Merkle Tree-based Access Structure for Sensitive Attributes in Patient-Centric Data

Merkle Tree-based Access Structure for Sensitive Attributes in Patient-Centric Data
  IJETT-book-cover           
  
© 2022 by IJETT Journal
Volume-70 Issue-6
Year of Publication : 2022
Authors : B. Ravinder Reddy, T. Adilakshmi
DOI : 10.14445/22315381/IJETT-V70I6P213

How to Cite?

B. Ravinder Reddy, T. Adilakshmi, "Merkle Tree-based Access Structure for Sensitive Attributes in Patient-Centric Data," International Journal of Engineering Trends and Technology, vol. 70, no. 6, pp. 106-113, 2022. Crossref, https://doi.org/10.14445/22315381/IJETT-V70I6P213

Abstract
Wearable health care [1] is a prominent technology that allows people to get medical services. Medical data obtained by wearables necessitates immediate and accurate information sharing from any location for improved healthcare decisions. However, during sharing, the security and confidentiality of such patient information will become a key problem. The security of patients' data is critical in medical settings when unwanted access to information is unavoidable. To close the security gap, this study proposes the Merkle Tree-based Access Structure Construction for the CP-ABE model [2], a unique distributed authority and policy-hiding capability approach that provides secure access to patient-sensitive data characteristics. We improve the CPABE access structure by building two access trees, one for sensitive patient information and the other for non-sensitive qualities, to provide fine-grained access control, data privacy, and integrity [1]. We compared the proposed framework to other CP-ABE-based systems that were already in use. It demonstrates that the suggested paradigm provides improved security for clinical services.

Keywords
cpabe, Hash, Merkle tree, pcd, Privacy.

Reference
[1] Siti Dhalila Mohd Satar, Mohamad Afendee Mohamed, Masnida Hussin, Zurina Mohd Hanapi and Siti Dhalila Mohd Satar, Cloudbased Secure Healthcare Framework by using Enhanced Ciphertext Policy Attribute-Based Encryption Scheme International Journal of Advanced Computer Science and Applications (IJACSA), (2021) 12(6).
[2] Xu, R. and Lang, B., A CP-ABE Scheme with Hidden Policy and its Application in Cloud Computing. International Journal of Cloud Computing, 4(4) (2015) 279.
[3] Aldeen, Y. and Salleh, M., Techniques for Privacy-Preserving Data Publication in the Cloud for Smart City Applications. Smart Cities Cybersecurity and Privacy, (2019) 129-145.
[4] (2022) Irwin, L., GDPR | Personal Data vs Sensitive Data: What's the Difference? IT Governance UK Blog.
[5] Meng, F., et.al. Ciphertext-Policy Attribute-Based Encryption with Hidden Sensitive Policy from Keyword Search Techniques in Smart City. EURASIP Journal on Wireless Communications and Networking, 1 (2021).
[6] Meng, F., Cheng, L. and Wang, M. ABDKS: Attribute-Based Encryption with Dynamic Keyword Search in Fog Computing. Frontiers Of Computer Science, 15(5) (2021).
[7] Goyal, V., Pandey, O., Sahai, A. and Waters, B. Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM conference on Computer and communications security - CCS '06, (2006).
[8] Greene, E., Proctor, P. and Kotz, D. Secure sharing of mHealth data streams through cryptographically-enforced access control. Smart Health, 12 (2019) 49-65.
[9] Nishide, T., Yoneyama, K. and Ohta, K. Attribute-based encryption with partially hidden encryptor-specified access structures | Proceedings of the 6th international conference on Applied cryptography and network security, (2022).
[10] Doshi, N. and Jinwala, D. Constant Ciphertext Length in Multi-Authority Ciphertext Policy Attribute Based Encryption. 2011 2nd International Conference on Computer and Communication Technology (ICCCT-2011),
[11] Helil, N. and Rahman, K. CP-ABE Access Control Scheme for Sensitive Data Set Constraint with Hidden Access Policy and Constraint Policy. Security and Communication Networks, (2017) 1-13.
[12] Hur, J., Park, C. and Hwang, S. Fine-Grained User Access Control in Ciphertext-Policy Attribute-Based Encryption. Security and Communication Networks, 5(33) (2011) 253-261.
[13] Lewko, A. and Waters, B. Decentralizing Attribute-Based Encryption. Advances in Cryptology – EUROCRYPT, (2011) 568-588.
[14] Vijayan, V., Connolly, J., Condell, J., McKelvey, N. and Gardiner, P. Review of Wearable Devices and Data Collection Considerations for Connected Health. Sensors, 21(16) (2021) 5589.
[15] Doshi, N. and Jinwala, D. Fully secure ciphertext policy attribute-based encryption with constant length ciphertext and faster decryption. Security and Communication Networks, 7(11) (2013) 1988-2002.
[16] V. Echeverría, L. M. Liebrock and D. Shin, Permission Management System: Permission as a Service in Cloud Computing, IEEE 34th Annual Computer Software and Applications Conference Workshops, (2010) 371-375.
[17] J. Bethencourt, A. Sahai and B. Waters, Ciphertext-Policy Attribute-Based Encryption, 2007 IEEE Symposium on Security and Privacy (SP '07), (2007) 321-334.
[18] D. Meng, E. Luo and G. Wang, A Privacy-Preserving Multi-Authority Attribute-Based Encryption Approach for Mobile Healthcare, IEEE 13th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), (2016) 299-306.
[19] Liu, X., Ma, J., Xiong, J., Li, Q. and Ma, J. Ciphertext-Policy Weighted Attribute Based Encryption for Fine-Grained Access Control. 5th International Conference on Intelligent Networking and Collaborative Systems, (2013).
[20] Longitudinal Patient Records Artifacts. Longitudinal Patient Records Artifacts, www.ibm.com, 12 Apr. (2021).