HealthShare: Achieving secure and privacy-preserving health information sharing through health social networks

Authors:
Xiaohui Liang;Mrinmoy Barua;Rongxing Lu;Xiaodong Lin;Xuemin (Sherman) Shen
Affiliations:
Department of Electrical and Computer Engineering, University of Waterloo, Canada;Department of Electrical and Computer Engineering, University of Waterloo, Canada;Department of Electrical and Computer Engineering, University of Waterloo, Canada;Faculty of Business and Information Technology, University of Ontario Institute of Technology, Ontario, Canada;Department of Electrical and Computer Engineering, University of Waterloo, Canada
Venue:
Computer Communications
Year:
2012

Citing 25
Cited 1

Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups

Journal of Cryptology
A Privacy-Preserving eHealth Protocol Compliant with the Belgian Healthcare System

EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles

Proceedings of the 18th international conference on World wide web
SIMPS: using sociology for personal mobility

IEEE/ACM Transactions on Networking (TON)
Persona: an online social network with user-defined privacy

Proceedings of the ACM SIGCOMM 2009 conference on Data communication
On the leakage of personally identifiable information via online social networks

Proceedings of the 2nd ACM workshop on Online social networks
SAGE: a strong privacy-preserving scheme against global eavesdropping for ehealth systems

IEEE Journal on Selected Areas in Communications - Special issue on wireless and pervasive communications for healthcare
On non-cooperative location privacy: a game-theoretic analysis

Proceedings of the 16th ACM conference on Computer and communications security
Patient controlled encryption: ensuring privacy of electronic medical records

Proceedings of the 2009 ACM workshop on Cloud computing security
A privacy framework for mobile health and home-care systems

Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
No purpose, no data: goal-oriented access control forambient assisted living

Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems
StarClique: guaranteeing user privacy in social networks against intersection attacks

Proceedings of the 5th international conference on Emerging networking experiments and technologies
A framework to bridge social network and body sensor network: an e-health perspective

ICME'09 Proceedings of the 2009 IEEE international conference on Multimedia and Expo
Full-domain subgroup hiding and constant-size group signatures

PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
Short group signature without random oracles

ICICS'07 Proceedings of the 9th international conference on Information and communications security
Guest editorial: wireless technologies for e-healthcare

IEEE Wireless Communications
A 2G-RFID-based e-healthcare system

IEEE Wireless Communications
Routing in socially selfish delay tolerant networks

INFOCOM'10 Proceedings of the 29th conference on Information communications
Managing Healthcare through Social Networks

Computer
Modeling the socially intelligent communication of health information to a patient's personal social network

IEEE Transactions on Information Technology in Biomedicine - Special section on affective and pervasive computing for healthcare
Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization

PKC'11 Proceedings of the 14th international conference on Practice and theory in public key cryptography conference on Public key cryptography
Body Area Networks: A Survey

Mobile Networks and Applications
Secure handshake with symptoms-matching: the essential to the success of mhealthcare social network

Proceedings of the Fifth International Conference on Body Area Networks
Leveraging Social System Networks in Ubiquitous High-Data-Rate Health Systems

IEEE Transactions on Information Technology in Biomedicine

KAU e-health mobile system

Proceedings of the 13th International Conference on Interacción Persona-Ordenador

Quantified Score

Hi-index	0.24

Visualization

Abstract

In this paper, we propose two attribute-oriented authentication and transmission schemes for secure and privacy-preserving health information sharing in health social networks (HSNs). HSN users are tagged with formalized attributes. The attribute-oriented authentication scheme enables each HSN user to generate an attribute proof for itself, where its sensitive attributes are anonymized. By verifying provided attribute proof, other users are able to know what attributes an HSN user has. The attribute-oriented transmission scheme enables an HSN user to encrypt his/her health information into a ciphertext bonded with a customized access policy. The access policy is defined by a target set of attributes. Only users who satisfy the access policy are able to decrypt the ciphertext. Through security analysis, we show that the proposed schemes can effectively resist various attacks including forgery attack, attribute-trace attack, eavesdropping attack, and collusion attack. Through extensive simulation studies, we demonstrate that both schemes can offer satisfactory performance in helping HSN users to share health information.