Skip to main content
SpringerLink
Log in

An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System

  • Original Paper
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

In e-medicine system, the sharing of patients’ medical histories scattered among medical institutions through the Internet is highly desirable. The most immediate cryptographic need certainly is an efficient key management method to solve dynamic access problems in a user hierarchy. In this paper, we propose a practical solution for dynamic access problem in a user hierarchy based on hybrid cryptosystems. When compared with Nikooghadam et al.’s scheme proposed most recently, the time complexity and the required storage space is reduced significantly. Moreover, it provides provable security, and is easy to implement. Therefore, our scheme is more suitable for e-medicine system.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Wu, Z., Chung, Y., Lai, F., Chen, T., A Password-Based User Authentication Scheme for the Integrated EPR Information System. J Med Syst, 2010. doi:10.1007/s10916-010-9527-7.

    Google Scholar 

  2. Nikooghadam, M., Zakerolhosseini, A., Moghaddam, M.E., Efficient Utilization of Elliptic Curve Cryptosystem for Hierarchical Access Control. The Journal of Systems and Software, 2010. doi:10.1016/j.jss.2010.05.072.

    Google Scholar 

  3. Akl, S.G., Taylor, P.D., Cryptographic solution to a problem of access control in a hierarchy. ACM Transaction on Computer Systems 1(3):239–248, 1983.

    Article  Google Scholar 

  4. Mackinnon, S.T. ,Taylor, P.D., An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transaction on Computer systems 34 (9):797–802, 1985.

    Article  Google Scholar 

  5. Harn, L., Lin, H.Y., A cryptographic key generation scheme for multilevel data security. Computer Security 9:539–546, 1990.

    Article  Google Scholar 

  6. Rivest, R.L. ,Shamir, A., Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21 (2):120–126, 1978.

    Article  MathSciNet  MATH  Google Scholar 

  7. Chang, C.C., Hwang, R.J., Wu, T.C., Cryptographic key assignment scheme for access control in a hierarchy. Information Systems 17 (3):243–247, 1992.

    Article  Google Scholar 

  8. Chang, C.C., Buehrer, D.J., Access control in a hierarchy using a one-way trapdoor function. Computers and Mathematics with Applications 26 (5):71–76, 1993.

    Article  MATH  Google Scholar 

  9. Zhong, S., A practical key management scheme for access control in a user hierarchy. Computers & Security 21(8):750–759, 2002.

    Article  Google Scholar 

  10. Chang, C.C., Lin, I.C., Tsai, H.M., Wang, H.H., A key assignment scheme for controlling access in partially ordered user hierarchies. In Proc. of the 18th IEEE International Conference on Advanced Information Networking and Applications (AINA2004), vol. 2, pp. 376–379, 2004.

  11. Wu, J., Wei, R., An access control scheme for partially ordered set hierarchy with provable security. In of SAC 2005, LNCS 3897, pp. 221–232, 2006.

  12. Wu, K.P., Ruan, S.J., Tseng, C.K., Lai, F.P., Hierarchical access control using the secure filter. IEICE Transactions on Information & Systems E84-D(6):700–707, 2001.

    Google Scholar 

  13. Shen, V.R.L., Chen, T.S., A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers and Security 21(2):164–171, 2002.

    Article  Google Scholar 

  14. Chang, C.C., Lin, I.C., A new solution for assigning cryptographic keys to control access in mobile agent environments. Wireless Communications and Mobile Computing 6(1):137–146, 2006.

    Article  MathSciNet  Google Scholar 

  15. Yeh, J.H., A secure time-bound hierarchical key assignment scheme based on RSA public key cryptosystem. Information Processing Letters 105:117–120, 2008.

    Article  MathSciNet  MATH  Google Scholar 

  16. Hwang, M.S., Yang, W.P., Controlling access in large partially-ordered hierarchies using cryptographic keys. Journal of Systems and Software 67(2):99–107, 2003.

    Article  Google Scholar 

  17. Lo, J.-W., Hwang, M.-S., Liu, C.-H., An efficient key assignment scheme for access control in a large leaf class hierarchy. Inform. Sci., 2010. doi:10.1016/j.ins.2010.09.033.

    Google Scholar 

  18. Hankerson, D., Menezes, A., Vanstone, S., Guide to elliptic curve cryptography, Springer-Verlag, New York, USA, 2004.

