Abstract
With the maturity of technologies such as Internet of Things (IoT) and Cloud Computing, more and more medical institutions share patient’s medical data in the IoT-connected healthcare system, whereas it also brings hidden dangers to data security and privacy protection. The application of Hierarchical Attribute-Based Encryption (HABE) in IoT-connected healthcare system helps to solve the problem of data sharing with a large number of users. Delegation is a function of HABE, which can realize the transfer of hierarchical user access rights, effectively reducing the workload of the trusted authority. However, when “delegation” is used to generate decryption keys for users who do not comply with the access structure, the “key-delegation abuse” problem arises, which can seriously damage the privacy of patient’s data. Nevertheless, it has not attracted much attention in previous research. This paper proposes the problem of key-delegation abuse in Ciphertext-Policy Hierarchical Attribute-Based Encryption (CP-HABE). After the cryptanalysis of typical schemes, we conclude two reasons for key-delegation abuse in CP-HABE, which are randomizing the original key elements or keeping parts of them in a new decryption key. This paper proposes a new mechanism specifically by using directed graph and construct a CP-HABE scheme against key-delegation abuse (CP-HABE-AKDA). Aiming at the scenario of key leaking, we further present the traceable CP-HABE-AKDA solution for the IoT-connected healthcare system, which has the additional function of tracking and verifying the identity of key leaker.
Highlights
As one of the most potent communication paradigms, the Internet of Things (IoT) connects many objects to the Internet together
We present a CP-Hierarchical AttributeBased Encryption (HABE)-AKDA scheme with white-box traceability for the IoT-connected healthcare system
In this paper, we focus on the issue of key-delegation in the HABE scheme and propose the key-delegation abuse problem in Ciphertext-Policy Hierarchical Attribute-Based Encryption (CP-HABE), which could severely affect the data security when adopted in IoT-connected healthcare system
Summary
As one of the most potent communication paradigms, the Internet of Things (IoT) connects many objects (such as sensors, vehicles, houses and devices) to the Internet together. A. MOTIVATIONS In order to deploy the CP-HABE scheme in IoT-connected healthcare system, besides implementing hierarchical access control on encrypted EHR, it is essential to reduce the heavy key management workload of root authority. B. CONTRIBUTIONS Aiming at the above problems, we construct a ciphertextpolicy hierarchical attribute-based encryption scheme against key-delegation abuse (CP-HABE-AKDA). Taking the IoTconnected healthcare system as the application case, we present a traceable CP-HABE-AKDA scheme for the scenario where a user discloses the private key. When applied to IoT-connected healthcare systems, the solution will significantly reduce the amount of workload for the root authority, which is associated with multiple IoT devices and users, achieving the scalability of the system. We further study the strategy of tracking malicious user’ identity under the key leak scenario and propose a traceable CP-HABE-AKDA solution for IoT-connected healthcare system. If a key is compromised, the identity of the key holder can verifiably be traced
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
