Secure Sharing of Health Files Using Attribute-Based Encryption and Decentralized Networks

  • Leonardo da Costa UFPA
  • Billy Pinheiro UFPA
  • Roberto Araújo UFPA
  • Antônio Abelém UFPA
DOI: https://doi.org/10.5753/sbcas.2018.3682

Abstract


Cloud computing allows on demand storage and sharing of records with high degree of availability. However, storing a health record in a cloud provider requires trusting it for the record security. By mitigating it, current approaches focus on confidentiality and access control. They do not adequately treat data integrity. This paper presents Decentralized Sharing of Health Records (DSHR) protocol, which employs attribute-based cryptography and decentralized networks for secure sharing of health records. The solution treats confidentiality, access control and integrity of records. A DSHR proof of concept was implemented and load tests were executed in order to demonstrate its feasibility.

References

Abbas, A. and Khan, S. U. (2014). A review on the state-of-the-art privacy-preserving approaches in the e-health clouds. IEEE J. Biomedical and Health Informatics, 18(4):1431–1441.

Au, M. H., Yuen, T. H., Liu, J. K., Susilo, W., Huang, X., Xiang, Y., and Jiang, Z. L. (2017). A general framework for secure sharing of personal health records in cloud system. J. Comput. Syst. Sci., 90:46–62.

Azaria, A., Ekblaw, A., Vieira, T., and Lippman, A. (2016). Medrec: Using blockchain for medical data access and permission management. In 2nd International Conference on Open and Big Data, OBD 2016, Vienna, Austria, August 22-24, 2016, pages 25–30.

Benet, J. (2014). IPFS - content addressed, versioned, P2P file system. CoRR, 1407.3561.

Bethencourt, J., Sahai, A., and Waters, B. (2007). Ciphertext-policy attribute-based encryption. In 2007 IEEE Symposium on Security and Privacy, pages 321–334.

Bonneau, J., Miller, A., Clark, J., Narayanan, A., Kroll, J., and Felten., E. (2015). Sok: Research perspectives and challenges for bitcoin and cryptocurrencies. In SP 2015.

Dawoud, M. and Altilar, D. T. (2017). Cloud-based e-health systems: Security and privacy challenges and solutions. In 2017 International Conference on Computer Science and Engineering (UBMK), pages 861–865.

de Melo Silva, L., Araujo, R., da Silva, F. L., and Cerqueira, E. (2014). A new architecture for secure storage and sharing of health records in the cloud using federated identity attributes. In 16th IEEE Healthcom, Natal-RN, Brazil, October 15-18, pages 194–199.

Li, Y., Liang, K., Su, C., and Wu, W. (2017). DABEHR: decentralized attribute-based electronic health record system with constant-size storage complexity. In Green, Pervasive, and Cloud Computing - 12th International Conference, pages 611–626.

Liu, Y., Zhang, Y., Ling, J., and Liu, Z. (2018). Secure and fine-grained access control on e-healthcare records in mobile cloud computing. Future Generation Comp. Syst., 78:1020–1026.

Puthal, D., Sahoo, B. P. S., Mishra, S., and Swain, S. (2015). Cloud computing features, issues, and challenges: A big picture. In 2015 International Conference on Computational Intelligence and Networks, pages 116–123.

Rahulamathavan, Y., Phan, R., Misra, S., and Rajarajan, M. (2017). Privacy-preserving blockchain based iot ecosystem using attribute-based encryption. In IEEE International Conference on Advanced Networks and Telecommunications Systems.

Serrão, C. and Cardoso, E. (2017). Handling confidentiality and privacy on cloud-based health information systems. Journal of Information Privacy and Security, 13(2):51–68.
Published
2018-07-22
How to Cite

Select a Format
DA COSTA, Leonardo; PINHEIRO, Billy; ARAÚJO, Roberto; ABELÉM, Antônio. Secure Sharing of Health Files Using Attribute-Based Encryption and Decentralized Networks. In: BRAZILIAN SYMPOSIUM ON COMPUTING APPLIED TO HEALTH (SBCAS), 18. , 2018, Natal. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2018 . p. 117-128. ISSN 2763-8952. DOI: https://doi.org/10.5753/sbcas.2018.3682.