The distribution of personal health records (PHRs) via a cloud server is a promising platform as it reduces the cost of data maintenance. Nevertheless, the cloud server is semi-trusted and can expose the patients’ PHRs to unauthorized third parties for financial gains or compromise the query result. Therefore, ensuring the integrity of the query results and privacy of PHRs as well as realizing fine-grained access control are critical key issues when PHRs are shared via cloud computing. Hence, we propose new personal health records sharing scheme with verifiable data integrity based on B+ tree data structure and attribute-based signcryption scheme to achieve data privacy, query result integrity, unforgeability, blind keyword search, and fine-grained access control.
R.Agrawal, J.Kirenan, R.Srikant and Y.Xu, Order-preserving encryption for numeric data, in: The Proceedings of the SIGMOD, Paris, 2004, pp. 563–574.
2.
J.A.Akinyele, C.Garman, I.Mierset al., Charm: A framework for rapidly prototyping cryptosystems, Journal of Cryptographic Engineering3(2) (2013), 111–128. doi:10.1007/s13389-013-0057-3.
3.
M.H.Au, T.H.Yuen, J.K.Liuet al., A general framework for secure sharing of personal health records in cloud system, Journal of Computer and System Sciences90 (2017), 46–62. doi:10.1016/j.jcss.2017.03.002.
4.
A.Baird, F.North and T.S.Raghu, Personal Health Records (PHR) and the future of the physician-patient relationship, in: Proceedings of the 2011 iConference, 2011, pp. 281–288. doi:10.1145/1940761.1940800.
5.
E.Ben-Sasson, A.Chiesa, E.Tromer and M.Virza, Succinct non-interactive zero knowledge for a von Neumann architecture, in: Proceedings of the 23rd USENIX Conference on Security Symposium, 2014, pp. 781–796.
6.
C.Blundo, V.Iovino and G.Persiano, Private-key hidden vector encryption with key confidentiality, in: Cryptology and Network Security, J.Garay, A.Miyaji and A.Otsuka, eds, Lecture Notes in Computer Science, Vol. 5888, Springer, Berlin/Heidelberg, 2009, pp. 259–277. doi:10.1007/978-3-642-10433-6_17.
7.
D.Boneh, X.Boyen and E.-J.Goh, Hierarchical identity based encryption with constant size ciphertext, in: Proc. Adv. Cryptol., 2005, pp. 440–456.
8.
D.Boneh and M.K.Franklin, Identity-based encryption from the Weil pairing, in: Proc. 21st Annu. Int. Cryptol. Conf. Adv. Cryptol. (CRYPTO), London, U.K., 2001, pp. 213–229.
9.
D.Boneh and B.Waters, Conjunctive, subset, and range queries on encrypted data, in: Theory of Cryptography, S.Vadhan, ed., Lecture Notes in Computer Science, Vol. 4392, Springer, Berlin/Heidelberg, 2007, pp. 535–554. doi:10.1007/978-3-540-70936-7_29.
10.
Q.Chen, H.Hu and J.Xu, Authenticated online data integration services, in: ACM SIGMOD, 2015.
11.
X.Chen, Certificateless public-key authenticate encryption with keyword search revised: MCI and MTP, IACR Cryptology ePrint Archive, 2020. Available: https://eprint.iacr.org/2020/1230.
12.
T.H.Cormenet al., Introduction to Algorithms, MIT Press, 2009.
13.
M.Gagńe, S.Narayan and R.Safavi-Naini, Threshold attribute-based signcryption, in: SCN 2010, J.A.Garay and R.De Prisco, eds, LNCS, Vol. 6280, Springer, Heidelberg, 2010, pp. 154–171.
14.
A.J.Ge, C.G.Ma and Z.F.Zhang, Attribute-based signature scheme with constant size signature in the standard model, IET Information Security6(2) (2012), 47–54. doi:10.1049/iet-ifs.2011.0094.
15.
T.Ge and S.Adonik, Answering aggregation queries in a secure system model, in: The Proceedings of the Very Large Databases, Vienna, 2007, pp. 23–28.
16.
S.Krantz and H.Parks, RSA encryption, 2014. doi:10.1007/978-1-4614-8939-9_9.
17.
