An attack Resistant Privacy-Preserving Access Control Scheme for Outsourced E-pharma Data in Cloud

##plugins.themes.academic_pro.article.main##

Mageto Stephen N
Dr N V Balaji

Abstract

Key Aggregate Cryptosystem was used to construct a safe and scalable healthcare data exchange system in the cloud (KAC). KAC offered single-key encryption and decryption rights delegation for any group of ciphertexts utilizing an aggregated secret key. However, leakage of delegation keys and a specified bound on number of maximal ciphertext classes were major issues with KAC.The Scalable and Strengthened -KAC (SSKAC) approach was created to decide the number of ciphertext classes using an elliptic curve dynamically while simultaneously boosting the security level of KAC by utilising double encryption. Access control is crucial because the majority of healthcare data is extremely sensitive and should only be accessed by those who are permitted. As a result, SSKAC includes attribute-based access control with anonymous authentication to give access control on health data with anonymous authentication. However, the access policy may expose end-user privacy to an attacker. To tackle this problem,we used the cuckoo filter to disguise the right of entry policy tosafeguard the privacy information of the owner. The inference assault affects medical records. One of the strategies for ensuring data confidentiality from unforeseen data access is inference control. The Individual data privacy is secured through the use of two inference control methods; The Query Set Size Prevention and K-Anonymity.

##plugins.themes.academic_pro.article.details##

How to Cite
Stephen N, M., & Balaji, D. N. V. . (2022). An attack Resistant Privacy-Preserving Access Control Scheme for Outsourced E-pharma Data in Cloud . International Journal of Next-Generation Computing, 13(3). https://doi.org/10.47164/ijngc.v13i3.859

References

  1. Alderman, J., Farley, N., and Crampton, J. 2017. Tree-based cryptographic access control. 47–64. DOI: https://doi.org/10.1007/978-3-319-66402-6_5
  2. Cai, Z., He, Z., Guan, X., and Li, Y. 2016. Collective data-sanitization for preventing sensitive information inference attacks in social networks. IEEE Transactions on Dependable and Secure Computing 15, 4, 577–590. DOI: https://doi.org/10.1109/TDSC.2016.2613521
  3. Castiglione, A., De Santis, A., and Masucci, B. 2015. Key indistinguishability versus strong key indistinguishability for hierarchical key assignment schemes. IEEE Transactions on Dependable and Secure Computing 13, 4, 451–460. DOI: https://doi.org/10.1109/TDSC.2015.2413415
  4. Chu, C.-K., Chow, S. S., Tzeng, W.-G., Zhou, J., and Deng, R. H. 2013. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE transactions on parallel and distributed systems 25, 2, 468–477. DOI: https://doi.org/10.1109/TPDS.2013.112
  5. Iqbal, S., Kiah, M. L. M., Dhaghighi, B., Hussain, M., Khan, S., Khan, M. K., and Choo, K.-K. R. 2016. On cloud security attacks: A taxonomy and intrusion detection and prevention as a service. Journal of Network and Computer Applications 74, 98–120. DOI: https://doi.org/10.1016/j.jnca.2016.08.016
  6. Islam, M. S., Kuzu, M., and Kantarcioglu, M. 2014. Inference attack against encrypted range queries on outsourced databases. 235–246. DOI: https://doi.org/10.1145/2557547.2557561
  7. Kundalwal, M. K., Chatterjee, K., and Singh, A. 2019. An improved privacy preservation technique in health-cloud. ICT Express 5, 3, 167–172. DOI: https://doi.org/10.1016/j.icte.2018.10.002
  8. Li, N., Li, T., and Venkatasubramanian, S. 2006. t-closeness: Privacy beyond k-anonymity and l-diversity. 106–115. DOI: https://doi.org/10.1109/ICDE.2007.367856
  9. Niu, B., Li, Q., Zhu, X., Cao, G., and Li, H. 2014. Achieving k-anonymity in privacy-aware location-based services. 754–762. DOI: https://doi.org/10.1109/INFOCOM.2014.6848002
  10. Pervaiz, Z., Aref, W. G., Ghafoor, A., and Prabhu, N. 2013. Accuracy-constrained privacy-preserving access control mechanism for relational data. IEEE Transactions on Knowledge and Data Engineering 26, 4, 795–807. DOI: https://doi.org/10.1109/TKDE.2013.71
  11. Sharma, M., Singh, J., Gupta, A., Tanwar, S., Sharma, G. and Davidson, I.E., 2021. Intercloud Resource Discovery Using Blockchain. IEEE Access, 9, pp.161224-161247. DOI: https://doi.org/10.1109/ACCESS.2021.3131515
  12. Prince, P. and Lovesum, S. 2020. Privacy enforced access control model for secured data handling in cloud-based pervasive health care system. SN Computer Science 1. DOI: https://doi.org/10.1007/s42979-020-00246-4
  13. Samarati, P. and Vimercati, S. C. d. 2000. Access control: Policies, models, and mechanisms. In International School on Foundations of Security Analysis and Design. Springer, 137–196. Soria-Comas, J., Domingo-Ferrer, J., Sánchez, D., and Martínez, S. 2014. Enhancing data utility in differential privacy via microaggregation-based k-anonymity. The VLDB Journal 23, 5, 771–794. DOI: https://doi.org/10.1007/s00778-014-0351-4
  14. Wang, W., Chen, L., and Zhang, Q. 2015. Outsourcing high-dimensional healthcare data to cloud with personalized privacy preservation. Computer Networks 88, 136–148. DOI: https://doi.org/10.1016/j.comnet.2015.06.014
  15. Zhou, X., Liu, J., Wu, Q., and Zhang, Z. 2018. Privacy preservation for outsourced medical data with flexible access control. IEEE Access 6, 14827–14841. DOI: https://doi.org/10.1109/ACCESS.2018.2810243