A Lightweight Policy Update Scheme for Outsourced Personal Health Records Sharing

Fugkeaw, Somchart

doi:10.1109/access.2021.3071150

Cited by 8 publications

(1 citation statement)

References 16 publications

(23 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These costs are non-trivial. Previous studies [10], [11], [12], [13] proposed the outsourced policy update technique based on either ciphertext update [11], [12], [13] or proxy re-encryption (PRE) [10]. However, the cost of ciphertext update is still based on the partial computation of CP-ABE while the PRE relies on the proxy which is vulnerable to a single point of failure.…”

Section: Introductionmentioning

confidence: 99%

Secure and Lightweight Blockchain-Enabled Access Control for Fog-Assisted IoT Cloud Based Electronic Medical Records Sharing

2023

Self Cite

View full text Add to dashboard Cite

As for the advancement of IoT and cloud computing in healthcare, outsourcing encrypted Electronic medical records (EMRs) created by the aggregation of medical treatment applications and health data collected from IoT devices enables high accessibility, effective collaboration, and zero computational operation cost. Current applications and research works generally concern the privacy of the finest EMRs that are encrypted with secure and lightweight cryptographic protocols before they are outsourced to the cloud. However, this process does not consider the security and privacy of the data collected by IoT devices, where the data being transferred can be leaked before they are aggregated. Furthermore, existing IoT-cloud based access control solutions have not addressed the outsourced encryption, privacy of IoT data transmission and aggregation, and the policy update of the EMRs in an integrated manner. In this paper, we propose an access control scheme called LightMED which provides secure, fine-grained, and scalable EMR sharing in a cloud-based environment integrated with fog computing, CP-ABE, and blockchain technology. We propose a secure IoT data transmission and aggregation method based on lightweight encryption and digital signing. At the core, we introduce outsourced encryption with a privacy-preserving access policy scheme and an outsourced encryption and decryption algorithm leveraged by the collaboration between fog nodes and blockchain. In addition, we introduce a novel lightweight policy update algorithm to enable the data owners of EMRs to effectively manage their policies in a secure and effective manner. Finally, we performed the comparative analysis to illustrate the computation cost and conducted experiments to evaluate the performance of our scheme and related works. The experimental results showed that our scheme outperformed existing works since it yielded least processing cost of both encryption and decryption at end-users' devices, which demonstrates the higher efficiency and practicality of our scheme.

show abstract