基于区块链的多权限属性隐藏电子病历共享方案

doi:10.11959/j.issn.2096-109x.2022044

Abstract

Abstract:

Currently, there is no data exchanging and sharing between different hospitals, and it is easy to form data islands.At the same time, regional medical data contains a large amount of sensitive information of patients.The public acquisition, sharing and circulation of these data will lead to malicious tampering, theft, abuse and loss of ownership, thereby revealing patient privacy.In addition, the size of medical data is enormous and the data is unstructured, then it is more difficult to prevent and hold accountable some highly targeted malicious attacks, such as malicious attacks on medical data theft, tampering, and extortion.In view of the above problems, a blockchain-based on multi-authority attribute hidden electronic medical record sharing scheme was proposed to achieve fine-grained access to shared electronic medical records while ensuring patient privacy.The Multi-Authorization Attribute Encryption (MA-ABE) algorithm was introduced, which used multi-authority organizations to manage decentralized attributes.It also used hash functions to identify different users, in order to effectively resist collusion attacks between users with different authorizations.Besides, the linear secrets sharing scheme (LSSS) was used to realize partial hiding of attributes, and the attributes were divided into two parts:attribute name and attribute value.In addition, combined with the characteristics of blockchain openness, transparency and tamper-proof, the design of access policy can update the algorithm.Based on the access policy update algorithm, the policy block was added.The new access policy was uploaded to the blockchain to form a policy update traceability chain, which can realize distributed and reliable access control management under the condition of hidden policy.It can also support data privacy protection at the same time, and traceability of user behavior.The theoretical proof and experimental analysis have proved that this scheme protect attribute privacy effectively, while reduces computational overhead.

Key words: hidden attribute, blockchain, attribute encryption, privacy protection, data sharing

CLC Number:

TP393

Lin JIN, Youliang TIAN. Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain[J]. Chinese Journal of Network and Information Security, 2022, 8(4): 66-76.

Figures/Tables 6

参数	含义
θ	属性加密算法的系统安全参数
PK_aid	机构aid的系统主公钥
SK_aid	机构aid的系统主私钥
GP	全局参数
S_aid,uid	对应机构aid的用户uid的属性集
GID	参与者的身份唯一标识
K_aid,uid	对应机构aid的用户uid的属性密钥
UK_uid	用户uid的身份认证密钥
TK_i,uid	用户uid的转换密钥
M_i	l×n型访问矩阵 $M$ 的第i行
ρ (i)	函数ρ将矩阵 $M$ 的第i行映射到属性
s	秘密共享密钥
λ	秘密共享份额
v	加密算法所选择的随机向量
m	待加密的明文
σ	用户签名
CT	密文
IT	中间密文
En(s)	保留加密信息

