Flexible attribute-based encryption applicable to secure e-healthcare records | International Journal of Information Security Skip to main content

Advertisement

Springer Nature Link
Log in

Flexible attribute-based encryption applicable to secure e-healthcare records

  • Special Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

In e-healthcare record systems (EHRS), attribute-based encryption (ABE) appears as a natural way to achieve fine-grained access control on health records. Some proposals exploit key-policy ABE (KP-ABE) to protect privacy in such a way that all users are associated with specific access policies and only the ciphertexts matching the users’ access policies can be decrypted. An issue with KP-ABE is that it requires an a priori formulation of access policies during key generation, which is not always practicable in EHRS because the policies to access health records are sometimes determined after key generation. In this paper, we revisit KP-ABE and propose a dynamic ABE paradigm, referred to as access policy redefinable ABE (APR-ABE). To address the above issue, APR-ABE allows users to redefine their access policies and delegate keys for the redefined ones; hence, a priori precise policies are no longer mandatory. We construct an APR-ABE scheme with short ciphertexts and prove its full security in the standard model under several static assumptions.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Japan)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Attrapadung, N., Libert, B., De Panafieu, E.: Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts. PKC 2011. LNCS 6571, pp. 90–108. Springer (2011)

  2. Beimel, A.: Secure Schemes for Secret Sharing and Key Distribution. Ph.D. thesis, Israel Institute of Technology, Technion, Haifa, Israel (1996)

  3. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In IEEE Symposium on Security and Privacy, 2007, pp. 321–334. IEEE Press (2007)

  4. Boneh, D., Boyen, X., Goh, E.: Hierarchical Identity Based Encryption with Constant Size Ciphertex. EUROCRYPT 2005. LNCS 3493, pp. 440-456. Springer (2005)

  5. Boneh, D., Goh E., Nissim, K.: Evaluating 2-DNF Formulas on Ciphertexts. TCC 2005. LNCS 3378, pp. 325–341. Springer (2005)

  6. Boneh, D., Nikolaenko, V., Segev G.: Attribute-Based Encryption for Arithmetic Circuits. Cryptology ePrint Archive, Report 2013/669. https://eprint.iacr.org/2013/669 (2013)

  7. Deng, H., Wu, Q., Qin, B., Domingo-Ferrer, J., Zhang, L., Liu, J., Shi, W.: Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf. Sci. 275, 370–384 (2014)

    Article  MathSciNet  Google Scholar 

  8. Deng, H., Wu, Q., Qin, B., Mao, J., Liu, X., Zhang, L., Shi, W.: Who is Touching my Cloud. ESORICS 2014, LNCS 8712, pp. 362–379. Springer (2014)

  9. Goyal, V., Jain, A., Pandey, O., Sahai, A.: Bounded Ciphertext Policy Attribute Based Encryption. ICALP 2008. LNCS 5126, pp. 579–591. Springer (2008)

  10. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data. ACM CCS 2006, pp. 89–98. ACM Press (2006)

  11. Hohenberger, S., Waters, B.: Attribute-Based Encryption with Fast Decryption. PKC 2013. LNCS 7778, pp. 162–179. Springer (2013)

  12. Hur, J.: Fine-grained data access control for distributed sensor networks. Wirel. Netw. 17(5), 1235–1249 (2011)

    Article  Google Scholar 

  13. Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B.: Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption. EUROCRYPT 2010. LNCS 6110, pp. 62–91. Springer (2010)

  14. Lewko, A., Waters, B.: New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts. TCC 2010. LNCS 5978, pp. 455–479. Springer (2010)

  15. Lewko, A., Waters, B.: Unbounded HIBE and Attribute-Based Encryption. EUROCRYPT 2011. LNCS 6632, pp. 547–567. Springer (2011)

  16. Li, J., Wang, Q., Wang, C., Ren, K.: Enhancing Attribute-Based Encryption with Attribute Hierarchy. ChinaCom 2009, pp. 1–5. IEEE Press (2009)

  17. Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013)

