DSpace Repository

Efficient and Secure Access Control for Sensitive Healthcare Data

Show simple item record

dc.contributor.author Samanta, Asmita
dc.date.accessioned 2022-03-25T04:48:59Z
dc.date.available 2022-03-25T04:48:59Z
dc.date.issued 2021-07
dc.identifier.citation 85p. en_US
dc.identifier.uri http://hdl.handle.net/10263/7321
dc.description Dissertation Under the Supervision of: Prof. Dr. Ir. Bart Preneel & Prof. Bimal Kumar Roy en_US
dc.description.abstract Healthcare services produce and use a great deal of sensitive personal data. But the fact is that this healthcare data has very high black market value. Now to easily access the healthcare data we can think about an access control server. So if we want to make an accesss control server for healthcare data then it has to be very secure. On the other hand, this data also needs to be easily accessible by the patient itself and authorized care givers. In this thesis we have studied an existing token-based access control solution which is being applied to protect medical data in a hospital and observed its security limitations. After that we modify that model using Multi-Authority CP-ABE, as a building block, to overcome the security limitations. We have proposed two modified models in our paper. Our first model relies on centralized MA-CP-ABE, which is based on composite order bilinear group. Since it is a centralized model, there is an central authority. In my case External IAM plays the role of Central Authority. I have used External IAM and Policy Decision Point as my two attribute authorities. This MA-CP-ABE is computed on a composite order bilinear group. According to the security analysis, my first model is adaptively secure. We have done this security analysis in standard model. Our second model relies on decentralized MA-CP-ABE, which is based on prime order bilinear group. Since it is an decentralized scheme so there is no central authority. Here also I have used External IAM and Policy Decision Point as my two attribute authorities. This MA-CP-ABE is computed on a prime order bilinear group. According to the security analysis, my second model is CPA secure. We have done this security analysis in random oracle model. Our second model is more efficient according to the computation cost than the first model whereas our first model is more efficient according to the communication cost than the second model. We have implemented the decentralized Multi-Authority CP-ABE scheme, which is the building block of our second model, to use in modified Access Control Model. We have implemented the code in Python and used Charm-crypto framework for the implementation. Because of using decryption out-sourcing our final decryption time has become constant, it does not depend on the size of the data consumer’s attribute set or on the number of attributes in access policy. Also we have implemented a modified LSSS in our thesis which is more efficient than Charm’s LSSS. We have also introduced revocation property in the scheme and provided insights on how to implement the whole access control model in this thesis. en_US
dc.language.iso en en_US
dc.publisher Indian Statistical Institute, Kolkata en_US
dc.relation.ispartofseries Dissertation;;CrS1902
dc.subject Healthcare services en_US
dc.subject healthcare data en_US
dc.subject Secure Access en_US
dc.subject Sensitive Healthcare en_US
dc.title Efficient and Secure Access Control for Sensitive Healthcare Data en_US
dc.type Other en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account