Multi-Keyword Searchable Encryption for E-Health System With Multiple Data Writers and Readers

Mapping Intimacies ◽

10.4018/978-1-7998-6988-7.ch007 ◽

2022 ◽

pp. 107-131

Author(s):

Dhruti P. Sharma ◽

Devesh C. Jinwala

Keyword(s):

Health System ◽

Keyword Search ◽

Medical Data ◽

Searchable Encryption ◽

Multiple Stakeholders ◽

Computational Overhead ◽

Multiple Data ◽

Data Owner ◽

Share Data ◽

Conjunctive Search

E-health is a cloud-based system to store and share medical data with the stakeholders. From a security perspective, the stored data are in encrypted form that could further be searched by the stakeholders through searchable encryption (SE). Practically, an e-health system with support of multiple stakeholders (that may work as either data owner [writer] or user [reader]) along with the provision of multi-keyword search is desirable. However, the existing SE schemes either support multi-keyword search in multi-reader setting or offer multi-writer, multi-reader mechanism along with single-keyword search only. This chapter proposes a multi-keyword SE for an e-health system in multi-writer multi-reader setting. With this scheme, any registered writer could share data with any registered reader with optimal storage-computational overhead on writer. The proposed scheme offers conjunctive search with optimal search complexity at server. It also ensures security to medical records and privacy of keywords. The theoretical and empirical analysis demonstrates the effectiveness of the proposed work.

Download Full-text

A Secure Key Aggregate Searchable Encryption with Multi Delegation in Cloud Data Sharing Service

Applied Sciences ◽

10.3390/app11198841 ◽

2021 ◽

Vol 11 (19) ◽

pp. 8841

Author(s):

JoonYoung Lee ◽

MyeongHyun Kim ◽

JiHyeon Oh ◽

YoungHo Park ◽

KiSung Park ◽

...

Keyword(s):

Data Sharing ◽

Keyword Search ◽

Personal Information ◽

Formal Analysis ◽

Searchable Encryption ◽

Third Party ◽

Security Evaluation ◽

Cloud Data ◽

Delegation Of Authority ◽

Data Owner

As the amount of data generated in various distributed environments is rapidly increasing, cloud servers and computing technologies are attracting considerable attention. However, the cloud server has privacy issues, including personal information and requires the help of a Trusted Third Party (TTP) for data sharing. However, because the amount of data generated and value increases, the data owner who produces data must become the subject of data sharing. In this study, we use key aggregate searchable encryption (KASE) technology, which enables keyword search, to efficiently share data without using TTP. The traditional KASE scheme approach only discusses the authority delegation from the data owner to another user. The traditional KASE scheme approach only discusses delegation of authority from the data owner to another user. However, if the delegated entity cannot perform time-critical tasks because the shared data are unavailable, the delegate must further delegate the rights given to other users. Consequently, this paper proposes a new KASE scheme that enables multi-delegation without TTP and includes an authentication technique between the user and the server. After that, we perform informal and formal analysis using BAN logic and AVISPA for security evaluation, and compare the security and performance aspects with existing schemes.

Download Full-text

Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-020-01875-2 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Fei Meng ◽

Leixiao Cheng ◽

Mingqiang Wang

Keyword(s):

Smart City ◽

Keyword Search ◽

Sensitive Information ◽

Security Model ◽

Computational Overhead ◽

Diffie Hellman ◽

Attribute Based Encryption ◽

Iot Devices ◽

Ciphertext Policy ◽

Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

Download Full-text

VMKDO: Verifiable multi-keyword search over encrypted cloud data for dynamic data-owner

Peer-to-Peer Networking and Applications ◽

10.1007/s12083-016-0487-7 ◽

2016 ◽

Vol 11 (2) ◽

pp. 287-297 ◽

Cited By ~ 6

Author(s):

Yinbin Miao ◽

Jianfeng Ma ◽

Ximeng Liu ◽

Zhiquan Liu ◽

Limin Shen ◽

...

