Healthcare Internet-of-things (IoT) has been proposed as a promising means to greatly improve the efficiency and quality of patient care. Medical devices in healthcare IoT measure patients’ vital signs and aggregate these data into medical files which are uploaded to the cloud for storage and accessed by healthcare workers. To protect patients’ privacy, encryption is normally used to enforce access control of medical files by authorized parties while preventing unauthorized access. In healthcare, it is crucial to enable timely access of patient files in emergency situations. In this paper, we propose a lightweight break-glass access control (LiBAC) system that supports two ways for accessing encrypted medical files: attribute-based access and break-glass access. In normal situations, a medical worker with an attribute set satisfying the access policy of a medical file can decrypt and access the data. In emergent situations, the break-glass access mechanism bypasses the access policy of the medical file to allow timely access to the data by emergency medical care or rescue workers. LiBAC is lightweight since very few calculations are executed by devices in the healthcare IoT network, and the storage and transmission overheads are low. LiBAC is formally proved secure in the standard model and extensive experiments are conducted to demonstrate its efficiency.

中文翻译：

---

用于医疗物联网的轻型防摔玻璃门禁系统

医疗物联网（IoT）已被提出作为一种有前途的手段，可以极大地提高患者护理的效率和质量。医疗保健物联网中的医疗设备可测量患者的生命体征并将这些数据聚合到医疗文件中，然后将其上传到云中进行存储并由医疗工作者访问。为了保护患者的隐私，通常使用加密来强制授权方对医疗文件进行访问控制，同时防止未经授权的访问。在医疗保健中，至关重要的是在紧急情况下能够及时访问患者档案。在本文中，我们提出了一种轻量级的碎玻璃访问控制（LiBAC）系统，该系统支持两种访问加密医疗文件的方式：基于属性的访问和碎玻璃访问。在正常情况下，具有满足医疗文件访问策略的属性集的医务工作者可以解密和访问数据。在紧急情况下，防摔玻璃访问机制会绕过医疗文件的访问策略，以允许急诊医疗人员或救援人员及时访问数据。LiBAC是轻量级的，因为医疗保健物联网网络中的设备很少执行计算，并且存储和传输开销很低。LiBAC在标准模型中已被正式证明是安全的，并且进行了广泛的实验以证明其效率。LiBAC是轻量级的，因为医疗保健物联网网络中的设备很少执行计算，并且存储和传输开销很低。LiBAC在标准模型中已被正式证明是安全的，并且进行了广泛的实验以证明其效率。LiBAC是轻量级的，因为医疗保健物联网网络中的设备很少执行计算，并且存储和传输开销很低。LiBAC在标准模型中已被正式证明是安全的，并且进行了广泛的实验以证明其效率。