Access control scheme for medical data based on PBAC and IBE
Due to the large amount of personal privacy information contained,the medical big data formed in the health care industry was faced with potential threats of both external attacks and internal data leakages.However,traditional access control technology didn’t take into account the important role of...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2015-12-01
|
| Series: | Tongxin xuebao |
| Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2015329/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841539583846645760 |
|---|---|
| author | Yi-ting ZHANG Yu-chuan FU Ming YANG Jun-zhou LUO |
| author_facet | Yi-ting ZHANG Yu-chuan FU Ming YANG Jun-zhou LUO |
| author_sort | Yi-ting ZHANG |
| collection | DOAJ |
| description | Due to the large amount of personal privacy information contained,the medical big data formed in the health care industry was faced with potential threats of both external attacks and internal data leakages.However,traditional access control technology didn’t take into account the important role of user access purpose in the access control schemes that emphasized data privacy,and existing symmetric and asymmetric encryption technologies both face problems such as the complexity of key and certificate management.To address these problems,a novel access control scheme based on PBAC model and IBE encryption technology was proposed,which could provide flexible access control of encrypted medical data.By introducing the concept of conditioned purpose,the PBAC model was extended to achieve full coverage of purpose trees.Furthermore,the scheme used patient ID,conditioned bit and intended purpose as the IBE public key,with which patients’ data were encrypted.Only users who pass the authentication and whose access purposes conform to the intended purposes can obtain the corresponding private keys and the encrypted data,thereby achieving access to patients’ information.Experimental results prove that the scheme can achieve the goals of fine-grained access control and privacy protection with high performance. |
| format | Article |
| id | doaj-art-6b479c5eee8e4e73b3ab06a64c4c589a |
| institution | Kabale University |
| issn | 1000-436X |
| language | zho |
| publishDate | 2015-12-01 |
| publisher | Editorial Department of Journal on Communications |
| record_format | Article |
| series | Tongxin xuebao |
| spelling | doaj-art-6b479c5eee8e4e73b3ab06a64c4c589a2025-01-14T06:54:13ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2015-12-013620021159697341Access control scheme for medical data based on PBAC and IBEYi-ting ZHANGYu-chuan FUMing YANGJun-zhou LUODue to the large amount of personal privacy information contained,the medical big data formed in the health care industry was faced with potential threats of both external attacks and internal data leakages.However,traditional access control technology didn’t take into account the important role of user access purpose in the access control schemes that emphasized data privacy,and existing symmetric and asymmetric encryption technologies both face problems such as the complexity of key and certificate management.To address these problems,a novel access control scheme based on PBAC model and IBE encryption technology was proposed,which could provide flexible access control of encrypted medical data.By introducing the concept of conditioned purpose,the PBAC model was extended to achieve full coverage of purpose trees.Furthermore,the scheme used patient ID,conditioned bit and intended purpose as the IBE public key,with which patients’ data were encrypted.Only users who pass the authentication and whose access purposes conform to the intended purposes can obtain the corresponding private keys and the encrypted data,thereby achieving access to patients’ information.Experimental results prove that the scheme can achieve the goals of fine-grained access control and privacy protection with high performance.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2015329/ |
| spellingShingle | Yi-ting ZHANG Yu-chuan FU Ming YANG Jun-zhou LUO Access control scheme for medical data based on PBAC and IBE Tongxin xuebao |
| title | Access control scheme for medical data based on PBAC and IBE |
| title_full | Access control scheme for medical data based on PBAC and IBE |
| title_fullStr | Access control scheme for medical data based on PBAC and IBE |
| title_full_unstemmed | Access control scheme for medical data based on PBAC and IBE |
| title_short | Access control scheme for medical data based on PBAC and IBE |
| title_sort | access control scheme for medical data based on pbac and ibe |
| url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2015329/ |
| work_keys_str_mv | AT yitingzhang accesscontrolschemeformedicaldatabasedonpbacandibe AT yuchuanfu accesscontrolschemeformedicaldatabasedonpbacandibe AT mingyang accesscontrolschemeformedicaldatabasedonpbacandibe AT junzhouluo accesscontrolschemeformedicaldatabasedonpbacandibe |