Enabling authorized encrypted search for multi-authority medical databases

Lei Xu, Shifeng Sun, Xingliang Yuan, Joseph K. Liu, Cong Zuo, Xu Chungen

Research output: Contribution to journalArticleResearchpeer-review

1 Citation (Scopus)

Abstract

E-medical records are sensitive and should be stored in a medical database in encrypted form. However, simply encrypting these records will eliminate data utility and interoperability of the existing medical database system because encrypted records are no longer searchable. Moreover, multiple authorities could be involved in controlling and sharing the private medical records of clients; thus, authorizing different clients to search and access records originating from multiple authorities in a secure and scalable manner is a nontrivial matter. To address the above issues, we propose an authorized searchable encryption scheme under a multi-authority setting. Specifically, our proposed scheme leverages RSA function to enable each authority to limit the search capability of different clients based on the client's privileges. To improve scalability, we utilize multi-authority attribute-based encryption to allow the authorization process to be performed only once even over policies from multiple authorities. We conduct rigorous security and cost analysis, and perform experimental evaluations to demonstrate that the proposed scheme introduces moderate overhead to existing searchable encryption schemes.

Original languageEnglish
Number of pages12
JournalIEEE Transactions on Emerging Topics in Computing
DOIs
Publication statusAccepted/In press - 18 Mar 2019

Keywords

  • Access control
  • Cloud computing
  • cloud storage
  • e-medical system
  • encrypted data search
  • Encryption
  • forward security
  • Medical diagnostic imaging
  • Multi-authority
  • Servers

Cite this

@article{17596afedd234ebd890b8a9afa0f3e0b,
title = "Enabling authorized encrypted search for multi-authority medical databases",
abstract = "E-medical records are sensitive and should be stored in a medical database in encrypted form. However, simply encrypting these records will eliminate data utility and interoperability of the existing medical database system because encrypted records are no longer searchable. Moreover, multiple authorities could be involved in controlling and sharing the private medical records of clients; thus, authorizing different clients to search and access records originating from multiple authorities in a secure and scalable manner is a nontrivial matter. To address the above issues, we propose an authorized searchable encryption scheme under a multi-authority setting. Specifically, our proposed scheme leverages RSA function to enable each authority to limit the search capability of different clients based on the client's privileges. To improve scalability, we utilize multi-authority attribute-based encryption to allow the authorization process to be performed only once even over policies from multiple authorities. We conduct rigorous security and cost analysis, and perform experimental evaluations to demonstrate that the proposed scheme introduces moderate overhead to existing searchable encryption schemes.",
keywords = "Access control, Cloud computing, cloud storage, e-medical system, encrypted data search, Encryption, forward security, Medical diagnostic imaging, Multi-authority, Servers",
author = "Lei Xu and Shifeng Sun and Xingliang Yuan and Liu, {Joseph K.} and Cong Zuo and Xu Chungen",
year = "2019",
month = "3",
day = "18",
doi = "10.1109/TETC.2019.2905572",
language = "English",
journal = "IEEE Transactions on Emerging Topics in Computing",
issn = "2168-6750",
publisher = "IEEE Computer Society",

}

Enabling authorized encrypted search for multi-authority medical databases. / Xu, Lei; Sun, Shifeng; Yuan, Xingliang; Liu, Joseph K.; Zuo, Cong; Chungen, Xu.

In: IEEE Transactions on Emerging Topics in Computing, 18.03.2019.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Enabling authorized encrypted search for multi-authority medical databases

AU - Xu, Lei

AU - Sun, Shifeng

AU - Yuan, Xingliang

AU - Liu, Joseph K.

AU - Zuo, Cong

AU - Chungen, Xu

PY - 2019/3/18

Y1 - 2019/3/18

N2 - E-medical records are sensitive and should be stored in a medical database in encrypted form. However, simply encrypting these records will eliminate data utility and interoperability of the existing medical database system because encrypted records are no longer searchable. Moreover, multiple authorities could be involved in controlling and sharing the private medical records of clients; thus, authorizing different clients to search and access records originating from multiple authorities in a secure and scalable manner is a nontrivial matter. To address the above issues, we propose an authorized searchable encryption scheme under a multi-authority setting. Specifically, our proposed scheme leverages RSA function to enable each authority to limit the search capability of different clients based on the client's privileges. To improve scalability, we utilize multi-authority attribute-based encryption to allow the authorization process to be performed only once even over policies from multiple authorities. We conduct rigorous security and cost analysis, and perform experimental evaluations to demonstrate that the proposed scheme introduces moderate overhead to existing searchable encryption schemes.

AB - E-medical records are sensitive and should be stored in a medical database in encrypted form. However, simply encrypting these records will eliminate data utility and interoperability of the existing medical database system because encrypted records are no longer searchable. Moreover, multiple authorities could be involved in controlling and sharing the private medical records of clients; thus, authorizing different clients to search and access records originating from multiple authorities in a secure and scalable manner is a nontrivial matter. To address the above issues, we propose an authorized searchable encryption scheme under a multi-authority setting. Specifically, our proposed scheme leverages RSA function to enable each authority to limit the search capability of different clients based on the client's privileges. To improve scalability, we utilize multi-authority attribute-based encryption to allow the authorization process to be performed only once even over policies from multiple authorities. We conduct rigorous security and cost analysis, and perform experimental evaluations to demonstrate that the proposed scheme introduces moderate overhead to existing searchable encryption schemes.

KW - Access control

KW - Cloud computing

KW - cloud storage

KW - e-medical system

KW - encrypted data search

KW - Encryption

KW - forward security

KW - Medical diagnostic imaging

KW - Multi-authority

KW - Servers

UR - http://www.scopus.com/inward/record.url?scp=85063368515&partnerID=8YFLogxK

U2 - 10.1109/TETC.2019.2905572

DO - 10.1109/TETC.2019.2905572

M3 - Article

JO - IEEE Transactions on Emerging Topics in Computing

JF - IEEE Transactions on Emerging Topics in Computing

SN - 2168-6750

ER -