Abstract

Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a well-received cryptographic primitive to securely share personal health records (PHRs) in mobile healthcare (mHealth). Nevertheless, traditional CP-ABE can not be directly deployed in mHealth. First, the attribute universe scale is bounded to the system security parameter and lack of scalability. Second, the sensitive data is encrypted, but the access policy is in the plaintext form. Last but not least, it is difficult to catch the malicious user who intentionally leaks his access privilege since that the same attributes mean the same access privilege. In this paper, we propose HTAC, a fine-grained access control scheme with partially hidden policy and white-box traceability. In HTAC, the system attribute universe is larger universe without any redundant restriction. Each attribute is described by an attribute name and an attribute value. The attribute value is embedded in the PHR ciphertext and the plaintext attribute name is clear in the access policy. Moreover, the malicious user who illegally leaks his (partial or modified) private key could be precisely traced. The security analysis and performance comparison demonstrate that HTAC is secure and practical for mHealth applications.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.