Keyword(s):

Keyword Search ◽

Dynamic Data ◽

Cloud Data ◽

Data Owner

Download Full-text

BMDS: A Blockchain-based Medical Data Sharing Scheme with Attribute-Based Searchable Encryption

ICC 2021 - IEEE International Conference on Communications ◽

10.1109/icc42927.2021.9500966 ◽

2021 ◽

Author(s):

Jingwei Liu ◽

Mingli Wu ◽

Rong Sun ◽

Xiaojiang Du ◽

Mohsen Guizani

Keyword(s):

Data Sharing ◽

Medical Data ◽

Searchable Encryption ◽

Sharing Scheme

Download Full-text

R-OO-KASE: Revocable Online/Offline Key Aggregate Searchable Encryption

Data Science and Engineering ◽

10.1007/s41019-020-00136-y ◽

2020 ◽

Vol 5 (4) ◽

pp. 391-418

Author(s):

Mukti Padhya ◽

Devesh C. Jinwala

Keyword(s):

Radio Frequency Identification ◽

Keyword Search ◽

Electrical Power ◽

Computational Cost ◽

Security Analysis ◽

Searchable Encryption ◽

Resource Constrained ◽

Encryption Decryption ◽

Resource Constrained Devices ◽

Constrained Devices

Abstract The existing Key Aggregate Searchable Encryption (KASE) schemes allow searches on the encrypted dataset using a single query trapdoor, with a feature to delegate the search rights of multiple files using a constant size key. However, the operations required to generate the ciphertext and decrypt it in these schemes incur higher computational costs, due to the computationally expensive pairing operations in encryption/decryption. This makes the use of such schemes in resource-constrained devices, such as Radio Frequency Identification Devices, Wireless Sensor Network nodes, Internet of Things nodes, infeasible. Motivated with the goal to reduce the computational cost, in this paper, we propose a Revocable Online/Offline KASE (R-OO-KASE) scheme, based on the idea of splitting the encryption/decryption operations into two distinct phases: online and offline. The offline phase computes the majority of costly operations when the device is on an electrical power source. The online phase generates final output with the minimal computational cost when the message (or ciphertext) and keywords become known. In addition, the proposed scheme R-OO-KASE also offers multi-keyword search capability and allows the data owners to revoke the delegated rights at any point in time, the two features are not supported in the existing schemes. The security analysis and empirical evaluations show that the proposed scheme is efficient to use in resource-constrained devices and provably secure as compared to the existing KASE schemes.

Download Full-text

Controlled Functional Encryption Revisited: Multi-Authority Extensions and Efficient Schemes for Quadratic Functions

Proceedings on Privacy Enhancing Technologies ◽

10.2478/popets-2021-0003 ◽

2021 ◽

Vol 2021 (1) ◽

pp. 21-42

Author(s):

Miguel Ambrona ◽

Dario Fiore ◽

Claudio Soriente

Keyword(s):

Homomorphic Encryption ◽

Linear Functions ◽

Quadratic Functions ◽

Functional Encryption ◽

Fine Grained ◽

Multiple Data ◽

Garbled Circuits ◽

Private Data ◽

Data Owner ◽

Single Data

AbstractIn a Functional Encryption scheme (FE), a trusted authority enables designated parties to compute specific functions over encrypted data. As such, FE promises to break the tension between industrial interest in the potential of data mining and user concerns around the use of private data. FE allows the authority to decide who can compute and what can be computed, but it does not allow the authority to control which ciphertexts can be mined. This issue was recently addressed by Naveed et al., that introduced so-called Controlled Functional encryption (or C-FE), a cryptographic framework that extends FE and allows the authority to exert fine-grained control on the ciphertexts being mined. In this work we extend C-FE in several directions. First, we distribute the role of (and the trust in) the authority across several parties by defining multi-authority C-FE (or mCFE). Next, we provide an efficient instantiation that enables computation of quadratic functions on inputs provided by multiple data-owners, whereas previous work only provides an instantiation for linear functions over data supplied by a single data-owner and resorts to garbled circuits for more complex functions. Our scheme leverages CCA2 encryption and linearly-homomorphic encryption. We also implement a prototype and use it to showcase the potential of our instantiation.

