More Web Proxy on the site http://driver.im/

article

Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain

Authors:

Yujiao SongAuthors Info & Claims

Journal of Medical Systems, Volume 42, Issue 8

Pages 1 - 9

https://doi.org/10.1007/s10916-018-0994-6

Published: 01 August 2018 Publication History

Abstract

To achieve confidentiality, authentication, integrity of medical data, and support fine-grained access control, we propose a secure electronic health record (EHR) system based on attribute-based cryptosystem and blockchain technology. In our system, we use attribute-based encryption (ABE) and identity-based encryption (IBE) to encrypt medical data, and use identity-based signature (IBS) to implement digital signatures. To achieve different functions of ABE, IBE and IBS in one cryptosystem, we introduce a new cryptographic primitive, called combined attribute-based/identity-based encryption and signature (C-AB/IB-ES). This greatly facilitates the management of the system, and does not need to introduce different cryptographic systems for different security requirements. In addition, we use blockchain techniques to ensure the integrity and traceability of medical data. Finally, we give a demonstrating application for medical insurance scene.

References

[1]

Akinyele, J.A., Pagano, M.W., Green, M.D., Lehmann, C.U., Peterson, Z.N.J., and Rubin, A.D.: Securing electronic medical records using attribute-based encryption on mobile devices. In: SPSM'11, Proceedings of the 1st ACM Workshop Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2011, October 17, 2011. Chicago, pp. 75---86, 2011

Digital Library

[2]

Alema?n, J.L.F., Sen?or, I.C., Lozoya, P.O., and Toval, A., Security and privacy in electronic health records: A systematic literature review. J. Biomed. Inform. 46(3):541---562, 2013.

[3]

Alshehri, S., Radziszowski, S.P., and Raj, R.K.: Secure access for healthcare data in the cloud using ciphertext-policy attribute-based encryption. In: Workshops Proceedings of the IEEE 28th International Conference on Data Engineering, ICDE 2012, Arlington, VA, USA, April 1-5, 2012, pp. 143---146, 2012

Digital Library

[4]

Boneh, D., and Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004, Proceedings, pp. 223---238, 2004

[5]

Boneh, D., and Franklin, M.K.: Identity-based encryption from the weil pairing. In: Advances in Cryptology - CRYPTO 2001, 21st Annual International Cryptology Conference, Santa Barbara, California, USA, August 19-23, 2001, Proceedings, pp. 213---229, 2001

Digital Library

[6]

Boyen, X.: Multipurpose identity-based signcryption (A swiss army knife for identity-based cryptography). In: Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings, pp. 383---399, 2003

[7]

Boyen, X.: Identity-based signcryption. In: Practical Signcryption, pp. 195---216, 2010

[8]

Chen, C., Chen, J., Lim, H.W., Zhang, Z., and Feng, D.: Combined public-key schemes: The case of ABE and ABS. In: Provable Security - 6th International Conference, ProvSec 2012, Chengdu, China, September 26-28, 2012. Proceedings, pp. 53---69, 2012

Digital Library

[9]

Dong, C, Wang, Y., Aldweesh, A., McCorry, P., and van Moorsel, A.: Betrayal, distrust, and rationality: Smart counter-collusion contracts for verifiable cloud computing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pp. 211---227, 2017

Digital Library

[10]

Gentry, C., and Silverberg, A.: Hierarchical id-based cryptography. In: Advances in Cryptology - ASIACRYPT 2002, 8th International Conference on the Theory and Application of Cryptology and Information Security, Queenstown, New Zealand, December 1-5, 2002, Proceedings, pp. 548---566, 2002

Digital Library

[11]

Goroll, A.H., Simon, S.R., Tripathi, M., Ascenzo, C., and Bates, D.W., Case report: Community-wide implementation of health information technology: The massachusetts ehealth collaborative experience. JAMIA 16 (1):132---139, 2009.

[12]

Goyal, V., Pandey, O., Sahai, A., and Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30 - November 3, 2006, pp. 89---98, 2006

Digital Library

[13]

Ha?yrinen, K., Saranto, K., and Nyka?nen, P., Definition, structure, content, use and impacts of electronic health records: A review of the research literature. I. J. Med. Inf. 77(5):291---304, 2008.

[14]

Hohenberger, S., and Waters, B.: Online/offline attribute-based encryption. In: Public-Key Cryptography - PKC 2014 - 17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26-28, 2014. Proceedings, pp. 293---310, 2014

Digital Library

[15]

Huang, H., Chen, X., Qianhong, W., Huang, X., and Shen, J., Bitcoin-based fair payments for outsourcing computations of fog devices. Fut. Gen. Comp. Syst. 78:850---858, 2018.

