Abstract
The advancement in collaborative work among multiple institutions results in tremendous data sharing and, at the same time raises concerns about data security and privacy. Current systems are mostly built upon a centralized model, so the system requires one authority to concede another authority or mitigate trust to a trusted third party.
In this paper, we propose a multi-authority decentralized attribute-based authorization framework illustrated in an eHealth scenario that provides resilience and transparency, enforces data privacy, and allows each authority to enforce their access policy on the shared data. The framework operates on Blockchain technology and multi-authority attribute-based encryption. Our framework protects against malicious single authority who aims to grant permission to users to the shared data. Moreover, we optimize the user key structure that could reduce the key size of the key set by a factor of up to n! where n is the number of attributes in the user key to eliminate brute-force attacks. We implement the framework, show the system performance, and prove the efficiency of our proposed framework.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Health Insurance Portability and Accoutnability Act HIPAA. https://www.hhs.gov/hipaa/index.html. Accessed 7 Sept 2021
General Data Protection Regulation. https://www.gdpr.eu. Accessed 7 Sept 2021
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)
Szabo, N.: The idea of smart contracts (1994)
Adam, S., Sara, R., Luke, B.: MediChain: a secure decentralized medical data asset management system. IEEE (2018). https://doi.org/10.1109/Cybermatics_2018.2018.00258
Mark, N., Chien-Chung, S., Hao, G., Wanxin, L.: Access control for electronic health records with hybrid blockchain edge architecture. IEEE (2019)
Hyperledger homepage. https://hyperledger.org. Accessed 7 Sept 2021
Aura, R., Damiano, P.M.: Blockchain based access control service. IEEE (2018). https://doi.org/10.1109/Cybermatics_2018.2018.00237
Chien-Chung, S., Hao, G., Ehsan, M.: Multi-authority attribute-based access control with smart contract. In: ICBCT (2019). https://doi.org/10.1145/3320154.3320164
Ethereum homepage. https://ethereum.org. Accessed 7 Sept 2021
Zhang, Y., Zheng, D., Chen, X., Li, J., Li, H.: Computationally efficient ciphertext-policy attribute-based encryption with constant-size ciphertexts. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 259–273. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-12475-9_18
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Waters, B., Sahai, A.: Attribute based encryption for fine-grained access control of encrypted data. ACM (2006)
Bethencourt, J., Sabai, A., Waters, B.: Ciphertext-policy attribute-based encryption. IEEE (2007)
Water, B., Rouselakis, Y.: Efficient statically-secure large-universe multi-authority attribute-based encryption, pp. 315–332 (2015)
Sok, K., Colin, J.N., Po, K.: Blockchain and internet of things opportunity and challenges, pp. 150–154. ACM (2018). https://doi.org/10.1145/3287921.3287933
Colin, J.N., Laurent, E.: A flexible and centralized approach for access control in heterogeneous IoT environment (2019). https://doi.org/10.4018/IJHIoT.2019010102
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sok, K., Colin, J.N., Po, K. (2022). Multi-authority Decentralized Attribute-Based Authorization Framework. In: Horkoff, J., Serral, E., Zdravkovic, J. (eds) Advanced Information Systems Engineering Workshops. CAiSE 2022. Lecture Notes in Business Information Processing, vol 451. Springer, Cham. https://doi.org/10.1007/978-3-031-07478-3_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-07478-3_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-07477-6
Online ISBN: 978-3-031-07478-3
eBook Packages: Computer ScienceComputer Science (R0)