Secure Electronic Health Record System Based on Online/Offline KP-ABE in the Cloud

Kun Liu

Abstract

Online electronic health record(EHR) enables patients to centrally manage the own medical records, which greatly facilitates the storage, access and sharing of personal health data. With the emergence of cloud computing, it has succeeded in attracting attention and transferring their EHR applications to an efficient system for storing and accessing data. However, due to lose physically control of personal data in a cloud computing circumstance, it brings about a serious privacy problem for the data owner. Therefore, cryptography schemes offering a more suitable solution for enforcing access policies based on user attributes are needed. We have proposed a framework with fine-grained access control mechanism that protects electronic health data in varieties of devices, including smart mobile device. We make EHR security through designing online/offline key policy attribute-based encryption scheme which is an extension of identify-based encryption (IBE). This scheme can provide fine-grain access policy and efficiency for users’ data. Especially, it’s greatly reducing complexity and computational of encryption and key generation.

References

  1. Beimel, A. a. (1996). Secure schemes for secret sharing and key distribution. Technion-Israel Institute of technology, Faculty of computer science.
  2. Benaloh, J., Chase, M., Horvitz, E., and Lauter, K. (2009). Patient controlled encryption: ensuring privacy of electronic medical records. In Proceedings of the 2009 ACM workshop on Cloud computing security, pages 103-114. ACM.
  3. Bethencourt, J., Sahai, A., and Waters, B. (2007). Ciphertext-policy attribute-based encryption. In Security and Privacy, 2007. SP'07. IEEE Symposium on, pages 321-334. IEEE.
  4. Boneh, D., Di Crescenzo, G., Ostrovsky, R., and Persiano, G. (2004). Public key encryption with keyword search. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 506-522. Springer.
  5. Boneh, D. and Franklin, M. (2001). Identity-based encryption from the weil pairing. In Annual International Cryptology Conference, pages 213-229. Springer.
  6. Buck, C. F. (2007). Designing a consumer-centered personal health record. Technical report, Technical report, California Health Foundation.
  7. Fan, K., Huang, N., Wang, Y., Li, H., and Yang, Y. (2015). Secure and efficient personal health record scheme using attribute-based encryption. In Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, pages 111-114. IEEE.
  8. Goyal, V., Pandey, O., Sahai, A., and Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security, pages 89-98. Acm.
  9. Health, U. D., Services, H., et al. (2008). The nationwide privacy and security framework for electronic exchange of individually identifiable health information. Office of the National Coordinator for Health Information Technology.
  10. Hohenberger, S. and Waters, B. (2014). Online/offline attribute-based encryption. In International Workshop on Public Key Cryptography, pages 293-310. Springer.
  11. Kim, G. R., Lehmann, C. U., on Clinical Information Technology, C., et al. (2008). Pediatric aspects of inpatient health information technology systems. Pediatrics, 122(6):e1287-e1296.
  12. Li, J., Li, J., Chen, X., Jia, C., and Lou, W. (2015). Identity-based encryption with outsourced revocation in cloud computing. Ieee Transactions on computers, 64(2):425-437.
  13. Liu, J. K., Au, M. H., Huang, X., Lu, R., and Li, J. (2016). Fine-grained two-factor access control for web-based cloud computing services. IEEE Transactions on Information Forensics and Security, 11(3):484-497.
  14. Lohr, S. (2009). Ge and intel join forces on health technologies. New York Times, 3.
  15. Meng, D., Wang, W., Luo, E., and Wang, G. (2016). Attribute-based traceable anonymous proxy signature strategy for mobile healthcare. In Security, Privacy, and Anonymity in Computation, Communication, and Storage: 9th International Conference, SpaCCS 2016, Zhangjiajie, China, November 16-18, 2016, Proceedings 9, pages 178-189. Springer.
  16. Rouselakis, Y. and Waters, B. (2013). Practical constructions and new proof methods for large universe attribute-based encryption. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 463-474. ACM.
  17. Sahai, A. and Waters, B. (2005). Fuzzy identity-based encryption. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 457-473. Springer.
  18. Tripathi, M., Delano, D., Lund, B., and Rudolph, L. (2009). Engaging patients for health information exchange. Health Affairs, 28(2):435-443.
  19. Yan, H., Li, J., Li, X., Zhao, G., Lee, S.-Y., and Shen, J. (2016). Secure access control of e-health system with attribute-based encryption. Intelligent Automation & Soft Computing, 22(3):345-352.
Download


Paper Citation


in Harvard Style

Liu K. (2017). Secure Electronic Health Record System Based on Online/Offline KP-ABE in the Cloud . In Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-245-5, pages 110-116


in Bibtex Style

@conference{iotbds17,
author={Kun Liu},
title={Secure Electronic Health Record System Based on Online/Offline KP-ABE in the Cloud},
booktitle={Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2017},
pages={110-116},
publisher={SciTePress},
organization={INSTICC},
doi={},
isbn={978-989-758-245-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Secure Electronic Health Record System Based on Online/Offline KP-ABE in the Cloud
SN - 978-989-758-245-5
AU - Liu K.
PY - 2017
SP - 110
EP - 116
DO -