Revocable and verifiable weighted attribute-based encryption with collaborative access for electronic health record in cloud

IF 3.9 4区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS
Ximing Li, Hao Wang, Sha Ma, Meiyan Xiao, Qiong Huang
{"title":"Revocable and verifiable weighted attribute-based encryption with collaborative access for electronic health record in cloud","authors":"Ximing Li, Hao Wang, Sha Ma, Meiyan Xiao, Qiong Huang","doi":"10.1186/s42400-024-00211-1","DOIUrl":null,"url":null,"abstract":"<p>The encryption of user data is crucial when employing electronic health record services to guarantee the security of the data stored on cloud servers. Attribute-based encryption (ABE) scheme is considered a powerful encryption technique that offers flexible and fine-grained access control capabilities. Further, the multi-user collaborative access ABE scheme additionally supports users to acquire access authorization through collaborative works. However, the existing multi-user collaborative access ABE schemes do not consider the different weights of collaboration users. Therefore, using these schemes for weighted multi-user collaborative access results in redundant attributes, which inevitably reduces the efficiency of the ABE scheme. This paper proposes a revocable and verifiable weighted attribute-based encryption with collaborative access scheme (RVWABE-CA), which can provide efficient weighted multi-user collaborative access, user revocation, and data integrity verification, as the fundamental cornerstone for establishing a robust framework to facilitate secure sharing of electronic health records in a public cloud environment. In detail, this scheme employs a novel weighted access tree to eliminate redundant attributes, utilizes encryption version information to control user revocation, and establishes Merkle Hash Tree for data integrity verification. We prove that our scheme is resistant against chosen plaintext attack. The experimental results demonstrate that our scheme has significant computational efficiency advantages compared to related works, without increasing storage or communication overhead. Therefore, the RVWABE-CA scheme can provide an efficient and flexible weighted collaborative access control and user revocation mechanism as well as data integrity verification for electronic health record systems.</p>","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":"268 1","pages":""},"PeriodicalIF":3.9000,"publicationDate":"2024-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cybersecurity","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1186/s42400-024-00211-1","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The encryption of user data is crucial when employing electronic health record services to guarantee the security of the data stored on cloud servers. Attribute-based encryption (ABE) scheme is considered a powerful encryption technique that offers flexible and fine-grained access control capabilities. Further, the multi-user collaborative access ABE scheme additionally supports users to acquire access authorization through collaborative works. However, the existing multi-user collaborative access ABE schemes do not consider the different weights of collaboration users. Therefore, using these schemes for weighted multi-user collaborative access results in redundant attributes, which inevitably reduces the efficiency of the ABE scheme. This paper proposes a revocable and verifiable weighted attribute-based encryption with collaborative access scheme (RVWABE-CA), which can provide efficient weighted multi-user collaborative access, user revocation, and data integrity verification, as the fundamental cornerstone for establishing a robust framework to facilitate secure sharing of electronic health records in a public cloud environment. In detail, this scheme employs a novel weighted access tree to eliminate redundant attributes, utilizes encryption version information to control user revocation, and establishes Merkle Hash Tree for data integrity verification. We prove that our scheme is resistant against chosen plaintext attack. The experimental results demonstrate that our scheme has significant computational efficiency advantages compared to related works, without increasing storage or communication overhead. Therefore, the RVWABE-CA scheme can provide an efficient and flexible weighted collaborative access control and user revocation mechanism as well as data integrity verification for electronic health record systems.

Abstract Image

可撤销和可验证的基于加权属性的加密与云端电子健康记录的协作访问
在使用电子健康记录服务时,用户数据的加密对于保证云服务器上存储数据的安全性至关重要。基于属性的加密(ABE)方案被认为是一种强大的加密技术,可提供灵活、细粒度的访问控制功能。此外,多用户协同访问 ABE 方案还支持用户通过协同工作获得访问授权。然而,现有的多用户协作访问 ABE 方案没有考虑协作用户的不同权重。因此,使用这些方案进行加权多用户协同访问会产生冗余属性,从而不可避免地降低 ABE 方案的效率。本文提出了一种可撤销和可验证的基于加权属性的协同访问加密方案(RVWABE-CA),该方案可提供高效的加权多用户协同访问、用户撤销和数据完整性验证,是在公共云环境中建立促进电子健康记录安全共享的稳健框架的基石。具体而言,该方案采用新颖的加权访问树来消除冗余属性,利用加密版本信息来控制用户撤销,并建立 Merkle 哈希树来进行数据完整性验证。我们证明了我们的方案可以抵御选择明文攻击。实验结果表明,与相关研究相比,我们的方案具有显著的计算效率优势,而且不会增加存储或通信开销。因此,RVWABE-CA 方案可以为电子健康记录系统提供高效灵活的加权协作访问控制和用户撤销机制以及数据完整性验证。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Cybersecurity
Cybersecurity Computer Science-Information Systems
CiteScore
7.30
自引率
0.00%
发文量
77
审稿时长
9 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信