Analysis and Improvement of Patient Self-controllable Multi-level Privacy-preserving Cooperative Authentication Scheme
نویسندگان
چکیده
In 2014, a patient self-controllable multi-level privacypreserving cooperative authentication scheme (PSMPA) was proposed for attempting to address the issue of data confidentiality and patients’ identity privacy simultaneously when the personal healthcare record (PHR) is shared in the distributed m-healthcare cloud computing system. In this paper, we show the PSMPA scheme fails to achieve the two goals under the collusion attack. Furthermore, the scheme also suffers from forgery attack because of a flawed design in the transcript simulation phase. In order to avoid the attacks, we propose an improved PHR sharing scheme by incorporating ciphertext policy attribute-based encryption (CP-ABE) and attributebased signature (ABS) as a possible solution.
منابع مشابه
PSCPA: Patient Self-controllable Privacy-preserving Cooperative Authentication in Distributed m-Healthcare Systems
Distributed m-healthcare systems significantly facilitate efficient patient treatment of high quality, while bringing about the challenge of keeping both the confidentiality of the personal health information and the patients’ identity privacy simultaneously. It makes many existing data access control and anonymous authentication schemes inefficient in distributed mhealthcare systems. To solve ...
متن کاملA Lightweight Privacy-preserving Authenticated Key Exchange Scheme for Smart Grid Communications
Smart grid concept is introduced to modify the power grid by utilizing new information and communication technology. Smart grid needs live power consumption monitoring to provide required services and for this issue, bi-directional communication is essential. Security and privacy are the most important requirements that should be provided in the communication. Because of the complex design of s...
متن کاملGame-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کاملAttribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems
Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...
متن کاملA Flexible Framework for Secret Handshakes or: How to Achieve Multi-Party Interactive Anonymous Mutual Authentication
In the society increasingly concerned with the erosion of privacy, privacy-preserving techniques are becoming very important. Secret handshakes offer anonymous and unobservable authentication and serve as an important tool in the arsenal of privacy-preserving techniques. Relevant prior research focused on 2-party secret handshakes with one-time credentials, whereby two parties establish a secur...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 17 شماره
صفحات -
تاریخ انتشار 2015