References 34

[1]	SAHAI A , WATERS B R . Fuzzy identity-based encryption[C]// 24th Annual International Conference on Theory and Applications of Cryptographic Techniques. 2004: 457-473.
[2]	LI H , YANG Y , DAI Y ,et al. Achieving secure and efficient dynamic searchable symmetric encryption over medical cloud data[J]. IEEE Transactions on Cloud Computing, 2020,8(2): 484-494.
[3]	LI H , LIU D , DAI Y ,et al. Personalized search over encrypted data with efficient and secure updates in mobile clouds[J]. IEEE Transactions on Emerging Topics in Computing, 2018,6(1): 97-109.
[4]	WANG S , ZHANG Y , ZHANG Y . A blockchain-based framework for data sharing with fine-grained access control in decentralized storage systems[J]. IEEE Access, 2018,6: 38437-38450.
[5]	GOYAL V , PANDEY O , SAHAI A ,et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// 13th ACM conference on Computer and Communications Security. 2006: 89-98.
[6]	BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption[C]// 2007 IEEE Symposium on Security and Privacy (SP '07). 2007: 321-334.
[7]	ZHANG Y , ZHENG D , DENG R H . Security and privacy in smart health:Efficient policy-hiding attribute-based access control[J]. IEEE Internet Things, 2018,5(3): 2130-2145.
[8]	WU A , ZHANG Y , ZHENG X ,et al. Efficient and privacy-preserving traceable attribute-based encryption in blockchain[J]. Ann.Telecommun., 2019,74(7-8): 401-411.
[9]	MIAO Y , MA J , LIU X ,et al. Lightweight fi-ne-grained search over encrypted data in fog computing[J]. IEEE Transactions on Services Computing, 2019,12(5): 772-785.
[10]	CHASE M , . Multi-authority attribute-based encryption[C]// Proceedings of Cryptography Conference on Theory of Cryptography (TCC'07). 2007: 515-534.
[11]	LIN H , CAO Z F , LIANG X . Secure threshold multi-authority attribute-based encryption without a central authority[C]// Proceedings of International Conference on Cryptology. 2008: 426-436.
[12]	LEWKO A , WATERS B . Decentralizing attribute-based encryption[C]// Proceedings of International Conference on the Theory and Applications of Cryptographic Techniques. 2011: 568-588.
[13]	QIAN H L , LI J G , ZHANG Y C ,et al. Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation[J]. International Journal of Information Security, 2015(14): 487-497.
[14]	ZHONG H , ZHU W , XU Y ,et al. Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage[J]. Soft Computing A Fusion of Foundations Methodologies ＆Applicaitons, 2018,22(1): 243-251.
[15]	YAN X , LIU Y , LI Z ,et al. Multi-authority attribute-based encryption scheme with policy dynamic updating[J]. Journal on Communications, 2017,38(10): 94-101.
[16]	ZHANG P , CHEN Z , LIU J K ,et al. An efficient access control scheme with outsourcing capability and attribute update for fog computing[J]. Future Generation Computer Systems, 2018,78: 753-762.
[17]	DI FRANCESCO MAESA D , MORI P , RICCI L . A blockchain based approach for the definition of auditable access control systems[J]. Computers ＆ Security, 2019,84: 93-119.
[18]	LI R , SONG T , MEI B ,et al. Blockchain for large-scale internet of things data storage and protection[J]. IEEE Transactions on Services Computing, 2019,12(5): 762-771.
[19]	DORRI A , KANHERE S S , JURDAK R ,et al. Blockchain for IoT security and privacy:The case study of a smart home[C]// 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). 2017: 618-623.
[20]	DING S , CAO J , LI C ,et al. A novel attribute-based access control scheme using blockchain for IoT[J]. IEEE Access, 2019,7: 38431-38441.
[21]	MAESA D D F , MORI P , RICCI L . Blockchain based access control[C]// 2017 IFIP International Conference on Distributed Applications and Interoperable Systems. 2017: 206-220.
[22]	LAI J , DENG R H , LI Y . Fully secure cyphertext-policy hiding CP-ABE[C]// 2011 International Conference on Information Security Practice and Experience. 2011: 24-39.
[23]	WANG H , NING J , HUANG X ,et al. Secure fine-grained encrypted keyword search for e-healthcare cloud[C]// IEEE Transactions on Dependable and Secure Computing. 2021: 1307-13019.
[24]	CUI H , DENG R H , WU G ,et al. An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures[C]// 2016 International Conference on Provable Security. 2016: 19-38.
[25]	YANG K , HAN Q , LI H ,et al. An efficient and fine-grained big data access control scheme with privacy-preserving policy[J]. IEEE Internet Things, 2017,4(2): 563-571.
[26]	NISHIDE T , YONEYAMA K , OHTA K . Attribute-based encryption with partially hidden encryptor-specified access structures[C]// 2008 International Conference on Applied Cryptography and Network Security. 2008: 111-129.
[27]	HUR J . Attribute-based secure data sharing with hidden policies in smart grid[J]. IEEE Transactions on Parallel\＆ Distributed Systems, 2013,24(11): 2171-2180.
[28]	QI H , YING H Z , HUI L . Efficient and robust attribute-based encryption supporting access policy hiding in Internet of Things[J]. Future Generation Computer Systems, 2018,83: 269-277.
[29]	WANG Y , FAN K . Effective CP-ABE with hidden access policy[J]. Journal of Computer Research and Development, 2019,56(10): 2151-2159.
[30]	LIU Y , DU R . Efficient partially policy-hidden with multi-authority for access control scheme in Internet of Things[C]// 2020 International Conference on Networking and Network Applications (NaNA). 2020: 375-380.
[31]	YANG K , JIA X , REN K . Secure and verifiable policy update out-sourcing for big data access control in the cloud[J]. IEEE Transactions on Parallel and Distributed Systems, 2015,26(12): 3461-3470.
[32]	LIU D , LI H , YANG Y ,et al. Achieving multi-authority access control with efficient attribute revocation in smart grid[C]// 2014 IEEE Inter-national Conference on Communications. 2014: 634-639.
[33]	HUANG X F , TAO Q , QIN B D ,et al. Multi-authority attribute based encryption scheme with revocation[C]// 2015 IEEE International Conference on Computer Communication ＆ Networks. 2015: 1-5.
[34]	田有亮, 杨科迪, 王缵 ,等. 基于属性加密的区块链数据溯源算法[J]. 通信学报, 2019,40(11): 101-111.
	TIAN Y L , YANG K D , WANG Z ,et al. Algorithm of blockchain data provenance based on ABE[J]. Journal on Communications, 2019,40(11): 101-111.

