Security and privacy issues in electronic health network

Abstract

Electronic health network (EHN) is an information system providing functions involved in e-health. In this paper, we devise mechanisms covering three important security and privacy issues of EHN including trust management, privacy preserving, and data sharing. First, we propose an authenticated key agreement scheme based on hierarchical identity-based signature (HIBS). We abstract a hierarchical architecture from the social network architecture of EHN. To support large-scale scenarios, we introduce a virtual signature generation phase into traditional HIBS, thus our scheme will be efficient even the depth is quite big. Second, we propose a fast data searching scheme based on symmetric searchable encryption (SSE). To improve the searching efficiency, we introduce a two-level cache structure into the traditional SSE. Third, we propose an access control scheme based on hierarchical identity-based encryption (HIBE). To make it a fine-grained scheme, we organize the data owner’s file in hierarchy and introduce a virtual key generation phase to traditional HIBE. Also, the scheme can provide delegation and revocation functions easily. Besides, our schemes guarantee known-key secrecy, forward secrecy, and antidirection secrecy and possess the resistance capability to collude-attack. Evaluation results show that our scheme indeed achieves the security and efficiency.