Cloud-based Fine-grained Health Information Access Control Framework for Lightweight IoT Devices with Dynamic Auditing and Attribute Revocation
The eHealth trend has spread globally. Internet of Things (IoT) devices for medical service and pervasive Personal Health Information (PHI) systems play important roles in the eHealth environment. A cloud-based PHI system appears promising but raises privacy and information security concerns. We propose a cloud-based fine-grained health information access control framework for lightweight IoT devices with data dynamics auditing and attribute revocation functions. Only symmetric cryptographyis required for IoT devices, such as wireless body sensors. A variant of cipher text-policy attribute-based encryption, dual encryption, and Merkle hash trees are used to support fine-grained access control, efficient dynamic data auditing, batch auditing, and attribute revocation. Moreover, the proposed scheme also defines and handles the cloud reciprocity problem wherein cloud service providers can help each other avoid fines resulting from data loss. Security analysis and performance comparisons show that the proposed scheme is an excellent candidate for a cloud-based PHI system.
- System : Pentium Dual Core.
- Hard Disk : 120 GB.
- Monitor : 15’’ LED
- Input Devices : Keyboard, Mouse
- Ram : 1 GB.
- Operating system : Windows 7.
- Coding Language : NET,C#.NET
- Tool : Visual Studio 2008
- Database : SQL SERVER 2005
Lo-Yao Yeh, Pei-Yu Chiang, Yi-Lang Tsai, and Jiun-Long Huang, IEEE Member, “Cloud-based Fine-grained Health Information Access Control Framework for Lightweight IoT Devices with Dynamic Auditing and Attribute Revocation”, IEEE Transactions on Cloud Computing, 2018.