Download Full-text

The Perspectives of Programme Staff and Recipients on the Acceptability and Benefits of the Ward-Based Outreach Teams in a South African Province

Healthcare ◽

10.3390/healthcare8040464 ◽

2020 ◽

Vol 8 (4) ◽

pp. 464

Author(s):

Cheryl Nelson ◽

Sphiwe Madiba

Keyword(s):

Health System ◽

Treatment Adherence ◽

Positive Effects ◽

Multiple Data ◽

Outreach Services ◽

Default Rates ◽

Outreach Programme ◽

System Data ◽

Health System Data ◽

Cure Rates

The re-engineering of primary health care (PHC) called for the establishment of ward-based outreach teams as a reform strategy to bridge the gap between health facilities and communities. The Nkangala district established ward-based outreach teams in 2012. We used process evaluation to assess the acceptability of the outreach teams from the perspectives of those involved in the implementation as well as the clients who are the recipients of the outreach services in order to describe how the programme benefits the recipients, the staff, and the health system. Data were collected through interviews with multiple data sources. A thematic analysis was done using NVivo 11. The outreach programme is acceptable to the recipients and staff. The acceptability translated into measurable benefits for the recipients and the health system. Health benefits included increased access to services, support for treatment adherence, and linkages to various sector departments for social support. Since the inception of outreach teams, the district has recorded low utilisation of PHC services and improved priority indicators such as immunisation coverage, early antenatal bookings, treatment adherence, TB cure rates, and decreased default rates. The positive effects of the outreach teams on indicators underscore the need to roll the programme out to all sub-districts.

Download Full-text

Fine-Grained Ranked Multi-Keyword Search Over Hierarchical Data for IoT-Oriented Health System

IEEE Access ◽

10.1109/access.2019.2928441 ◽

2019 ◽

Vol 7 ◽

pp. 101969-101980 ◽

Cited By ~ 1

Author(s):

Jianfei Sun ◽

Shengnan Hu ◽

Xuyun Nie

Keyword(s):

Health System ◽

Keyword Search ◽

Hierarchical Data ◽

Fine Grained

Download Full-text

Web Portal for Genomic and Epidemiologic Medical Data

Medical Informatics ◽

10.4018/978-1-60566-050-9.ch177 ◽

2011 ◽

pp. 2351-2359

Author(s):

Mónica Miguélez Rico

Keyword(s):

Medical Information ◽

Access Point ◽

Research Area ◽

Medical Data ◽

Web Portal ◽

Key Points ◽

Share Data ◽

Histological Data ◽

Important Research Area ◽

Current Standards

Medical data and digital imaging for medical diagnosis currently represent a very important research area in computer science. The generation of medical information is continuously increasing. More specifically, genomic (molecular and histological) data and images have become key points for diagnosis. The specific processing these data require is more and more requested. This article describes a Web portal based on the most common current standards. This platform is not only able to integrate the medical information available at several sources, but also to provide tools for the analysis of the integrated data, to use them for the study of any pathology. It will provide a common access point to share data and analysis techniques (or applications) between different groups that are currently working in several fields of health area.

Download Full-text

Practical Attribute-Based Conjunctive Keyword Search Scheme

The Computer Journal ◽

10.1093/comjnl/bxz140 ◽

2019 ◽

Vol 63 (8) ◽

pp. 1203-1215 ◽

Cited By ~ 1

Author(s):

Yang Chen ◽

Wenmin Li ◽

Fei Gao ◽

Kaitai Liang ◽

Hua Zhang ◽

...

Keyword(s):

Keyword Search ◽

Inner Product ◽

Real World Data ◽

Data Set ◽

Fine Grained ◽

Keyword Guessing Attack ◽

Secure Search ◽

Data Owner ◽

Cryptographic Primitive ◽

Guessing Attack

Abstract To date cloud computing may provide considerable storage and computational power for cloud-based applications to support cryptographic operations. Due to this benefit, attribute-based keyword search (ABKS) is able to be implemented in cloud context in order to protect the search privacy of data owner/user. ABKS is a cryptographic primitive that can provide secure search services for users but also realize fine-grained access control over data. However, there have been two potential problems that prevent the scalability of ABKS applications. First of all, most of the existing ABKS schemes suffer from the outside keyword guessing attack (KGA). Second, match privacy should be considered while supporting multi-keyword search. In this paper, we design an efficient method to combine the keyword search process in ABKS with inner product encryption and deploy several proposed techniques to ensure the flexibility of retrieval mode, the security and efficiency of our scheme. We later put forward an attribute-based conjunctive keyword search scheme against outside KGA to solve the aforementioned problems. We provide security notions for two types of adversaries and our construction is proved secure against chosen keyword attack and outside KGA. Finally, all-side simulation with real-world data set is implemented for the proposed scheme, and the results of the simulation show that our scheme achieves stronger security without yielding significant cost of storage and computation.

Download Full-text