    Article  Google Scholar 

  18. Liang, X., Barua, M., Lu, R., Lin, X., Shen, X.S.: HealthShare: achieving secure and privacy-preserving health information sharing through health social networks. Comput. Commun. 35(15), 1910–1920 (2012)

    Article  Google Scholar 

  19. Liu, W., Liu, J., Wu, Q., Qin, B., Zhou, Y.: Practical Direct Chosen Ciphertext Secure Key-Policy Attribute-Based Encryption with Public Ciphertext Test. ESORICS 2014, LNCS 8713, pp. 91–108. Springer (2014)

  20. Rouselakis, Y., Waters, B.: Practical Constructions and New Proof Methods for Large Universe Attribute-based Encryption. ACM CCS 2013, pp. 463–474. ACM Press (2013)

  21. Sahai, A., Waters, B.: Fuzzy Identity-Based Encryption. EUROCRYPT 2005. LNCS 3494, pp. 457–473. Springer (2005)

  22. Wang, Y., Wu, Q., Wong, D.S., Qin, B., Chow, S.S.M., Liu, Z., Tan., X.: Securely Outsourcing Exponentiations with Single Untrusted Program for Cloud Storage. ESORICS 2014, LNCS 8712, pp. 326–343. Springer (2014)

  23. Waters, B.: Dual System Encryption: Realizing Fully Secure IBE and HIBE Under Simple Assumptions. CRYPTO 2009. LNCS 5677, pp. 619–636. Springer (2009)

  24. Waters, B.: Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization. PKC 2011. LNCS 6571, pp. 53–70. Springer (2011)

  25. Wan, Z., Liu, J., Deng, R.H.: HASBE: a hierarchical attribute-based solution for flexible and scalable access control in cloud computing. IEEE Trans. Inf. Forensics Secur. 7(2), 743–754 (2012)

    Article  Google Scholar 

  26. Yu, S., Ren, K., Lou, W.: FDAC: toward fine-grained distributed data access control in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. 22(4), 673–686 (2011)

    Article  Google Scholar 

Download references

Acknowledgments

We thank the anonymous reviewers for their valuable suggestions. The following funding sources are gratefully acknowledged: China National Key Basic Research Program (973 Program, Project 2012CB315905), Natural Science Foundation of China (Projects 61370190, 61173154, 61272501, 61402029, 61202465 and 61472429), Beijing Natural Science Foundation (Projects 4132056 and 4122041), Fundamental Research Funds for the Central Universities of China, Research Funds of Renmin University (No. 14XNLF02), European Commission (Projects FP7 “DwB”, FP7 “Inter-Trust” and H2020 “CLARUS”) and Spanish Govt. (Project TIN2011-27076-C03-01), Govt. of Catalonia (ICREA Acadèmia Prize to the fourth author).

Author information

Authors and Affiliations

  1. Key Laboratory of Data Engineering and Knowledge Engineering, Ministry of Education, School of Information, Renmin University of China, No. 59, Zhongguancun Street, Haidian District, Beijing, China

    Bo Qin

  2. School of Computer, Wuhan University, Wuhan, China

    Hua Deng

  3. School of Electronic and Information Engineering, Beihang University, XueYuan Road No. 37, Haidian District, Beijing, China

    Qianhong Wu & Yunya Zhou

  4. Department of Computer Engineering and Mathematics, UNESCO Chair in Data Privacy, Universitat Rovira i Virgili, 43007, Tarragona, Catalonia

    Josep Domingo-Ferrer

  5. Département d’informatique, École normale supérieure, 45 rue d’Ulm, 75230, Paris Cedex 05, France

    David Naccache

Authors
  1. Bo Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hua Deng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qianhong Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Josep Domingo-Ferrer
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. David Naccache
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yunya Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qianhong Wu.

Additional information

Disclaimer: Josep Domingo-Ferrer leads the UNESCO Chair in Data Privacy, but the views in this paper do not commit UNESCO.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Qin, B., Deng, H., Wu, Q. et al. Flexible attribute-based encryption applicable to secure e-healthcare records. Int. J. Inf. Secur. 14, 499–511 (2015). https://doi.org/10.1007/s10207-014-0272-7

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-014-0272-7

Keywords

Search

Navigation