The eHealth trend has spread globally. Internet of Things (IoT) devices for medical service and pervasive Personal Health Information (PHI) systems play important roles in the eHealth environment. A cloud-based PHI system appears promising but raises privacy and information security concerns. We propose a cloud-based fine-grained health information access control framework for lightweight IoT devices with data dynamics auditing and attribute revocation functions. Only symmetric cryptography is required for IoT devices, such as wireless body sensors. A variant of ciphertext-policy attribute-based encryption, dual encryption, and Merkle hash trees are used to support fine-grained access control, efficient dynamic data auditing, batch auditing, and attribute revocation. Moreover, the proposed scheme also defines and handles the cloud reciprocity problem wherein cloud service providers can help each other avoid fines resulting from data loss. Security analysis and performance comparisons show that the proposed scheme is an excellent candidate for a cloud-based PHI system.
using a variant of CP-ABE as a message to fulfill the goal of sophisticated access control. Then, the CSP can compute the Access Decryption Key (ADK) if and only if the DAR is entitled to obtain the TSK. Finally, the DAR can decrypt the encrypted PHI by integrating 𝐴𝑇𝐾 ̃ and ADK. Conversely, the functions of batch auditing depend on aggregated Boneh–Lynn–Shacham (BLS) technology. The concept of dual encryption is adopt- ed to adjust the CP-ABE to equip the attribute revocation func- tion. CSP constructs an MHT to perform efficient block audit- ing and data dynamics.
Similarly to , we adopt a tree access structure to enforce fine-grained access control over PHI. In the access tree struc- ture, the interior nodes and leaves represent a threshold gate and the real health attributes, respectively.we illus- trate possible access trees based on different privacy levels’PHI, where the threshold value 3 in the root of level-2 can be regarded as an “AND” gate. In a level-1 access tree, if the DAR satisfies two of the three attributes, he or she can access the level-1 PHI.PHI, where the threshold value 3 in the root of level-2 can be regarded as an “AND” gate. In a level-1 access tree, if the DAR satisfies two of the three attributes, he or she can access the level-1 PHI.
At first, the patient’s PHI data collected by IoT devices are encrypted using symmetric encryption (e.g., AES ) by the shared key to HSP. HSP plays the important role in the proposed scheme of enforcing fine-grained access control on PHI. First, HSP en- crypts the plaintext PHI using a Data Encryption Key (DEK). Note that the DEK is an elaborate combination of Tree Secret Key (TSK) and Access Secret Key and cannot be derived by any single CSP or DAR.
(IoT) devices for medical service are an emerging technology for caring for disabled or chronic pa- tients. Combined with wearable medical sensors and wireless communication, IoT devices can gather patients’ health-related parameters remotely and continuously. As a result, the elec- tronic Health (eHealth) care business is emerging. The eHealth vision is to utilize state-of-the-art medical technologies to pro- long life expectancy significantly. Imagine physicians being able to access a tourist’s Personal Health Information (PHI) regarding food allergy history from a medical record for a rap- id diagnosis. A patient with chronic heart disease uses body sensors to detect irregular blood pressure and rushes to the hospital in time to survive. In these scenarios, the patient’s medical record plays a key role in diagnosis; therefore, perva- sive PHI service is essential for doctors and nurses to offer real- time treatment.
One solution for an effective PHI system is to adopt a cloud- based storage to mitigate the burden of building and mainte- nance cost. However, outsourced PHI faces the challenge of security and privacy issues, for instance, how to ensure that only the authorized requester can access the sensitive PHI or to prevent a semi-trusted Cloud Service Provider (CSP) from leaking stored information. In addition, the Health Insurance Portability and Accountability Act (HIPAA)  comprises a list of privacy requirements for protecting confidentiality from the data storage server. Data integrity at a semi-trusted CSP is an- other important concern. CSPs facing occasional catastrophic failures might decide to hide data errors from a patient for their own benefit. Although the data owner backs up his or her extremely important data in multiple CSPs, some CSPs might exercise mutual aid to avoid the huge cost of data loss. We call this the cloud reciprocity problem. The fact that a stored PHI would not only be accessed by medical workers but also up- dated by the patient requires support for data integrity verifi- cation for dynamic data operations.
We propose a fine-grained health information access control framework in the cloud for lightweight IoT devices with data dynamics auditing and attribute revocation functions. Regard- ing security and privacy, we use Ciphertext-Policy Attribute- Based Encryption (CP-ABE)to perform fine-grained access control on the part of a decryption key that is used to decrypt sensitive patient PHI.
Basically, each Data Access Requester (DAR) has his/her own private keys associated with a set of attributes, and an essential decryption parameter TSK specifies an access policy over a defined universe of attributes. DAR can extract TSK to decrypt the encrypted PHI if and only if his/her attributes satisfy the access policy.
In this paper, we proposed a lightweight access control frame- work suitable for healthcare IoT devices to achieve the func- tions of fine-grained access control, efficient revocation, and dynamic data verification. To the best of our knowledge, this work is the first framework with complete functions for cloud- based PHI systems.
Lightweight IoT devices use only symmet- ric encryption to upload PHIs to HSP. Both efficient single- block and batch auditing are fully supported. Moreover, this paper first defines and handles a potential security issue—the cloud reciprocity problem. The security analysis and perfor- mance evaluation results show that our scheme is a promising framework for cloud-based PHI systems.