CESCR: CP-ABE for efficient and secure sharing of data in collaborative ehealth with revocation and no dummy attribute

Kennedy Edemacu, Beakcheol Jang, Jong Wook Kim

Research output: Contribution to journalArticlepeer-review

Abstract

With the rapid advancement of information and communication technologies, there is a growing transformation of healthcare systems. A patient’s health data can now be centrally stored in the cloud and be shared with multiple healthcare stakeholders, enabling the patient to be collaboratively treated by more than one healthcare institution. However, several issues, including data security and privacy concerns still remain unresolved. Ciphertext-policy attribute-based encryption (CP-ABE) has shown promising potential in providing data security and privacy in cloud-based systems. Nevertheless, the conventional CP-ABE scheme is inadequate for direct adoption in a collaborative ehealth system. For one, its expressiveness is limited as it is based on a monotonic access structure. Second, it lacks an attribute/user revocation mechanism. Third, the computational burden on both the data owner and data users is linear with the number of attributes in the ciphertext. To address these inadequacies, we propose CESCR, a CP-ABE for efficient and secure sharing of health data in collaborative ehealth systems with immediate and efficient attribute/user revocation. The CESCR scheme is unbounded, i.e., it does not bind the size of the attribute universe to the security parameter, it is based on the expressive and non-restrictive ordered binary decision diagram (OBDD) access structure, and it securely outsources the computationally demanding attribute operations of both encryption and decryption processes without requiring a dummy attribute. Security analysis shows that the CESCR scheme is secure in the selective model. Simulation and performance comparisons with related schemes also demonstrate that the CESCR scheme is expressive and efficient.

Original languageEnglish
Article numbere0250992
JournalPloS one
Volume16
Issue number5 May
DOIs
Publication statusPublished - 2021 May

Bibliographical note

Publisher Copyright:
© 2021 Edemacu et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

All Science Journal Classification (ASJC) codes

  • General

Fingerprint

Dive into the research topics of 'CESCR: CP-ABE for efficient and secure sharing of data in collaborative ehealth with revocation and no dummy attribute'. Together they form a unique fingerprint.

Cite this