Publication Type

Journal Article

Version

acceptedVersion

Publication Date

12-2018

Abstract

With the rapid technological advancements in the Internet of Things (IoT), wireless communication and cloud computing, smart health is expected to enable comprehensive and qualified healthcare services. It is important to ensure security and efficiency in smart health. However, existing smart health systems still have challenging issues, such as aggregate authentication, fine-grained access control and privacy protection. In this paper, we address these issues by introducing SSH, a Secure Smart Health system with privacy-aware aggregate authentication and access control in IoT. In SSH, privacy-aware aggregate authentication is enabled by an anonymous certificateless aggregate signature scheme, in which users' identity information is protected based on symmetric encryption mechanisms. In addition, privacy-aware access control is based on anonymous attribute-based encryption technologies. Our formal security proofs indicate that SSH achieves batch authentication and non-repudiation under the Computational Diffie-Hellman assumption. Extensive experimental results and performance comparisons show that SSH is practical in terms of computation cost and communication overheads.

Keywords

Smart health, Security, Privacy, Aggregate authentication, Access control

Discipline

Information Security | Medicine and Health Sciences

Research Areas

Cybersecurity

Publication

Journal of Network and Computer Applications

Volume

123

First Page

89

Last Page

100

ISSN

1084-8045

Identifier

10.1016/j.jnca.2018.09.005

Publisher

Elsevier

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1016/j.jnca.2018.09.005

Download

Share

COinS