Digital Library

[16]

Krist, A.H., Peele, E., Woolf, S.H., Rothemich, S.F., Loomis, J.F., Longo, D.R., and Kuzel, A.J., Designing a patient-centered personal health record to promote preventive care. BMC Med Inf. .Decis. Making 11: 73, 2011.

[17]

Lewko, A.B., and Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Theory of Cryptography, 7th Theory of Cryptography Conference, TCC 2010, Zurich, Switzerland, February 9-11, 2010. Proceedings, pp. 455---479, 2010

Digital Library

[18]

Lewko, A.B., and Waters, B.: New proof methods for attribute-based encryption Achieving full security through selective techniques. In: Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2012. Proceedings, pp. 180---198, 2012

Digital Library

[19]

Li, M., Yu, S., Ren, K., and Lou, W.: Securing personal health records in cloud computing Patient-centric and fine-grained data access control in multi-owner settings. In: Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Singapore, September 7-9, 2010. Proceedings, pp. 89---106, 2010

[20]

Li, M., Yu, S., Zheng, Y., Ren, K., and Lou, W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1):131---143, 2013.

Digital Library

[21]

Li, X., Ibrahim, M.H., Kumari, S., Sangaiah, A.K., Gupta, V., and Choo, K.-K. R., Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput. Netw. 129:429---443, 2017.

Digital Library

[22]

Li, X., Niu, J., Kumari, S., Wu, F., and Choo, K.-K. R., A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Fut. Gen. Comp. Syst. 83:607---618, 2018.

Digital Library

[23]

Li, X., Niu, J., Liao, J., and Liang, W., Cryptanalysis of a dynamic identity-based remote user authentication scheme with verifiable password update. Int. J. Commun. Syst. 28(2):374---382, 2015.

Digital Library

[24]

McCorry, P., Shahandashti, S.F., and Hao, F.: A smart contract for boardroom voting with maximum voter privacy. In: Financial Cryptography and Data Security - 21st International Conference, FC 2017, Sliema, Malta, April 3-7, 2017, Revised Selected Papers, pp. 357---375, 2017

[25]

Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, 2008

[26]

Paterson, K.G., and Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Information Security and Privacy, 11th Australasian Conference, ACISP 2006, Melbourne, Australia, July 3-5, 2006, Proceedings, pp. 207---222, 2006

Digital Library

[27]

Bo, Q., Deng, H., Wu, Q., Domingo-Ferrer, J., Naccache, D., and Zhou, Y., Flexible attribute-based encryption applicable to secure e-healthcare records. Int. J. Inf. Sec. 14(6):499---511, 2015.

Digital Library

[28]

Sahai, A., and Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, pp. 457---473, 2005

Digital Library

[29]

Shamir, A.: Identity-based cryptosystems and signature schemes. In: Advances in Cryptology, Proceedings of CRYPTO '84, Santa Barbara, California, USA, August 19-22, 1984, Proceedings, pp. 47---53, 1984

Digital Library

[30]

Underwood, S., Blockchain beyond bitcoin. Commun. ACM 59(11):15---17, 2016.

Digital Library

[31]

Wang, H., He, D., Shen, J., Zheng, Z., Yang, X., and Au, M.H., Fuzzy matching and direct revocation: a new CP-ABE scheme from multilinear maps. Soft Comput. 22(7):2267---2274, 2018.

Digital Library

[32]

Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., and Zhao, M., Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput. 21(24):7325---7335, 2017.

Digital Library

[33]

Wang, H., Zheng, Z., Wu, L., and He, D., New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems. J. High Speed Netw. 22(2):153---167, 2016.

[34]

Wang, H., Zheng, Z., Wu, L., and Li, P., New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Clust. Comput. 20(3):2385---2392, 2017.

Digital Library

[35]

Wang, Z., Zhang, H., Song, X., and Zhang, H., Consensus problems for discrete-time agents with communication delay. Int. J. Control Autom. Syst. 15(4):1515---1523, 2017.

[36]

Waters, B.: Efficient identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, pp. 114---127, 2005

Digital Library

[37]

Waters, B: Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings, pp. 619---636, 2009

Digital Library

[38]

Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings, pp. 53---70, 2011

Digital Library

[39]

Yan, H., Li, X., and Li, J.: Secure personal health record system with attribute-based encryption in cloud computing. In: 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, Guangdong, China, November 8-10, 2014, pp. 329---332, 2014

Digital Library

[40]

Yue, X., Wang, H., Jin, D., Li, M., and Jiang, W., Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 40(10):218,1---218,8, 2016.

