- 中国精品科技期刊
- CCF推荐A类中文期刊
- 计算领域高质量科技期刊T1类
| Citation: |
Wang Jingyi, Kan Haibin. Fine-Grained Policy-Hiding and Traceable Decentralized Access Control Scheme in mHealth[J]. Journal of Computer Research and Development, 2024, 61(6): 1525-1535. DOI: 10.7544/issn1000-1239.202330092
|
Wang Jingyi: born in 1999. Master candidate. Her research interests include attribute-based cryptography, blockchain, and privacy protection
Kan Haibin: born in 1971. PhD, professor, PhD supervisor. His main research interests include cryptography and information security, coding and information theory, algorithms and computational complexity, and blockchain
With the rapid development of Internet technology, the emergence of mobile health (mHealth) is expected to improve the quality of medical care. However, data security and user privacy issues in the mHealth field have not been fully resolved. The access control protocol based on ciphertext-policy attribute-based encryption (CP-ABE) is a promising technique for the sharing of personal health records (PHRs). However, direct adoption of the traditional CP-ABE in mHealth causes many problems. Firstly, centralized attribute authority has low ability to resist risks. Secondly, the access policies are in cleartext and leak the patient’s privacy in the encrypted PHRs. Finally, it is difficult for the traditional CP-ABE scheme to track down the user who intentionally discloses the private key. Therefore, to solve these problems, we propose a fine-grained policy-hiding and traceable decentralized access control in mHealth. This scheme implements a decentralized attribute authority mechanism. Each attribute is expressed by an attribute name and an attribute value. In the encryption phase, the attribute value is hidden in ciphertext and only generic attribute name is exposed. When the private key is maliciously leaked, the regulator can use the identity mapping table to trace the malicious user. Through experimental simulation and comparative analysis, our scheme is suitable for the actual mHealth environment in terms of security and performance.
| [1] |
Chen T S, Liu C H. Secure dynamic access control scheme of PHR in cloud computing[J]. Journal of Medical Systems, 2012, 36((2): ): 4005−4020
|
| [2] |
Li Ming, Yu Shucheng, Ren Kui, et al. Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings[C]//Proc of the 6th Int ICST Conf on Security and Privacy in Communication Networks. Berlin: Springer, 2010: 89−106
|
| [3] |
Zhang Leyou, Hu Gongcheng, Mu Yi, et al. Hidden ciphertext policy attribute-based encryption with fast decryption for personal health record system[J]. IEEE Access, 2019, 7: 33202−33213 doi: 10.1109/ACCESS.2019.2902040
|
| [4] |
Wang Changji, Liu Xuan, Li Wentao. Implementing a personal health record cloud platform using ciphertext-policy attribute-based encryption[C]//Proc of the 4th Int Conf on Intelligent Networking and Collaborative Systems. Piscataway, NJ : IEEE, 2012: 8−14
|
| [5] |
Sun Jianfei, Xiong Hu, Liu Ximeng, et al. Lightweight and privacy-aware fine-grained access control for IoT-oriented smart health[J]. IEEE Internet of Things Journal, 2020, 7(7): 6566−6575 doi: 10.1109/JIOT.2020.2974257
|
| [6] |
Sahai A, Waters B. Fuzzy identity-based encryption[C]//Proc of the 24th Annual Int Conf on the Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2005: 457−473
|
| [7] |
Goyal V, Pandey O, Sahai A, et al. Attribute-based encryption for fine-grained access control of encrypted data[C]//Proc of the 13th ACM Conf on Computer and Communications Security. New York: ACM, 2006: 89−98
|
| [8] |
Wei Pengcheng, Wang Dahu, Zhao Yu, et al. Blockchain data-based cloud data integrity protection mechanism[J]. Future Generation Computer Systems, 2020, 102: 902−911 doi: 10.1016/j.future.2019.09.028
|
| [9] |
Zikratov I, Kuzmin A, Akimenko V, et al. Ensuring data integrity using blockchain technology[C]//Proc of the 20th Conf of Open Innovations Association (FRUCT). Piscataway, NJ : IEEE, 2017: 534−539
|
| [10] |
陈泽宁,张亮,张双俊,等. 基于区块链和去中心属性密码的访问控制身份方案[J]. 中国科学:信息科学,2021,51(8):1345−1359 doi: 10.1360/SSI-2020-0048
Chen Zening, Zhang Liang, Zhang Shuangjun, et al. Access control scheme on blockchain and decentralized attributed-based algorithm with identity[J]. SCIENTIA SINICA Informationis, 2021, 51(8): 1345−1359(in Chinese) doi: 10.1360/SSI-2020-0048
|
| [11] |
方宁,刘百祥,阚海斌. 基于区块链和去中心可追踪属性签名的可控匿名认证方案[J]. 中国科学:信息科学,2021,51(10):1706−1720 doi: 10.1360/SSI-2021-0018
Fang Ning, Liu Baixiang, Kan Haibin. Controllable anonymous authentication scheme based on blockchain and decentralized traceable attribute-based signature[J]. SCIENTIA SINICA Informationis, 2021, 51(10): 1706−1720(in Chinese) doi: 10.1360/SSI-2021-0018
|
| [12] |
袁和昕,刘百祥,阚海斌,等. 基于区块链和去中心不可否认属性签名的分布式公钥基础设施方案[J]. 中国科学:信息科学,2022,52(6):1135−1148
Yuan Hexin, Liu Baixiang, Kan Haibin, et al. Distributed public key infrastructure scheme based on blockchain and decentralized undeniable attribute-based signature[J]. SCIENTIA SINICA Informationis, 2022, 52((6): ): 1135−1148(in Chinese)
|
| [13] |
Banerjee S, Bera B, Das A K, et al. Private blockchain-envisioned multi-authority CP-ABE-based user access control scheme in IIoT[J]. Computer Communications, 2021, 169: 99−113 doi: 10.1016/j.comcom.2021.01.023
|
| [14] |
Katz J, Sahai A, Waters B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[C]//Proc of the 27th Annual Int Conf on the Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2008: 146−162
|
| [15] |
Lai Junzuo, Deng R H, Li Yingjun. Expressive CP-ABE with partially hidden access structures[C]//Proc of the 7th ACM Symp on Information, Computer and Communications Security. New York: ACM, 2012: 18−19
|
| [16] |
Zhang Yinghui, Zheng Dong, Deng R H. Security and privacy in smart health: Efficient policy-hiding attribute-based access control[J]. IEEE Internet of Things Journal, 2018, 5(3): 2130−2145 doi: 10.1109/JIOT.2018.2825289
|
| [17] |
Li Qi, Zhang Yinghui, Zhang Tao, et al. HTAC: Fine-grained policy-hiding and traceable access control in mHealth[J]. IEEE Access, 2020, 8: 123430−123439 doi: 10.1109/ACCESS.2020.3004897
|
| [18] |
Boneh D, Goh E J, Nissim K. Evaluating 2-DNF formulas on ciphertexts[C]//Proc of the 2nd Theory of Cryptography Conf. Berlin: Springer, 2005: 325−341
|
| [19] |
Beimel A. Secure schemes for secret sharing and key distribution[D/OL].1996[2022-11-06].https://www.cs.bgu.ac.il/~beimel/Papers/thesis.pdf
|
| [20] |
Shamir A. How to share a secret[J]. Communications of the ACM, 1979, 22(11): 612−613 doi: 10.1145/359168.359176
|
| [21] |
Blakley G R. Safeguarding cryptographic keys[C]//Proc of 1979 Int Workshop on Managing Requirements Knowledge. Los Alamitos, CA: IEEE Computer Society, 1979: 313−313
|
| [22] |
Pedersen T P. A threshold cryptosystem without a trusted party[C]//Proc of the 10th Workshop on the Theory and Application of Cryptographic Techniques Brighton. Berlin: Springer, 1991: 522−526
|
| [23] |
Phuong T V X, Yang G, Susilo W. Hidden ciphertext policy attribute-based encryption under standard assumptions[J]. IEEE Transactions on Information Forensics and Security, 2015, 11(1): 35−45
|
| [24] |
Rouselakis Y, Waters B. Practical constructions and new proof methods for large universe attribute-based encryption[C]//Proc of the 2013 ACM SIGSAC Conf on Computer & Communications Security. New York: ACM, 2013: 463−474
|
| [1] | Zhang Hengshan, Gao Yukun, Chen Yanping, Wang Zhongmin. Clustering Ensemble Algorithm with Cluster Connection Based on Wisdom of Crowds[J]. Journal of Computer Research and Development, 2018, 55(12): 2611-2619. DOI: 10.7544/issn1000-1239.2018.20180575 |
| [2] | Zhou Jun, Li Huawei, Wang Tiancheng, Li Xiaowei. A Lightweight Fine-Grained Fault-Tolerant Scheme for 3D Networks-on-Chip[J]. Journal of Computer Research and Development, 2016, 53(2): 341-353. DOI: 10.7544/issn1000-1239.2016.20148436 |
| [3] | Yuan Xinpan, Long Jun, Zhang Zuping, Luo Yueyi, Zhang Hao, and Gui Weihua. Connected Bit Minwise Hashing[J]. Journal of Computer Research and Development, 2013, 50(4): 883-890. |
| [4] | Liu Xiaozhu, Peng Zhiyong. On-Line Dynamic Index Hybrid Update Scheme Based on Self-Learning of Allocated Space[J]. Journal of Computer Research and Development, 2012, 49(10): 2118-2130. |
| [5] | Qi Shubo, Li Jinwen, Yue Daheng, Zhao Tianlei, and Zhang Minxuan. Adaptive Buffer Management for Leakage Power Optimization in NoC Routers[J]. Journal of Computer Research and Development, 2011, 48(12): 2400-2409. |
| [6] | Li Zhi, Zha Xuanyue, Liu Fengyu, and Zhang Hong. Indexing Based Multi-Level Clustering Routing Algorithm in Public Transportation Delay Tolerant Networks[J]. Journal of Computer Research and Development, 2011, 48(3): 407-414. |
| [7] | Tang Mingdong, Zhang Guoqing, Yang Jing. Graph Embedding-Based Scalable Routing in Large Networks[J]. Journal of Computer Research and Development, 2010, 47(7): 1225-1233. |
| [8] | Jiang Xuefeng, Heng Xingchen, Qin Zheng, Shao Liping. Efficient Extension Join Algorithm for Querying XML Data Based on Index Techniques[J]. Journal of Computer Research and Development, 2008, 45(6). |
| [9] | Yu Yaxin, Wang Guoren, Zhang Haining, and Li Jianxin. An Index for Supporting XML Structural Join Efficiently and Effectively—CATI[J]. Journal of Computer Research and Development, 2007, 44(1): 111-118. |
| [10] | Liao Wei, Xiong Wei, Jing Ning, Chen Hongsheng, and Zhong Zhinong. Hybrid Indexing of Moving Objects with Frequent Updates[J]. Journal of Computer Research and Development, 2006, 43(5): 888-893. |
微信订阅号
(实时资讯)
微信服务号
(同步网站)
微信视频号
(视频分享)
CCF
(扫码入会)
Copyright © Editorial Department of Computer Research and Development
Supported by: Beijing Renhe Information Technology Co.,
Ltd. 
DownLoad: