research-article

PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System

Authors:

Zhenfu CaoAuthors Info & Claims

IEEE Transactions on Parallel and Distributed Systems, Volume 26, Issue 6

Pages 1693 - 1703

https://doi.org/10.1109/TPDS.2014.2314119

Published: 01 June 2015 Publication History

Abstract

Distributed m-healthcare cloud computing system significantly facilitates efficient patient treatment for medical consultation by sharing personal health information among healthcare providers. However, it brings about the challenge of keeping both the data confidentiality and patients' identity privacy simultaneously. Many existing access control and anonymous authentication schemes cannot be straightforwardly exploited. To solve the problem, in this paper, a novel authorized accessible privacy model (AAPM) is established. Patients can authorize physicians by setting an access tree supporting flexible threshold predicates. Then, based on it, by devising a new technique of attribute-based designated verifier signature, a patient self-controllable multi-level privacy-preserving cooperative authentication scheme (PSMPA) realizing three levels of security and privacy requirement in distributed m-healthcare cloud computing system is proposed. The directly authorized physicians, the indirectly authorized physicians and the unauthorized persons in medical consultation can respectively decipher the personal health information and/or verify patients' identities by satisfying the access tree with their own attribute sets. Finally, the formal security proof and simulation results illustrate our scheme can resist various kinds of attacks and far outperforms the previous ones in terms of computational, communication and storage overhead.

References

[1]

L. Gatzoulis, and I. Iakovidis, ‘Wearable and portable E-health systems ’, IEEE Eng. Med. Biol. Mag., vol. 26, no. 5, pp. 51 –56, Sep.-Oct. 2007.

[2]

I. Iakovidis, ‘Towards personal health record: current situation, obstacles and trends in implementation of electronic healthcare records in europe ’, Int. J. Med. Inf., vol. 52, no. 1, pp. 105– 115, 1998.

[3]

E. Villalba, M. T. Arredondo, S. Guillen, and E. Hoyo-Barbolla, ‘A new solution for a heart failure monitoring system based on wearable and information technologies in’, Proc. Int. Workshop Wearable Implantable Body Sens. Netw., Apr. 2006, pp. 150–153.

Digital Library

[4]

R. Lu, and Z. Cao, ‘Efficient remote user authentication scheme using smart card’, Comput. Netw., vol. 49, no. 4, pp. 535– 540, 2005.

Digital Library

[5]

M. D. N. Huda, N. Sonehara, and S. Yamada, ‘A privacy management architecture for patient-controlled personal health record system’, J. Eng. Sci. Technol., vol. 4, no. 2, pp. 154– 170, 2009.

[6]

S. Schechter, T. Parnell, and A. Hartemink, ‘Anonymous authentication of membership in dynamic groups in’, Proc. 3rd Int. Conf. Financial Cryptography, 1999, pp. 184– 195.

[7]

D. Slamanig, C. Stingl, C. Menard, M. Heiligenbrunner, and J. Thierry, ‘Anonymity and application privacy in context of mobile computing in eHealth, ’, Mobile Response, New York, NY, USA: Springer, 2009, pp. 148–157.

Digital Library

[8]

J. Zhou, and Z. Cao, ‘TIS: A threshold incentive scheme for secure and reliable data forwarding in vehicular delay tolerant networks’, Proc. IEEE Global Commun. Conf., 2012, pp. 985–990.

[9]

S. Yu, K. Ren, and W. Lou, ‘FDAC: Toward fine-grained distributed data access control in wireless sensor networks’, Proc. IEEE Conf. Comput. Commun., 2009, pp. 963–971 .

[10]

F. W. Dillema, and S. Lupetti, ‘Rendezvous-based access control for medical records in the pre-hospital environment’, Proc. 1st ACM SIGMOBILE Int. Workshop Syst. Netw. Support Healthcare Assisted Living, 2007, pp. 1–6.

[11]

J. Sun, Y. Fang, and X. Zhu, ‘Privacy and emergency response in e-healthcare leveraging wireless body sensor networks’, IEEE Wireless Commun., vol. 17, no. 1, pp. 66– 73, Feb. 2010.

Digital Library

[12]

X. Lin, R. Lu, X. Shen, Y. Nemoto, and N. Kato, ‘SAGE: A strong privacy-preserving scheme against global eavesdropping for E-health systems’, IEEE J. Sel. Areas Commun., vol. 27, no. 4, pp. 365 –378, May 2009.

