scholarly journals CESCR: CP-ABE for efficient and secure sharing of data in collaborative ehealth with revocation and no dummy attribute

PLoS ONE ◽  
2021 ◽  
Vol 16 (5) ◽  
pp. e0250992
Author(s):  
Kennedy Edemacu ◽  
Beakcheol Jang ◽  
Jong Wook Kim
Keyword(s):  
Information And Communication Technologies ◽  
Data Security ◽  
Model Simulation ◽  
Security Analysis ◽  
Health Data ◽  
Security And Privacy ◽  
Access Structure ◽  
Security Parameter ◽  
User Revocation ◽  
Ciphertext Policy

With the rapid advancement of information and communication technologies, there is a growing transformation of healthcare systems. A patient’s health data can now be centrally stored in the cloud and be shared with multiple healthcare stakeholders, enabling the patient to be collaboratively treated by more than one healthcare institution. However, several issues, including data security and privacy concerns still remain unresolved. Ciphertext-policy attribute-based encryption (CP-ABE) has shown promising potential in providing data security and privacy in cloud-based systems. Nevertheless, the conventional CP-ABE scheme is inadequate for direct adoption in a collaborative ehealth system. For one, its expressiveness is limited as it is based on a monotonic access structure. Second, it lacks an attribute/user revocation mechanism. Third, the computational burden on both the data owner and data users is linear with the number of attributes in the ciphertext. To address these inadequacies, we propose CESCR, a CP-ABE for efficient and secure sharing of health data in collaborative ehealth systems with immediate and efficient attribute/user revocation. The CESCR scheme is unbounded, i.e., it does not bind the size of the attribute universe to the security parameter, it is based on the expressive and non-restrictive ordered binary decision diagram (OBDD) access structure, and it securely outsources the computationally demanding attribute operations of both encryption and decryption processes without requiring a dummy attribute. Security analysis shows that the CESCR scheme is secure in the selective model. Simulation and performance comparisons with related schemes also demonstrate that the CESCR scheme is expressive and efficient.

scholarly journals Securing E-health Data using Ciphertext-Policy Attribute-Based Encryption with Dynamic User Revocation

2019 ◽  
Vol 8 (3) ◽  
pp. 7244-7250
Keyword(s):  
Access Control ◽  
Service Providers ◽  
Health Data ◽  
Security And Privacy ◽  
Unique Identifier ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
User Revocation ◽  
Role Based ◽  
Ciphertext Policy

E-health systems hold a massive amount of medical data that is stored and shared across healthcare service providers to deliver health facilities. However, security and privacy worries increase when sharing this data over distributed settings. As a result, Cryptography techniques have been considered to secure e-health data from unauthorized access. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) is commonly utilized in such a setting, which provides role-based and fine-grained access control over encrypted data. The CP-ABE suffers from the problem of user revocation where the entire policy must be changed even when only one user is revoked or removed from the policy. In this paper, we proposed a CP-ABE based access control model to support user revocation efficiently. Specifically, the proposed model associates a unique identifier to each user. This identifier is added to the policy attributes and removed dynamically when the user is added/revoked. A tree structure (PolicyPathTree) is designed specifically for our model. It can facilitate fast access to policy's attributes during the verification process; The model is analyzed using Information Theory Tools. Results show that our model outperforms other notable work in terms of computational overheads.,

scholarly journals AN EFFICIENT SECURITY FRAMEWORK FOR DATA MIGRATION IN A CLOUD COMPUTING ENVIRONMENT

2019 ◽  
Vol 01 (01) ◽  
pp. 45-53 ◽  
Author(s):  
Subarna Shakya
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Privacy Protection ◽  
Credit Card ◽  
Security Analysis ◽  
Data Encryption ◽  
Security And Privacy ◽  
Data Migration ◽  
Secure Socket Layer ◽  
Sensitive Data

Cloud computing is advantageous in several applications. Data migration is constantly carried out to hybrid or public cloud. Certain large enterprises will not move their business-critical data and applications to the cloud. This is due to the concerns regarding data security and privacy protection. In this paper, we provide a data security analysis and solution for privacy protection framework during data migration. A Secure Socket Layer (SSL) is established and migration tickets with minimum privilege is introduced. Further, data encryption is done using Prediction Based Encryption (PBE). This system will be of use for healthcare systems and e-commerce systems that can store data regarding credit card details. We provide a strict separation between sensitive and non-sensitive data and provide encryption for the sensitive data.

Valuing Data Security and Privacy Using Cyber Insurance

2015 ◽  
Author(s):  
Anand Shah ◽  
Shishir Dahake ◽  
Sri Hari Haran J
Keyword(s):  
Data Security ◽  
Security And Privacy ◽  
Cyber Insurance

Big Data Security Challenges and Solution of Distributed Computing in Hadoop Environment: A Security Framework

2020 ◽  
Vol 13 (4) ◽  
pp. 790-797
Author(s):  
Gurjit Singh Bhathal ◽  
Amardeep Singh Dhiman
Keyword(s):  
Big Data ◽  
Data Security ◽  
Data Sets ◽  
Security Framework ◽  
Hadoop Distributed File System ◽  
Current Scenario ◽  
Hadoop Cluster ◽  
Ciphertext Policy ◽  
In Transit ◽  
Hadoop Framework

Background: In current scenario of internet, large amounts of data are generated and processed. Hadoop framework is widely used to store and process big data in a highly distributed manner. It is argued that Hadoop Framework is not mature enough to deal with the current cyberattacks on the data. Objective: The main objective of the proposed work is to provide a complete security approach comprising of authorisation and authentication for the user and the Hadoop cluster nodes and to secure the data at rest as well as in transit. Methods: The proposed algorithm uses Kerberos network authentication protocol for authorisation and authentication and to validate the users and the cluster nodes. The Ciphertext-Policy Attribute- Based Encryption (CP-ABE) is used for data at rest and data in transit. User encrypts the file with their own set of attributes and stores on Hadoop Distributed File System. Only intended users can decrypt that file with matching parameters. Results: The proposed algorithm was implemented with data sets of different sizes. The data was processed with and without encryption. The results show little difference in processing time. The performance was affected in range of 0.8% to 3.1%, which includes impact of other factors also, like system configuration, the number of parallel jobs running and virtual environment. Conclusion: The solutions available for handling the big data security problems faced in Hadoop framework are inefficient or incomplete. A complete security framework is proposed for Hadoop Environment. The solution is experimentally proven to have little effect on the performance of the system for datasets of different sizes.

scholarly journals IoT Big Data Security and Privacy Versus Innovation

2019 ◽  
Vol 6 (2) ◽  
pp. 1628-1635 ◽  
Author(s):  
Karen R. Sollins
Keyword(s):  
Big Data ◽  
Data Security ◽  
Security And Privacy

scholarly journals Challenges and techniques in Big data security and privacy: A review

2018 ◽  
Vol 1 (4) ◽  
pp. e13 ◽  
Author(s):  
Rongxin Bao ◽  
Zhikui Chen ◽  
Mohammad S. Obaidat
Keyword(s):  
Big Data ◽  
Data Security ◽  
Security And Privacy

scholarly journals Data Security and Privacy in Cloud Computing

2014 ◽  
Vol 10 (7) ◽  
pp. 190903 ◽  
Author(s):  
Yunchuan Sun ◽  
Junsheng Zhang ◽  
Yongping Xiong ◽  
Guangyu Zhu
Keyword(s):  
Cloud Computing ◽  
Data Security ◽  
Security And Privacy
Sign in / Sign up

Export Citation Format

Share Document