A Survey on Personal Health Records Using Multi Authority Attribute-based Encryption
International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)
Download this PDF format
Abstract
A PHR service allows a patient to create, manage, and control her Personal health data storage, retrieval and sharing of the medical information in web. The patient could actually control the sharing of their sensitive Personal health information?s are stored on a third party server which people may not fully trusted. To ensure patient centric privacy control over their own PHR have fine-grained access control mechanisms that work in the semi trusted servers and the PHR owner encrypt her file should only be available decrypt it. Each attribute authority (AA) in it governs disjoint subset of user role attributes, while none of them alone is able to control the security of the whole system. We propose mechanisms for key distribution and encryption so that PHR owners can specify personalized fine-grained role based access policies during file encryption. In the personal domain, owners directly assign access privileges for personal users and encrypt PHR file under its data attributes MA-ABE by putting forward an efficient on demand user/attribute revocation scheme, and prove its security under standard security assumptions
References
[1] M. Li, S. Yu, K. Ren, and W. Lou, “Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multiowner settings,” in SecureComm?10, Sept. 2010, pp. 89–106.
[2] M. Li, S. Yu, N. Cao, and W. Lou, “Authorized private keyword search over encrypted personal health records in cloud computing,” in ICDCS ?11, Jun. 2011
[3] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, “Patient controlled encryption: ensuring privacy of electronic medical records,” in CCSW ?09, 2009, pp. 103–114.
[4] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in IEEE INFOCOM?10, 2010
[5] C. Dong, G. Russello, and N. Dulay, “Shared and searchable encrypted data for untrusted servers,” in Journal of Computer Security, 2010.
[6] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in CCS ?06, 2006, pp. 89–98.
[7] M. Li, W. Lou, and K. Ren, “Data security and privacy in wireless body area networks,” IEEEWireless Communications Magazine, Feb. 2010.
[8] A. Boldyreva, V. Goyal, and V. Kumar, “Identity-based encryption with efficient revocation,” in ACM CCS, ser. CCS ?08, 2008, pp.417–426.
[9] L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker, “Ciphertext-policy attribute-based threshold decryption with flexible delegation and revocation of user attributes,” 2009.
[10] S. Yu, C. Wang, K. Ren, and W. Lou, “Attribute based data sharing with attribute revocation,” in ASIACCS?10, 2010.
Keywords
PHR, Attribute Based Encryption (ABE), Multi Authority Attribute Based Encryption (MAABE).
