CESCR: CP-ABE for efficient and secure sharing of data in collaborative ehealth with revocation and no dummy attribute
Open Access
- 11 May 2021
- journal article
- research article
- Published by Public Library of Science (PLoS) in PLOS ONE
- Vol. 16 (5), e0250992
- https://doi.org/10.1371/journal.pone.0250992
Abstract
With the rapid advancement of information and communication technologies, there is a growing transformation of healthcare systems. A patient’s health data can now be centrally stored in the cloud and be shared with multiple healthcare stakeholders, enabling the patient to be collaboratively treated by more than one healthcare institution. However, several issues, including data security and privacy concerns still remain unresolved. Ciphertext-policy attribute-based encryption (CP-ABE) has shown promising potential in providing data security and privacy in cloud-based systems. Nevertheless, the conventional CP-ABE scheme is inadequate for direct adoption in a collaborative ehealth system. For one, its expressiveness is limited as it is based on a monotonic access structure. Second, it lacks an attribute/user revocation mechanism. Third, the computational burden on both the data owner and data users is linear with the number of attributes in the ciphertext. To address these inadequacies, we propose CESCR, a CP-ABE for efficient and secure sharing of health data in collaborative ehealth systems with immediate and efficient attribute/user revocation. The CESCR scheme is unbounded, i.e., it does not bind the size of the attribute universe to the security parameter, it is based on the expressive and non-restrictive ordered binary decision diagram (OBDD) access structure, and it securely outsources the computationally demanding attribute operations of both encryption and decryption processes without requiring a dummy attribute. Security analysis shows that the CESCR scheme is secure in the selective model. Simulation and performance comparisons with related schemes also demonstrate that the CESCR scheme is expressive and efficient.Keywords
Funding Information
- Basic Science Research Program through the National Research Foundation of Korea (NRF-2020R1F1A1072622)
This publication has 53 references indexed in Scilit:
- Privacy-preserving personal health record using multi-authority attribute-based encryption with revocationInternational Journal of Information Security, 2014
- Dynamic Ciphertext-Policy Attribute-Based Encryption for Expressive Access PolicyLecture Notes in Computer Science, 2014
- Cloud based intelligent system for delivering health care as a serviceComputer Methods and Programs in Biomedicine, 2014
- Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud StorageIEEE Transactions on Parallel and Distributed Systems, 2013
- Charm: a framework for rapidly prototyping cryptosystemsJournal of Cryptographic Engineering, 2013
- Decentralizing Attribute-Based EncryptionLecture Notes in Computer Science, 2011
- Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure RealizationLecture Notes in Computer Science, 2011
- Provably secure ciphertext policy ABEPublished by Association for Computing Machinery (ACM) ,2007
- Indivo: a personally controlled health record for health information exchange and communicationBMC Medical Informatics and Decision Making, 2007
- Fuzzy Identity-Based EncryptionLecture Notes in Computer Science, 2005