PAASH: A privacy-preserving authentication and fine-grained access control of outsourced data for secure smart health in smart cities

Abstract

Abstract Very recently, a number of intelligent applications have evolved in smart cities such as smart grid, smart parking, smart waste management, smart manufacturing, smart home, and smart health, making our cities more smarter. In the context of smart health, smart devices are employed to collect and transmit biomedical information to a medical server, allowing medical practitioners to give better and improved healthcare services. However, considering the sensitive nature of the medical data, any illegal access may have devastating effects on the patient s health condition. A lightweight privacy-preserving authentication and fine-grained access control scheme for smart health known as PAASH is proposed. In PAASH, a new ultraefficient certificateless signature scheme with compact aggregation is developed to achieve source authentication and data integrity. To achieve efficient user authorization and data confidentiality, a privacy-preserving access control technique using the developed aggregate signature and ciphertext-policy attribute-based encryption (CP-ABE) is implemented. An analysis of PAASH reveals that it can provide desirable privacy and security measures in smart health. Moreover, the formal security demonstrated in the random oracle model (ROM) shows that PAASH is semantically secure under the intractability of the Discrete Logarithm Problem (DLP). The performance evaluation shows that PAASH is par excellence practically suitable for smart health.