Abstract
We propose an efficient anonymous, attribute-based credential scheme capable of provisioning multi-level credential delegations. It is integrated with a mechanism to revoke the anonymity of credentials for resolving access disputes and making users accountable for their actions. The proposed scheme has a lower end-user computational complexity in comparison to existing credential schemes with delegatability and has a comparable level of performance with the credential standards of U-Prove and Idemix. Furthermore, we demonstrate how the proposed scheme can be applied to a collaborative e-health environment to provide its users with the necessary anonymous access with delegation capabilities.
- Lucas Ballard, Matthew Green, Breno de Medeiros, and Fabian Monrose. 2005. Correlation-Resistant Storage via Keyword-Searchable Encryption. Cryptology ePrint Archive, Report 2005/417. Retrieved from http://eprint.iacr.org/2005/417.Google Scholar
- Elaine Barker. 2016. Recommendation for key management Part 1: General (revision 4). NIST Spec. Publ. 800-57 (Jan. 2016), 1--160.Google Scholar
Cross Ref
- Mira Belenkiy, Jan Camenisch, Melissa Chase, Markulf Kohlweiss, Anna Lysyanskaya, and Hovav Shacham. 2009. Randomizable proofs and delegatable anonymous credentials. In Advances in Cryptology (CRYPTO’09). Springer, Berlin, 108--125. Google Scholar
Digital Library
- Greg Bell and Michael Ebert. 2015. Health Care and Cyber Security, Increasing Threats Require Increased Capabilities. Retrieved May 30, 2016 from https://assets.kpmg/content/dam/kpmg/pdf/2015/09/cyber-health-care-survey-kpmg-2015.pdf.Google Scholar
- Dan Boneh. 1998. The decision Diffie-Hellman problem. In Algorithmic Number Theory. Springer, Berlin, 48--63. Google Scholar
Digital Library
- Jan Camenisch, Manu Drijvers, and Maria Dubovitskaya. 2017. Practical UC-secure delegatable credentials with attributes and their application to blockchain. In Proceedings of the 2017 ACM Conference on Computer and Communications Security (ACM CCS’17). ACM, New York, NY, 683--699. Google Scholar
Digital Library
- Jan Camenisch and Anna Lysyanskaya. 2003. A signature scheme with efficient protocols. In Security in Communication Networks (SCN’02). Springer, Berlin, 268--289. Google Scholar
Digital Library
- Jan Camenisch and Anna Lysyanskaya. 2004. Signature schemes and anonymous credentials from bilinear maps. In Advances in Cryptology (CRYPTO’04). Springer, Berlin, 56--72.Google Scholar
- Jan Camenisch and Els Van Herreweghen. 2002. Design and implementation of the idemix anonymous credential system. In Proceedings of the 9th ACM Conference on Computer and Communications Security (ACM CCS’02). ACM, New York, NY, 21--30. Google Scholar
Digital Library
- Melissa Chase and Anna Lysyanskaya. 2006. On signatures of knowledge. In Advances in Cryptology (CRYPTO’06). Springer, Berlin, 78--96. Google Scholar
Digital Library
- Henry Cohen, Gerhard Frey, Roberto Avanzi, Christophe Doche, Tanja Lange, Kim Nguyen, and Frederik Vercauteren. 2005. Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapman 8 Hall/CRC, Boca Raton, FL.Google Scholar
- Constantin-Cǎtǎlin Drǎgan, Daniel Gardham, and Mark Manulis. 2018. Hierarchical attribute-based signatures. In Cryptology and Network Security. Springer International Publishing, Cham, 213--234.Google Scholar
- Ali El Kaafarani, Essam Ghadafi, and Dalia Khader. 2014. Decentralized traceable attribute-based signatures. In Topics in Cryptology (CT-RSA’14). Springer International Publishing, Cham, 327--348.Google Scholar
- Georg Fuchsbauer. 2011. Commuting signatures and verifiable encryption. In Advances in Cryptology (EUROCRYPT’11). Springer, Berlin, 224--245. Google Scholar
Digital Library
- Georg Fuchsbauer, Christian Hanser, and Daniel Slamanig. 2014. Structure-Preserving Signatures on Equivalence Classes and Constant-Size Anonymous Credentials. Cryptology ePrint Archive, Report 2014/944. Retrieved from http://eprint.iacr.org/2014/944.Google Scholar
- Essam Ghadafi. 2015. Stronger security notions for decentralized traceable attribute-based signatures and more efficient constructions. In Topics in Cryptology (CT-RSA’15). Springer International Publishing, Cham, 391--409.Google Scholar
- Arash Ghazvini and Zarina Shukur. 2014. Security challenges and success factors of electronic healthcare system. Proc. Technol. 11 (Jan. 2014), 212--219.Google Scholar
- Nan Guo, Yuanting Jin, and Kangbin Yim. 2014. Anonymous credential-based privacy-preserving identity verification for business processes. In Proceedings of 8th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing. IEEE, Los Alamitos, CA, 554--559. Google Scholar
