Abstract
The rapid development of communication technologies, the network, advanced computing methods and wireless medical sensors gives rise to a modern medical system. In this system, large-scale electronic health records (EHRs) are often outsourced to be stored at the third parties, such as cloud service providers (CSPs). However, CSPs are not trustworthy, that is, serious security and privacy concerns about cloud service exist because it may expose the user's sensitive data to CSPs or unauthorized users in transmission, storage and sharing. To prevent the privacy disclosure of patients better and realize information sharing more effectively, this paper proposes an anonymous EHRs sharing scheme based on decentralized hierarchical attribute-based encryption (ABE). In the proposed scheme, (1) Multiple attribute authority (AA) ABE is leveraged to achieve fine-grained and scalable data access control and avoid bottleneck. Meanwhile, hierarchical access tree is used to encrypt multiple files in one operation, thereby saving calculation and storage load greatly. Moreover, the hidden access policy enhances user privacy protection. (2) The global identifier (GID) of a user is introduced to resist the collusion attack of users. Subsequently, an anonymous key generation mechanism is equipped to prevent multiple AAs from building a full profile using the user's GID. (3) To ensure the correctness and integrity of EHRs, users can conduct double verification based on the verification tag and convergent key. Finally, the efficiency analysis and experiments show that the scheme meets the security requirements of key management and privacy preservation in cloud and is proven secure and efficient in practice under the decisional bilinear Diffie-Hellman (DBDH) assumption.
Highlights
With the rapid development of science and technology, sensors, data processors and communication monitor devices are widely used in our daily life
An anonymous key generation mechanism is equipped to prevent multiple attribute authority (AA) from building a full profile using the user’s global identifier (GID). (3) To ensure the correctness and integrity of electronic health records (EHRs), users can conduct double verification based on the verification tag and convergent key
The hidden access policy improves the confidentiality of shared EHRs; (4) Data users can make a double verification of ciphertext to ensure its correctness and integrity
Summary
With the rapid development of science and technology, sensors, data processors and communication monitor devices are widely used in our daily life. The main contributions of our protocol are listed as follows: (1) The scheme supports anonymous interaction between the user and the AA to generate private keys for the user, which can avoid the key escrow attack of dishonest attribute authority; (2) Decentralized multi-authority is introduced to solve the bottleneck and monopoly of centralized authority, and the global identifier GID is introduced to resist collusion attacks; (3) The use of hierarchical access tree structure to encrypt multiple files at a time provides fine-grained access control and improves the encryption efficiency and greatly saves storage space. Wang et al [21] proposed an ABE scheme based on file hierarchical in cloud computing This scheme only has one CA manages the key and there is no policy hiding, which is easy to cause dishonest attribute authority key escrow attack and the disclosure of user privacy
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
