Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control

With the rapid development of the Internet of Things and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received solution...

Full description

Saved in:
Bibliographic Details
Published inIEEE internet of things journal Vol. 5; no. 3; pp. 2130 - 2145
Main Authors Yinghui Zhang, Dong Zheng, Deng, Robert H.
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.06.2018
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Access control
Algorithms
Attribute-based encryption (ABE)
Cloud computing
Cryptography
Cybersecurity
decryption test
Encryption
full security
Health
Hospitals
Internet of Things
large universe
Parameters
Performance assessment
Policies
Privacy
privacy protection
smart health (s-health)
Universe
Urban areas
Online AccessGet full text

Cover

More Information
Summary:With the rapid development of the Internet of Things and cloud computing technologies, smart health (s-health) is expected to significantly improve the quality of health care. However, data security and user privacy concerns in s-health have not been adequately addressed. As a well-received solution to realize fine-grained access control, ciphertext-policy attribute-based encryption (CP-ABE) has the potential to ensure data security in s-health. Nevertheless, direct adoption of the traditional CP-ABE in s-health suffers two flaws. For one thing, access policies are in cleartext form and reveal sensitive health-related information in the encrypted s-health records (SHRs). For another, it usually supports small attribute universe, which places an undesirable limitation on practical deployments of CP-ABE because the size of its public parameters grows linearly with the size of the universe. To address these problems, we introduce PASH, a privacy-aware s-health access control system, in which the key ingredient is a large universe CP-ABE with access policies partially hidden. In PASH, attribute values of access policies are hidden in encrypted SHRs and only attribute names are revealed. In fact, attribute values carry much more sensitive information than generic attribute names. Particularly, PASH realizes an efficient SHR decryption test which needs a small number of bilinear pairings. The attribute universe can be exponentially large and the size of public parameters is small and constant. Our security analysis indicates that PASH is fully secure in the standard model. Performance comparisons and experimental results show that PASH is more efficient and expressive than previous schemes.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2018.2825289