Download PDF
Original Article  |  Open Access  |  23 Sep 2020

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Views: 2014 |  Downloads: 717 |  Cited:   1
J Surveill Secur Saf 2020;1:61-78.
10.20517/jsss.2020.09 |  © The Author(s) 2020.
Author Information
Article Notes
Cite This Article

Abstract

Aim: With the popularity of cloud storage, data integrity has become a hot research spot. As clients’ data is outsourced to the cloud, how to prevent clients’ privacy from being leaked has become an urgent problem to be solved. In addition, the design of the storage structure in the cloud is also a challenge. To solve the above problem, we focus on enabling data integrity verification in the medical environment with clients’ privacy protection and a novel storage structure assisted.

Methods: By leveraging the one-way anonymous key agreement and the novel stereo storage structure, a novel stereo storage structure assisted one-way anonymous auditing protocol in e-health system is proposed. First, the one-way anonymous auditing protocol can realize the adaptive anonymity of clients in the e-health system. Second, the novel stereo storage structure can implement the storage and fast search of medical data.

Results: The theoretical analyses indicate that the proposed scheme is secure under the Computational Diffie-Hellman problem and Discrete algorithm problem and it has a decent performance in computational overhead. Besides, the simulation results demonstrate that the computational cost of the user is constant.

Conclusion: To protect the user’s private information in e-health system, we propose a stereo storage structure assisted one-way anonymous auditing protocol in this paper. In the proposed scheme, fast searching of data, the one-way anonymity and the data auditing with mutual supervision are supported, which is necessary for the patients and the medical personnel in a real e-health scenario.

Keywords

Data integrity, stereo storage structure, one-way anonymous

1 Introduction

The development of society is inseparable from the advancement of science and technology. As the huge development of the internet industry and the rise of data applications such as artificial intelligence and big data spread throughout people’s lives, people begin to generally realize the importance of data. The world is gradually stepping into the era of data dominance, and all walks of life are generating data all the time. Due to the sheer amount of data that is ever increasing, traditional storage methods cannot meet the needs of the people anymore which leads to the emergence of cloud storage.

Cloud platform provides individuals and organizations with powerful storage services which brings great benefits as follows: (1) users only need to pay for the actual storage without worrying about insufficient storage resources; (2) with data hosted to cloud platform, local data will no longer be stored, which can reduce the purchase cost and energy consumption cost of storage equipment; (3) the maintenance of data storage can be left to cloud service providers (CSP) to save the cost of maintaining large amounts of data for users; (4) cloud data can form linkage with local data to make redundant backup to each other; and (5) users can easily access the data in the cloud through web interface or application.

While cloud storage has many advantages, there are also some security threats[1,2]. On the one hand, the cloud infrastructure may suffer some inevitable hardware or software failures or external attacks that lead to data corruption could occur, but cloud server providers could deliberately hide the fact of data corruption for the sake of their business reputation. On the other hand, the outsourced data stored in the cloud might suffer from illegal behaviors from CSP for commercial benefits. What is more, the outsourcing of data results in users no longer physically owning the data, so users cannot even verify whether their data is complete, available, or secure.

Therefore, how to guarantee the data integrity and the privacy of users on the cloud server has become a key issue for cloud storage services. More data security issues are increasingly prominent such as whether the user data is securely stored or whether the user privacy is leaked and so on[3-5]. When it comes to the electronic heath system, a physician records the information of patients’ medical treatment electronically through electronic health records which involves the collection, quality control, transmission, storage, statistics, and utilization of patient information. Obviously, it is difficult for traditional storage methods to screen and retrieve typical health records for medical statistics and scientific research. An electronic health system can not only retrieve all kinds of medical records quickly, but also make the previously laborious process of obtaining medical statistics become very simple and fast, providing first-hand data for scientific research and teaching. Nevertheless, such information often contains confidential and sensitive information, and the disclosure or falsification of such information may damage the reputation and property of patients.

In order to address these issues, considerable efforts have been made. Among existing proposals, great amounts of cloud data integrity auditing schemes based on privacy protection have been proposed[6-9]. To verify whether the outsourced data remains intact, file owners or auditors can challenge the cloud server with low communication overheads and computation costs.

Motivation of this paper: Medical data include patients’ information such as admissions, discharges, transfers, e-health system patient records, diagnoses, treatments, medical images, economic/financial data, and so on. The quality, confidentiality, and integrity of medical data will affect the real-time, short-term, and long-term performance of the application. First, it will directly affect the daily management and treatment of patients. Second, the application of software and systems for obtaining information and decision support may be affected. Third, there are unknown impacts data storage failure may cause on medical research which can lead to irreparable consequences. At present, researchers have designed many protection schemes for data in the cloud. However, there is no complete data protection scheme specially designed for medical data.

1.1 Our contributions

To solve the above security protection problem of cloud medical data, this paper designs a one-way anonymous auditing protocol in the e-health system. The contributions of this paper can be summarized as follows.

1.1.1 A novel stereo storage structure is proposed to assist the auditing protocol in the e-health system

As stated above, medical data consists of a variety of data types. Therefore, we propose a novel data storage structure to store medical data, which can achieve fast search of data. In addition, the design of this structure saves the storage overhead of index tables.

1.1.2 A one-way anonymous e-health system model is presented

In view of the current status of the medical environment, for better protection of the privacy of patients, we propose an e-health system model that supports one-way anonymity, which means patients in this system model can keep their identities anonymous. Simultaneously, medical personnel identity information is disclosed in the system, so that patients can find the responsible person when a medical accident occurs.

1.1.3 An auditing protocol aiming to support both physician and patient validation is provided

This scheme innovatively enables patients and attending physicians to independently verify the integrity of their commonly relevant medical data. In other words, both patients and their attending physicians can verify whether medical data file in the cloud is correct and complete. In addition, it can promote information exchange and mutual supervision between physicians and patients.

1.2 Related works

In the past few years, data integrity in the cloud has received much attention as a core security issue. Hereafter, abundant security models and data protection schemes have been proposed by researchers around the world to solve the integrity audit problem of outsourced data[10,11]. In 2003, Deswarte et al.[12] first put forward the theoretical model of remote verification of data integrity of untrusted servers based on the Diffie-Hellman key agreement protocol. The proposed model consists of only two entities, the user and the cloud server provider. The user can directly initiate data integrity verification to the cloud service provider, laying a foundation for the subsequent cloud data auditing protocol. At that time, cloud storage was not yet widespread, and only a few users outsourced a small amount of data on remote servers, so that the protocol did not take into account a situation where a large community of users are storing a great deal of data on cloud servers which we see today. Once the data stored by the user on the remote server is too large, the computing overhead on the user side cannot be borne by ordinary computers, and the protocol cannot work normally. Thus, to solve that problem, a third-party auditor entity is introduced to validate the integrity of the outsourced data in the cloud.

With a growing number of users using the storage service on the cloud, cloud data auditing protocols are rapidly being developed, and many scholars are proposing plentiful valuable solutions. In 2007, Ateniese et al.[13] firstly put forward a notion of Provable Data Possession to confirm the outsourced data possession on the untrusted cloud, which is based on RSA homomorphic linear verification and supports third-party public auditing. However, the dynamic update of data is not supported in this scheme, and this scheme cannot protect users’ privacy. In the same year, Juels et al.[14] proposed a model named Proof of Retrievability, as well as presented a practical scheme which supports the integrity verification of data and the recovery of damaged data. Nevertheless, this scheme has a limited number of times to verify data integrity and does not support dynamic auditing or batch auditing. Since then, to solve the aforementioned problems, many scholars have devoted themselves to making improvements based on these two schemes, and they have made great progress in supporting more performance such as batch auditing, operating efficiency, and dynamic data update. Nevertheless, few people paid attention to the problem that these schemes leak users’ private data to third-party auditors in the process of auditing. In 2010, Wang et al.[15] first proposed an auditing scheme that can be publicly verified to support user privacy protection. This scheme is based on public key homomorphic label technology so that the auditor can perform auditing without obtaining all the data of the user which greatly increases the operating efficiency of the system. The scheme also uses a random masking technique which makes it impossible for third party auditors to obtain users’ private information through the verification returned by cloud service providers. In addition, the auditing protocol supports dynamic update of data, batch auditing, and multiple auditing tasks that can be performed simultaneously. It was later confirmed that there were still security risks. Therefore, in 2011, Wang et al.[16] improved the system for the security but caused a huge computing burden on the cloud server, greatly reducing the efficiency of system operation. In terms of this problem, in 2015, Worku et al.[17] increased the efficiency of system operation while ensuring data security, but unfortunately, it did not support dynamic data operations.

Besides storage data, users would like to perform updates to outsourced data directly in the cloud. Based on this, Wang et al.[18] proposed a relatively complete protocol which can support data update, user privacy protection, and batch auditing, but it will lead to the problem of high computing cost on the client side. Then, Garg et al.[19] designed a protocol that can minimize the computational complexity for the client during the system setup phase, which is publicly verifiable and supports dynamic operations on data.

After that, many multi-user modification and user revocation schemes have been proposed[20-23]. However, the above scheme cannot solve the problem of data redundancy well. To solve that problem, Wu et al.[24], Daniel and Vasanthi[25] removed redundant data from the cloud server which saved the storage cost of cloud service providers and greatly improved the efficiency of data validation. However, none of the above schemes have been designed specifically for images stored on the cloud, thus Tang et al.[26] proposed an efficient real-time integrity auditing protocol specially designed for cloud images, which also supported fair arbitration. In 2019, based on a new primitive fuzzy identity, Zhao et al.[27] presented a dynamic auditing protocol for the integrity verification of big data. This scheme applies fuzzy identity to the integrity verification of big data for the first time.

However, the above existing solutions cannot be well applied to the e-health systems due to the special relationship between medical staff and patients, and the particularity of medical data. Therefore, we explore a novel storage structure for storing medical data for the e-health system and design a one-way anonymous auditing protocol in this paper.

1.3 Organization

The rest of this paper consists of the following parts: We first introduce the preliminaries in Section 2, mainly including some definitions and basic properties about bilinear pairing and one-way anonymous key agreement required for this paper. Then, we describe the system architecture that contains the proposed system model, system components, and stereo storage structure in Section 3. In Section 4, we formalize the security model of the proposed one-way anonymous auditing protocol. In Section 5, a detailed description of the proposed scheme is demonstrated. After that, a security analysis is presented in Section 6. In addition, performance analysis of our stereo storage structure assisted one-way anonymous auditing protocol in e-health system is given in Section 7. Finally, Section 8 concludes the findings of the paper.

2 Preliminaries

Necessary preliminaries mainly including some definitions and basic properties about bilinear pairing and one-way anonymous key agreement required for this paper are introduced in this section.

2.1 Bilinear pairing

Let G1 and G2 be two groups of the same prime order q. Let G1 be an additive group, and let G2 be a multiplicative group. A mapping e on (G1, G2): G12G2 satisfying the following properties is named a cryptographic bilinear map[28].

2.1.1 Bilinearity

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for all Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. This can be expressed in the following manner. For Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

2.1.2 Non-degeneracy

If P is a generator of G1, then e(P, P) is a generator of G2. That is to say, e(P, P) ≠ 1.

2.1.3 Computability

e is efficiently computable.

2.2 One-way anonymous key agreement

One-way anonymous key agreement was proposed by Kate et al.[29]. Suppose Alice IDA and Bob IDB are clients of the same key generation center, whose master secret is s and di= s . H(IDi) for clients with their identity ID. Then, clients can compute a shared key by using their own privacy key and the identity ID of the other participant. What is more, suppose Alice wants to remain anonymous with Bob. Hereafter, the key agreement protocol process can be roughly divided into the following two parts: (1) first, Alice computes Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Finally, randomly chooses an integer Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, computes Stereo storage structure assisted one-way anonymous auditing protocol in e-health system as Alice’s pseudonym and sends it to Bob; (2) after received Alice’s pseudonym, Bob computes Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Then, Alice and Bob have the same shared key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

3 System model and data structure

3.1 System model

Stereo storage structure assisted one-way anonymous auditing scheme in e-health system involves four entities: key generation center, users, the third-party auditor, and cloud server. Figure 1 illustrates the relationship between those four entities.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Figure 1. The proposed system model

3.1.1 User

In our model, patients and physicians are considered as the two main electronic health system (EHS)-related personnel types. For instance, when a patient seeks a diagnosis through interview by a physician in EHS, the patient needs to inform the physician of his or her own information at first. To realize the privacy protection of the patient’s identity, our scheme will set up a false name for the patient based on the patient’s identity ID to interact with the physician. A physician needs to generate patients’ electronic health records (EHRs), which contains basic information about the physician and the patient as well as the patient’s medical data, and upload it to the cloud. Although physicians and patients are two different entities, their functional needs for data in the EHS are similar. Therefore, we consider the physicians and the patient as one object in this system. As user, both physicians and patients can access the relevant EHRs and validate the integrity of their data by authorizing the TPA.

3.1.2 Key generation center

The key generation center is a trusted party in e-health system responsible for setting system parameters and generating the corresponding privacy key based on the client’s identity and distributing it to the user.

3.1.3 Cloud server

It is supposed that the cloud server is a terminal that provides unlimited computing and storage capacity. Users can upload data through the cloud storage service and share it with other users. During the data integrity auditing process, Cloud server (CS) can respond to the challenges that users delegate to third-party auditor (TPA).

3.1.4 The TPA

TPA is a public verifier, which is assumed to be a terminal with unlimited computing and storage capability. TPA provides data auditing services and is entrusted by users to verify the integrity of cloud data.

3.2 System components

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system consists of the following four algorithms: Setup, KeyGen, Extract, and Audit. Specifically, these algorithms are described as follows:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system: On input lStereo storage structure assisted one-way anonymous auditing protocol in e-health system where Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is a security parameter, the system setup algorithm, which is a probabilistic algorithm run by the Key generation center (KGC), generates the public parameter PP for the system and a master secret key msk for the KGC itself.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system: This algorithm is a probabilistic algorithm implemented by KGC. The public parameter PP, the master key msk, and patient’s identity IDA along with physician’s identity IDB are the inputs, and KeyGen generates a private key dA for patient A and a private key dB for physician B. This algorithm outputs a session key KAB and secret key KAB for auditing.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system: This algorithm is a probabilistic algorithm run by a user. The user is given system parameters PP, key KAB, file F and its file name. It outputs a verifiable file tag τ, a set of block authenticators Stereo storage structure assisted one-way anonymous auditing protocol in e-health system of the processed file blocks Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system: This algorithm is a probabilistic algorithm jointly run by the auditor and cloud server. It outputs 1 to indicate all of the data block can be verified to be original and integrated by τ.

3.3 Stereo storage structure

The novel stereo storage structure proposed in this paper is aimed to realize fast retrieval and query of data and assist the auditing protocol in the e-health system. As is shown in Figure 2, a three-dimensional storage structure is designed to store mass amounts of medical data from the users. Specifically, each plane of the three-dimensional structure on the left part of the figure contains a header file and a series of f diagnosis and treatment files of a certain physician corresponding to a certain patient. The header file contains the identity information of the physician and the patient, which is convenient for quick search of the file. Here, 1 ≤ fStereo storage structure assisted one-way anonymous auditing protocol in e-health system, and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is the upper limit of file number of each plane in the stereo storage structure. And those medical files contained in one plane can be generated, shared with, and verified for integrity by both of the specific physician and the patient. In other words, all diagnosis and treatment files of a physician Dd for one of his/her patients PP are stored in the same plane. For example, F1,1,f represents the f-th files of the physician D1 and the patient P1, and F1,2,f represents the f-th files of the physician D1 and the patient P2. In the same way, the patient P2 can also consult with the physician D2, during which a series of files will be generated. In this e-health system, we suppose the user set contains a set of physician D and a set of patient P, and the index of the physician and patient is d and p, respectively. Here, the f-th files of the physician Dd and the patient PP is denoted as Fd,p,f, and the header file of this series of files in the same plane is represented as Fd,p. In addition, the f files corresponding to one of the planes are shown on the right in the figure, which together form a smaller three-dimensional storage structure. Each plane in the right picture represents a file. In order to better process the file data, we uniformly divide each file into n blocks and each block comprises s sectors. Each file and each plane of the stereo storage structure stores data as follows.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Figure 2. The presented data structure model

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Furthermore, there are a warrant list of corresponding files in the header file of each plane in the structure for the auditing of the log information, which include the file origin, file type, and consistency of outsourced files. Based on this stereo storage structure, we can quickly search any user’s file and the corresponding data block fragments to assist one-way anonymous auditing protocol. Additionally, dynamic data updates are an important part of the auditing schemes. However, due to the particularity of medical data, changes in the data may cause irreversible effects on the medical data. Therefore, dynamic data updates in this paper need both patients’ and their attending physicians’ authorization; however, those updates will not change the division of the original file.

4 Security model

The following security model of the stereo storage structure assisted one-way anonymous auditing scheme is proposed by designing a series of games between an adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and a challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Taking into account in our security model the fact that the cloud server may modify or remove the data in the cloud due to software and hardware failure or man-made destruction, we view the untrusted cloud server as an adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and the user as a challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. The formalized security model of the game is as follows:

(1) Setup. Once security parameter Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is inputted in the system, the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system runs the system Setup algorithm, and generates the system public parameter PP and a master secret key msk. Then, the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system sends the system public parameters PP to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

(2) Query. In this process, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can spontaneously issue the following two queries to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system:

KeyGen Queries: At first, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system queries the secret key for the patient PA and physician QB. Then, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system runs the KeyGen algorithm in the system to generate a secret key KAB and sends the secret key to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

Extract Queries: Then, in these queries, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system adaptively make queries of the signatures for the file M. After Stereo storage structure assisted one-way anonymous auditing protocol in e-health system runs the KeyGen algorithm and gets the secret key, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system runs the Extract algorithm to generate the signatures of the file M. Next, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system sends the signatures of the file M to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

(3) Challenge. In this phase, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system plays the role of a prover to yield a valid proof and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system acts as a verifier to check out the correctness of the proof. The challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system samples a series of random numbers and sends the challenge Stereo storage structure assisted one-way anonymous auditing protocol in e-health system to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

(4) Output. Once receiving the challenge from the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system generates corresponding proof P and feedback to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. If this proof P can be verified by Stereo storage structure assisted one-way anonymous auditing protocol in e-health system with a non-negligible probability, that is to say, this game ends and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system ultimately successful in the game above.

5 Our proposed scheme

Our proposed scheme is demonstrated in four phases in this section. Firstly, in the system setup phase, the KGC sets the system public parameters and a master secret key. Secondly, the KGC generates privacy keys for users and secret keys for auditing in the registration phase. Next, in the storage phase, users upload and update files to the cloud along with file warrants, authenticators, and tags. Finally, in the integrity verification phase, TPA is entrusted by the data owner to verify corresponding data integrity. Note that for simplicity, some primary notations used throughout the paper are summarized in Table 1. Moreover, the scheme is described in detail as follows:

Table 1

Main notations in the proposed scheme

NotationDescription
H1, H2, H3, H4Four hash functions
mskThe master secret key
diThe secret key of user i
PiThe pseudonym of user i
KABThe session key of user A and B
KABThe auditing secret key of user A and B
τ, {σi} Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemThe file tag and set of block authenticators
Λ, VN, TNThe warrant, version number, and time stamp of outsourced files
χi,jThe i-th block j-th sector data of file

5.1 System setup: Setup

Once taking a security parameter Stereo storage structure assisted one-way anonymous auditing protocol in e-health system as input, the KGC randomly selects two multiplicative cyclic groups G and GT with prime order q, where g is a generator of G. e: G × GGT denotes a bilinear map. After that, the KGC picks an integer Stereo storage structure assisted one-way anonymous auditing protocol in e-health system at random and computes Stereo storage structure assisted one-way anonymous auditing protocol in e-health system where Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

Next, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system are uniformly chosen at random. Four collision-resistant hash functions are chosen as follows: Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. So, the system public parameter is Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Finally, the master secret key msk is set as Stereo storage structure assisted one-way anonymous auditing protocol in e-health system with Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and keeps the msk in secret by the KGC.

5.2 Registration: KeyGen

The KGC runs the KeyGen algorithm to yield a shared secret key for users with the msk and public parameter PP. The registration procedure consists of two phases: PrivacyKeyGen and SecretKeyGen.

(1) PrivacyKeyGen: First, the KGC generates and distributes the corresponding private key for every user who may be a patient or a consultant in e-healthy system. In detail, the KGC computes Stereo storage structure assisted one-way anonymous auditing protocol in e-health system based on user’s identity as Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Then, KGC calculates user privacy key as:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

For example, KGC independently yields a private key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for patient A, and a private key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for the attending physician B. Then, the KGC sends Stereo storage structure assisted one-way anonymous auditing protocol in e-health system to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. After receiving the Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, user validates Stereo storage structure assisted one-way anonymous auditing protocol in e-health system by calculating:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

If the above equation is true, the user Stereo storage structure assisted one-way anonymous auditing protocol in e-health system adopts the private key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system ; otherwise, the KGC fails to generate a valid privacy key.

(2) SecretKeyGen: To protect the identity of patient A, patient A randomly chooses a number Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, creates a pseudonym Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and sends it instead of his or her actual identity to B. Then, A and B can calculate a session key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and this algorithm produces a secret key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for auditing. The specific algorithm is as follows:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

5.3 Storage: Extract

The storage procedure contains the following three phases: WarrantGen, AuthenticatorGen, and TagGen.

(1) WarrantGen: When user uploads or updates a new medical data, the corresponding file information will be updated. For confirming some additional information about the source, type, and consistency of the files outsourced to the cloud, the user generates a warrant Stereo storage structure assisted one-way anonymous auditing protocol in e-health system which includes the pseudonym of A, the identity hash value Stereo storage structure assisted one-way anonymous auditing protocol in e-health system of attending physician B, and medical file information such as file type filetype, version number Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, time stamp Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, etc. For example, Λ = PA||QB||VN||TN||filetype. Here, the Stereo storage structure assisted one-way anonymous auditing protocol in e-health system denotes the index of different medical files. Then, the following is calculated:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

The patient A picks a random number Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and generates an authorization:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Finally, the patient A sends the warrant pair Stereo storage structure assisted one-way anonymous auditing protocol in e-health system to attending physician B. Then, the attending physician B validates the warrant pair by calculating:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

If the above equation is true, the attending physician B accepts the authorization Stereo storage structure assisted one-way anonymous auditing protocol in e-health system ; otherwise, the patient A fails to generate a valid warrant.

(2) AuthenticatorGen: Given a medical file F to be outsourced, the user first splits F into n blocks, and each contains s sectors: Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, where Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. For each file F, choose a random number Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and for the i-th block, yield a block authenticator as follows:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

(3) TagGen: A random name FID is chosen for a file from Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and s random elements Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Set τ0 = Λ ||FID ||n ||u1 || ... ||us ||gtΛ ||gtϑ. Then, the user generates file tag τ based on τ0 and KAB to guarantee the integrity of each distinct file information.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Hereafter, the user sends the file tag τ to the TPA. Besides, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can be pre-computed and sent to TPA. In addition, the processed file Stereo storage structure assisted one-way anonymous auditing protocol in e-health system that comprises Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is uploaded to the CS and can be stored in the proposed stereo storage structure and removed from the user’s local side.

5.4 Integrity verification: Audit

The auditing procedure contains following three phases: Challenge, Response, and Verification. And the process of integrity verification is shown in Figure 3.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Figure 3. The process of integrity verification

(1) Challenge: First, the TPA confirms whether the file tag τ of outsourced file can pass the verification by retrieving τ from the CS and performing Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. If the file tag τ of outsourced file cannot pass the verification, then the auditing task will not be executed, and the protocol aborts; otherwise, the TPA will analyze τ0 to acquire the total number n of outsourced file blocks. The TPA picks a random nonempty subset Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and a number of values Stereo storage structure assisted one-way anonymous auditing protocol in e-health system at random, for each Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Then, the TPA distributes the challenge set Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and corresponding file identifier Stereo storage structure assisted one-way anonymous auditing protocol in e-health system to the CS. After that, the TPA can compute WP = e(H4(Λ || FID ||i), Stereo storage structure assisted one-way anonymous auditing protocol in e-health system in advance for the final verification.

(2) Response: CS locates to the corresponding file Stereo storage structure assisted one-way anonymous auditing protocol in e-health system in the stereo storage structure upon receiving a challenge C and its file identifier Stereo storage structure assisted one-way anonymous auditing protocol in e-health system from the TPA. Then, the CS computes Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. After that, the CS sends to the TPA a proof P that consists of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and corresponding authorization Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

(3) Verification: Once receiving the proof P, with public system parameter Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and file tag τ, the TPA first verifies the validity of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system by demonstrating the equation (6), and then, verifies aggregate block authenticator Stereo storage structure assisted one-way anonymous auditing protocol in e-health system as follows:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

If the equation (9) is true, the challenged outsourced file in the cloud is verified as intact; otherwise, the challenged file is corrupted. In the above auditing process, TPA can also audit the details of the challenged file warrant. That is, the proof P, which will be fed back by CS, should contain more file details.

6 Security analysis

We analyzed the soundness of our scheme at first. That is, if all the entities are honest in this identity-based one-way anonymous e-health system, then the processed files and log warrants about medical data can be audited correctly. Then, we propose a simple security analysis for this scheme.

Theorem 1: In an appropriate registration process, the KGC is supposed to generate a correct privacy key for the user. In addition, the patient always produces a valid log warrant for his or her attending physician to render certain the authenticity of medical data. If the outsourced file in the cloud is not corrupted or tampered with, then the proof yielded by CS will be confirmed as valid.

Proof: As shown in Equation (2), we can confirm the correctness directly. Since patient A and the attending physician B have the shared auditing key, it follows that:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Therefore, Equation (6) holds.

Note that, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for all Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

It follows that:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Theorem 2: Here, we suppose that the signature algorithm is efficient and secure, and can generate file tags validly and correctly. And it is supposed that the Computational Diffie-Hellman (CDH) assumption holds in bilinear groups. The identity-based one-way anonymous scheme is secure against adaptive simulation. In detail, neither an untrusted cloud server nor the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can forge a valid proof to get through the verification of the auditor successfully if the data in the cloud is tampered with or corrupted.

Proof: We utilize the theory of knowledge proof and a series of security games to prove this theorem which can acquire the challenged data blocks in the aforementioned game. When the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system interacts with the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and generates a valid proof P, adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can successfully pass the verification for the challenged data blocks in the aforementioned game; there is a constructed knowledge extractor that can capture the challenged data blocks. It is assumed that the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can get through the TPA’s verification successfully without keeping the outsourced file integrity. Then, we can capture the whole challenged data blocks through the interaction between the constructed knowledge extractor and the proposed scheme.

Game 0: The challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system behave in Game 0 in a manner similar to that described in Section 4. First, the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system executes the preprocessing Setup algorithm to obtain the public parameter PP and a master secret key msk, and then sends PP to the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Next, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system performs the KeyGen algorithm to obtain the secret key of user. Then, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system picks a list of data blocks and queries the signatures of them. According to the queries, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system executes the Extract algorithm to generate corresponding signatures for the data blocks and transmit these requested signatures to the Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. After that, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system sends a challenge to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system generates corresponding proof to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Finally, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system succeeds and the game aborts if the proof can get through the verification of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system successfully with non-negligible probability.

Game 1: This game is identical to Game 0 with one difference. The challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system keeps a list of query records about the requested signature of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. If the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is able to yield a aggregate signature, which is valid under the verification of the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and is not generate by Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, the game aborts and the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system succeeds.

Analysis: It is supposed that Stereo storage structure assisted one-way anonymous auditing protocol in e-health system wins in the Game 1 with non-negligible probability. With this in mind, we can construct a simulator in our scheme to solve the CDH problem in bilinear groups. Given a group G with prime order Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system as input, the simulator is to generate Stereo storage structure assisted one-way anonymous auditing protocol in e-health system by interacting with Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. The simulator acts like the challenger and runs as follows:

(1) The simulator randomly chooses an element Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and yields the public parameters as Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and the master secret key Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Next, it randomly picks integers Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and sets Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. There is a random oracle H4. The simulator stores a list of queries in the game and responses to the challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system in a consistent manner by controlling the random oracle.

(2) When processing a file F, the simulator first yields a secret key for user as KAB by executing KeyGen algorithm. Hereafter, the simulator picks a random unique identifier for file F and a random element Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and yields Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. For every data block Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, the simulator picks random values Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and sets:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Based on equation (10), we have:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

In addition, the simulator computes the block authentication for file block xi as σi = KAB . (H4Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. From the perspective of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, σi is computationally indistinguishable from the real value.

