Skip to main content
SpringerLink
Log in

HCBE: Achieving Fine-Grained Access Control in Cloud-Based PHR Systems

  • Conference paper
  • First Online:
Algorithms and Architectures for Parallel Processing (ICA3PP 2015)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 9530))

Abstract

With the development of cloud computing, more and more users employ cloud-based personal health record (PHR) systems. The PHR is correlated with patient privacy, and thus research suggested to encrypt PHRs before outsourcing. Comparison-based encryption (CBE) was the first to realize time comparison in attribute-based access policy by means of the forward/backward derivation functions. However, the cost for encryption is linearly with the number of attributes in the access policy. To efficiently realize a fine-grained access control for PHRs in clouds, we propose a hierarchical comparison-based encryption (HCBE) scheme by incorporating an attribute hierarchy into CBE. Specifically, we construct an attribute tree, where the ancestor node is the generalization of the descendant nodes. The HCBE scheme encrypts a ciphertext with a small amount of generalized attributes at a higher level, other than lots of specific attributes at a lower level, largely improving the encryption performance. Furthermore, we encode each attribute node with the positive-negative depth-first (PNDF) coding. By virtue of the backward derivation function of the CBE scheme, the users associated with the specific attributes can decrypt the ciphertext encrypted with the generalized attributes, within the specified time. The experiment results show that the HCBE scheme has better performance in terms of the encryption cost, compared with the CBE scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Let \(s_{1}, s_{2}\) be two secret large primes. We have \(n=sn'=s_{1}s_{2}p'q'|lcm(p+1,q+1)\), where \(n'=p'q'|n\), \(s=s_{1}s_{2}\), \(p=2p's_{1}-1\), and \(q=2q's_{2}-1\).

  2. 2.

    Let S and \(S'\) denote the set of attributes in \(\widehat{\mathcal {L}}\) and \(\widehat{\mathcal {L}}'\), respectively. \(\widehat{\mathcal {L}}' \preceq \widehat{\mathcal {L}}\) iff \(S' \subseteq S\), and for each attribute \(A_{k}[t_a, t_b, Pcode_k, Ncode_k] \in \widehat{\mathcal {L}}\) and \(A_{l}[t_i, t_j, Pcode_l, Ncode_l] \in \widehat{\mathcal {L}}'\), \(t_{a} \le t_{i}\), \(t_{b} \ge t_{j}\), \(Pcode_{k} \ge Pcode_{l}\), and \(Ncode_{k} \ge Ncode_{l}\).

References

  1. Tang, P., Ash, J., Bates, D., et al.: Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. J. Am. Med. Inf. Assoc. 13(2), 121–126 (2006)

    Article  Google Scholar 

  2. Guo, L., Zhang, C., Sun, J., et al.: PAAS: A privacy-preserving attribute-based authentication system for ehealth networks. In: Proceedings of IEEE ICDCS, pp. 224–233 (2012)

    Google Scholar 

  3. Armbrust, M., Fox, A., Griffith, R., et al.: A view of cloud computing. Commun. ACM 53(4), 50–58 (2010)

    Article  Google Scholar 

  4. Googlehealth. https://www.google.com/health/

  5. Healthvault. http://www.healthvault.com/

  6. Wang, G., Liu, Q., Wu, J.: Hierarchical attribute-based encryption for fine-grained access control in cloud storage services. In: Proceedings of ACM CCS, pp. 735–737 (2010)

    Google Scholar 

  7. Zhu, Y., Hu, H., Ahn, G., et al.: Comparison-based encryption for fine-grained access control in clouds. In: Proceedings of ACM CODASPY, pp. 105–116 (2012)

    Google Scholar 

  8. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute based encryption. In: Proceedings of IEEE S&P, pp. 321–349 (2007)

    Google Scholar 

  10. Jin, J., Ahn, G.-J., Hu, H.: Patient-centric authorization framework for sharing electronic health records. In: Proceedings of ACM SACMAT, pp. 125–134 (2009)

    Google Scholar 

  11. Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient controlled encryption: ensuring privacy of electronic medical records. In: Proceedings of ACM CCSW, pp. 103–114 (2009)

    Google Scholar 

  12. Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 89–106. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  13. Yao, X., Lin, Y., Liu, Q., et al.: Efficient and privacy-preserving search in multi-source personal health record clouds. In: Proceedings of IEEE ISCC (2015, accepted to appear)

    Google Scholar 

  14. Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  15. Li, M., Yu, S., Cao, N., et al: Authorized private keyword search over encrypted data in cloud computing. In: Proceedings of IEEE ICDCS, pp. 383–392 (2011)

    Google Scholar 

  16. Okamoto, T., Takashima, K.: Hierarchical predicate encryption for inner-products. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 214–231. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  17. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of ACM CCS, pp. 89–98 (2006)

    Google Scholar 

  18. Waters, B.: Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Catalano, D., Fazio, N., Gennaro, R., Nicolosi, A. (eds.) PKC 2011. LNCS, vol. 6571, pp. 53–70. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  19. Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  20. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of IEEE INFOCOM, pp. 534–542 (2010)

    Google Scholar 

  21. Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 360–379. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

Download references

Acknowledgments

This work was supported in part by NSFC grants 61402161, 614721 3161272546; NSF grants CNS 149860, CNS 1461932, CNS 1460971, CNS 1439672,CNS 1301774, ECCS 1231461, ECCS 1128209, and CNS 1138963.

Author information

Authors and Affiliations

  1. College of Computer Science and Electronic Engineering, Hunan University, Changsha, 410082, People’s Republic of China

    Xuhui Liu & Qin Liu

  2. School of Information Science and Engineering, Central South University, Changsha, 410083, People’s Republic of China

    Tao Peng

  3. Department of Computer and Information Sciences, Temple University, Philadelphia, PA, 19122, USA

    Jie Wu

Authors
  1. Xuhui Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tao Peng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jie Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qin Liu .

Editor information

Editors and Affiliations

  1. Central South University, Changsha, China

    Guojun Wang

  2. The University of Sydney, Sydney, New South Wales, Australia

    Albert Zomaya

  3. University of Murcia, Murcia, Murcia, Spain

    Gregorio Martinez

  4. Hunan University, Changsha, China

    Kenli Li

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Liu, X., Liu, Q., Peng, T., Wu, J. (2015). HCBE: Achieving Fine-Grained Access Control in Cloud-Based PHR Systems. In: Wang, G., Zomaya, A., Martinez, G., Li, K. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2015. Lecture Notes in Computer Science(), vol 9530. Springer, Cham. https://doi.org/10.1007/978-3-319-27137-8_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27137-8_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27136-1

  • Online ISBN: 978-3-319-27137-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation