Authentication and Access Control in e-Health Systems in the Cloud
2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS)(2016)
摘要
The opportunity to access on-demand, unbounded computation and storage resources has increasingly motivated users to move their health records from local data centers to the cloud environment. This change can reduce the costs associated with the management of data sharing, communication overhead and improve Quality of Service (QoS). Processing, storing, hosting and archiving data related to e-Health systems without physical access and control can exacerbate authentication and access control issues in this new environment. Therefore, convincing users to move sensitive medical records to the cloud environment requires implementing secure and strong authentication and access control methods to protect the data. This paper proposes a new information access method that preserves both authentication and access control in cloud-based e-Health systems. Our method is based on a zero-knowledge protocol combined with two-stage keyed access control. In each access request, based on the maximum rights of user, the minimum access is extracted. To establish secure connections between different entities in the system, a two-step combination of public key encryption and DUKPT is used. We analyze our scheme with respect to data confidentiality and resistance to common attacks on the network. Experimental results show that the proposed method tolerates a high number of concurrent authentication requests with a reasonable response time.
更多查看译文
关键词
Cloud computing,e-Health systems,access control,authentication,secure communication channel
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络