(3) With the constant interaction, the simulator sends the processed files Stereo storage structure assisted one-way anonymous auditing protocol in e-health system to the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, which contains Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Then, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system outputs a forgery Stereo storage structure assisted one-way anonymous auditing protocol in e-health system with a non-negligible probability. Finally, if the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is succeed to pass the validation, but the aggregate authentication Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is unequal to the excepted aggregate authentication σ calculated by the simulator, then the game aborts.

According to the correctness of the proposed protocol, it is obvious that a correct proof Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can get through the verification successfully of the equation as follow:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Suppose the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system forges a proof Stereo storage structure assisted one-way anonymous auditing protocol in e-health system which is different from the correct proof. Next, compute the following equation:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

It is obvious that Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, otherwise Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Then, define a set Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, which means at least one element of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is non-zero. After that, divide equation (13) by equation (12) and get the following equation:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

It further implies:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Finally, we can get the value of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system as follow:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

As long as the Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, the above equations are valid and can be structured to solve the CDH problem. The probability of solving the CDH problem is equal to the probability of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, which is contradictory with the assumptions of the CDH problem. It means that if the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system has a different probability of success in Game 0 versus Game 1, which is non-negligible, then the simulator can be constructed to solve the CDH problem.

Game 2: Game 2 is similar with Game 1, except the following difference. The challenger Stereo storage structure assisted one-way anonymous auditing protocol in e-health system keeps interaction with the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and holds all the processed outsourced files that have been sent to Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. In the process of the proposed auditing protocol, if the aggregate authenticator Stereo storage structure assisted one-way anonymous auditing protocol in e-health system yielded by Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is not equality to the aggregate authenticator Stereo storage structure assisted one-way anonymous auditing protocol in e-health system of the challenged file blocks, then the game aborts and the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system succeeds.

Analysis: Suppose the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system wins in this Game with a non-negligible probability. Hereafter, a simulator is constructed to work out the Discrete algorithm (DL) problem if the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can succeed in this game. Given a group G with prime order q, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system as input, the target of the simulator is to yield α by interacting with Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, which satisfies Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. The simulator behaves like Stereo storage structure assisted one-way anonymous auditing protocol in e-health system in Game 2, but with the following differences:

(1) Before processing a file F, the simulator first performs the KeyGen algorithm and yields a secret key for user as KAB. Then, following the process of the presented scheme in this paper, the simulator uses Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for each Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, where Stereo storage structure assisted one-way anonymous auditing protocol in e-health system.

(2) The simulator keeps interacting with Stereo storage structure assisted one-way anonymous auditing protocol in e-health system to execute the auditing protocol proposed in this paper. As described in Game 1, if the aggregate file sectors Stereo storage structure assisted one-way anonymous auditing protocol in e-health system generated by the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is not equal to the aggregate file sectors Stereo storage structure assisted one-way anonymous auditing protocol in e-health system of the challenged sectors, then the game aborts and the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system succeeds. It is easy to know that Stereo storage structure assisted one-way anonymous auditing protocol in e-health system for the reason that Game 1 is not aborted. Next, with this in mind, compared with equation (12) and equation (13), we can get the following equation:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

It further indicates that:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

In addition, set Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, which means at least one element of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is non-zero. After that, compute:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Finally, the value of a is as follow:

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

As long as Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, the above equations are valid and can be structured to work out the DL problem. The probability of solving the DL problem is the same as the probability of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, which is contradictory with the assumption of the DL problem. It means that if the adversary Stereo storage structure assisted one-way anonymous auditing protocol in e-health system has a different probability of success in Game 1 and Game 2, which is non-negligible, then the simulator can be constructed to solve the DL problem. To summarize, the proposed one-way anonymous auditing protocol is secure and can be proven by uniting Game 0, Game 1, and Game 2.

7 Performance analysis

In this section, we first compare our scheme with the related schemes in terms of various characteristics. In Table 2, we can clearly conclude that our solution can better satisfy all the major characteristics.

Table 2

Characteristics comparison with related schemes

SchemesPublic verifiabilityCertificate management simplificationPrivacy protectionDynamic operations
Worku et al.[17]×
Garg et al.[19]××
Daniel and Vasanthi[25]××
Zhao et al.[27]×××
Jiang et al. (this study)

Then, we give the numerical analysis of the computation overhead of the proposed stereo storage structure assisted one-way anonymous auditing protocol and then evaluate the performance of our scheme. In Table 3, we analyze and present the computation overhead of each algorithm respectively in the proposed scheme. Primarily, the following notations are defined to represent the various operations in the specific algorithms of each phase. The symbols Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system denote a multiplication operation, a exponentiation operation and a hashing operation in G, respectively. In this paper, H1, H2, and H3 are not distinguished and all can be expressed as Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Similarly, the symbols Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT and Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT are respectively expressed as a multiplication operation and a exponentiation operation in GT. Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemq are indicated as one addition operation and one multiplication operation in Stereo storage structure assisted one-way anonymous auditing protocol in e-health system, respectively. And Stereo storage structure assisted one-way anonymous auditing protocol in e-health system represents a bilinear pairing evaluation operation Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Considering that both Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system are public system parameters in our protocol, then Stereo storage structure assisted one-way anonymous auditing protocol in e-health system can be calculated in advance and viewed as a public value.

