【 摘 要 】

As an emerging cryptographic primitive, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is suitable for the owner to share his personal health records (PHRs) in mobile healthcare systems (mHealth). Before deploying traditional CP-ABE in real mHealth applications, there are three concerns worth considering. First, the scale of pre-defined attribute universe is lack of scalability. Second, the plaintext access policy sent along with the ciphertext would leak the PHR owner's privacy. Third, it is difficult to identify the malicious user who intentionally disclosed his (partial or modified) private key. In this paper, we present HTAC, a fine-grained policy-hiding and traceable access control scheme for mHealth. In HTAC, the attribute universe is exponentially large and unbounded. Each attribute is expressed by an attribute name and an attribute value. In the encryption phase, the value is hidden in the ciphertext and only the generic attribute name is exposed. The malicious user will be precisely identified by searching the identity linked with the suspicious private key in an identity table. We further extend HTAC by removing the identity table and assigning more explicitly responsibility for the authority and the trace center. Then the storage overhead of tracing the malicious users is constant. The security analysis and performance comparison indicate that HTAC and the extended scheme are secure and practicable for real mHealth.

【 授权许可】

Unknown