ESPAC: Enabling security and patient-centric access control for ehealth in cloud computing

被引：89

作者：

Barua M. ^{[1
]}

Liang X. ^{[1
]}

Lu R. ^{[1
]}

Shen X. ^{[1
]}

机构：

[1] Department of Electrical and Computer Engineering, University of Waterloo, Waterloo

来源：

International Journal of Security and Networks | 2011年 / 6卷 / 2-3期

关键词：

ABE; Access control; Attribute-based encryption; Cloud computing; Ehealth; Privacy; Security;

D O I：

10.1504/IJSN.2011.043666

中图分类号：

学科分类号：

摘要：

We consider the problem of patient self-controlled access privilege to highly sensitive Personal Health Information (PHI), where PHI is expected to be securely stored in cloud storage for uninterrupted anytime, anywhere remote access. In order to assure the privacy of PHI, we propose Efficient and Secure Patient-centric Access Control (ESPAC) scheme which allows data requesters to have different access privileges based on their roles, and then assigns different attribute sets to them. Extensive security and performance analyses demonstrate that the ESPAC scheme is able to achieve desired security requirements with acceptable communication delay. © 2011 Inderscience Enterprises Ltd.

引用

页码：67 / 76

页数：9

共 19 条

[1]

Barua M., Alam M.S., Liang X., Shen X., Secure and quality of service assurance scheduling scheme for wban with application to ehealth, Wireless Communications and Networking Conference (WCNC), pp. 1-5, (2011)

[2]

Bethencourt J., Sahai A., Waters B., Ciphertext-policy attribute-based encryption, Proceedings - IEEE Symposium on Security and Privacy, pp. 321-334, (2007)

[3]

Bethencourt J., Sahai A., Waters B., Advanced Crypto Software Collection, Ciphertext-policy Attribute-based Encryption, (2011)

[4]

Boneh D., Franklin M., Identity-based encryption from the weil pairing, Lecture Notes in Computer Science, 2139, pp. 213-229, (2001)

[5]

Cassandras C.G., Lafortune S., Introduction to Discrete Event Systems, (2010)

[6]

Goyal V., Pandey O., Sahai A., Waters B., Attribute-based encryption for fine-grained access control of encrypted data, Proceedings of the ACM Conference on Computer and Communications Security, pp. 89-98, (2006)

[7]

Johnson M., Data hemorrhages in the health-care sector, Financial Cryptography and Data Security, Vol. 5628 of Lecture Notes in Computer Science, pp. 71-89, (2009)

[8]

Kamara S., Lauter K., Cryptographic cloud storage, Proceedings of the 14th International Conference on Financial Cryptograpy and Data Security, FC'10, pp. 136-149, (2010)

[9]

Liang X., Lu R., Lin X., Shen X., Patient self-controllable access policy on phi in ehealthcare systems, AHIC 2010, pp. 1-5, (2010)

[10]

Lin X., Lu R., Shen X., Nemoto Y., Kato N., Sage: A strong privacy-preserving scheme against global eavesdropping for ehealth systems, Selected Areas in Communications, 27, 4, pp. 365-378, (2009)

← 1 2 →