Digital Library

Cited By

Kapil GKumar NMourya AKumar V(2025)Securing big healthcare data using attribute and honey-based encryption in cloud environmentThe Journal of Supercomputing10.1007/s11227-024-06535-681:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11227-024-06535-6
Gope PLin ZYang YNing J(2024)E-TenonJournal of Computer Security10.3233/JCS-22009732:4(319-348)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/JCS-220097
Punia AGulia PGill NIbeke EIwendi CShukla P(2024)A systematic review on blockchain-based access control systems in cloud environmentJournal of Cloud Computing: Advances, Systems and Applications10.1186/s13677-024-00697-713:1Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1186/s13677-024-00697-7
Show More Cited By

Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain

Recommendations

Attribute-based signcryption scheme based on linear codes

Compared with traditional schemes in which encryption follows a signature, the attribute-based signcryption (ABSC) scheme not only costs less both in terms of both computation and communication but also provides message confidentiality, ensures the ...
One Secure Attribute-Based Proxy Signature

Attribute-based cryptography has drawn much attention due to its unique advantages and has gained many achievements over the years. Proxy signature allows that people need to delegate some of their signing rights to a reliable agent (that is, a proxy ...
Secure, efficient and revocable multi-authority access control system in cloud storage

A multi-authority attribute-based access control system for cloud storage is proposed.An adaptively secure multi-authority CP-ABE (MA-CP-ABE) scheme in the standard model.A decryption outsourcing method for the proposed MA-CP-ABE scheme.An attribute-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Medical Systems

Journal of Medical Systems Volume 42, Issue 8

August 2018

354 pages

ISSN:0148-5598

Issue’s Table of Contents

Copyright © Copyright © 2018 Springer Science+Business Media, LLC, part of Springer Nature.

Publisher

Plenum Press

United States

Publication History

Published: 01 August 2018

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

41
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Kapil GKumar NMourya AKumar V(2025)Securing big healthcare data using attribute and honey-based encryption in cloud environmentThe Journal of Supercomputing10.1007/s11227-024-06535-681:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11227-024-06535-6
Gope PLin ZYang YNing J(2024)E-TenonJournal of Computer Security10.3233/JCS-22009732:4(319-348)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.3233/JCS-220097
Punia AGulia PGill NIbeke EIwendi CShukla P(2024)A systematic review on blockchain-based access control systems in cloud environmentJournal of Cloud Computing: Advances, Systems and Applications10.1186/s13677-024-00697-713:1Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1186/s13677-024-00697-7
S. VM. PS. NMartinson E(2024)An Efficient Secure Sharing of Electronic Health Records Using IoT-Based Hyperledger BlockchainInternational Journal of Intelligent Systems10.1155/2024/69952022024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1155/2024/6995202
Zhao ZYu XMa Z(2024)Attribute encryption based blockchain electronic medical record traceability methodProceedings of the 2024 3rd International Conference on Cryptography, Network Security and Communication Technology10.1145/3673277.3673281(17-24)Online publication date: 19-Jan-2024
https://dl.acm.org/doi/10.1145/3673277.3673281
Nowrozy RAhmed KKayes AWang HMcIntosh T(2024)Privacy Preservation of Electronic Health Records in the Modern Era: A Systematic SurveyACM Computing Surveys10.1145/365329756:8(1-37)Online publication date: 26-Apr-2024
https://dl.acm.org/doi/10.1145/3653297
Wang CWu WChen FShu HZhang JZhang YWang TXie DZhao C(2024)A Blockchain-Based Trustworthy Access Control Scheme for Medical Data SharingIET Information Security10.1049/2024/55595222024Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1049/2024/5559522
Mishra GKhanduja V(2024)Secure Telemedicine Providing Computer-Aided Diagnosis: A Systematic Review and AnalysisSN Computer Science10.1007/s42979-024-02923-05:5Online publication date: 1-Jun-2024
https://dl.acm.org/doi/10.1007/s42979-024-02923-0
Barman SChattopadhyay SSamanta D(2024)A Lightweight Authentication Protocol for a Blockchain-Based Off-Chain Medical Data Access in Multi-server EnvironmentSN Computer Science10.1007/s42979-024-02660-45:3Online publication date: 27-Feb-2024
https://dl.acm.org/doi/10.1007/s42979-024-02660-4
Nasr Esfahani MGhahfarokhi BEtemadi Borujeni S(2024)Blockchain-based end-to-end privacy-preserving scheme for IoT-based healthcare systemsThe Journal of Supercomputing10.1007/s11227-023-05522-780:2(2067-2127)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1007/s11227-023-05522-7
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents