Open AccessHybrid Solution for Privacy-Preserving Access Control for Healthcare Data
Author(s) -
M. B. Smithamol,
S. Rajeswari
Publication year - 2017
Publication title -
advances in electrical and computer engineering
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.254
H-Index - 23
eISSN - 1844-7600
pISSN - 1582-7445
DOI - 10.4316/aece.2017.02005
Subject(s) - upload , cloud computing , computer science , health care , access control , internet of things , computer security , control (management) , internet privacy , information privacy , world wide web , operating system , artificial intelligence , economics , economic growth
The booming in cloud and IoT technologies has accelerated the growth of healthcare system. The IoT devices monitor the patient's health, and upload collected data as Electronic Medical Records (EMRs) to the cloud for storage and sharing. Outsourcing EMRs to the cloud introduce new security and privacy challenges. In this paper, we proposed a novel architecture ensuring security and privacy for the outsourced health records. The proposed model uses partially ordered set (POSET) for constructing the group based access structure and Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to provide fine-grained EMR access control. The modified group based CP-ABE (G-CP-ABE) minimizes the computational overhead by reducing the number of leaf nodes in the access tree. Also, the proposed G-CP-ABE framework merges symmetric encryption and CP-ABE scheme to minimize the overall encryption time. As a result, G-CP-ABE can be used to monitor health conditions even from a resource constrained IoT device. The performance analysis shows the efficiency of the proposed model, making it suitable for practical use