_primary_10_1109_TII_2021_3133345
crossref_primary_10_1155_2021_8855341
crossref_primary_10_1109_ACCESS_2021_3101218
crossref_primary_10_1109_JSYST_2023_3303460
crossref_primary_10_1016_j_csi_2024_103936
crossref_primary_10_1109_JIOT_2023_3287636
crossref_primary_10_1007_s11082_024_06656_5
crossref_primary_10_1016_j_ins_2020_05_115
crossref_primary_10_1109_JIOT_2020_3033337
crossref_primary_10_1109_TCE_2023_3306752
crossref_primary_10_1109_JIOT_2024_3360289
crossref_primary_10_1109_ACCESS_2020_3018488
crossref_primary_10_1016_j_dcan_2022_05_012
crossref_primary_10_1109_MNET_2024_3394007
crossref_primary_10_1186_s44147_024_00460_4
crossref_primary_10_1007_s10586_024_04464_w
crossref_primary_10_1109_TMC_2023_3323305
crossref_primary_10_1109_TVT_2020_2984621
crossref_primary_10_56294_mw2023133
crossref_primary_10_1007_s12083_021_01075_9
crossref_primary_10_1109_TIFS_2024_3394678
crossref_primary_10_1016_j_csa_2023_100015
crossref_primary_10_1109_TSC_2024_3356595
crossref_primary_10_1155_2021_9929663
crossref_primary_10_1016_j_iot_2023_100836
crossref_primary_10_1109_TNSE_2022_3159526
crossref_primary_10_1109_ACCESS_2020_2969957
crossref_primary_10_1109_TSC_2022_3232230
crossref_primary_10_1109_TII_2020_2982942
crossref_primary_10_1016_j_cose_2022_102866
crossref_primary_10_1145_3610225
crossref_primary_10_1109_TDSC_2020_3001557
crossref_primary_10_1155_2021_6682456
crossref_primary_10_3390_electronics11172710
crossref_primary_10_1109_TVT_2020_2967099
crossref_primary_10_1016_j_future_2020_04_021
crossref_primary_10_1109_JBHI_2023_3288199
crossref_primary_10_1080_01969722_2023_2176654
Cites_doi 10.1016/j.ins.2018.11.031
10.1145/1315245.1315270
10.1007/978-3-642-19379-8_4
10.1109/SP.2007.11
10.1109/JIOT.2016.2579198
10.1007/978-3-319-24174-6_15
10.1016/j.future.2014.06.004
10.1145/2508859.2516672
10.1007/978-3-030-26951-7_23
10.1016/j.pmcj.2015.06.009
10.1145/1180405.1180418
10.1109/TIFS.2011.2172209
10.1007/978-3-319-45741-3_29
10.1145/2046614.2046628
10.1007/978-3-319-16715-2_5
10.1007/978-3-030-02641-7_25
10.1109/TCC.2015.2485199
10.1109/TDSC.2017.2729556
10.1007/11426639_27
10.1109/MNET.2017.1700030
10.1007/978-3-642-13190-5_4
10.1007/978-3-642-01957-9_11
10.1007/978-3-642-19379-8_6
10.1007/978-3-642-03356-836
10.1007/978-3-540-24676-3_31
10.1016/j.future.2018.01.003
10.1109/JIOT.2016.2584538
10.1016/j.future.2017.06.025
10.1109/JBHI.2014.2300846
ContentType Journal Article
Copyright Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2022
Copyright_xml – notice: Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2022
DBID 97E
RIA
RIE
AAYXX
CITATION
7SC
8FD
JQ2
L7M
L~C
L~D
DOI 10.1109/TCC.2019.2936481
DatabaseName IEEE All-Society Periodicals Package (ASPP) 2005–Present
IEEE All-Society Periodicals Package (ASPP) 1998–Present
IEEE/IET Electronic Library (IEL)
CrossRef
Computer and Information Systems Abstracts
Technology Research Database
ProQuest Computer Science Collection
Advanced Technologies Database with Aerospace
Computer and Information Systems Abstracts – Academic
Computer and Information Systems Abstracts Professional
DatabaseTitle CrossRef
Computer and Information Systems Abstracts
Technology Research Database
Computer and Information Systems Abstracts – Academic
Advanced Technologies Database with Aerospace
ProQuest Computer Science Collection
Computer and Information Systems Abstracts Professional
DatabaseTitleList
Computer and Information Systems Abstracts
Database_xml – sequence: 1
  dbid: RIE
  name: IEEE/IET Electronic Library (IEL)
  url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/
  sourceTypes: Publisher
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 2372-0018
EndPage 490
ExternalDocumentID 10_1109_TCC_2019_2936481
8807140
Genre orig-research
GrantInformation_xml – fundername: Science and Technology Innovation Talent Project of Henan Province
  grantid: 184200510018
– fundername: AXA Research Fund
  funderid: 10.13039/501100001961
– fundername: Key Research and Development Program of Shaanxi
  grantid: 2019KW-053
– fundername: National Key Research and Development Program of China
  grantid: 2016QY01W0105; 2016YFB0801303
  funderid: 10.13039/501100012166
– fundername: New Star Team of Xi'an University of Posts and Telecommunications
  grantid: 2016-02
– fundername: National Natural Science Foundation of China