A.Lewko, T.Okamoto, A.Sahai, K.Takashima and B.Waters, Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption, in: Advances in Cryptology – EUROCRYPT 2010, H.Gilbert, ed., Vol. 6110, Springer, Berlin/Heidelberg, 2010, pp. 62–91. doi:10.1007/978-3-642-13190-5_4.
18.
F.Li, M.Hadjieleftheriou, G.Kollios and L.Reyzin, Dynamic authenticated index structures for outsourced databases, in: Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data, ACM, 2006, pp. 121–132. doi:10.1145/1142473.1142488.
19.
F.Li, M.Hadjieleftheriou, G.Kollios and L.Reyzin, Dynamic authenticated index structures for outsourced databases, in: ACM SIGMOD, 2006.
20.
J.Li, M.Au, W.Susioet al., Attribute-based signature and its applications, in: Proc. Int. Conf. ASIACCS 2010, Beijing, China, 2010, pp. 60–69.
21.
J.Liu, X.Huang and J.K.Liu, Secure sharing of personal health records in cloud computing: Ciphertext-policy attribute-based signcryption, Future Generat. Comput. Syst.52 (2015), 67–76. doi:10.1016/j.future.2014.10.014.
22.
J.Liu, J.Ma, W.Wuet al., Protecting mobile health records in cloud computing: A secure, efficient, and anonymous design, ACM Transactions on Embedded Computing Systems16(2) (2017), Article ID 57.
23.
Z.Liuet al., Searchable attribute-based signcryption scheme for electronic personal health record, in: IEEE Access, 2018, pp. 76381–76394. doi:10.1109/ACCESS.2018.2878527.
24.
Y.Lu, Privacy-preserving logarithmic-time search on encrypted data in cloud, in: Proc. of the 19th Annual Network & Distributed System Security Symposium, 2012.
R.C.Merkle, A certified digital signature, in: Advances in Cryptology – CRYPTO, 1989, pp. 218–238.
27.
National Institute of Standards and Technology, Advanced Encryption Standard (AES), 2001.
28.
Obiri, I.Amankona, Y.Wang, R.E.Nuhoho and E.Owiyo, Authentication of multiple-user spatial keywords queries, in: 2018 IEEE Third International Conference on Data Science in Cyberspace (DSC), IEEE, 2018, pp. 506–513. doi:10.1109/DSC.2018.00081.
29.
R.Ostrovsky and B.Waters, Attribute-based encryption with non-monotonic access structures, in: CCS’07, Proc. 14th ACM Conf. Comput. Commun. Secur., 2007.
30.
T.Pandit, S.K.Pandey and R.Barua, Attribute-based signcryption: Signer privacy, strong unforgeability and ind-cca2 security in adaptive-predicates attack, in: International Conference on Provable Security, Springer, 2014, pp. 274–290.
31.
H.Pang and K.-L.Tan, Authenticating query results in edge computing, in: IEEE ICDE, 2004.
32.
B.Parno, J.Howell, C.Gentry and M.Raykova, Pinocchio: Nearly practical verifiable computation, in: 2013 IEEE S&P, 2013, pp. 238–252.
33.
Y.S.Rao, A secure and efficient ciphertext-policy attribute-based signcryption for personal health records sharing in cloud computing, Future Generat. Comput. Syst.67 (2017), 133–151. doi:10.1016/j.future.2016.07.019.
34.
Y.S.Rao and R.Dutta, Expressive attribute based signcryption with constant-size ciphertext, in: Progress in Cryptology – AFRIPKGCRYPT, International Publishing, Springer, Cham, 2014, pp. 398–419.
35.
Y.S.Rao and R.Dutta, Expressive bandwidth-efficient attribute based signature and signcryption in standard model, in: Information Security and Privacy, Springer International Publishing, Cham, 2014, pp. 209–225. doi:10.1007/978-3-319-08344-5_14.
36.
P.Ray and J.Wimalasiri, The need for technical solutions for maintaining the privacy of EHR, in: Annu. Int. Conf. IEEE Eng. Med. Biol. – Proc., 2006, pp. 4686–4689.
37.
A.Sahai and B.Waters, Fuzzy identity-based encryption, in: EUROCRYPT, 2005, pp. 457–473.
38.
A.Sahai and B.Waters, Fuzzy identity-based encryption, in: Proc. Int. Conf. EUROCRYPT 2005, LNCS, Vol. 3494, Aarhus, Denmark, 2005, pp. 457–473. doi:10.1007/11426639_27.
