Abstract
With the development of information technology, people can share their health records (PHRs) through the Internet and obtain rapid medical services, which makes mobile health become a promising field. PHRs are collected from wireless body area networks (WBANs) and will be shared with people in different fields through public channels, increasing the risk of leaking personal privacy. Ciphertext-policy attribute-based encryption (CP-ABE) is a popular solution for fine-grained access control, but most existing schemes cannot be directly applied to the WBANs with limited resources and dynamic changes in user roles. In this paper, to meet the requirement of the mHealth System, we propose blockchain-based hierarchical access control with efficient revocation in the mHealth system. We use the Extendable Hierarchical attribute-based encryption (EH-ABE), a file-related hierarchical access control scheme, to encrypt PHRs, which reduces the repetitive computation and storage overhead. The proposed scheme adds the function of offline/online encryption, which can greatly save the energy consumption of the sensors in the WBANs. In addition, this scheme can provide attribute-level user revocation and is proven to be IND-CCA secure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bao, Y., Qiu, W., Tang, P., Cheng, X.: Efficient, revocable, and privacy-preserving fine-grained data sharing with keyword search for the cloud-assisted medical iot system. IEEE J. Biomed. Health Inform. 26(5), 2041–2051 (2021)
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy (SP’07), pp. 321–334. IEEE (2007)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Edemacu, K., Jang, B., Kim, J.W.: Collaborative ehealth privacy and security: An access control with attribute revocation based on OBDD access structure. IEEE J. Biomed. Health Inform. 24(10), 2960–2972 (2020)
Fu, J., Wang, N.: A practical attribute-based document collection hierarchical encryption scheme in cloud computing. IEEE Access 7, 36218–36232 (2019)
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98 (2006)
Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of \(\{\)ABE\(\}\) ciphertexts. In: 20th USENIX Security Symposium (USENIX Security 11) (2011)
Guo, R., Yang, G., Shi, H., Zhang, Y., Zheng, D.: O 3-R-CP-ABE: an efficient and revocable attribute-based encryption scheme in the cloud-assisted iomt system. IEEE Internet Things J. 8(11), 8949–8963 (2021)
Hajar, M.S., Al-Kadri, M.O., Kalutarage, H.K.: A survey on wireless body area networks: architecture, security challenges and research opportunities. Comput. Secur. 104, 102211 (2021)
Han, D., Pan, N., Li, K.C.: A traceable and revocable ciphertext-policy attribute-based encryption scheme based on privacy protection. IEEE Transactions on Dependable and Secure Computing (2020)
Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2010)
Lee, K., Choi, S.G., Lee, D.H., Park, J.H., Yung, M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako, K., Sarkar, P. (eds.) Advances in Cryptology - ASIACRYPT 2013, pp. 235–254. Springer Berlin Heidelberg, Berlin, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42033-7_13
Li, H., Yu, K., Liu, B., Feng, C., Qin, Z., Srivastava, G.: An efficient ciphertext-policy weighted attribute-based encryption for the internet of health things. IEEE J. Biomed. Health Inform. 26(5), 1949–1960 (2021)
Li, J., Yu, Q., Zhang, Y.: Hierarchical attribute based encryption with continuous leakage-resilience. Inf. Sci. 484, 113–134 (2019)
Li, M., Lou, W., Ren, K.: Data security and privacy in wireless body area networks. IEEE Wirel. Commun. 17(1), 51–58 (2010)
Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2012)
Li, Q., Xia, B., Huang, H., Zhang, Y., Zhang, T.: Trac: traceable and revocable access control scheme for mhealth in 5G-enabled iiot. IEEE Trans. Industr. Inf. 18(5), 3437–3448 (2021)
Liang, X., Lu, R., Lin, X., Shen, X.S.: Ciphertext policy attribute based encryption with efficient revocation. TechnicalReport, University of Waterloo 2(8) (2010)
Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security: 6th International Conference, ACNS 2008, New York, NY, USA, June 3-6, 2008. Proceedings, pp. 111–129. Springer Berlin Heidelberg, Berlin, Heidelberg (2008). https://doi.org/10.1007/978-3-540-68914-0_7
Riad, K., Huang, T., Ke, L.: A dynamic and hierarchical access control for Iot in multi-authority cloud storage. J. Netw. Comput. Appl. 160, 102633 (2020)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Shen, J., Gui, Z., Chen, X., Zhang, J., Xiang, Y.: Lightweight and certificateless multi-receiver secure data transmission protocol for wireless body area networks. IEEE Transactions on Dependable and Secure Computing (2020)
Sun, J., Xiong, H., Liu, X., Zhang, Y., Nie, X., Deng, R.H.: Lightweight and privacy-aware fine-grained access control for Iot-oriented smart health. IEEE Internet Things J. 7(7), 6566–6575 (2020)
Tan, L., Yu, K., Shi, N., Yang, C., Wei, W., Lu, H.: Towards secure and privacy-preserving data sharing for Covid-19 medical records: a blockchain-empowered approach. IEEE Trans. Netw. Sci. Eng. 9(1), 271–281 (2021)
Tang, W., Zhang, K., Ren, J., Zhang, Y., Shen, X.: Lightweight and privacy-preserving fog-assisted information sharing scheme for health big data. In: GLOBECOM 2017-2017 IEEE Global Communications Conference, pp. 1–6. IEEE (2017)
Wang, S., et al.: A fast CP-ABE system for cyber-physical security and privacy in mobile healthcare network. IEEE Trans. Ind. Appl. 56(4), 4467–4477 (2020)
Wang, S., Zhou, J., Liu, J.K., Yu, J., Chen, J., Xie, W.: An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans. Inf. Forensics Secur. 11(6), 1265–1277 (2016)
Xiao, M., Li, H., Huang, Q., Yu, S., Susilo, W.: Attribute-based hierarchical access control with extendable policy. IEEE Transactions on Information Forensics and Security (2022)
Xu, S., Li, Y., Deng, R., Zhang, Y., Luo, X., Liu, X.: Lightweight and expressive fine-grained access control for healthcare internet-of-things. IEEE Transactions on Cloud Computing (2019)
Yang, Y., Liu, X., Deng, R.H., Li, Y.: Lightweight sharable and traceable secure mobile health system. IEEE Trans. Dependable Secure Comput. 17(1), 78–91 (2017)
Zhang, L., Zhao, C., Wu, Q., Mu, Y., Rezaeibagha, F.: A traceable and revocable multi-authority access control scheme with privacy preserving for mhealth. J. Syst. Architect. 130, 102654 (2022)
Zhong, H., Zhou, Y., Zhang, Q., Xu, Y., Cui, J.: An efficient and outsourcing-supported attribute-based access control scheme for edge-enabled smart healthcare. Futur. Gener. Comput. Syst. 115, 486–496 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Liang, T., He, Y., Huang, P., Xia, Z. (2024). Blockchain-Based Hierarchical Access Control with Efficient Revocation in mHealth System. In: Chen, J., Xia, Z. (eds) Blockchain Technology and Emerging Applications. BlockTEA 2023. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 577. Springer, Cham. https://doi.org/10.1007/978-3-031-60037-1_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-60037-1_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-60036-4
Online ISBN: 978-3-031-60037-1
eBook Packages: Computer ScienceComputer Science (R0)