  grantid: U1636219; U1804263; 61702105
  funderid: 10.13039/501100001809
GroupedDBID 0R~
4.4
6IK
97E
AAJGR
AARMG
AASAJ
AAWTH
ABAZT
ABJNI
ABQJQ
ABVLG
AGQYO
AGSQL
AHBIQ
AKJIK
AKQYR
ALMA_UNASSIGNED_HOLDINGS
ATWAV
BEFXN
BFFAM
BGNUA
BKEBE
BPEOZ
EBS
EJD
HZ~
IEDLZ
IFIPE
IPLJI
JAVBF
M43
O9-
OCL
PQQKQ
RIA
RIE
AAYXX
CITATION
7SC
8FD
JQ2
L7M
L~C
L~D
ID FETCH-LOGICAL-c291t-b92a9ea2d5cad3621ea200c63610a9dc7d1cc240cfc498bc43f85fb542e728cf3
IEDL.DBID RIE
ISSN 2168-7161
IngestDate Mon Jun 30 06:22:12 EDT 2025
Tue Jul 01 02:57:16 EDT 2025
Thu Apr 24 22:58:23 EDT 2025
Wed Aug 27 02:49:21 EDT 2025
IsPeerReviewed true
IsScholarly true
Issue 1
Language English
License https://ieeexplore.ieee.org/Xplorehelp/downloads/license-information/IEEE.html
https://doi.org/10.15223/policy-029
https://doi.org/10.15223/policy-037
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c291t-b92a9ea2d5cad3621ea200c63610a9dc7d1cc240cfc498bc43f85fb542e728cf3
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0003-3225-4649
0000-0001-8256-6988
0000-0002-4238-3295
0000-0003-3491-8146
0000-0002-5764-3272
PQID 2637440099
PQPubID 2040413
PageCount 17
ParticipantIDs proquest_journals_2637440099
ieee_primary_8807140
crossref_citationtrail_10_1109_TCC_2019_2936481
crossref_primary_10_1109_TCC_2019_2936481
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2022-Jan.-March-1
2022-1-1
20220101
PublicationDateYYYYMMDD 2022-01-01
PublicationDate_xml – month: 01
  year: 2022
  text: 2022-Jan.-March-1
PublicationDecade 2020
PublicationPlace Piscataway
PublicationPlace_xml – name: Piscataway
PublicationTitle IEEE transactions on cloud computing
PublicationTitleAbbrev TCC
PublicationYear 2022
Publisher IEEE
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Publisher_xml – name: IEEE
– name: The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
References ref13
ref12
ref14
Rouselakis (ref33) 2012; 2012
ref31
ref30
ref11
ref10
ref32
Green (ref15)
ref17
ref16
ref19
ref18
(ref2) 2018
ref24
ref23
ref26
ref25
ref20
ref22
ref21
Lynn (ref34) 2006
ref28
ref27
ref29
ref8
Reinsel (ref1) 2017
ref7
ref9
ref4
ref3
ref6
ref5
References_xml – ident: ref32
  doi: 10.1016/j.ins.2018.11.031
– year: 2006
  ident: ref34
  article-title: Pbc library manual 0.5. 11
– ident: ref21
  doi: 10.1145/1315245.1315270
– ident: ref24
  doi: 10.1007/978-3-642-19379-8_4
– ident: ref23
  doi: 10.1109/SP.2007.11
– ident: ref3
  doi: 10.1109/JIOT.2016.2579198
– ident: ref29
  doi: 10.1007/978-3-319-24174-6_15
– ident: ref10
  doi: 10.1016/j.future.2014.06.004
– ident: ref16
  doi: 10.1145/2508859.2516672
– ident: ref28
  doi: 10.1007/978-3-030-26951-7_23
– ident: ref27
  doi: 10.1016/j.pmcj.2015.06.009
– start-page: 34
  volume-title: Proc. 20th USENIX Conf. Secur.
  ident: ref15
  article-title: Outsourcing the decryption of ABE ciphertexts
– ident: ref20
  doi: 10.1145/1180405.1180418
– ident: ref8
  doi: 10.1109/TIFS.2011.2172209
– ident: ref30
  doi: 10.1007/978-3-319-45741-3_29
– ident: ref6
  doi: 10.1145/2046614.2046628
– ident: ref17
  doi: 10.1007/978-3-319-16715-2_5
– ident: ref31
  doi: 10.1007/978-3-030-02641-7_25
– ident: ref14
  doi: 10.1109/TCC.2015.2485199
– ident: ref13
  doi: 10.1109/TDSC.2017.2729556
– ident: ref19
  doi: 10.1007/11426639_27
– year: 2017
  ident: ref1
  article-title: Data age 2025: The evolution of data to life-critical
– ident: ref5
  doi: 10.1109/MNET.2017.1700030
– ident: ref25
  doi: 10.1007/978-3-642-13190-5_4
– ident: ref7
  doi: 10.1007/978-3-642-01957-9_11
– ident: ref22
  doi: 10.1007/978-3-642-19379-8_6
– ident: ref26
  doi: 10.1007/978-3-642-03356-836
– ident: ref18
  doi: 10.1007/978-3-540-24676-3_31
– ident: ref11
  doi: 10.1016/j.future.2018.01.003
– ident: ref4
  doi: 10.1109/JIOT.2016.2584538
– ident: ref12
  doi: 10.1016/j.future.2017.06.025
– ident: ref9
  doi: 10.1109/JBHI.2014.2300846
– year: 2018
  ident: ref2
  article-title: Thales data threat report: Trend om encryption and data security
– volume: 2012
  year: 2012
  ident: ref33
  article-title: New constructions and proof methods for large universe attribute-based encryption
  publication-title: IACR Cryptology ePrint Archive
SSID ssj0000851919
Score 2.46925
Snippet Healthcare Internet-of-Things (IoT) is an emerging paradigm that enables embedded devices to monitor patients vital signals and allows these data to be...
SourceID proquest
crossref
ieee
SourceType Aggregation Database
Enrichment Source
Index Database
Publisher
StartPage 474
SubjectTerms Access control
attribute-based encryption
Cloud computing
Cryptography
Cybersecurity
Edge computing
Electronic devices
Encryption
Health care
Internet of medical things
Internet of Things
Lightweight
Medical services
Security management
Servers
Title Lightweight and Expressive Fine-Grained Access Control for Healthcare Internet-of-Things
URI https://ieeexplore.ieee.org/document/8807140
https://www.proquest.com/docview/2637440099
Volume 10
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1LSwMxEB6qJy9WrWK1Sg5eBNPuezfHUlqLqCeF3pbsJLkorehWxV_vJPsAH4i3HBIImSTzzeTLfABnvlAxeWHFZWA0j4qU7kECxlwWmISW9WrcU8zNbTK_j64W8aIDF-1fGK21I5_poW26t3y1wrVNlY1or9n6chuwQYFb9VerzadY6CB80bxEemJ0N5lY6pYYkkdLosz_4nmclMqP-9c5lVkXbprpVFySh-G6LIb48a1S43_nuwPbNbpk42o77EJHL_eg2yg3sPog92BxbWPyN5cWZXKp2PS9IsS-ajYj3MkvrXKEVmzs9BTZpCK0M0K4bN4yxliVTtQlXxleCYDuw_1sejeZ81pjgWMg_JIXIpBCy0DFKBU5M5_ankd2IlglhcJU-Yjk9dFgJLICo9BksSniKNBpkKEJD2BzuVrqQ2ApYQsTUniJqCKZYKakUUjjPZVinIo-jJr1z7EuQG51MB5zF4h4IieL5dZieW2xPpy3I56q4ht_9O1ZA7T96rXvw6AxcV6fzpc8SEJbF5HA8dHvo45hK7DfHFyqZQCb5fNanxD4KItTt-s-Abof1-M
linkProvider IEEE
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1NbxMxEB2FcIBLAxREaAEfuCDhZL93faxWCQskOSVSbivv2L5QbVC7aSt-fcfeD4lSIW4-2JLlsf2exzPzAD75QsWEworLwGgeVSndg0SMuawwCW3Uq3FfMetNUuyi7_t4P4IvQy6M1toFn-mZbbq_fHXAo3WVzWmv2fpyT-Ap4X4k2mytwaNiyYPwRf8X6Yn5Ns9t8JaYEaYlUeb_gT1OTOWvG9jBynIC635CbTTJz9mxqWb4-0Gtxv-d8Qs46fglu2g3xEsY6foVTHrtBtYd5VPYr-yr_NY5RpmsFVvctSGxN5otiXnyr1Y7Qit24RQVWd6GtDPiuKwYYsZY61DUDT8Y3kqAvobdcrHNC96pLHAMhN_wSgRSaBmoGKUiOPOp7XlkKSJWUihMlY9IuI8GI5FVGIUmi00VR4FOgwxN-AbG9aHWb4GlxC5MSA9MRBXJBDMljUIa76kU41RMYd6vf4ldCXKrhHFZuqeIJ0qyWGktVnYWm8LnYcSvtvzGP_qeWgMM_bq1n8J5b-KyO5_XZZCEtjIi0eN3j4_6CM-K7XpVrr5tfpzB88AmPTjHyzmMm6ujfk9UpKk-uB14DzXx2zM
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Lightweight+and+Expressive+Fine-Grained+Access+Control+for+Healthcare+Internet-of-Things&rft.jtitle=IEEE+transactions+on+cloud+computing&rft.au=Xu%2C+Shengmin&rft.au=Li%2C+Yingjiu&rft.au=Deng%2C+Robert+H.&rft.au=Zhang%2C+Yinghui&rft.date=2022-01-01&rft.pub=IEEE&rft.eissn=2372-0018&rft.volume=10&rft.issue=1&rft.spage=474&rft.epage=490&rft_id=info:doi/10.1109%2FTCC.2019.2936481&rft.externalDocID=8807140
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2168-7161&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2168-7161&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2168-7161&client=summon