Author : Balne Sridevi 1
Date of Publication :23rd February 2018
Abstract: In today’s world, there are many new challenges for the security of data and access control when users outsource sensitive data for sharing on third party server known as cloud servers, which are not within the same trusted domain as data owners. The existing technique used to maintain the confidentiality of personal medical record (PMR) against untrusted servers by disclosing data decryption keys only to authorized users. However, in doing so, these solutions inevitably introduce complexity in key management also burden on the data owner in data management well as in key management. The problem of simultaneously achieving security and data confidentiality and ingrainedness of access control still remains unresolved. This paper addresses this challenge 1) Key management, 2) Defining and enforcing access policies based on data attributes, and, 3) Keyword search over the encrypted data. PMR(patient medical record)system users need to deal with complicated key management problem to accomplish fine-grained access control when their PMRs are encrypted using symmetric key cryptography or asymmetric key cryptography.With our scheme multi-authority attribute based access control (MAABAC) we can reduce the key management complexity for owners and users. For this users are divided into the two domains; professional domain and personal domain. To achieve security of PMR, key management, user revocation and efficient keyword search exploiting KP-ABE, Multi-authority attribute based access control(MA-ABAC), and uniquely combining it with techniques of proxy re-encryption.
Reference :
-
- M. Abdalla, M. Bellare, D. Catalano, E. Kiltz, T. Kohno, T. Lange, J. Malone-Lee, G. Neven, P. Paillier, and H. Shi. Searchable encryption revisited: Consistency properties, relation to anonymous ibe, and extensions. J. Cryptology, 21(3):350–391, 2008.
- J. Baek, R. Safavi-Naini, and W. Susilo. On the integration of public key data encryption and public key encryption with keyword search. In ISC, vol. 4176 of LNCS, pp. 217–232. Springer, 2006.
- M. Bellare, A. Boldyreva, and A. O’Neill. Deterministic and efficiently searchable encryption. In CRYPTO, vol. 4622 of LNCS, pp. 535–552. Springer, 2007.
- S. Benabbas, R. Gennaro, and Y. Vahlis. Verifiable delegation of computation over large datasets. In CRYPTO, vol. 6841 of LNCS, pp. 111–131. Springer, 2011.
- D. Boneh, G. D. Crescenzo, R. Ostrovsky, and G. Persiano. Public key encryption with keyword search. In EUROCRYPT, vol. 3027 of LNCS, pp. 506–522. Springer, 2004.
- Wang B, Yu S, Lou W, Hou T (2014) PrivacyPreserving Multi-Keyword Fuzzy Search over Encrypted Data in the Cloud. In: INFOCOM’14. IEEE, Piscataway, N.J, USA. pp 2112–2120
- Cao N, Wang C, Li M, Ren K, Lou W (2014) Privacy-preserving multi-keyword ranked search over encrypted cloud data. In: IEEE Transactions on Parallel and Distributed Systems. IEEE, Piscataway, N.J, USA Vol. 25, no. 1. pp 222–233
- C. Bosch, Q. Tang, P. H. Hartel, and W. Jonker. Selective document ¨ retrieval from encrypted database. In ISC, vol. 7483 of LNCS, pp. 224– 241. Springer, 2012.
- J. Camenisch, M. Kohlweiss, A. Rial, and C. Sheedy. Blind and anonymous identity-based encryption and authorised private searches on public key encrypted data. In PKC, vol. 5443 of LNCS, pp. 196–214. Springer, 2009.
- N. Cao, C. Wang, M. Li, K. Ren, and W. Lou. Privacy-preserving multikeyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst., 25(1):222–233, 2014.