Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

Keynote webinar | Spotlight on medication adherence

LIVE: Thursday 27th June 2024, 18:00-19:30 (CEST)
Join our expert panel to discover why you need to understand the drivers of non-adherence in your patients, and how you can optimize medication adherence in your clinics to drastically improve patient outcomes.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 5/2020

01-05-2020 | Mobile & Wireless Health

Efficient and Secure Attribute Based Access Control Architecture for Smart Healthcare

Authors: Saurabh Rana, Dheerendra Mishra

Published in: Journal of Medical Systems | Issue 5/2020

Login to get access

Abstract

The smart health medical system is expected to enhance the quality of health care services significantly. These system keeps patients related record and provides the services over the insecure public channel which may cause data security and privacy concerns in a smart health system. On the other hand, ciphertext attribute-based encryption(CP-ABE) provides possible encrypted data security. There are some security flaws in CP-ABE, where the existing access policies are in the cleartext form for accessing encrypted sensitive data. On the other hand, it supports the small attribute universe, which restricts the practical deployments of CP-ABE. Moreover, outsider adversary observed the communication, which also creates a serious threat to CP-ABE model. To overcome security and privacy risk, efficient access control have been designed and devolved for medical services. Although we also demonstrate the security analysis of Zhang et al.’s scheme, which is vulnerable to inefficient security proof and man in the middle attack. In the proposed scheme, we proposed an efficient and security preserve scheme to overcome the weaknesses of Zhang’s et al.’s system. The protocol satisfies the attribute values of the medical user with hidden access policies. It has been proved under the standard model, which ensure the security of the protocol. Moreover, performance analysis comparison shows that the proposed scheme is more efficient than the existing one.
Literature
1.
Amin R., Islam S.H., Biswas G., Khan M.K., Obaidat M.S.: Design and analysis of an enhanced patient-server mutual authentication protocol for telecare medical information system. Journal of medical systems 39 (11): 137, 2015PubMedCrossRef
2.
Bellare M., Pointcheval D., Rogaway P.: Authenticated key exchange secure against dictionary attacks.. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2000, pp 139–155
3.
Bethencourt J., Sahai A., Waters B.: Ciphertext-policy attribute-based encryption.. In: IEEE Symposium on Security and Privacy-SP’07. IEEE, 2007, pp 321–334
4.
Cui H., Deng R.H., Lai J., Yi X., Nepal S.: An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited. Computer Networks 133: 157–165, 2018CrossRef
5.
Dolev D., Yao A.C.: On the security of public key protocols. IEEE Trans. Inform. Theory 29 (2): 198–208, 1983CrossRef
6.
Gope P., Amin R.: A novel reference security model with the situation based access policy for accessing ephr data. J. Med. Syst. 40 (11): 242, 2016PubMedCrossRef
7.
Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data.. In: Proceedings of the 13th ACM Conference on Computer and Communications Security. ACM, 2006, pp 89–98
8.
He D., Hu H.: Cryptanalysis of a dynamic id-based remote user authentication scheme with access control for multi-server environments. IEICE Trans. Inform. Syst. 96 (1): 138–140, 2013CrossRef
9.
Jakobsson M., Pointcheval D.: Mutual authentication for low-power mobile devices.. In: International Conference on Financial Cryptography. Springer, 2001, pp 178–195
10.
Jia X., He D., Kumar N., Choo K.K.R.: Authenticated key agreement scheme for fog-driven iot healthcare system. Wireless Networks 25 (8): 4737–4750, 2019CrossRef
11.