Digital Library

[13]

J. Sun, X. Zhu, C. Zhang, and Y. Fang, ‘HCPP: Cryptography based secure EHR system for patient privacy and emergency healthcare’, Proc. 31st Int. Conf. Distrib. Comput. Syst., 2011, pp. 373– 382.

[14]

L. Lu, J. Han, Y. Liu, L. Hu, J. Huai, L. M. Ni, and J. Ma, ‘Pseudo trust: Zero-knowledge authentication in anonymous P2Ps’, IEEE Trans. Parallel Distrib. Syst., vol. 19, no. 10, pp. 1325–1337, Oct. 2008.

Digital Library

[15]

J. Zhou, and M. He, ‘An improved distributed key management scheme in wireless sensor networks’, Proc. 9th Int. Workshop Inf. Security Appl., 2008, pp. 305– 319.

[16]

J. Zhou, Z. Cao, X. Dong, X. Lin, and A. V. Vasilakos, ‘Securing m-healthcare social networks: challenges, countermeasures and future directions’, IEEE Wireless Commun., vol. 20, no. 4, pp. 12– 21, Aug. 2013.

[17]

M. Chase, and S. S. Chow, ‘Improving privacy and security in multi-authority attribute-based encryption’, Proc. 16th ACM Conf. Comput. Commun. Security, 2009, pp. 121– 130.

Digital Library

[18]

J. Bethencourt, A. Sahai, and B. Waters, ‘Ciphertext-policy attribute-based encryption’, Proc. IEEE Symp. Security Privacy, 2007, pp. 321–334 .

Digital Library

[19]

N. Cao, Z. Yang, C. Wang, K. Ren, and W. Lou, ‘Privacy-preserving query over encrypted graph-structured data in cloud computing’, Proc. 31st Int. Conf. Distrib. Comput. Syst., 2011, pp. 393– 402.

[20]

F. Cao, and Z. Cao, ‘A secure identity-based multi-proxy signature scheme’, Comput. Electr. Eng., vol. 35, pp. 86–95, 2009.

Digital Library

[21]

X. Huang, W. Susilo, Y. Mu, and F. Zhang, ‘Short designated verifier signature scheme and its identity-based variant’, Int. J. Netw. Security, vol. 6, no. 1, pp. 82– 93, Jan. 2008.

[22]

V. Goyal, O. Pandey, A. Sahai, and B. Waters, ‘Attribute-based encryption for fine-grained access control of encrypted data’, Proc ACM Conf. Comput. Commun. Security, 2006, pp. 89–98.

[23]

J. Li, M. H. Au, W. Susilo, D. Xie, and K. Ren, ‘Attribute-based signature and its applications’, Proc. 5th ACM Symp. Inf., Comput. Commun. Security, 2010, pp. 60– 69.

[24]

PBC Library, [online] http://crypto.stanford.edu/pbc/times.html, 2006.

[25]

B. Riedl, V. Grascher, and T. Neubauer, ‘A secure e-health architecture based on the appliance of pseudonymization’, J. Softw., vol. 3, no. 2, pp. 23–32, Feb. 2008.

[26]

D. Slamanig, and C. Stingl, ‘Privacy aspects of E-health ’, Proc. 3rd. Int. Conf. Availab., Rel. Security, 2008, pp. 1226– 1233.

[27]

De-identified Health Inf., [online] http://aspe.hhs.gov/admnsimp/bannerps.htm, 2007.

[28]

R. Lu, X. Lin, X. Liang, and X. Shen, ‘A secure handshake scheme with symptoms-matching for mhealthcare social network’, J. Mobile Netw. Applications vol. 16, no. 6, pp. 683–694, Dec. 2011.

[29]

J. Sun, and Y. Fang, ‘Cross-domain data sharing in distributed electronic health record system’, IEEE Trans. Parallel Distrib. Syst., vol. 21, no. 6, pp. 754 –764, Jun. 2010.

Digital Library

[30]

M. Li, S. Yu, K. Ren, and W. Lou, ‘Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings’, Proc. 6th Int. ICST Conf. Security Privacy Comm. Netw., 2010, pp. 89 –106.

[31]

J. Misic, and V. Misic, ‘Enforcing patient privacy in healthcare WSNs through key distribution algorithms’, Security Commun. Netw. J., vol. 1, no. 5, pp. 417 –429, 2008.

