Aijia Chen scite author profile

et al. 2020

IEEE Access

The sharing of electronic health records (EHRs) has shown great advantages in the accurate treatment of patients and the development of medical institutions. However, it is easy to cause some security problems in the process of medical data sharing. Generally, after a patient's EHRs are generated by different medical institutions, they are outsourced to the cloud server (CS) by the authorized medical institutions for storage, which causes the patient to lose control of EHRs. Moreover, malicious medical institutions and semi-trusted cloud servers may collude to tamper with EHRs to seek benefits, which threatens the integrity of EHRs. Therefore, we propose a blockchain-assisted verifiable outsourced attribute-based signcryption scheme (BVOABSC) which realizes the secure sharing of EHRs in a multi-authority cloud storge environment. Firstly, we use the attribute-based signcryption algorithm to realize the confidentiality and unforgeability of the EHRs and protect the privacy of the signer. Secondly, it greatly reduces the computational burden of users by using verifiable outsourcing computation mechanism. Most of the designcryption calculation is performed by the cloud server, and the correctness of the generated partial designcryption ciphertext is verified by users. Furthermore, we use blockchain technology to protect outsourced EHRs from tampering by illegal users. Specifically, each operation on outsourced EHRs is stored as a transaction on the public blockchain, which ensures that EHRs cannot be modified. At the same time, the auditor can verify the integrity of the outsourced EHRs by checking the corresponding transactions. In addition, the smart contract created by the patient can solve the problems in cloud storage, such as tampering EHRs and returning incorrect results. Finally, security analysis and performance evaluation show that the proposed BVOABSC scheme satisfies stronger security and higher efficiency than similar schemes. INDEX TERMS Attribute-based signcryption, blockchain, cloud storage, electronic health records, verifiable outsourced calculation.

Cloud Storage Data Access Control Scheme Based on Blockchain and Attribute-Based Encryption

Security and Communication Networks

Chen

Wang

et al. 2022

Cloud storage is a popular model of the application in various fields, and the security of storage data and access permission have been widely considered. Attribute-based encryption (ABE) provides fine-grained user access control and ensures data confidentiality. However, current ABE access control schemes rely on trusted cloud servers and provide a low level of security. To solve these problems of traditional encryption schemes, we propose a blockchain-based and ABE cloud storage data access control scheme. In this article, blockchain and smart contract technology are the core elements to ensure data integrity and build a decentralized verification method for outsourcing results. This application can minimize the reliance on servers in the cloud environment. Based on the ciphertext-policy ABE algorithm, the proposed scheme supports a hidden access policy to avoid the risk of privacy leakage. In addition, we adopt outsourcing technology and predetected decryption algorithms to reduce the computational overhead of local and outsourced servers. Security analysis and performance evaluation show that our proposed scheme has high computational efficiency and satisfies the condition of indistinguishability under the chosen-ciphertext attacks.

An environmental monitoring data sharing scheme based on attribute encryption in cloud-fog computing

Chen

et al. 2021

PLoS ONE

Environmental monitoring plays a vital role in environmental protection, especially for the management and conservation of natural resources. However, environmental monitoring data is usually difficult to resist malicious attacks because it is transmitted in an open and insecure channel. In our paper, a new data sharing scheme is proposed by using attribute-based encryption, identity-based signature and cloud computing technology to meet the requirements of confidentiality, integrity, verifiability, and unforgerability of environmental monitoring data. The monitoring equipment encrypts the monitored environmental data and uploads it to the environmental cloud server. Then, monitoring users can request access to the environmental cloud server. If the monitoring user meets the access policy, the plaintext is finally obtained through the fog node decryption. Our proposal mainly uses attribute-based encryption technology to realize the privacy protection and fine-grained access control of monitoring data. The integrity and unforgeability of the monitoring data are ensured by the digital signature. In addition, outsourcing computing technology saves the computing overhead of monitoring equipment and monitoring users. The security analysis illustrates that our proposal can achieve security purposes. Finally, the performance of our proposal and related schemes is evaluated from the aspects of communication overhead and computing overhead. The results indicate that our proposal is secure and efficient in environmental monitoring.

Blockchain-based Searchable Proxy Re-encryption Scheme for EHR Security Storage and Sharing

Chen

et al. 2021

J. Phys.: Conf. Ser.

The sharing of electronic health records (EHR) has shown significant advantages in the accurate diagnosis of patients and the development of medical institutions. However, due to the privacy and sensitivity of medical data, it is easy to cause security issues such as difficulty in data sharing among different medical institutions and easy leakage of data privacy. Because the blockchain has the characteristics of non-tampering, anonymity, and decentralization. We propose a blockchain-based searchable proxy re-encryption scheme for EHR security storage and sharing. First, we use blockchain and cloud server to store encrypted EHR together to prevent EHR from being tampered with and leaked. Secondly, we use a certificateless encryption and proxy re-encryption based on identity and type scheme as a data sharing protocol. Meanwhile, searchable encryption technology is used to generate a keyword index. Moreover, the proxy node is selected by the delegated proof-of-stake (DPOS) consensus algorithm, which ensures the privacy, immutability and security. It realizes the safe access of third-party data users to medical health data. Finally, security analysis and evaluation show that our scheme can resist identity disguise and replay attacks. In addition, it has stronger security and higher efficiency.

Blockchain-based multi-authority revocable data sharing scheme in smart grid

Liao

Shu

et al. 2023

MBE

<abstract> <p>In view of the problems of inefficient data encryption, non-support of malicious user revocation and data integrity checking in current smart grid data sharing schemes, this paper proposes a blockchain-based multi-authority revocable data sharing scheme in the smart grid. Using online/offline encryption technology with hybrid encryption technology enhances the encryption performance for the data owner. The use of user binary tree technology enables the traceability and revocability of malicious users. The introduction of multiple attribute authorization authorities eliminates the threat of collusive attacks that exist in traditional data-sharing schemes. In addition, the semi-honest problem of third-party servers is solved by uploading data verification credentials to the blockchain. The security analysis results show that the scheme can resist selective plaintext attacks and collusion attacks. The performance analysis results show that the proposed scheme has lower computational overhead and better functionality than similar schemes, which is suitable for secure data sharing in smart grids.</p> </abstract>