当前位置:
X-MOL 学术
›
Int. J. Intell. Syst.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Outsourcing multiauthority access control revocation and computations over medical data to mobile cloud
International Journal of Intelligent Systems ( IF 5.0 ) Pub Date : 2022-09-07 , DOI: 10.1002/int.23009 Arthur S. Voundi Koe 1 , Qi Chen 1 , Juan Tang 1 , Shan Ai 1 , Hongyang Yan 1 , Shiwen Zhang 2 , Duncan S. Wong 1
International Journal of Intelligent Systems ( IF 5.0 ) Pub Date : 2022-09-07 , DOI: 10.1002/int.23009 Arthur S. Voundi Koe 1 , Qi Chen 1 , Juan Tang 1 , Shan Ai 1 , Hongyang Yan 1 , Shiwen Zhang 2 , Duncan S. Wong 1
Affiliation
With recent advances in cloud computing, mobile devices are increasingly being used to record patient physiological parameters, and transfer them to a cloud-based hospital information system, for access control mediation over a variety of stakeholders. In such a cloud-based architecture, the patient must specify an access policy for a group of authorized parties towards its outsourced data. Multiauthority ciphertext-policy attribute-based encryption (CP-ABE) was provided as an innovative cloud-based access control cryptographic primitive to tackle the key escrow issue in a centralized architecture, and boost flexibility through cross-domain attributes management. Existing works, however, still have glaring drawbacks. First, they still rely on a trusted authority to generate and distribute user secret keys. Second, they do not simultaneously provide encryption, decryption, or revocation outsourcing, resulting in high processing and communication cost for both the data sender and the data receiver. Third, they do not support both user and attribute revocation, and the integrity of ciphertext downloaded from the cloud is not always verified at the user end. As a result, this paper exploits the dummy attribute technique and introduces a novel, efficient, and secure multiauthority ciphertext-policy ABE method for mediating access control over medical data, in the mobile cloud. The ciphertext access policy enforcement, partial ciphertext decryption, and both the user and attribute indirect revocation updates are safely outsourced to the cloud server in this study. Theoretical analysis demonstrates that our scheme is efficient and verifiable, and we prove that our construction is secure under the decisional bilinear Diffie-Hellman assumption.
中文翻译:
将医疗数据的多权限访问控制撤销和计算外包到移动云
随着云计算的最新进展,移动设备越来越多地用于记录患者的生理参数,并将其传输到基于云的医院信息系统,以对各种利益相关者进行访问控制调解。在这种基于云的架构中,患者必须为一组授权方指定对其外包数据的访问策略。多授权密文策略基于属性的加密 (CP-ABE) 作为一种创新的基于云的访问控制密码原语提供,以解决集中式架构中的密钥托管问题,并通过跨域属性管理提高灵活性。然而,现有的作品仍然有明显的缺点。首先,他们仍然依赖受信任的权威来生成和分发用户密钥。第二,它们不能同时提供加密、解密或撤销外包,导致数据发送方和数据接收方的处理和通信成本都很高。第三,它们不支持用户和属性撤销,并且从云端下载的密文的完整性并不总是在用户端验证。因此,本文利用虚拟属性技术,介绍了一种新颖、高效、安全的多授权密文策略 ABE 方法,用于在移动云中调解医疗数据的访问控制。在本研究中,密文访问策略执行、部分密文解密以及用户和属性间接撤销更新都安全地外包给了云服务器。理论分析表明,我们的方案是有效且可验证的,
更新日期:2022-09-07
中文翻译:
将医疗数据的多权限访问控制撤销和计算外包到移动云
随着云计算的最新进展,移动设备越来越多地用于记录患者的生理参数,并将其传输到基于云的医院信息系统,以对各种利益相关者进行访问控制调解。在这种基于云的架构中,患者必须为一组授权方指定对其外包数据的访问策略。多授权密文策略基于属性的加密 (CP-ABE) 作为一种创新的基于云的访问控制密码原语提供,以解决集中式架构中的密钥托管问题,并通过跨域属性管理提高灵活性。然而,现有的作品仍然有明显的缺点。首先,他们仍然依赖受信任的权威来生成和分发用户密钥。第二,它们不能同时提供加密、解密或撤销外包,导致数据发送方和数据接收方的处理和通信成本都很高。第三,它们不支持用户和属性撤销,并且从云端下载的密文的完整性并不总是在用户端验证。因此,本文利用虚拟属性技术,介绍了一种新颖、高效、安全的多授权密文策略 ABE 方法,用于在移动云中调解医疗数据的访问控制。在本研究中,密文访问策略执行、部分密文解密以及用户和属性间接撤销更新都安全地外包给了云服务器。理论分析表明,我们的方案是有效且可验证的,