Digital Library
- Nesrine Kaaniche and Maryline Laurent. 2016. Attribute-based signatures for supporting anonymous certification. In Computer Security (ESORICS’16). Springer International Publishing, Cham, 279--300.Google Scholar
- Jin Li, Man Ho Au, Willy Susilo, Dongqing Xie, and Kui Ren. 2010. Attribute-based signature and its applications. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ACM ASIACCS’10). ACM, New York, NY, 60--69. Google Scholar
Digital Library
- Ming Li, Shucheng Yu, Yao Zheng, Kui Ren, and Wenjing Lou. 2013. Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24, 1 (Jan. 2013), 131--143. Google Scholar
Digital Library
- Weiwei Liu, Yi Mu, and Guomin Yang. 2014. Attribute-based signing right delegation. In Network and System Security. Springer International Publishing, Cham, 323--334.Google Scholar
- Tatsuaki Okamoto and Katsuyuki Takashima. 2013. Decentralized attribute-based signatures. In Public-Key Cryptography (PKC’13). Springer, Berlin, 125--142.Google Scholar
- Tatsuaki Okamoto and Katsuyuki Takashima. 2014. Efficient attribute-based signatures for non-monotone predicates in the standard model. IEEE Trans. Cloud Comput. 2, 4 (Aug. 2014), 409--421.Google Scholar
Cross Ref
- Christian Paquin and Greg Zaverucha. 2013. U-Prove Cryptographic Specification V1.1 (Revision 3). Retrieved Mar. 01, 2017 from https://www.microsoft.com/en-us/research/publication/u-prove-cryptographic-specification-v1-1-revision-3/.Google Scholar
- Seyed A. Pourbakhsh and Raj Katti. 2015. Efficient attributes in secure credentials. In Proceedings of the IEEE Pacific Rim Conference on Communications, Computers and Signal Processing. IEEE, Los Alamitos, CA, 107--112.Google Scholar
- PRC 2005. Privacy Rights Clearinghouse: Security Breaches 2005—Present. Retrieved Oct. 16, 2015 from http://www.privacyrights.org/data-breach.Google Scholar
- Harsha S. Gardiyawasam Pussewalage and Vladimir A. Oleshchuk. 2016a. An attribute based access control scheme for secure sharing of electronic health records. In Proceedings of the 18th IEEE International Conference on E-health, Networking, Application and Services (IEEE HealthCom’16). IEEE, Los Alamitos, CA, 526--531.Google Scholar
- Harsha S. Gardiyawasam Pussewalage and Vladimir A. Oleshchuk. 2016b. Privacy preserving mechanisms for enforcing security and privacy requirements in E-health solutions. Int. J. Inf. Manag. 36, 6, Part B (Sep. 2016), 1161--1173. Google Scholar
Digital Library
- Harsha S. Gardiyawasam Pussewalage and Vladimir A. Oleshchuk. 2017a. An efficient multi-show unlinkable attribute based credential scheme for a collaborative E-health environment. In Proceedings of the 3rd IEEE Collaboration and Internet Computing (IEEE CIC’17). IEEE, Los Alamitos, CA, 421--428.Google Scholar
- Harsha S. Gardiyawasam Pussewalage and Vladimir A. Oleshchuk. 2017b. Attribute based access control scheme with controlled access delegation for collaborative E-health environments. J. Inf. Secur. Appl. 37 (Oct. 2017), 50--64. Google Scholar
Digital Library
- Sietse Ringers, Eric Verheul, and Jaap-Henk Hoepman. 2017. An Efficient Self-Blindable Attribute-Based Credential Scheme. Cryptology ePrint Archive, Report 2017/115. Retrieved from http://eprint.iacr.org/2017/115.Google Scholar
- WEDI. 2015. Perspectives on Cybersecurity in Healthcare. Retrieved Nov. 30, 2016 from http://www.wedi.org/docs/test/cyber-security-primer.pdf.Google Scholar
Index Terms
An Anonymous Delegatable Attribute-based Credential Scheme for a Collaborative E-health Environment
Recommendations
Attribute based access control scheme with controlled access delegation for collaborative E-health environments
Modern electronic healthcare (e-health) settings constitute collaborative environments with complex access requirements. Thus, there is a need for sophisticated fine-grained access control mechanisms to cater these access demands and thereby experience ...
Probably Secure Efficient Anonymous Credential Scheme
This article describes how after the concept of anonymous credential systems was introduced in 1985, a number of similar systems have been proposed. However, these systems use zero-knowledge protocols to authenticate users, resulting in inefficient ...
Delegatable Attribute-Based Anonymous Credentials from Dynamically Malleable Signatures
Applied Cryptography and Network SecurityAbstractWe introduce the notion of delegatable attribute-based anonymous credentials (DAAC). Such systems offer fine-grained anonymous access control and they give the credential holder the ability to issue more restricted credentials to other users. In ...






Comments