ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing

Authors:
Mrinmoy Barua;Xiaohui Liang;Rongxing Lu;Xuemin Shen
Affiliations:
Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario N2L 3G1, Canada.;Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario N2L 3G1, Canada.;Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario N2L 3G1, Canada.;Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Ontario N2L 3G1, Canada
Venue:
International Journal of Security and Networks
Year:
2011

Citing 15
Cited 3

Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Attribute-based encryption for fine-grained access control of encrypted data

Proceedings of the 13th ACM conference on Computer and communications security
Ciphertext-Policy Attribute-Based Encryption

SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
Data Hemorrhages in the Health-Care Sector

Financial Cryptography and Data Security
SAGE: a strong privacy-preserving scheme against global eavesdropping for ehealth systems

IEEE Journal on Selected Areas in Communications - Special issue on wireless and pervasive communications for healthcare
Achieving secure, scalable, and fine-grained data access control in cloud computing

INFOCOM'10 Proceedings of the 29th conference on Information communications
Security Models and Requirements for Healthcare Application Clouds

CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
Hierarchical attribute-based encryption for fine-grained access control in cloud storage services

Proceedings of the 17th ACM conference on Computer and communications security
Cryptographic cloud storage

FC'10 Proceedings of the 14th international conference on Financial cryptograpy and data security
Efficient Sharing of Secure Cloud Storage Services

CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
Data-centric privacy protocol for intensive care grids

IEEE Transactions on Information Technology in Biomedicine
Introduction to Discrete Event Systems

Introduction to Discrete Event Systems
An efficient identity-based key exchange protocol with KGS forward secrecy for low-power devices

WINE'05 Proceedings of the First international conference on Internet and Network Economics
Fuzzy identity-based encryption

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
A secure handshake scheme with symptoms-matching for mHealthcare social network

Mobile Networks and Applications - Special issue on Wireless and Personal Communications

CRYPE: towards cryptographically enforced and privacy enhanced WBANs

Proceedings of the First International Conference on Security of Internet of Things
A review of GENI authentication and access control mechanisms

International Journal of Security and Networks
Achieving Accountable MapReduce in cloud computing

Future Generation Computer Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We consider the problem of patient self-controlled access privilege to highly sensitive Personal Health Information (PHI), where PHI is expected to be securely stored in cloud storage for uninterrupted anytime, anywhere remote access. In order to assure the privacy of PHI, we propose Efficient and Secure Patient-centric Access Control (ESPAC) scheme which allows data requesters to have different access privileges based on their roles, and then assigns different attribute sets to them. Extensive security and performance analyses demonstrate that the ESPAC scheme is able to achieve desired security requirements with acceptable communication delay.