    MATH  Google Scholar 

  19. Koblitz, N., Elliptic curve cryptosystem. Mathematics of Computation 48:203–209, 1987.

    Article  MathSciNet  MATH  Google Scholar 

  20. NIST, Recommendation on Key management. DRAFT Special Publication, pp. 800–857, 2003, http://csrc.nist.gov/CryptoToolkit/kms/guideline-1-jan03.pdf.

  21. Stallings, W., Cryptography and Network Security: Principles and Practice, fourth ed., Prentice Hall, 2005.

  22. Chung, Y.F., Lee, H.H., Lai, F., Chen, T.S., Access control in user hierarchy based on elliptic curve Cryptosystem. Information Sciences 178: 230–243, 2008.

    Article  MathSciNet  MATH  Google Scholar 

  23. Jeng, F.G., Wang, C.M., An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem. The Journal of Systems and Software 79:1161–1167, 2006.

    Article  Google Scholar 

  24. ANSI, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA). American National Standard, X9.62-1998.

  25. Johnson, D., Menezes, A., Vanstone, S., The elliptic curve digital signature algorithm (ECDSA). International Journal of Information Security 1(1):36–63, 2001.

    Google Scholar 

  26. Advanced Encryption Standard, http://www.csrc.nist.gov/archieve/aes/.

  27. Bao, F., Deng, R. H., Zhu, H., Variations of Diffie–Hellman problem. In Proc. of International Conference Information and Communications Security - ICICS 2003, Springer-Verlag, LNCS 2836, pp. 301–312.

  28. Choo K.-K. R., Key Establishment: Proofs and Refutations. Doctoral Thesis of Brisbane Australia: Queensland University of Technology, 2006.

  29. Goldwasser S., Micali, S., Probabilisitic Encryption. Journal of Computer and System Sciences 28:270–299, 1984.

    Article  MathSciNet  MATH  Google Scholar 

  30. Bellare, M., Boldyreva, A., Micali, S., Public-key Encryption in a Multi-User Setting: Security Proofs and Improvements. In Proc. of Eurocrypt 2000, LNCS 1807, Springer-Verlag, pp. 259–274, 2000.

  31. Bellare, M., Rogaway, P., Provably Secure Session Key Distribution: The Three Party Case. In Proc. of 27th ACM Symposium on the Theory of Computing, ACM Press, pp. 57–66, 1995.

  32. Koblitz, N., Menezes, A., Vanstone, S.A., The state of elliptic curve cryptography. Designs, Codes and Cryptography 19(2–3):173–193, 2000.

    Article  MathSciNet  MATH  Google Scholar 

  33. National Institute of Standards and Technology, US Department of Commerce, Secure Hash Standard. US Federal Information Processing Standard Publication 180-2, 2002.

  34. Schroeppel, R., Orman, H., O’Malley, S., Spatscheck, O., Fast key exchange with elliptic curve systems. In Proc. of Advances in Cryptology–CRYPTO ’95, LNCS 963, pp. 43–56, 1995.

  35. DeWin, E., Bosselaers, A., Vandenberghe, S., De Gersem, P., Vandewalle, J., A fast software implementation for arithmetic operations in GF(2n) . In Proc. of Advances in Cryptology - ASIACRYPT ’96, LNCS 1163, Springer-Verlag, pp. 65–76, 1996.

  36. Wong, D.S., Fuentes, H.H., Chan, A.H., The performance measurement of cryptographic primitives on palm devices. In Proc. of the 17th Annual Computer Security Applications Conference (ACSAC 2001), pp. 92–101, 2001.

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai, China

    Shuhua Wu & Kefei Chen

  2. Shanghai Key Laboratory of Scalable Computing and Systems, Shanghai, China

    Shuhua Wu & Kefei Chen

  3. Department of Networks Engineering, Information Engineering University, Zhengzhou, China

    Shuhua Wu

Authors
  1. Shuhua Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kefei Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shuhua Wu.

Additional information

This work was supported in part by the National Natural Science Foundation of China (No. 60970111), the National Basic Research Program (973) of China (No. 2007CB311201).

Rights and permissions

Reprints and permissions

About this article

Cite this article

Wu, S., Chen, K. An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System. J Med Syst 36, 2325–2337 (2012). https://doi.org/10.1007/s10916-011-9700-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10916-011-9700-7

Keywords

Search

Navigation