Displaying publications 1 - 20 of 88 in total

Abstract:
Sort:
  1. Mousavi SM, Naghsh A, Abu-Bakar SA
    J Digit Imaging, 2015 Aug;28(4):417-27.
    PMID: 25736857 DOI: 10.1007/s10278-015-9770-z
    This paper presents an automatic region of interest (ROI) segmentation method for application of watermarking in medical images. The advantage of using this scheme is that the proposed method is robust against different attacks such as median, Wiener, Gaussian, and sharpening filters. In other words, this technique can produce the same result for the ROI before and after these attacks. The proposed algorithm consists of three main parts; suggesting an automatic ROI detection system, evaluating the robustness of the proposed system against numerous attacks, and finally recommending an enhancement part to increase the strength of the composed system against different attacks. Results obtained from the proposed method demonstrated the promising performance of the method.
    Matched MeSH terms: Computer Security*
  2. Aalsalem MY, Khan WZ, Saad NM, Hossain MS, Atiquzzaman M, Khan MK
    PLoS One, 2016;11(7):e0158072.
    PMID: 27409082 DOI: 10.1371/journal.pone.0158072
    Wireless Sensor Networks (WSNs) are vulnerable to Node Replication attacks or Clone attacks. Among all the existing clone detection protocols in WSNs, RAWL shows the most promising results by employing Simple Random Walk (SRW). More recently, RAND outperforms RAWL by incorporating Network Division with SRW. Both RAND and RAWL have used SRW for random selection of witness nodes which is problematic because of frequently revisiting the previously passed nodes that leads to longer delays, high expenditures of energy with lower probability that witness nodes intersect. To circumvent this problem, we propose to employ a new kind of constrained random walk, namely Single Stage Memory Random Walk and present a distributed technique called SSRWND (Single Stage Memory Random Walk with Network Division). In SSRWND, single stage memory random walk is combined with network division aiming to decrease the communication and memory costs while keeping the detection probability higher. Through intensive simulations it is verified that SSRWND guarantees higher witness node security with moderate communication and memory overheads. SSRWND is expedient for security oriented application fields of WSNs like military and medical.
    Matched MeSH terms: Computer Security*
  3. Hussien HM, Yasin SM, Udzir SNI, Zaidan AA, Zaidan BB
    J Med Syst, 2019 Sep 14;43(10):320.
    PMID: 31522262 DOI: 10.1007/s10916-019-1445-8
    Blockchain in healthcare applications requires robust security and privacy mechanism for high-level authentication, interoperability and medical records sharing to comply with the strict legal requirements of the Health Insurance Portability and Accountability Act of 1996. Blockchain technology in the healthcare industry has received considerable research attention in recent years. This study conducts a review to substantially analyse and map the research landscape of current technologies, mainly the use of blockchain in healthcare applications, into a coherent taxonomy. The present study systematically searches all relevant research articles on blockchain in healthcare applications in three accessible databases, namely, ScienceDirect, IEEE and Web of Science, by using the defined keywords 'blockchain', 'healthcare' and 'electronic health records' and their variations. The final set of collected articles related to the use of blockchain in healthcare application is divided into three categories. The first category includes articles (i.e. 43/58 scientific articles) that attempted to develop and design healthcare applications integrating blockchain, particularly those on new architecture, system designs, framework, scheme, model, platform, approach, protocol and algorithm. The second category includes studies (i.e., 6/58 scientific articles) that attempted to evaluate and analyse the adoption of blockchain in the healthcare system. Finally, the third category comprises review and survey articles (i.e., 6/58 scientific articles) related to the integration of blockchain into healthcare applications. The final articles for review are discussed on the basis of five aspects: (1) year of publication, (2) nationality of authors, (3) publishing house or journal, (4) purpose of using blockchain in health applications and the corresponding contributions and (5) problem types and proposed solutions. Additionally, this study provides identified motivations, open challenges and recommendations on the use of blockchain in healthcare applications. The current research contributes to the literature by providing a detailed review of feasible alternatives and identifying the research gaps. Accordingly, researchers and developers are provided with appealing opportunities to further develop decentralised healthcare applications through a comprehensive discussion of about the importance of blockchain and its integration into various healthcare applications.
    Matched MeSH terms: Computer Security/standards*
  4. Soleymani A, Nordin MJ, Sundararajan E
    ScientificWorldJournal, 2014;2014:536930.
    PMID: 25258724 DOI: 10.1155/2014/536930
    The rapid evolution of imaging and communication technologies has transformed images into a widespread data type. Different types of data, such as personal medical information, official correspondence, or governmental and military documents, are saved and transmitted in the form of images over public networks. Hence, a fast and secure cryptosystem is needed for high-resolution images. In this paper, a novel encryption scheme is presented for securing images based on Arnold cat and Henon chaotic maps. The scheme uses Arnold cat map for bit- and pixel-level permutations on plain and secret images, while Henon map creates secret images and specific parameters for the permutations. Both the encryption and decryption processes are explained, formulated, and graphically presented. The results of security analysis of five different images demonstrate the strength of the proposed cryptosystem against statistical, brute force and differential attacks. The evaluated running time for both encryption and decryption processes guarantee that the cryptosystem can work effectively in real-time applications.
    Matched MeSH terms: Computer Security*
  5. Tayan O, Kabir MN, Alginahi YM
    ScientificWorldJournal, 2014;2014:514652.
    PMID: 25254247 DOI: 10.1155/2014/514652
    This paper addresses the problems and threats associated with verification of integrity, proof of authenticity, tamper detection, and copyright protection for digital-text content. Such issues were largely addressed in the literature for images, audio, and video, with only a few papers addressing the challenge of sensitive plain-text media under known constraints. Specifically, with text as the predominant online communication medium, it becomes crucial that techniques are deployed to protect such information. A number of digital-signature, hashing, and watermarking schemes have been proposed that essentially bind source data or embed invisible data in a cover media to achieve its goal. While many such complex schemes with resource redundancies are sufficient in offline and less-sensitive texts, this paper proposes a hybrid approach based on zero-watermarking and digital-signature-like manipulations for sensitive text documents in order to achieve content originality and integrity verification without physically modifying the cover text in anyway. The proposed algorithm was implemented and shown to be robust against undetected content modifications and is capable of confirming proof of originality whilst detecting and locating deliberate/nondeliberate tampering. Additionally, enhancements in resource utilisation and reduced redundancies were achieved in comparison to traditional encryption-based approaches. Finally, analysis and remarks are made about the current state of the art, and future research issues are discussed under the given constraints.
    Matched MeSH terms: Computer Security/standards*
  6. Abbasi IA, Jan SU, Alqahtani AS, Khan AS, Algarni F
    PLoS One, 2024;19(1):e0294429.
    PMID: 38289970 DOI: 10.1371/journal.pone.0294429
    Cloud computing is vital in various applications, such as healthcare, transportation, governance, and mobile computing. When using a public cloud server, it is mandatory to be secured from all known threats because a minor attacker's disturbance severely threatens the whole system. A public cloud server is posed with numerous threats; an adversary can easily enter the server to access sensitive information, especially for the healthcare industry, which offers services to patients, researchers, labs, and hospitals in a flexible way with minimal operational costs. It is challenging to make it a reliable system and ensure the privacy and security of a cloud-enabled healthcare system. In this regard, numerous security mechanisms have been proposed in past decades. These protocols either suffer from replay attacks, are completed in three to four round trips or have maximum computation, which means the security doesn't balance with performance. Thus, this work uses a fuzzy extractor method to propose a robust security method for a cloud-enabled healthcare system based on Elliptic Curve Cryptography (ECC). The proposed scheme's security analysis has been examined formally with BAN logic, ROM and ProVerif and informally using pragmatic illustration and different attacks' discussions. The proposed security mechanism is analyzed in terms of communication and computation costs. Upon comparing the proposed protocol with prior work, it has been demonstrated that our scheme is 33.91% better in communication costs and 35.39% superior to its competitors in computation costs.
    Matched MeSH terms: Computer Security
  7. Zaidan BB, Haiqi A, Zaidan AA, Abdulnabi M, Kiah ML, Muzamel H
    J Med Syst, 2015 May;39(5):51.
    PMID: 25732083 DOI: 10.1007/s10916-015-0235-1
    This study focuses on the situation of health information exchange (HIE) in the context of a nationwide network. It aims to create a security framework that can be implemented to ensure the safe transmission of health information across the boundaries of care providers in Malaysia and other countries. First, a critique of the major elements of nationwide health information networks is presented from the perspective of security, along with such topics as the importance of HIE, issues, and main approaches. Second, a systematic evaluation is conducted on the security solutions that can be utilized in the proposed nationwide network. Finally, a secure framework for health information transmission is proposed within a central cloud-based model, which is compatible with the Malaysian telehealth strategy. The outcome of this analysis indicates that a complete security framework for a global structure of HIE is yet to be defined and implemented. Our proposed framework represents such an endeavor and suggests specific techniques to achieve this goal.
    Matched MeSH terms: Computer Security
  8. Mohamad Arif J, Ab Razak MF, Awang S, Tuan Mat SR, Ismail NSN, Firdaus A
    PLoS One, 2021;16(9):e0257968.
    PMID: 34591930 DOI: 10.1371/journal.pone.0257968
    The evolution of malware is causing mobile devices to crash with increasing frequency. Therefore, adequate security evaluations that detect Android malware are crucial. Two techniques can be used in this regard: Static analysis, which meticulously examines the full codes of applications, and dynamic analysis, which monitors malware behaviour. While both perform security evaluations successfully, there is still room for improvement. The goal of this research is to examine the effectiveness of static analysis to detect Android malware by using permission-based features. This study proposes machine learning with different sets of classifiers was used to evaluate Android malware detection. The feature selection method in this study was applied to determine which features were most capable of distinguishing malware. A total of 5,000 Drebin malware samples and 5,000 Androzoo benign samples were utilised. The performances of the different sets of classifiers were then compared. The results indicated that with a TPR value of 91.6%, the Random Forest algorithm achieved the highest level of accuracy in malware detection.
    Matched MeSH terms: Computer Security*
  9. Ratnam KA, Dominic PD, Ramayah T
    J Med Syst, 2014 Aug;38(8):82.
    PMID: 24957398 DOI: 10.1007/s10916-014-0082-5
    The investments and costs of infrastructure, communication, medical-related equipments, and software within the global healthcare ecosystem portray a rather significant increase. The emergence of this proliferation is then expected to grow. As a result, information and cross-system communication became challenging due to the detached independent systems and subsystems which are not connected. The overall model fit expending over a sample size of 320 were tested with structural equation modelling (SEM) using AMOS 20.0 as the modelling tool. SPSS 20.0 is used to analyse the descriptive statistics and dimension reliability. Results of the study show that system utilisation and system impact dimension influences the overall level of services of the healthcare providers. In addition to that, the findings also suggest that systems integration and security plays a pivotal role for IT resources in healthcare organisations. Through this study, a basis for investigation on the need to improvise the Malaysian healthcare ecosystem and the introduction of a cloud computing platform to host the national healthcare information exchange has been successfully established.
    Matched MeSH terms: Computer Security
  10. Hameed SS, Hassan WH, Abdul Latiff L, Ghabban F
    PeerJ Comput Sci, 2021;7:e414.
    PMID: 33834100 DOI: 10.7717/peerj-cs.414
    Background: The Internet of Medical Things (IoMTs) is gradually replacing the traditional healthcare system. However, little attention has been paid to their security requirements in the development of the IoMT devices and systems. One of the main reasons can be the difficulty of tuning conventional security solutions to the IoMT system. Machine Learning (ML) has been successfully employed in the attack detection and mitigation process. Advanced ML technique can also be a promising approach to address the existing and anticipated IoMT security and privacy issues. However, because of the existing challenges of IoMT system, it is imperative to know how these techniques can be effectively utilized to meet the security and privacy requirements without affecting the IoMT systems quality, services, and device's lifespan.

    Methodology: This article is devoted to perform a Systematic Literature Review (SLR) on the security and privacy issues of IoMT and their solutions by ML techniques. The recent research papers disseminated between 2010 and 2020 are selected from multiple databases and a standardized SLR method is conducted. A total of 153 papers were reviewed and a critical analysis was conducted on the selected papers. Furthermore, this review study attempts to highlight the limitation of the current methods and aims to find possible solutions to them. Thus, a detailed analysis was carried out on the selected papers through focusing on their methods, advantages, limitations, the utilized tools, and data.

    Results: It was observed that ML techniques have been significantly deployed for device and network layer security. Most of the current studies improved traditional metrics while ignored performance complexity metrics in their evaluations. Their studies environments and utilized data barely represent IoMT system. Therefore, conventional ML techniques may fail if metrics such as resource complexity and power usage are not considered.

    Matched MeSH terms: Computer Security
  11. Zhang B, Rahmatullah B, Wang SL, Almutairi HM, Xiao Y, Liu X, et al.
    Med Biol Eng Comput, 2023 Nov;61(11):2971-3002.
    PMID: 37542682 DOI: 10.1007/s11517-023-02874-3
    Since the COVID-19 pandemic, telemedicine or non-face-to-face medicine has increased significantly. In practice, various types of medical images are essential to achieve effective telemedicine. Medical image encryption algorithms play an irreplaceable role in the fast and secure transmission and storage of these medical images. However, most of the existing medical image encryption algorithms are full encryption algorithms, which are inefficient and time-consuming, so they are not suitable for emergency medical scenarios. To improve the efficiency of encryption, a small number of works have focused on partial or selective encryption algorithms for medical images, in which different levels of encryption strategies were adopted for different information content regions of medical images. However, these encryption algorithms have inadequate security more or less. In this paper, based on the Logistic map, we designed an improved variable dimension map. Then, an encryption algorithm for medical images was proposed based on it. This algorithm has two modes: (1) full encryption mode and (2) semi-full encryption mode, which can better adapt to different medical scenarios, respectively. In full encryption mode, all pixels of medical images are encrypted by using the confusion-diffusion structure. In semi-full encryption mode, the region of interest of medical images is extracted. The confusion was first adopted to encrypt the region of interest, and then, the diffusion was adopted to encrypt the entire image. In addition, no matter which encryption mode is used, the algorithm provides the function of medical image integrity verification. The proposed algorithm was simulated and analyzed to evaluate its effectiveness. The results show that in semi-full encryption mode, the algorithm has good security performance and lower time consumption; while in full encryption mode, the algorithm has better security performance and is acceptable in time.
    Matched MeSH terms: Computer Security*
  12. Jayabalan M, O'Daniel T
    J Med Syst, 2016 Dec;40(12):261.
    PMID: 27722981
    This study presents a systematic literature review of access control for electronic health record systems to protect patient's privacy. Articles from 2006 to 2016 were extracted from the ACM Digital Library, IEEE Xplore Digital Library, Science Direct, MEDLINE, and MetaPress using broad eligibility criteria, and chosen for inclusion based on analysis of ISO22600. Cryptographic standards and methods were left outside the scope of this review. Three broad classes of models are being actively investigated and developed: access control for electronic health records, access control for interoperability, and access control for risk analysis. Traditional role-based access control models are extended with spatial, temporal, probabilistic, dynamic, and semantic aspects to capture contextual information and provide granular access control. Maintenance of audit trails and facilities for overriding normal roles to allow full access in emergency cases are common features. Access privilege frameworks utilizing ontology-based knowledge representation for defining the rules have attracted considerable interest, due to the higher level of abstraction that makes it possible to model domain knowledge and validate access requests efficiently.
    Matched MeSH terms: Computer Security*
  13. Hoque MS, Jamil N, Amin N, Lam KY
    Sensors (Basel), 2021 Jun 20;21(12).
    PMID: 34202977 DOI: 10.3390/s21124220
    Successful cyber-attacks are caused by the exploitation of some vulnerabilities in the software and/or hardware that exist in systems deployed in premises or the cloud. Although hundreds of vulnerabilities are discovered every year, only a small fraction of them actually become exploited, thereby there exists a severe class imbalance between the number of exploited and non-exploited vulnerabilities. The open source national vulnerability database, the largest repository to index and maintain all known vulnerabilities, assigns a unique identifier to each vulnerability. Each registered vulnerability also gets a severity score based on the impact it might inflict upon if compromised. Recent research works showed that the cvss score is not the only factor to select a vulnerability for exploitation, and other attributes in the national vulnerability database can be effectively utilized as predictive feature to predict the most exploitable vulnerabilities. Since cybersecurity management is highly resource savvy, organizations such as cloud systems will benefit when the most likely exploitable vulnerabilities that exist in their system software or hardware can be predicted with as much accuracy and reliability as possible, to best utilize the available resources to fix those first. Various existing research works have developed vulnerability exploitation prediction models by addressing the existing class imbalance based on algorithmic and artificial data resampling techniques but still suffer greatly from the overfitting problem to the major class rendering them practically unreliable. In this research, we have designed a novel cost function feature to address the existing class imbalance. We also have utilized the available large text corpus in the extracted dataset to develop a custom-trained word vector that can better capture the context of the local text data for utilization as an embedded layer in neural networks. Our developed vulnerability exploitation prediction models powered by a novel cost function and custom-trained word vector have achieved very high overall performance metrics for accuracy, precision, recall, F1-Score and AUC score with values of 0.92, 0.89, 0.98, 0.94 and 0.97, respectively, thereby outperforming any existing models while successfully overcoming the existing overfitting problem for class imbalance.
    Matched MeSH terms: Computer Security
  14. Jabeen T, Jabeen I, Ashraf H, Jhanjhi NZ, Yassine A, Hossain MS
    Sensors (Basel), 2023 May 25;23(11).
    PMID: 37299782 DOI: 10.3390/s23115055
    The Internet of Things (IoT) uses wireless networks without infrastructure to install a huge number of wireless sensors that track system, physical, and environmental factors. There are a variety of WSN uses, and some well-known application factors include energy consumption and lifespan duration for routing purposes. The sensors have detecting, processing, and communication capabilities. In this paper, an intelligent healthcare system is proposed which consists of nano sensors that collect real-time health status and transfer it to the doctor's server. Time consumption and various attacks are major concerns, and some existing techniques contain stumbling blocks. Therefore, in this research, a genetic-based encryption method is advocated to protect data transmitted over a wireless channel using sensors to avoid an uncomfortable data transmission environment. An authentication procedure is also proposed for legitimate users to access the data channel. Results show that the proposed algorithm is lightweight and energy efficient, and time consumption is 90% lower with a higher security ratio.
    Matched MeSH terms: Computer Security
  15. Kiah ML, Nabi MS, Zaidan BB, Zaidan AA
    J Med Syst, 2013 Oct;37(5):9971.
    PMID: 24037086 DOI: 10.1007/s10916-013-9971-2
    This study aims to provide security solutions for implementing electronic medical records (EMRs). E-Health organizations could utilize the proposed method and implement recommended solutions in medical/health systems. Majority of the required security features of EMRs were noted. The methods used were tested against each of these security features. In implementing the system, the combination that satisfied all of the security features of EMRs was selected. Secure implementation and management of EMRs facilitate the safeguarding of the confidentiality, integrity, and availability of e-health organization systems. Health practitioners, patients, and visitors can use the information system facilities safely and with confidence anytime and anywhere. After critically reviewing security and data transmission methods, a new hybrid method was proposed to be implemented on EMR systems. This method will enhance the robustness, security, and integration of EMR systems. The hybrid of simple object access protocol/extensible markup language (XML) with advanced encryption standard and secure hash algorithm version 1 has achieved the security requirements of an EMR system with the capability of integrating with other systems through the design of XML messages.
    Matched MeSH terms: Computer Security
  16. Aldeen YA, Salleh M, Aljeroudi Y
    J Biomed Inform, 2016 08;62:107-16.
    PMID: 27369566 DOI: 10.1016/j.jbi.2016.06.011
    Cloud computing (CC) is a magnificent service-based delivery with gigantic computer processing power and data storage across connected communications channels. It imparted overwhelming technological impetus in the internet (web) mediated IT industry, where users can easily share private data for further analysis and mining. Furthermore, user affable CC services enable to deploy sundry applications economically. Meanwhile, simple data sharing impelled various phishing attacks and malware assisted security threats. Some privacy sensitive applications like health services on cloud that are built with several economic and operational benefits necessitate enhanced security. Thus, absolute cyberspace security and mitigation against phishing blitz became mandatory to protect overall data privacy. Typically, diverse applications datasets are anonymized with better privacy to owners without providing all secrecy requirements to the newly added records. Some proposed techniques emphasized this issue by re-anonymizing the datasets from the scratch. The utmost privacy protection over incremental datasets on CC is far from being achieved. Certainly, the distribution of huge datasets volume across multiple storage nodes limits the privacy preservation. In this view, we propose a new anonymization technique to attain better privacy protection with high data utility over distributed and incremental datasets on CC. The proficiency of data privacy preservation and improved confidentiality requirements is demonstrated through performance evaluation.
