TY - JOUR
T1 - Lavida
T2 - Large-Universe, Verifiable, and Dynamic Fine-Grained Access Control for E-Health Cloud
AU - Zhao, Jun
AU - Zhang, Kai
AU - Gong, Junqing
AU - Qian, Haifeng
N1 - Publisher Copyright:
© 2005-2012 IEEE.
PY - 2024
Y1 - 2024
N2 - Electronic healthcare (E-health) cloud system enables electronic health records (EHRs) sharing and improves efficiency of diagnosis and treatment. In order to address EHRs confidentiality and authorized user access control in E-health cloud, attribute-based proxy re-encryption (ABPRE) has been widely employed which provides dynamic fine-grained access control over encrypted EHRs. Unfortunately, existing ABPRE schemes still have the following defects: 1) capacity of attribute-universe is defined at setup; 2) verifiable mechanism for re-encryption reveals EHRs about patients; 3) traditional access policy reveals sensitive information pertaining to patients. This paper focuses on these issues and presents large-universe, verifiable and privacy-preserving dynamic fine-grained access control scheme for E-health cloud. More details, we solve limitation of attribute-universe to large-universe, which means that attributes aren't required to be enumerated at setup. Considering disclosure of underlying EHRs in verifiable mechanism, scheme introduces non-interactive zero-knowledge proof as verifiable mechanism that supports public validation and doesn't leak EHRs of patients. Furthermore, partially hidden policy is employed to protect privacy of patients in policy, which divides attribute into attribute name and attribute value, displaying attribute name and hiding attribute value. Finally, experimental evaluation is given that demonstrates the more comprehensive functionality of our scheme without sacrificing significant computational overhead.
AB - Electronic healthcare (E-health) cloud system enables electronic health records (EHRs) sharing and improves efficiency of diagnosis and treatment. In order to address EHRs confidentiality and authorized user access control in E-health cloud, attribute-based proxy re-encryption (ABPRE) has been widely employed which provides dynamic fine-grained access control over encrypted EHRs. Unfortunately, existing ABPRE schemes still have the following defects: 1) capacity of attribute-universe is defined at setup; 2) verifiable mechanism for re-encryption reveals EHRs about patients; 3) traditional access policy reveals sensitive information pertaining to patients. This paper focuses on these issues and presents large-universe, verifiable and privacy-preserving dynamic fine-grained access control scheme for E-health cloud. More details, we solve limitation of attribute-universe to large-universe, which means that attributes aren't required to be enumerated at setup. Considering disclosure of underlying EHRs in verifiable mechanism, scheme introduces non-interactive zero-knowledge proof as verifiable mechanism that supports public validation and doesn't leak EHRs of patients. Furthermore, partially hidden policy is employed to protect privacy of patients in policy, which divides attribute into attribute name and attribute value, displaying attribute name and hiding attribute value. Finally, experimental evaluation is given that demonstrates the more comprehensive functionality of our scheme without sacrificing significant computational overhead.
KW - E-health cloud
KW - attribute-based proxy re-encryption
KW - large-universe
KW - partially hidden policy
KW - verifiability
UR - https://www.scopus.com/pages/publications/85182388089
U2 - 10.1109/TIFS.2024.3350925
DO - 10.1109/TIFS.2024.3350925
M3 - 文章
AN - SCOPUS:85182388089
SN - 1556-6013
VL - 19
SP - 2732
EP - 2745
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
ER -