| Electronic healthcare (eHealth) systems have replaced the traditional paper-based medical systems due to the attractive features such as high accuracy, low cost, and cross-domain access. As a user-centric electronic medical system, the Per-sonal Health Records (PHRs) systems record patients'diagnosic reports, clinical responses, medication records and other health information. Users can login PHRs systems to access their health data at any time and anywhere. Doctors and other authorized entities can check patients'health information by PHRs systems. Be-sides, as a major constituent part of eHealth systems, mobile personal healthcare system applies Mobile Internet Devices (MIDs) and Embedded Devices (EDs) to provide better quality of life and more convenient healthcare services for patients. Unfortunately, MIDs and EDs have only limited computational capacity, storage space and power supply. Therefore, many applications are impossible to implement on a mobile device. In order to share and exchange PHRs with physicians and other users, storing the PHRs on cloud servers is a promising practice. This not only can solve the storage problem of mobile devices, but also create a favorable platform for data sharing and exchange between users and the authorized entities. However, outsourcing of personal medical and health information to semi-trusted third parties may result in the exposure of patients' privacy.Attribute-based access control is a natural solution for realizing data storage and sharing for users in cloud environment. Attribute-based access control mech-anism can realize fine-grained access control, data confidentiality, integrity, and authentication through attribute-based encryption schemes, attribute-based signa-ture schemes, and attribute-based signcryption schemes. However, it is not efficient enough to be deployed in mobile devices, which limits its deployment in mobile personal healthcare system.This thesis presents two solutions to deal with the security threat in PHRs systems and improve efficiency of attribute-based cryptography schemes in MPHRs,1. A novel Ciphertext-Policy Attribute-Based Signcryption Scheme (CP-ABSC). In the proposed scheme, users are divided into two types of domains as professional domain (PD) and social domain (SD). Each domain has its own domain label which is corresponding to the variety of PHRs. Only if the domain label equals the type of PHRs, users can access the corresponding PHRs. This dissertation also proves the correctness and security of the proposed scheme and analyzes its complexity and efficiency. Further comparisons of this scheme with several previous ones are made in the above aspects, which indicates that the proposed scheme has a clear advantage in efficiency and security than other schemes.2. The first generic design of Online/Offline Attribute-Based Signatures (OOABS) is proposed by applying the discrete logarithm-based trapdoor hash function. In addition, the security and efficiency of this generic construction are analysed. The result shows that the proposed design of OOABS can efficiently satisfy the anonymous data authentication requirement in MPHRs systems. Further-more, the generic construction is instantiated based on a secure ABS scheme, and deploy it in the mobile personal healthcare system. Eventually, extensive experiments and analyses results indicate that the performance of the OOABS scheme is more efficient than the original one. |
PDF Full Text Request