An efficient key-management scheme for hierarchical access control in E-medicine system

Journal of Medical Systems

Volumn 36, Issue 4, 2012, Pages 2325-2337

  Wu, Shuhua ^a,b,c   Chen, Kefei ^a,b  

^a SHANGHAI JIAO TONG UNIVERSITY   (China)

^b Shanghai Key Lab of Scalable Computing and Systems   (China)

^c INFORMATION ENGINEERING UNIVERSITY   (China)

Author keywords

Access control; E medicine; Hybrid cryptosystems; Key management; User hierarchy

Indexed keywords

ARTICLE; COMPUTER NETWORK; ELECTRONIC MEDICAL RECORD; HOSPITAL INFORMATION SYSTEM; INFORMATION STORAGE; INTERNET; MEDICAL HISTORY; MEDICAL INFORMATION; MEDICAL INFORMATION SYSTEM; ACCESS TO INFORMATION; COMPUTER PROGRAM; COMPUTER SECURITY; HUMAN; ORGANIZATION AND MANAGEMENT;

ACCESS TO INFORMATION; COMPUTER SECURITY; HUMANS; INTERNET; MEDICAL RECORDS SYSTEMS, COMPUTERIZED; SOFTWARE DESIGN;

EID: 84873031582     PISSN: 01485598     EISSN: 1573689X     Source Type: Journal    
DOI: 10.1007/s10916-011-9700-7     Document Type: Article

References (36)

1. Wu, Z., Chung, Y., Lai, F., Chen, T., A Password-Based User Authentication Scheme for the Integrated EPR Information System. J Med Syst, 2010. doi: 10.1007/s10916-010-9527-7.
2. Nikooghadam, M., Zakerolhosseini, A., Moghaddam, M.E., Efficient Utilization of Elliptic Curve Cryptosystem for Hierarchical Access Control. The Journal of Systems and Software, 2010. doi: 10.1016/j.jss.2010.05.072.
3. Akl, S.G., Taylor, P.D., Cryptographic solution to a problem of access control in a hierarchy. ACM Transaction on Computer Systems 1(3):239-248, 1983.
4. Mackinnon, S.T.,Taylor, P.D., An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transaction on Computer systems 34 (9):797-802, 1985.
5. Harn, L., Lin, H.Y., A cryptographic key generation scheme for multilevel data security. Computer Security 9:539-546, 1990.
6. Rivest, R.L.,Shamir, A., Adleman, L., A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21 (2):120-126, 1978.
7. Chang, C.C., Hwang, R.J., Wu, T.C., Cryptographic key assignment scheme for access control in a hierarchy. Information Systems 17 (3):243-247, 1992.
8. Chang, C.C., Buehrer, D.J., Access control in a hierarchy using a one-way trapdoor function. Computers and Mathematics with Applications 26 (5):71-76, 1993.
9. Zhong, S., A practical key management scheme for access control in a user hierarchy. Computers & Security 21(8):750-759, 2002.
10. Chang, C.C., Lin, I.C., Tsai, H.M., Wang, H.H., A key assignment scheme for controlling access in partially ordered user hierarchies. In Proc. of the 18th IEEE International Conference on Advanced Information Networking and Applications (AINA2004), vol. 2, pp. 376-379, 2004.
11. Wu, J., Wei, R., An access control scheme for partially ordered set hierarchy with provable security. In of SAC 2005, LNCS 3897, pp. 221-232, 2006.
12. Wu, K.P., Ruan, S.J., Tseng, C.K., Lai, F.P., Hierarchical access control using the secure filter. IEICE Transactions on Information & Systems E84-D(6):700-707, 2001.
13. Shen, V.R.L., Chen, T.S., A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers and Security 21(2):164-171, 2002.
14. Chang, C.C., Lin, I.C., A new solution for assigning cryptographic keys to control access in mobile agent environments. Wireless Communications and Mobile Computing 6(1):137-146, 2006.
15. Yeh, J.H., A secure time-bound hierarchical key assignment scheme based on RSA public key cryptosystem. Information Processing Letters 105:117-120, 2008.
16. Hwang, M.S., Yang, W.P., Controlling access in large partially-ordered hierarchies using cryptographic keys. Journal of Systems and Software 67(2):99-107, 2003.
17. Lo, J.-W., Hwang, M.-S., Liu, C.-H., An efficient key assignment scheme for access control in a large leaf class hierarchy. Inform. Sci., 2010. doi: 10.1016/j.ins.2010.09.033.
18. Hankerson, D., Menezes, A., Vanstone, S., Guide to elliptic curve cryptography, Springer-Verlag, New York, USA, 2004.
19. Koblitz, N., Elliptic curve cryptosystem. Mathematics of Computation 48:203-209, 1987.
20. NIST, Recommendation on Key management. DRAFT Special Publication, pp. 800-857, 2003, http://csrc.nist.gov/CryptoToolkit/kms/guideline-1-jan03.pdf.
21. Stallings, W., Cryptography and Network Security: Principles and Practice, fourth ed., Prentice Hall, 2005.
22. Chung, Y.F., Lee, H.H., Lai, F., Chen, T.S., Access control in user hierarchy based on elliptic curve Cryptosystem. Information Sciences 178: 230-243, 2008.
23. Jeng, F.G., Wang, C.M., An efficient key-management scheme for hierarchical access control based on elliptic curve cryptosystem. The Journal of Systems and Software 79:1161-1167, 2006.
24. ANSI, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA). American National Standard, X9.62-1998.
25. Johnson, D., Menezes, A., Vanstone, S., The elliptic curve digital signature algorithm (ECDSA). International Journal of Information Security 1(1):36-63, 2001.
26. Advanced Encryption Standard, http://www.csrc.nist.gov/archieve/aes/.
27. Bao, F., Deng, R. H., Zhu, H., Variations of Diffie-Hellman problem. In Proc. of International Conference Information and Communications Security - ICICS 2003, Springer-Verlag, LNCS 2836, pp. 301-312.
28. Choo K.-K. R., Key Establishment: Proofs and Refutations. Doctoral Thesis of Brisbane Australia: Queensland University of Technology, 2006.
29. Goldwasser S., Micali, S., Probabilisitic Encryption. Journal of Computer and System Sciences 28:270-299, 1984.
30. Bellare, M., Boldyreva, A., Micali, S., Public-key Encryption in a Multi-User Setting: Security Proofs and Improvements. In Proc. of Eurocrypt 2000, LNCS 1807, Springer-Verlag, pp. 259-274, 2000.
31. Bellare, M., Rogaway, P., Provably Secure Session Key Distribution: The Three Party Case. In Proc. of 27th ACM Symposium on the Theory of Computing, ACM Press, pp. 57-66, 1995.
32. Koblitz, N., Menezes, A., Vanstone, S.A., The state of elliptic curve cryptography. Designs, Codes and Cryptography 19(2-3):173-193, 2000.
33. National Institute of Standards and Technology, US Department of Commerce, Secure Hash Standard. US Federal Information Processing Standard Publication 180-2, 2002.
34. Schroeppel, R., Orman, H., O'Malley, S., Spatscheck, O., Fast key exchange with elliptic curve systems. In Proc. of Advances in Cryptology-CRYPTO '95, LNCS 963, pp. 43-56, 1995.
35. n ). In Proc. of Advances in Cryptology - ASIACRYPT '96, LNCS 1163, Springer-Verlag, pp. 65-76, 1996.
36. Wong, D.S., Fuentes, H.H., Chan, A.H., The performance measurement of cryptographic primitives on palm devices. In Proc. of the 17th Annual Computer Security Applications Conference (ACSAC 2001), pp. 92-101, 2001.