Advancing Personal Health Record Sharing with AES-driven Lightweight Policy Updates

Authors

  • Dasari Revathi  Dayananda Sagar college of engineering, Kumaraswamy Layout, Bangalore, Karnataka, India
  • Prof. Alamma B.H  Professor, Dayananda Sagar college of engineering, Kumaraswamy Layout, Bangalore, Karnataka, India

Keywords:

PHRs, Access Control, Proxy Re-Encryption, Policy Updating, Policy Versioning, Performance Evaluation.

Abstract

In response to the flexible and accessible nature of data outsourcing systems such as cloud computing, numerous healthcare providers have embraced electronic Personal Health Records (PHRs) to empower individual patients in managing their health data within a scalable and robust environment. However, PHRs contain profoundly private and sensitive information necessitating stringent protection measures. Moreover, PHR proprietors must possess both security and autonomy to formulate access rules for their offloaded data. Current commercial cloud platforms commonly provide conventional encryption techniques like symmetric or public key encryption to ensure data confidentiality. However, the existing encryption techniques have limitations when applied to data outsourcing situations. This is primarily because symmetric encryption entails complex key management, and public key encryption systems require substantial resources to maintain numerous copies of encrypted data. To address these challenges, our study introduces an innovative solution: an adaptable access policy update mechanism combined with a robust and precise access control approach for outsourced Personal Health Records (PHRs). Our proposed strategy leverages Proxy Re-Encryption (PRE) and Cipher Text Policy Attribute-Based Encryption (CP-ABE), which collectively mitigate these issues. This approach ensures security, flexibility, and efficient management of outsourced PHRs without the risk of plagiarism. This combination addresses the shortcomings of traditional methods and presents a more effective solution for safeguarding outsourced PHRs.In order to support complete policy change tracing, we additionally offer a policy versioning mechanism. Finally, we evaluated the strategy's performance to demonstrate its viability.

References

  1. A. Sahai and B. Waters, ‘‘Fuzzy identity-based encryption,’’ in Proc. 24th Annu. Int. Conf. Appl. Cryptograph. Technique (EUROCRYPT) (Lecture Notes in Computer Science). Berlin, Germany: Springer, May 2015, pp. 457–473.
  2. J. Bethencourt, A. Sahai, and B. Waters, ‘‘Ciphertext-policy attribute-based encryption,’’ in Proc. IEEE Symp. Secur. Privacy, Oakland, CA, USA, May 2007, pp. 321–334.
  3. L. Cheung, J. Cooley, R. Khazan, and C. Newport, ‘‘Collusion resistant group key management using attribute-based encryption,’’ Cryptol. ePrint Arch., Tech. Rep. 2007/161. [Online]. Available: https://eprint.iacr.org/2007/161.pdf
  4. S. Belguith, N. Kaaniche, and G. Russello, ‘‘PU-ABE: Lightweight attribute-based encryption supporting access policy update for cloud assisted IoT,’’ in Proc. IEEE 11th Int. Conf. Cloud Comput. (CLOUD), Jul. 2018, pp. 924–927.
  5. J. Li, S. Wang, Y. Li, H. Wang, H. Wang, H. Wang, J. Chen, and Z. You, ‘‘An efficient attribute-based encryption scheme with policy update and file update in cloud computing,’’ IEEE Trans. Ind. Informat., vol. 15, no. 12, pp. 6500–6509, Dec. 2019.
  6. M. Mambo and E. Okamoto, ‘‘Proxy cryptosystems: Delegation of the power to decrypt cipher texts,’’ IEICE Trans., vol. E80-A, no. 1, pp. 54–63, 1997.
  7. K. Liang, W. Susilo, and J. K. Liu, ‘‘Privacy-preserving cipher text multisharing control for big data storage,’’ IEEE Trans. Inf. Forensics Security, vol. 10, no. 8, pp. 1578–1589, Aug. 2015. [8] S. Fugkeaw and H. Sato, ‘‘Embedding lightweight proxy re-encryption for efficient attribute revocation in cloud computing,’’ J. High Perform. Comput. Netw., vol. 9, no. 4, pp. 299–309, 2016.
  8. Y. Kawai, ‘‘Outsourcing the re-encryption key generation: Flexible ciphertext-policy attribute-based proxy re-encryption,’’ in Proc. Int. Conf. Inf. Secur. Pract. Exper. (ISPEC), Beijing, China, 2015, pp. 301–315.
  9. X. Liang, Z. Cao, H. Lin, and J. Shao, ‘‘Attribute based proxy re-encryption with delegating capabilities,’’ in Proc. 4th Int. Symp. Inf., Comput., Commun. Secur. (ASIACCS), 2009, pp. 276–286.
  10. L. Touati and Y. Challal, ‘‘Instantaneous proxy-based key update for CPABE,’’ in Proc. IEEE 41st Conf. Local Comput. Netw. (LCN), Dubai, United Arab Emirates, Nov. 2016, pp. 591–594. [12] K. Yang, X. Jia, K. Ren, R. Xie, and L. Huang, ‘‘Enabling efficient access control with dynamic policy updating for big data in the cloud,’’ in Proc. IEEE Conf. Comput. Commun. (INFOCOM), Apr. 2014, pp. 2013–2021.
  11. K. Yang, X. Jia, and K. Ren, ‘‘Secure and verifiable policy update outsourcing for big data access control in the cloud,’ss
  12. S. Fugkeaw and H. Sato, ‘‘Scalable and secure access control policy update for outsourced big data,’’ Future Gener. Comput. Syst., vol. 79, pp. 364–373, Feb. 2018.
  13. L. Cheung and C. Newport, ‘‘Provably secure ciphertext policy ABE,’’ in Proc. 14th ACM Conf. Comput. Commun. Secur. (CCS), Richmond, VI, USA, Oct. 2007, pp. 456–465.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2023-10-30

Issue

Volume 9, Issue 5, September-October-2023

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Dasari Revathi, Prof. Alamma B.H, " Advancing Personal Health Record Sharing with AES-driven Lightweight Policy Updates" International Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 9, Issue 5, pp.66-75, September-October-2023.