Articles producció científica> Enginyeria Informàtica i Matemàtiques

Flexible attribute-based encryption applicable to secure e-healthcare records

  • Identification data

    Identifier: imarina:3657919
    Authors:
    Qin BDeng HWu QDomingo-Ferrer JNaccache DZhou Y
    Abstract:
    In e-healthcare record systems (EHRS), attribute-based encryption (ABE) appears as a natural way to achieve fine-grained access control on health records. Some proposals exploit key-policy ABE (KP-ABE) to protect privacy in such a way that all users are associated with specific access policies and only the ciphertexts matching the users¿ access policies can be decrypted. An issue with KP-ABE is that it requires an a priori formulation of access policies during key generation, which is not always practicable in EHRS because the policies to access health records are sometimes determined after key generation. In this paper, we revisit KP-ABE and propose a dynamic ABE paradigm, referred to as access policy redefinable ABE (APR-ABE). To address the above issue, APR-ABE allows users to redefine their access policies and delegate keys for the redefined ones; hence, a priori precise policies are no longer mandatory. We construct an APR-ABE scheme with short ciphertexts and prove its full security in the standard model under several static assumptions.
  • Others:

    Author, as appears in the article.: Qin B; Deng H; Wu Q; Domingo-Ferrer J; Naccache D; Zhou Y
    Department: Enginyeria Informàtica i Matemàtiques
    URV's Author/s: Domingo Ferrer, Josep
    Keywords: Privacy Cryptography
    Abstract: In e-healthcare record systems (EHRS), attribute-based encryption (ABE) appears as a natural way to achieve fine-grained access control on health records. Some proposals exploit key-policy ABE (KP-ABE) to protect privacy in such a way that all users are associated with specific access policies and only the ciphertexts matching the users¿ access policies can be decrypted. An issue with KP-ABE is that it requires an a priori formulation of access policies during key generation, which is not always practicable in EHRS because the policies to access health records are sometimes determined after key generation. In this paper, we revisit KP-ABE and propose a dynamic ABE paradigm, referred to as access policy redefinable ABE (APR-ABE). To address the above issue, APR-ABE allows users to redefine their access policies and delegate keys for the redefined ones; hence, a priori precise policies are no longer mandatory. We construct an APR-ABE scheme with short ciphertexts and prove its full security in the standard model under several static assumptions.
    Thematic Areas: Software Safety, risk, reliability and quality Matemática / probabilidade e estatística Information systems Engenharias iv Computer science, theory & methods Computer science, software engineering Computer science, information systems Computer networks and communications Ciência da computação
    licence for use: https://creativecommons.org/licenses/by/3.0/es/
    ISSN: 16155262
    Author's mail: josep.domingo@urv.cat
    Author identifier: 0000-0001-7213-4962
    Record's date: 2024-09-07
    Papper version: info:eu-repo/semantics/submittedVersion
    Licence document URL: https://repositori.urv.cat/ca/proteccio-de-dades/
    Papper original source: International Journal Of Information Security. 14 (6): 499-511
    APA: Qin B; Deng H; Wu Q; Domingo-Ferrer J; Naccache D; Zhou Y (2015). Flexible attribute-based encryption applicable to secure e-healthcare records. International Journal Of Information Security, 14(6), 499-511. DOI: 10.1007/s10207-014-0272-7
    Entity: Universitat Rovira i Virgili
    Journal publication year: 2015
    Publication Type: Journal Publications
  • Keywords:

    Computer Networks and Communications,Computer Science, Information Systems,Computer Science, Software Engineering,Computer Science, Theory & Methods,Information Systems,Safety, Risk, Reliability and Quality,Software
    Privacy
    Cryptography
    Software
    Safety, risk, reliability and quality
    Matemática / probabilidade e estatística
    Information systems
    Engenharias iv
    Computer science, theory & methods
    Computer science, software engineering
    Computer science, information systems
    Computer networks and communications
    Ciência da computação
  • Documents:

  • Cerca a google

    Search to google scholar