Fatemeh Rezaeibagha scite author profile

Since cloud computing has been playing an increasingly important role in real life, the privacy protection in many fields has been paid more and more attention, especially, in the field of personal health record (PHR). The traditional ciphertext-policy attribute-based encryption (CP-ABE) provides the fine-grained access control policy for encrypted PHR data, but the access policy is also sent along with ciphertext explicitly. However, the access policy will reveal the users' privacy, because it contains too much sensitive information of the legitimate data users. Hence, it is important to protect users' privacy by hiding access policies. In most of the previous schemes, although the access policy is hidden, they face two practical problems: 1) these schemes do not support large attribute universe, so their practicality in PHR is greatly limited and 2) the cost of decryption is especially high since the access policy is embedded in the ciphertext.To address these problems, we construct a CP-ABE scheme with efficient decryption, where both the size of public parameters and the cost of decryption are constant. Moreover, we also show that the proposed scheme achieves full security in the standard model under static assumptions by using the dual system encryption method.INDEX TERMS Personal health record (PHR), attribute-based encryption, hidden policy, fast decryption.

show abstract

A Systematic Literature Review on Security and Privacy of Electronic Health Record Systems: Technical Perspectives

Rezaeibagha

Win

Susilo

2015

HIM J

View full text Add to dashboard Cite

show abstract

Fully Secure Lightweight Certificateless Signature Scheme for IIoT

Rezaeibagha

Huang

et al. 2019

IEEE Access

View full text Add to dashboard Cite

In recent years, Industrial Internet of Things (IIoT) has become increasingly important for applications in the industry. Inevitably, security for IIoT has become a priority in order to deploy secure applications. Amongst available cryptographic tools, certificateless signature schemes offer sound authentication solutions and avoid public-key certification from Trusted Third Parties (TTP). Certificateless signatures solve the key escrow problem against the dishonest Private Key Generator (PKG) and has considered to be a useful tool for IIoT applications. Recently, Karati et al. (IEEE Trans. Industrial Informatics, vol.14, no. 8, 2018) presented a lightweight certificateless signature scheme for IIoT Environments. This scheme was then broken by Zhang et al. (IEEE Access, vol. 8, 2018) by simply allowing to change the public key of the signer and using the homomorphic property of the original scheme. In this paper, we introduce a new attack to the scheme against the existential unforgeability, which is universal since we do not have to assume homomorphic property. We then introduce an entirely new lightweight certificateless signature scheme, which has been proven to be fully secure against all attacks found earlier. Our scheme is the first lightweight certificateless signature scheme with full security and is the most efficient in comparison with other existing schemes. It is desirable for IIoT applications. We also provide experimental results to justify our claims.

show abstract

Distributed clinical data sharing via dynamic access-control policy transformation

Rezaeibagha

2016

International Journal of Medical Informatics

View full text Add to dashboard Cite

Achieving Intelligent Trust-Layer for Internet-of-Things via Self-Redactable Blockchain

Huang

Zhang

et al. 2020

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Building Redactable Consortium Blockchain for Industrial Internet-of-Things

Huang

Zhang

et al. 2019

IEEE Trans. Ind. Inf.

View full text Add to dashboard Cite

Practical and secure telemedicine systems for user mobility

Rezaeibagha

2018

Journal of Biomedical Informatics

View full text Add to dashboard Cite

The application of wireless devices has led to a significant improvement in the quality delivery of care in telemedicine systems. Patients who live in a remote area are able to communicate with the healthcare provider and benefit from the doctor consultations. However, it has been a challenge to provide a secure telemedicine system, which captures users (patients and doctors) mobility and patient privacy. In this work, we present several secure protocols for telemedicine systems, which ensure the secure communication between patients and doctors who are located in different geographical locations. Our protocols are the first of this kind featured with confidentiality of patient information, mutual authentication, patient anonymity, data integrity, freshness of communication, and mobility. Our protocols are based on symmetric-key schemes and capture all desirable security requirements in order to better serve our objectives of research for secure telemedicine services; therefore, they are very efficient in implementation. A comparison with related works shows that our work contributes first comprehensive solution to capture user mobility and patient privacy for telemedicine systems.

show abstract

Scalable and redactable blockchain with update and anonymity

Huang

Zhang

et al. 2021

Information Sciences

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.