Metrics

Recommended 0

No Suggested Reading articles found!

方案	授权类型	访问结构	隐藏策略	外包解密	访问策略更新
文献[23]	多授权	LSSS	是	否	否
文献[24]	单授权	AND	否	是	否
文献[25]	多授权	LSSS	是	否	否
本文方案	多授权	LSSS	是	是	是

Multi-authority attribute hidden for electronic medical record sharing scheme based on blockchain

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 6

References 34

Related Articles 15

Metrics

Recommended 0

[1]	Zhao CAI, Tao JING, Shuang REN. Survey on Ethereum phishing detection technology [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 21-32.
[2]	Jianlong XU, Jian LIN, Yusen LI, Zhi XIONG. Distributed user privacy preserving adjustable personalized QoS prediction model for cloud services [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 70-80.
[3]	Heli WANG, Qiao YAN. Selfish mining detection scheme based on the characters of transactions [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 104-114.
[4]	Beiyuan YU, Shanyao REN, Jianwei LIU. Overview of blockchain assets theft attacks and defense technology [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 1-17.
[5]	Zhe SUN, Hong NING, Lihua YIN, Binxing FANG. Preliminary study on the construction of a data privacy protection course based on a teaching-in-practice range [J]. Chinese Journal of Network and Information Security, 2023, 9(1): 178-188.
[6]	Fei TANG, Ning GAN, Xianggui YANG, Jinyang WANG. Anti malicious KGC certificateless signature scheme based on blockchain and domestic cryptographic SM9 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 9-19.
[7]	Xue BAI, Baodong QIN, Rui GUO, Dong ZHENG. Two-party cooperative blind signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 39-51.
[8]	Min XIAO, Tao YAO, Yuanni LIU, Yonghong HUANG. Dynamic and efficient vehicular cloud management scheme with privacy protection [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 70-83.
[9]	Chenxin LU, Bing CHEN, Ning DING, Liquan CHEN, Ge WU. Identity-based anonymous cloud auditing scheme with compact tags [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 156-168.
[10]	Shengzhi MING, Jianming ZHU, Zhiyuan SUI, Xian ZHANG. Online medical privacy protection strategy under information value-added mechanism [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 169-177.
[11]	Tao JIANG, Hang XU, Liangmin WANG, Jianfeng MA. Proof of storage with corruption identification and recovery for dynamic group users [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 75-87.
[12]	Dan LIN, Kaixin LIN, Jiajing WU, Zibin ZHENG. Bytecode-based approach for Ethereum smart contract classification [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 111-120.
[13]	Xian ZHANG, Jianming ZHU, Zhiyuan SUI, Shengzhi MING. Analysis on anonymity and regulation of digital currency transactions based on game theory [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 150-157.
[14]	Liquan CHEN, Xiao LI, Zheyi YANG, Sijie QIAN. Blockchain-based high transparent PKI authentication protocol [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 1-11.
[15]	Wenbo ZHANG, Simin CHEN, Lifei WEI, Wei SONG, Dongmei HUANG. State-of-the-art survey of smart contract verification based on formal methods [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 12-28.