[32]

J. Misic, and V. B. Misic, ‘Implementation of security policy for clinical information systems over wireless sensor network’, Ad Hoc Netw., vol. 5, no. 1, pp. 134–144, Jan. 2007.

Cited By

Saha SChowdhury CNeogy S(2024)A novel two phase data sensitivity based access control framework for healthcare dataMultimedia Tools and Applications10.1007/s11042-023-15427-583:3(8867-8892)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1007/s11042-023-15427-5
Liu JYu YWang HZhang H(2022)Lattice-Based Self-Enhancement Authorized Accessible Privacy Authentication for Cyber-Physical SystemsSecurity and Communication Networks10.1155/2022/89957042022Online publication date: 9-Feb-2022
https://dl.acm.org/doi/10.1155/2022/8995704
Yao LChen ZHu HWu GWu B(2022)Privacy Preservation for Trajectory Publication Based on Differential PrivacyACM Transactions on Intelligent Systems and Technology10.1145/347483913:3(1-21)Online publication date: 12-Apr-2022
https://dl.acm.org/doi/10.1145/3474839
Show More Cited By

Index Terms

PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System
1. Computer systems organization
2. Software and its engineering
  1. Software organization and properties

Index terms have been assigned to the content through auto-classification.

Recommendations

Privacy preserving smartcard-based authentication system with provable security

In this paper, we suggest a new privacy preserving smartcard-based password authenticated key exchange SC-PAKE with provable security. Only the user who has two secrets smartcard and password can go through authentication with key exchange while ...
Privacy Preserving Access Control with Authentication for Securing Data in Clouds
CCGRID '12: Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)

In this paper, we propose a new privacy preserving authenticated access control scheme for securing data in clouds. In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user's identity before storing information. ...
A Secure RFID Tag Authentication Protocol with Privacy Preserving in Telecare Medicine Information System

Radio Frequency Identification (RFID) based solutions are widely used for providing many healthcare applications include patient monitoring, object traceability, drug administration system and telecare medicine information system (TMIS) etc. In order to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image IEEE Transactions on Parallel and Distributed Systems

IEEE Transactions on Parallel and Distributed Systems Volume 26, Issue 6

June 2015

292 pages

ISSN:1045-9219

Issue’s Table of Contents

Copyright © 2014.

Publisher

IEEE Press

Publication History

Published: 01 June 2015

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Saha SChowdhury CNeogy S(2024)A novel two phase data sensitivity based access control framework for healthcare dataMultimedia Tools and Applications10.1007/s11042-023-15427-583:3(8867-8892)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1007/s11042-023-15427-5
Liu JYu YWang HZhang H(2022)Lattice-Based Self-Enhancement Authorized Accessible Privacy Authentication for Cyber-Physical SystemsSecurity and Communication Networks10.1155/2022/89957042022Online publication date: 9-Feb-2022
https://dl.acm.org/doi/10.1155/2022/8995704
Yao LChen ZHu HWu GWu B(2022)Privacy Preservation for Trajectory Publication Based on Differential PrivacyACM Transactions on Intelligent Systems and Technology10.1145/347483913:3(1-21)Online publication date: 12-Apr-2022
https://dl.acm.org/doi/10.1145/3474839
Mohammadi MRawassizadeh RSheikhtaheri A(2022)A consumer-centered security framework for sharing health data in social networksJournal of Information Security and Applications10.1016/j.jisa.2022.10330369:COnline publication date: 1-Sep-2022
https://dl.acm.org/doi/10.1016/j.jisa.2022.103303
Hartmann MHashmi UImran A(2022)Edge computing in smart health care systemsTransactions on Emerging Telecommunications Technologies10.1002/ett.371033:3Online publication date: 21-Mar-2022
https://dl.acm.org/doi/10.1002/ett.3710
Lu YZhao D(2021)Providing impersonation resistance for biometric-based authentication scheme in mobile cloud computing serviceComputer Communications10.1016/j.comcom.2021.10.029182:C(22-30)Online publication date: 29-Dec-2021
https://dl.acm.org/doi/10.1016/j.comcom.2021.10.029
Saad A(2019)The Influence of Users Privacy and Discomfort on Using Healthcare Information SystemProceedings of the 5th International Conference on e-Society, e-Learning and e-Technologies10.1145/3312714.3312734(68-72)Online publication date: 10-Jan-2019
https://dl.acm.org/doi/10.1145/3312714.3312734

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents