Authenticated Data Sharing With Privacy Protection and Batch Verification for Healthcare IoT

The healthcare Internet of Things (IoT) is rapidly becoming an invaluable tool in the healthcare industry. However, sharing data in healthcare IoT raises many security and privacy concerns, such as how to ensure data integrity, source authentication, and data privacy. Redactable signature schemes ({...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on sustainable computing 2023-01, Vol.8 (1), p.32-42
Main Authors: Zhu, Fei, Yi, Xun, Abuadbba, Alsharif, Khalil, Ibrahim, Nepal, Surya, Huang, Xinyi
Format: Article
Language:English
Subjects:
Authentication
Bandwidth
certificateless
Cryptography
Data privacy
Health care
healthcare IoT
Information sharing
Internet of medical things
Internet of Things
Medical diagnostic imaging
Medical services
Privacy
redactable signature
Security
Servers
Verification
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The healthcare Internet of Things (IoT) is rapidly becoming an invaluable tool in the healthcare industry. However, sharing data in healthcare IoT raises many security and privacy concerns, such as how to ensure data integrity, source authentication, and data privacy. Redactable signature schemes ({{\sf RSS}} RSS s) could be a feasible solution to address this question because it allows a signature holder to independently delete the privacy-sensitive part of the authenticated data without invalidating the respective signature. This flexible data sharing mechanism not only protects data privacy but also saves bandwidth. However, the state-of-the-art {{\sf RSS}} RSS s suffer from either the costly public key management problem or the secret key escrow problem. Another drawback of these schemes lies in their computation and communication overheads and hence are quite expensive for constrained devices. To address these challenging issues, in this work, we first propose the notion of certificateless {{\sf RSS}} RSS . We then provide an efficient instantiation of our scheme and prove its security under cryptographic assumptions. Our construction supports batch verification and redaction control, which further saves bandwidth and enhances the security of shared data by preventing the dishonest holder from arbitrarily editing data. Moreover, the comparison analysis of theory and experiment with more recent works shows the practicability of our design.
ISSN:2377-3782
2377-3790
DOI:10.1109/TSUSC.2022.3211298