Lai J., Deng R.H., Li Y. (2012) Expressive cp-abe with partially hidden access structures
12.
Li J., Ren K., Kim K.: A2be: Accountable attribute-based encryption for abuse free access control. IACR Cryptology ePrint Archive 2009: 118, 2009
13.
Mukhopadhyay S.C.: Wearable sensors for human activity monitoring: a review. IEEE Sensors Journal 15 (3): 1321–1330, 2014CrossRef
14.
Shao M.H., Chin Y.C.: A privacy-preserving dynamic id-based remote user authentication scheme with access control for multi-server environment. IEICE Trans. Inform. Syst. 95 (1): 161–168, 2012CrossRef
15.
Tran P.V.X., Yang G., Susilo W. (2016) Hidden ciphertext policy attribute-based encryption under standard assumptions
16.
Wang H., He D., Shen J., Zheng Z., Yang X., Au M.H.: Fuzzy matching and direct revocation: a new cp-abe scheme from multilinear maps. Soft Comput. 22 (7): 2267–2274, 2018CrossRef
17.
Xu B., Da Xu L., Cai H., Xie C., Hu J., Bu F.: Ubiquitous data accessing method in iot-based information system for emergency medical services. IEEE Trans. Ind. Inform. 10 (2): 1578–1586, 2014CrossRef
18.
Yan H., Xu L.D., Bi Z., Pang Z., Zhang J., Chen Y.: An emerging technology–wearable wireless sensor networks with applications in human health condition monitoring. Journal of Management Analytics 2 (2): 121–137, 2015CrossRef
19.
Yang K., Han Q., Li H., Zheng K., Su Z., Shen X.: An efficient and fine-grained big data access control scheme with privacy-preserving policy. IEEE Internet of Things Journal 4 (2): 563–571, 2016CrossRef
20.
Zhang X., Jin C., Li C., Wen Z., Shen Q., Fang Y., Wu Z.: Ciphertext-policy attribute-based encryption with user and authority accountability.. In: International Conference on Security and Privacy in Communication Systems. Springer, 2015, pp 500–518
21.
Zhang Y., Chen X., Li J., Wong D.S., Li H.: Anonymous attribute-based encryption supporting efficient decryption test.. In: Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security. ACM, 2013, pp 511–516
22.
Zhang Y., Li J., Zheng D., Chen X., Li H.: Towards privacy protection and malicious behavior traceability in smart health. Pers. Ubiquit. Comput. 21 (5): 815–830, 2017CrossRef
23.
Zhang Y., Yang M., Zheng D., Lang P., Wu A., Chen C.: Efficient and secure big data storage system with leakage resilience in cloud computing. Soft Comput. 22 (23): 7763–7772, 2018CrossRef
24.
Zhang Y., Zheng D., Deng R.H.: Security and privacy in smart health: Efficient policy-hiding attribute-based access control. IEEE Internet of Things Journal 5 (3): 2130–2145, 2018CrossRef
25.
Zhou Y., Yang B., Mu Y.: Continuous leakage-resilient identity-based encryption without random oracles. Comput. J 61 (4): 586–600, 2018CrossRef
Metadata
Title
Efficient and Secure Attribute Based Access Control Architecture for Smart Healthcare
Authors
Saurabh Rana
Dheerendra Mishra
Publication date
01-05-2020
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 5/2020
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-020-01564-z

Other articles of this Issue 5/2020

Journal of Medical Systems 5/2020 Go to the issue

Systems-Level Quality Improvement

Efficient NTRU Lattice-Based Certificateless Signature Scheme for Medical Cyber-Physical Systems

Education & Training

AI-Driven Tools for Coronavirus Outbreak: Need of Active Learning and Cross-Population Train/Test Models on Multitudinal/Multimodal Data

Transactional Processing Systems

How Can Blockchain Help People in the Event of Pandemics Such as the COVID-19?

Image & Signal Processing

Optic Disc and Cup Image Segmentation Utilizing Contour-Based Transformation and Sequence Labeling Networks

Image & Signal Processing

Internet Intervention System for Elderly Hypertensive Patients Based on Hospital Community Family Edge Network and Personal Medical Resources Optimization

Mobile & Wireless Health

Evaluative Research of Technologies for Prehospital Communication and Coordination: a Systematic Review