An Efficient and Secure Revocation-Enabled Attribute-Based Access Control for eHealth in Smart Society

Khan, Shahzad; Iqbal, Waseem; Waheed, Abdul; Mehmood, Gulzar; Khan, Shawal; Zareei, Mahdi; Biswal, Rajesh Roshan

doi:10.3390/s22010336

Cited by 15 publications

(6 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Furthermore, access control for a chain of custody is similar to the access control issue for medical records in a Healthcare Information System. In this case, [24], [25] it provides a solution for the access control model for a collaborative environment in medical records. The analogy applied is a condition where several doctors from different departments handling a patient can access a medical record.…”

Section: Methodsmentioning

confidence: 99%

“…Some of the discussions include the requirements needed when interacting with digital evidence, as presented by [26] and [27], and the use of the Attribute-Based Access Control (ABAC) model to explain access control policies and XACML as an implementation of the policy language used as a hierarchical access control model proposed by [16]. Furthermore, despite the different domains, several access control solutions in the medical record/health record submitted by [25], [28] can be used to build access control solutions relevant to digital evidence.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

ABAC as Access Control Solution for Digital Evidence Storage

Priyambodo,

Prayudi,

Budiarto

2024

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

Digital evidence is content that must be protected against access and use by parties who should not have the authority to do so. Some protection parameters for access to digital evidence must be implemented to ensure its integrity and authenticity. Access to digital evidence is not enough to be facilitated only with authorization and authentication mechanisms but must also be facilitated with other aspects of access by users according to their level of authority. One approach is to use the concept of access control. The study of access control to digital evidence is essential. However, studies on this matter are still limited. Among the many access control models, the application of access control based on attribute variations is a concept that can be applied to the context of access to digital evidence. This paper discusses policy design and modeling using attribute-based access control (ABAC) with four attributes: subject, resource, action, and environment. Then, it implements and tests various requests to the system based on attribute variations and possible algorithms. This study supports the security of digital evidence storage systems through access control to the resources it manages using the Policy Statement, Policy Modeling, Policy Implementation, and Policy Validation approaches. The application of the access control design shows that the ABAC concept has been successfully applied as an access control solution for digital evidence stored in digital evidence storage systems. The built policy design was successfully validated using ACPT Tools, concluding that there was no inconsistency or incompleteness.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

ABAC as Access Control Solution for Digital Evidence Storage

Priyambodo,

Prayudi,

Budiarto

2024

Int. J. Adv. Sci. Eng. Inf. Technol.

View full text Add to dashboard Cite

show abstract

“…Attackers can tamper with the devices, extract sensitive data, or inject malicious code. Implementing physical security measures such as tamper-resistant packaging, secure device placement, and access control to WBAN infrastructure can mitigate these risks [60], [61].…”

Section: Physical Access To Devicesmentioning

confidence: 99%

Current security and privacy posture in wireless body area networks

Auko¹

2023

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

Wireless Body Area Networks (WBANs) have emerged as a promising technology for remote health monitoring and healthcare applications. However, ensuring the security and privacy of sensitive health data in WBANs is crucial to foster user trust and prevent unauthorized access or data breaches. This paper provides an overview of the key challenges, techniques, and research gaps in WBAN security and privacy. The findings indicate that the challenges in WBAN security and privacy include resource constraints, compatibility issues, privacy concerns, dynamic network environments, security and usability trade-offs, emerging threat landscape, and user awareness and education. To address these challenges, various security techniques have been developed, such as authentication and authorization mechanisms, encryption, access control, secure communication protocols, intrusion detection systems, and privacy-preserving data handling techniques. Despite the progress made, there are research gaps that require further investigation. These research gaps include the development of secure and lightweight authentication mechanisms, privacy-preserving data analysis techniques, trust and security management frameworks, resilience to insider threats, security of data aggregation and fusion, user-centric security designs, and addressing legal and ethical considerations. Addressing these research gaps and challenges requires collaboration between researchers, device manufacturers, policymakers, and end-users. Ongoing research and innovation are necessary to develop robust security techniques, privacy-enhancing technologies, and user-friendly solutions tailored for WBANs. Additionally, compliance with privacy regulations, user education, and awareness are critical for responsible and ethical use of WBANs.

show abstract

“…The revocation process is implemented to revoke malicious users or attributes, to increase security efficiency. However, this can lead to various attacks due to lack of time-based revocation [20]. In this paper, secure access control-based sharing of data is carried out in a decentralized manner.…”

Section: Introductionmentioning

confidence: 99%

Dynamic Secure Access Control and Data Sharing Through Trusted Delegation and Revocation in a Blockchain-Enabled Cloud-IoT Environment

Alshehri

Bamasag

Alghazzawi

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

The Internet of Things (IoT) is vulnerable to leakage of private information during data sharing. To avoid this problem, access control and secure data sharing have been introduced in IoT; however, many challenges are faced because of centralized access control and single delegator selection. Additionally, blockchain is integrated into IoT to enhance the security of the environment. For that purpose, this research proposes Dynamic Secure Access Control using Blockchain (DSA-Block) model, which performs secure access control and data sharing. Initially, the IoT device attributes and user attributes are registered at a local domain authority (LDA) for generating private and public keys using the Hyperelliptic Curve Cryptography (HECC) algorithm, which ensures the legitimacy of the users and devices. Then, the IoT devices send a request message to the edge nodes via a gateway, which performs request filtration by validating the user's authenticity. The filtered requests are sent to the edge server to perform access delegation using Rock Hyraxes Swarm Optimization (RHSO), which selects a set of delegator nodes. The access control decision is made by using the Trusted Practical Byzantine Fault Tolerance (PBFT) consensus algorithm. The IoT data are stored in the cloud server for secure storage, in which the data are secured using a differential privacy mechanism. Finally, dual revocations, such as user attribute revocation and user revocation, are used to maintain security. The performance of DSA-Block is evaluated and the results demonstrate that the proposed DSA-Block model achieves superior performance compared to previous works.

show abstract

An Efficient and Secure Revocation-Enabled Attribute-Based Access Control for eHealth in Smart Society

Cited by 15 publications

References 34 publications

ABAC as Access Control Solution for Digital Evidence Storage

ABAC as Access Control Solution for Digital Evidence Storage

Current security and privacy posture in wireless body area networks

Dynamic Secure Access Control and Data Sharing Through Trusted Delegation and Revocation in a Blockchain-Enabled Cloud-IoT Environment

Contact Info

Product

Resources

About