计算机科学

计算机科学 ›› 2017, Vol. 44 ›› Issue (Z11): 342-347.doi: 10.11896/j.issn.1002-137X.2017.11A.072

• 信息安全 • 上一篇    下一篇

云计算中基于属性的可搜索加密电子病历系统

李晓蓉,宋子夜,任婧怡,徐磊,许春根   

  1. 南京理工大学理学院 南京210094,南京理工大学理学院 南京210094,南京理工大学理学院 南京210094,南京理工大学理学院 南京210094,南京理工大学理学院 南京210094
  • 出版日期:2018-12-01 发布日期:2018-12-01
  • 基金资助:
    本文受江苏省自然科学基金(BK20141405),南京理工大学本科生科研训练‘百千万’计划国家级项目立项资助

Attribute-based Searchable Encryption of Electronic Medical Records in Cloud Computing

LI Xiao-rong, SONG Zi-ye, REN Jing-yi, XU Lei and XU Chun-gen   

  • Online:2018-12-01 Published:2018-12-01

PDF (PC)

943

摘要: 电子病历是医学报告在云计算技术迅速发展下的一个重要产物,它的出现方便了医院和患者对病历的管理。然而, 患者的相关隐私数据存储在云上,就必然面临着隐私泄露、非法访问等隐患。为保护存储在云端的电子病历数据的私密性,提出了一个基于属性的可搜索加密方案,并给出了它在电子病历系统中的重要应用。与传统的可搜索加密方案相比,本方案降低了多用户环境下密钥管理的难度,且方案中的陷门可以在非安全信道上传输。此外,该方案可隐藏访问结构,具有细粒度访问控制,可根据数据拥有者的请求增加或撤销用户的访问权限。安全性分析表明,该方案保护了关键词的隐私性,可抵抗关键词猜测攻击,能有效防止隐私数据的泄露。关键词陷门匹配算法仅需一次双线性对运算,大大提高了搜索效率。

关键词: 电子病历,可搜索加密,细粒度访问控制,关键词猜测攻击

Abstract: Electronic medical record is an important product of the medical report under the rapid development of cloud computing technology,whose presence is convenient for the hospitals and patients to manage the medical reports.However,it would be inevitably faced with potential hazards such as the privacy disclosure,illegal access,etc.if the privacy data about patients are stored in the cloud.To protect the privacy of the electronic medical records stored in the cloud,an attribute-based searchable encryption scheme was proposed,and its important application in the electronic medical record system was given.Compared with the traditional searchable encryption scheme,this scheme does not need a secure channel for the trapdoor transmitting,and the difficulties in key management for multiple users could be reduced.Moreover,the scheme can hide the access structure and has fine-grained access control to add and revoke access rights of users according to the request of data owners.Security analysis shows that the scheme can not only protect the privacy of keywords,but also effectively resist the attack of keyword guessing and prevent the private data from leaking out.The keyword-based trapdoor matching algorithm requires only one computation of bilinear pairing,greatly improves the searching efficiency.

Key words: Electronic medical record,Searchable encryption,Fine-grained access control,Attack of keyword guessing

[1] SONG D,WAGNER D,PERRI G.A Practical techniques for searches on encrypted data[C]∥Proceedings of IEEE Symposium on Securityand Privacy.Berkeley,2000:44-55.
[2] BONEH D,CRESCENZO G D,OSTROVSKY R,et al.Publickey encryption with keyword search[C]∥Proceedings of the EUROCRYPT’04.Interlaken,Switzerland,2004:506-522.
[3] GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[C]∥Proceedings of the 13th ACM Conference on Computer and Communications Security.New York,USA,2006:89-98.
[4] BENALOH J,CHASE M,HORVITZ E,et al.Patient Con-trolled Encryption:Ensuring Privacy of Electronic Medical Records[C]∥Proceeding of the ACM Workshop Cloud Computing Security(CCSW’09).2009:103-114.
[5] KULVAIBHAV K,VIJAYARAGHAVAN V,RAJARATHNAMN.Multi-users Attribute Based Searchable Encryption[C]∥Proceeding of International Conference on Mobile Data Management.Milan:IEEE Computer Society,2013:200-205.
[6] 王少辉,韩志杰,肖甫,等.指定测试者的基于身份的可搜索加密方案[J].通信学报,2014,5(7):22-32.
[7] LI J,ZHANG L.Attribute-based keyword search and data access control in cloud[C]∥2014 Tenth International Conference on Computational Intelligence and Security (CIS).IEEE,2014:382-386.
[8] 林鹏,江颉,陈铁明.云环境下关键词搜索加密算法研究[J].通信学报,2015,36(Z1):259-265.
[9] QIU S,LIU J,SHI Y,et al.Hidden policy ciphertext-policy attribute-based encryption with keyword search against keyword guessing attack [J].Science China Information Sciences,2017,60(5):052105.
[10] 刘全明,赵宝,高富强.基于属性的可搜索加密方案[J].山西大学学报(自然科学版),2016,9(4):593-600.
[11] 陈燕俐,杨华山.可支持属性撤销的基于 CP-ABE可搜索加密方案[J].重庆邮电大学学报(自然科学版),2016,8(4):545-554.
[12] 李双,徐茂智.基于属性的可搜索加密方案[J].计算机学报,2014,7(5):1017-1024.
[13] BEIMEL A,et al.Secure schemes for secret sharing and key distribution[R].Technion-Israel Institute of Technology,Faculty of Computer Science,1996.
[14] GENTRY C.Practical identity-based encryption without random oracles[C]∥Annual International Conference on the Theory and Applications of Cryptographic Techniques.Springer Berlin Heidelberg,2006:445-464.
[15] 郭璐璐.对密文查询和基于查询的可搜索加密方案的研究[D].南京:南京理工大学,2014.
[16] 杨旸,林柏钢,马懋德.具有细粒度访问控制的隐藏关键词可搜索加密方案[J].通信学报,2013,4(Z1):92-100.
[17] HAN F,QIN J,ZHAO H,et al.A general transformation from KP-ABE to searchable encryption[J].Future Generation Computer Systems,2014,30:107-115.
[18] BONEH D,BOYEN X.Efficient selective-ID secure identity-based encryption without random oracles[C]∥International Conference on the Theory and Applications of Cryptographic Techniques.Springer Berlin Heidelberg,2004:223-238.
[19] BONEH D,BOYEN X,GOH E J.Hierarchical identity based encryption with constant size ciphertext[C]∥Annual International Conference on the Theory and Applications of Cryptographic Techniques.Springer Berlin Heidelberg,2005:440-456.
[20] BONEH D,GENTRY C,WATERS B.Collusion resistant bro-adcast encryption with short ciphertexts and private keys[C]∥Annual International Cryptology Conference.Springer Berlin Heidelberg,2005:258-275.
[21] BONEH D,KATZ J.Improved efficiency for CCA-secure cryptosystems built using identity-based encryption[C]∥Cryptographers’ Track at the RSA Conference.Springer Berlin Heidelberg,2005:87-103.
[22] 马春光,石岚,汪定.基于访问树的属性基签名算法[J].电子科技大学学报,2013,42(3):410-414.
[23] 李经纬,贾春福,刘哲理.可搜索加密技术研究综述[J].软件学报,2015,26(1):109-128.
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发