標題: | Cloud-Based Fine-Grained Health Information Access Control Framework for Lightweight IoT Devices with Dynamic Auditing and Attribute Revocation |
作者: | Yeh, Lo-Yao Chiang, Pei-Yu Tsai, Yi-Lang Huang, Jiun-Long 資訊工程學系 Department of Computer Science |
關鍵字: | Internet of thing;personal health information;auditing;fine-grained access control;cloud storage |
公開日期: | 1-Apr-2018 |
摘要: | The eHealth trend has spread globally. Internet of Things (IoT) devices for medical service and pervasive Personal Health Information (PHI) systems play important roles in the eHealth environment. A cloud-based PHI system appears promising but raises privacy and information security concerns. We propose a cloud-based fine-grained health information access control framework for lightweight IoT devices with data dynamics auditing and attribute revocation functions. Only symmetric cryptography is required for IoT devices, such as wireless body sensors. A variant of ciphertext-policy attribute-based encryption, dual encryption, and Merkle hash trees are used to support fine-grained access control, efficient dynamic data auditing, batch auditing, and attribute revocation. Moreover, the proposed scheme also defines and handles the cloud reciprocity problem wherein cloud service providers can help each other avoid fines resulting from data loss. Security analysis and performance comparisons show that the proposed scheme is an excellent candidate for a cloud-based PHI system. |
URI: | http://dx.doi.org/10.1109/TCC.2015.2485199 http://hdl.handle.net/11536/145099 |
ISSN: | 2168-7161 |
DOI: | 10.1109/TCC.2015.2485199 |
期刊: | IEEE TRANSACTIONS ON CLOUD COMPUTING |
Volume: | 6 |
起始頁: | 532 |
結束頁: | 544 |
Appears in Collections: | Articles |