Article: Large universe multi-authority attribute-based PHR sharing with user revocation Journal: International Journal of Computational Science and Engineering (IJCSE) 2019 Vol.19 No.3 pp.376 - 386 Abstract: In the patient-centric model of health information exchange, personal health record (PHR) is often outsourced to third parties, such as cloud service providers (CSPs). Attribute-based encryption (ABE) can be used to realise flexible access control on PHRs in cloud environment. Nevertheless, the issues of scalability in key management, user revocation and flexible attributes remain to be addressed. In this paper, we propose a large-universe multi-authority ciphertext-policy ABE system with user revocation. The proposed scheme achieves scalable and fine-grained access control on PHRs. In our scheme, there are a central authority (CA) and multiple attribute authorities (AAs). When a user is revoked, the system public key and the other users' secret keys need not be updated. Furthermore, because our scheme supports large attribute universe, the number of attributes is not polynomially bounded and the public parameter size does not linearly grow with the number of attributes. Our system is constructed on prime order groups and proven selectively secure in the standard model. Inderscience Publishers - linking academia, business and industry through research

Title: Large universe multi-authority attribute-based PHR sharing with user revocation

Authors: Enting Dong; Jianfeng Wang; Zhenhua Liu; Hua Ma

Addresses: School of Mathematics and Statistics, Xidian University, Xi'an, Shaanxi 710071, China ' State Key Laboratory of Integrated Service Networks (ISN), Xidian University, Xi'an, Shaanxi 710071, China ' School of Mathematics and Statistics, Xidian University, Xi'an, Shaanxi 710071, China ' School of Mathematics and Statistics, Xidian University, Xi'an, Shaanxi 710071, China; State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China

Abstract: In the patient-centric model of health information exchange, personal health record (PHR) is often outsourced to third parties, such as cloud service providers (CSPs). Attribute-based encryption (ABE) can be used to realise flexible access control on PHRs in cloud environment. Nevertheless, the issues of scalability in key management, user revocation and flexible attributes remain to be addressed. In this paper, we propose a large-universe multi-authority ciphertext-policy ABE system with user revocation. The proposed scheme achieves scalable and fine-grained access control on PHRs. In our scheme, there are a central authority (CA) and multiple attribute authorities (AAs). When a user is revoked, the system public key and the other users' secret keys need not be updated. Furthermore, because our scheme supports large attribute universe, the number of attributes is not polynomially bounded and the public parameter size does not linearly grow with the number of attributes. Our system is constructed on prime order groups and proven selectively secure in the standard model.

Keywords: attribute-based encryption; large universe; multi-authority; personal health record; user revocation.

DOI: 10.1504/IJCSE.2019.101347

International Journal of Computational Science and Engineering, 2019 Vol.19 No.3, pp.376 - 386

Received: 17 Sep 2016
Accepted: 16 Feb 2017
Published online: 05 Aug 2019 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Large universe multi-authority attribute-based PHR sharing with user revocation

Keep up-to-date