Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System

Yaru Liu; Jia Yu; Jianxi Fan; Pandi Vijayakumar; Victor Chang

doi:10.1109/TII.2021.3100873

Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System

Yaru Liu, Jia Yu^*, Jianxi Fan, Pandi Vijayakumar, Victor Chang

^*Corresponding author for this work

Research output: Contribution to journal › Article › peer-review

Abstract

As the product of combining Internet of Things (IoT), cloud computing, and traditional healthcare, Intelligent IoT Healthcare (IIoTH) brings us a lot of convenience, meanwhile security and privacy issues have attracted great attention. Dynamic searchable symmetric encryption (DSSE) technique can make the user search the dynamic healthcare information from IIoTH system under the condition that the privacy is protected. In this article, a novel privacy-preserving DSSE scheme for IIoTH system is proposed. It is the first DSSE scheme designed for personal health record (PHR) files database with forward security. We construct the secure index based on hash chain and realize trapdoor updates for resisting file injection attacks. In addition, we realize fine-grained search over encrypted PHR files database of attribute-value type. When the user executes search operations, he/she gets only a matched attribute value instead of the whole file. As a result, the communication cost is reduced and the disclosure of patient's privacy is minimized. The proposed scheme also achieves attribute access control, which allows users have different access authorities to attribute values. The specific security analysis and experiments show the security and the efficiency of the proposed scheme.

Original language	English
Pages (from-to)	2010-2020
Number of pages	11
Journal	IEEE Transactions on Industrial Informatics
Volume	18
Issue number	3
Early online date	30 Jul 2021
DOIs	https://doi.org/10.1109/TII.2021.3100873
Publication status	Published - 1 Mar 2022

Bibliographical note

© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Keywords

Attribute access control
forward security
Intelligent Internet of Things Healthcare (IIoTH)
privacy preserving
searchable encryption (SE)

Access to Document

10.1109/TII.2021.3100873

Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System
© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Accepted author manuscript, 1.33 MB

Cite this

@article{ec046f42806f478fafe95bbc1af06b35,

title = "Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System",

abstract = "As the product of combining Internet of Things (IoT), cloud computing, and traditional healthcare, Intelligent IoT Healthcare (IIoTH) brings us a lot of convenience, meanwhile security and privacy issues have attracted great attention. Dynamic searchable symmetric encryption (DSSE) technique can make the user search the dynamic healthcare information from IIoTH system under the condition that the privacy is protected. In this article, a novel privacy-preserving DSSE scheme for IIoTH system is proposed. It is the first DSSE scheme designed for personal health record (PHR) files database with forward security. We construct the secure index based on hash chain and realize trapdoor updates for resisting file injection attacks. In addition, we realize fine-grained search over encrypted PHR files database of attribute-value type. When the user executes search operations, he/she gets only a matched attribute value instead of the whole file. As a result, the communication cost is reduced and the disclosure of patient's privacy is minimized. The proposed scheme also achieves attribute access control, which allows users have different access authorities to attribute values. The specific security analysis and experiments show the security and the efficiency of the proposed scheme. ",

keywords = "Attribute access control, forward security, Intelligent Internet of Things Healthcare (IIoTH), privacy preserving, searchable encryption (SE)",

author = "Yaru Liu and Jia Yu and Jianxi Fan and Pandi Vijayakumar and Victor Chang",

note = "{\textcopyright} 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.",

year = "2022",

month = mar,

day = "1",

doi = "10.1109/TII.2021.3100873",

language = "English",

volume = "18",

pages = "2010--2020",

journal = "IEEE Transactions on Industrial Informatics",

issn = "1551-3203",

publisher = "IEEE",

number = "3",

}

TY - JOUR

T1 - Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System

AU - Liu, Yaru

AU - Yu, Jia

AU - Fan, Jianxi

AU - Vijayakumar, Pandi

AU - Chang, Victor

N1 - © 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

PY - 2022/3/1

Y1 - 2022/3/1

N2 - As the product of combining Internet of Things (IoT), cloud computing, and traditional healthcare, Intelligent IoT Healthcare (IIoTH) brings us a lot of convenience, meanwhile security and privacy issues have attracted great attention. Dynamic searchable symmetric encryption (DSSE) technique can make the user search the dynamic healthcare information from IIoTH system under the condition that the privacy is protected. In this article, a novel privacy-preserving DSSE scheme for IIoTH system is proposed. It is the first DSSE scheme designed for personal health record (PHR) files database with forward security. We construct the secure index based on hash chain and realize trapdoor updates for resisting file injection attacks. In addition, we realize fine-grained search over encrypted PHR files database of attribute-value type. When the user executes search operations, he/she gets only a matched attribute value instead of the whole file. As a result, the communication cost is reduced and the disclosure of patient's privacy is minimized. The proposed scheme also achieves attribute access control, which allows users have different access authorities to attribute values. The specific security analysis and experiments show the security and the efficiency of the proposed scheme.

AB - As the product of combining Internet of Things (IoT), cloud computing, and traditional healthcare, Intelligent IoT Healthcare (IIoTH) brings us a lot of convenience, meanwhile security and privacy issues have attracted great attention. Dynamic searchable symmetric encryption (DSSE) technique can make the user search the dynamic healthcare information from IIoTH system under the condition that the privacy is protected. In this article, a novel privacy-preserving DSSE scheme for IIoTH system is proposed. It is the first DSSE scheme designed for personal health record (PHR) files database with forward security. We construct the secure index based on hash chain and realize trapdoor updates for resisting file injection attacks. In addition, we realize fine-grained search over encrypted PHR files database of attribute-value type. When the user executes search operations, he/she gets only a matched attribute value instead of the whole file. As a result, the communication cost is reduced and the disclosure of patient's privacy is minimized. The proposed scheme also achieves attribute access control, which allows users have different access authorities to attribute values. The specific security analysis and experiments show the security and the efficiency of the proposed scheme.

KW - Attribute access control

KW - forward security

KW - Intelligent Internet of Things Healthcare (IIoTH)

KW - privacy preserving

KW - searchable encryption (SE)

UR - http://www.scopus.com/inward/record.url?scp=85112607871&partnerID=8YFLogxK

UR - https://ieeexplore.ieee.org/document/9502532

U2 - 10.1109/TII.2021.3100873

DO - 10.1109/TII.2021.3100873

M3 - Article

AN - SCOPUS:85112607871

SN - 1551-3203

VL - 18

SP - 2010

EP - 2020

JO - IEEE Transactions on Industrial Informatics

JF - IEEE Transactions on Industrial Informatics

IS - 3

ER -

Achieving Privacy-Preserving DSSE for Intelligent IoT Healthcare System

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this