39.
D.Sangeetha, S.S.Chakkaravarthy, S.C.Satapathyet al., Multi keyword searchable attribute based encryption for efficient retrieval of health records in cloud, Multimed Tools Appl (2021). doi:10.1007/s11042-021-10817-z.
40.
C.Schnorr and M.Jakobsson, Security of signed ElGamal encryption, in: Vol. 1976, 2000, pp. 73–89. doi:10.1007/3-540-44448-3_7.
41.
D.X.Song, D.Wagner and A.Perrig, Practical techniques for searches on encrypted data, in: Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, 2000. doi:10.1109/secpri.2000.848445.
42.
Sun, S.Chung and G.Ozsoyoglu, Anti-tamper databases: Processing aggregate queries over encrypted database, in: Proceedings of the 22th International Conference on Data Engineering Workshops, Georgia, 2006, p. 98.
43.
J.Sun, X.Wang, S.Wang and L.Ren, A searchable personal health records framework with fine-grained access control in cloud-fog computing, PloS One13(11) (2018), e0207543. doi:10.1371/journal.pone.0207775.
44.
P.Tang, J.Ash, D.Bates, J.Overhage and D.Sands, White paper: Personal health records: Definitions, benefits, and strategies for overcoming barriers to adoption, Journal of the American Medical Informatics Association: JAMIA13(2) (2006), 121–126. doi:10.1197/jamia.M2025.
45.
The Office of the Nat. Coordinator for Health Information Technology, Report on health information blocking, Tech. Rep., U.S. Department of HHS, 2018.
46.
J.Tomida, Y.Kawahara, Nishimaki and R.Fast, Compact, and expressive attribute-based encryption, in: Cryptology ePrint Archive, 2019, p. 966.
47.
H.Trang and N.Loi, An efficient FPGA implementation of the advanced encryption standard, in: Computing and Communication Technalogies, Research, Innavation, and Visian Far the Future (RIVF), 2012 IEEE RIVF Internatianal Conference on, 2012.
48.
C.Wang and J.Huang, Attribute-based signcryption with ciphertext-policy and claim-predicate mechanism, in: Computational Intelligence and Security (CIS), 2011 Seventh International Conference on, IEEE, 2011, pp. 905–909. doi:10.1109/CIS.2011.204.
49.
H.Wang, J.Ning, X.Huang, G.Wei, G.S.Poh and X.Liu, Secure fine-grained encrypted keyword search for e-healthcare cloud, IEEE Transactions on Dependable and Secure Computing18(3) (2021), 1307–1319. doi:10.1109/TDSC.2019.2916569.
50.
L.Wang, S.Noel and Jajodia, Minimum-cost network hardening using attack graph, Comput. Commun29(18) (2006), 3812–3824. doi:10.1016/j.comcom.2006.06.018.
51.
B.Waters, Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions, in: Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology, Berlin, Heidelberg, 2009, pp. 619–636.
52.
C.Xu, J.Xu, H.Hu and M.H.Au, When query authentication meets fine-grained access control: A zero-knowledge approach, in: ACM SIGMOD, 2018.
53.
Y.Yang, S.Papadopoulos, D.Papadias and G.Kollios, Authenticated indexing for outsourced spatial databases, The VLDB Journal18(3) (2008), 631–648. doi:10.1007/s00778-008-0113-2.
54.
A.Yin and H.Liang, On security of a certificateless hybrid signcryption scheme, Wireless Pers. Commun.85(4) (2015), 1727–1739. doi:10.1007/s11277-015-2864-6.
55.
D.Zhang, K.P.Baclawski and V.J.Tsotras, B+-tree, in: Encyclopedia of Database Systems, L.Liu and M.T.Özsu, eds, Springer, Boston, MA, 2009.
56.
Y.Zhang, D.Genkin, J.Katz, D.Papadopoulos and C.Papamanthou, vSQL: Verifying arbitrary SQL queries over dynamic outsourced databases, in: 2017 IEEE S&P, 2017, pp. 863–880.
57.
Y.Zheng, Digital signcryption or how to achieve cost(signature & encryption) ≪ cost(signature) + cost(encryption), in: Annual International Cryptology Conference, Springer, 1997, pp. 165–179.
