Articles producció científica> Enginyeria Informàtica i Matemàtiques

Flexible attribute-based encryption applicable to secure e-healthcare records

  • Datos identificativos

    Identificador: imarina:3657919
    Autores:
    Qin BDeng HWu QDomingo-Ferrer JNaccache DZhou Y
    Resumen:
    In e-healthcare record systems (EHRS), attribute-based encryption (ABE) appears as a natural way to achieve fine-grained access control on health records. Some proposals exploit key-policy ABE (KP-ABE) to protect privacy in such a way that all users are associated with specific access policies and only the ciphertexts matching the users¿ access policies can be decrypted. An issue with KP-ABE is that it requires an a priori formulation of access policies during key generation, which is not always practicable in EHRS because the policies to access health records are sometimes determined after key generation. In this paper, we revisit KP-ABE and propose a dynamic ABE paradigm, referred to as access policy redefinable ABE (APR-ABE). To address the above issue, APR-ABE allows users to redefine their access policies and delegate keys for the redefined ones; hence, a priori precise policies are no longer mandatory. We construct an APR-ABE scheme with short ciphertexts and prove its full security in the standard model under several static assumptions.
  • Otros:

    Autor según el artículo: Qin B; Deng H; Wu Q; Domingo-Ferrer J; Naccache D; Zhou Y
    Departamento: Enginyeria Informàtica i Matemàtiques
    Autor/es de la URV: Domingo Ferrer, Josep
    Palabras clave: Privacy Cryptography
    Resumen: In e-healthcare record systems (EHRS), attribute-based encryption (ABE) appears as a natural way to achieve fine-grained access control on health records. Some proposals exploit key-policy ABE (KP-ABE) to protect privacy in such a way that all users are associated with specific access policies and only the ciphertexts matching the users¿ access policies can be decrypted. An issue with KP-ABE is that it requires an a priori formulation of access policies during key generation, which is not always practicable in EHRS because the policies to access health records are sometimes determined after key generation. In this paper, we revisit KP-ABE and propose a dynamic ABE paradigm, referred to as access policy redefinable ABE (APR-ABE). To address the above issue, APR-ABE allows users to redefine their access policies and delegate keys for the redefined ones; hence, a priori precise policies are no longer mandatory. We construct an APR-ABE scheme with short ciphertexts and prove its full security in the standard model under several static assumptions.
    Áreas temáticas: Software Safety, risk, reliability and quality Matemática / probabilidade e estatística Information systems Engenharias iv Computer science, theory & methods Computer science, software engineering Computer science, information systems Computer networks and communications Ciência da computação
    Acceso a la licencia de uso: https://creativecommons.org/licenses/by/3.0/es/
    ISSN: 16155262
    Direcció de correo del autor: josep.domingo@urv.cat
    Identificador del autor: 0000-0001-7213-4962
    Fecha de alta del registro: 2024-09-07
    Versión del articulo depositado: info:eu-repo/semantics/submittedVersion
    Enlace a la fuente original: https://link.springer.com/article/10.1007%2Fs10207-014-0272-7
    URL Documento de licencia: https://repositori.urv.cat/ca/proteccio-de-dades/
    Referencia al articulo segun fuente origial: International Journal Of Information Security. 14 (6): 499-511
    Referencia de l'ítem segons les normes APA: Qin B; Deng H; Wu Q; Domingo-Ferrer J; Naccache D; Zhou Y (2015). Flexible attribute-based encryption applicable to secure e-healthcare records. International Journal Of Information Security, 14(6), 499-511. DOI: 10.1007/s10207-014-0272-7
    DOI del artículo: 10.1007/s10207-014-0272-7
    Entidad: Universitat Rovira i Virgili
    Año de publicación de la revista: 2015
    Tipo de publicación: Journal Publications
  • Palabras clave:

    Computer Networks and Communications,Computer Science, Information Systems,Computer Science, Software Engineering,Computer Science, Theory & Methods,Information Systems,Safety, Risk, Reliability and Quality,Software
    Privacy
    Cryptography
    Software
    Safety, risk, reliability and quality
    Matemática / probabilidade e estatística
    Information systems
    Engenharias iv
    Computer science, theory & methods
    Computer science, software engineering
    Computer science, information systems
    Computer networks and communications
    Ciência da computação
  • Documentos:

  • Cerca a google

    Search to google scholar