    Matched MeSH terms: Computer Security*
  17. Shahid Anwar, Mohamad Fadli Zolkipli, Julius Odili, Mushtaq Ali, Zakira Inayat, Jasni Mohamad Zain
    MyJurnal
    Android devices have gained a lot of attention in the last few decades due to several reasons including ease of use, effectiveness, availability and games, among others. To take advantage of Android devices, mobile users have begun installing an increasingly substantial number of Android applications on their devices. Rapid growth in many Android devices and applications has led to security and privacy issues. It has, for instance, opened the way for malicious applications to be installed on the Android devices while downloading different applications for different purposes. This has caused malicious applications to execute illegal operations on the devices that result in malfunction outputs. Android botnets are one of these malfunctions. This paper presents Android botnets in various aspects including their security, architecture, infection vectors and techniques. This paper also evaluates Android botnets by categorising them according to behaviour. Furthermore, it investigates the Android botnets with respect to Android device threats. Finally, we investigate different Android botnet detection techniques in depth with respect to the existing solutions deployed to mitigate Android botnets.
    Matched MeSH terms: Computer Security
  18. Mushtaq M, Ullah A, Ashraf H, Jhanjhi NZ, Masud M, Alqhatani A, et al.
    Sensors (Basel), 2023 May 31;23(11).
    PMID: 37299944 DOI: 10.3390/s23115217
    The Internet of vehicles (IoVs) is an innovative paradigm which ensures a safe journey by communicating with other vehicles. It involves a basic safety message (BSM) that contains sensitive information in a plain text that can be subverted by an adversary. To reduce such attacks, a pool of pseudonyms is allotted which are changed regularly in different zones or contexts. In base schemes, the BSM is sent to neighbors just by considering their speed. However, this parameter is not enough because network topology is very dynamic and vehicles can change their route at any time. This problem increases pseudonym consumption which ultimately increases communication overhead, increases traceability and has high BSM loss. This paper presents an efficient pseudonym consumption protocol (EPCP) which considers the vehicles in the same direction, and similar estimated location. The BSM is shared only to these relevant vehicles. The performance of the purposed scheme in contrast to base schemes is validated via extensive simulations. The results prove that the proposed EPCP technique outperformed compared to its counterparts in terms of pseudonym consumption, BSM loss rate and achieved traceability.
    Matched MeSH terms: Computer Security*
  19. Al-Qershi OM, Khoo BE
    J Digit Imaging, 2011 Feb;24(1):114-25.
    PMID: 19937363 DOI: 10.1007/s10278-009-9253-1
    Authenticating medical images using watermarking techniques has become a very popular area of research, and some works in this area have been reported worldwide recently. Besides authentication, many data-hiding techniques have been proposed to conceal patient's data into medical images aiming to reduce the cost needed to store data and the time needed to transmit data when required. In this paper, we present a new hybrid watermarking scheme for DICOM images. In our scheme, two well-known techniques are combined to gain the advantages of both and fulfill the requirements of authentication and data hiding. The scheme divides the images into two parts, the region of interest (ROI) and the region of non-interest (RONI). Patient's data are embedded into ROI using a reversible technique based on difference expansion, while tamper detection and recovery data are embedded into RONI using a robust technique based on discrete wavelet transform. The experimental results show the ability of hiding patient's data with a very good visual quality, while ROI, the most important area for diagnosis, is retrieved exactly at the receiver side. The scheme also shows some robustness against certain levels of salt and pepper and cropping noise.
    Matched MeSH terms: Computer Security*
  20. Hussien HM, Yasin SM, Udzir NI, Ninggal MIH
    Sensors (Basel), 2021 Apr 02;21(7).
    PMID: 33918266 DOI: 10.3390/s21072462
    Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.
    Matched MeSH terms: Computer Security
Filters
Contact Us

Please provide feedback to Administrator (afdal@afpm.org.my)

External Links