Table 3

Computational overhead of the proposed scheme

PhasesKGCUser (physician)User (patient)TPACS
Setup2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system////
KeyGen(a)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT//
KeyGen(b)/Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemStereo storage structure assisted one-way anonymous auditing protocol in e-health system + 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemq + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system//
Extract(a)/3Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + ( + 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system//
Extract(b)/Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + (s + 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system///
Audit(b)////n|I|Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemq + n(|I| - 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + (|I| - 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + |I|Stereo storage structure assisted one-way anonymous auditing protocol in e-health system
Audit(c)///(s + 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + (|I| - 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 3Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 3Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT + (s + 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT/

Therefore, the computation overhead of Stereo storage structure assisted one-way anonymous auditing protocol in e-health system is not contained in Table 3. Furthermore, the symbols Stereo storage structure assisted one-way anonymous auditing protocol in e-health system and Stereo storage structure assisted one-way anonymous auditing protocol in e-health system are used to denote the signature and verification file tag processes. Hereafter, as shown in Table 3, Setup is a system preprocessing phase, which is performed by KGC and needs 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. In the algorithm of KeyGen(a), KGC needs Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system operations to generate a privacy key for user, and both the physician and the patient need 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT operations to verify the validity of the private key distributed by KGC. In the algorithm of KeyGen(b), the patient performs one Stereo storage structure assisted one-way anonymous auditing protocol in e-health system operation and one Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemq operation more than the physician to generate a pseudonym. To process a medical file, patient firstly yields a warrant for the physician, which needs 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + ( + 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system operations. Then, the physician verifies the validity of the warrant, which needs 3Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 2Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system operations. denotes the string length of warrant. The amount of file data blocks and sectors are expressed as n and s. After that, physician performs another Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + (s + 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system operation to generate a block authenticator. After receiving a challenge from TPA, CS executes n |I| Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemq + n (|I| - 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system+ (|I| - 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + |I|Stereo storage structure assisted one-way anonymous auditing protocol in e-health system operations to yield a proof P, where the |I| is indicated as a set of non-empty challenge file randomly selected by TPA for auditing. Finally, TPA performs (s+ 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + (|I| - 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system+ 3Stereo storage structure assisted one-way anonymous auditing protocol in e-health system + 3Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT + (s+ 1)Stereo storage structure assisted one-way anonymous auditing protocol in e-health system+Stereo storage structure assisted one-way anonymous auditing protocol in e-health systemT operations to verify data integrity in the cloud.

Figure 4 shows the computational cost of each entity in the proposed scheme for auditing an outsourced medical file with various numbers of data blocks. In this scheme, the time costs of TPA to prepare a challenge |I| is not taken into account, for TPA can sample a series of random elements by running offline. In the experiments, we set = 160 in this scheme and each file block consists of 160 sectors, which means that it has around 4 KB of size. Moreover, we compare the efficiency of processing a 1 MB file by set challenge data block as 20, 40, ..., 100, 200, respectively.

Stereo storage structure assisted one-way anonymous auditing protocol in e-health system

Figure 4. The computational cost of each entity in the proposed scheme

The simulation results of Figure 4 demonstrate that the computational cost of the user is independent of the number of data blocks in the file in carrying out the extraction algorithm. Specifically, this experiment of our scheme only considers the case that patients generate warrants for files, which can be verified by physicians and generate file tags for those files, so the calculation cost of physicians is slightly higher than that of patients, which is in line with the theoretical computational overhead analysis of the proposed scheme shown in Table 3. In addition, if it is necessary, the division of work between the physician and the patient is interchangeable during the file processing phase. After that, in the audit phase, TPA has transferred part of the calculate task to CS. Therefore, we can conclude that, as shown in Figure 4, with the increase of data blocks, the calculation cost of CS increases gradually.

8 Conclusion

In this paper, we proposed a stereo storage structure assisted one-way anonymous auditing protocol aiming the e-health system for the particularity of medical data. In our scheme, medical data can be reviewed, used and verified for integrity by relevant medical personnel and relevant patients. Besides, both the file origin and the file integrity of medical data in EHS can be verified. In addition, the proposed stereo storage structure can effectively assist the storage and quick search of various types of medical data. Both the security analyses and experimental results demonstrate that the proposed scheme in this paper is efficient and secure in the cloud.

Declarations

Authors’ contributions

Made substantial contributions to conception and design of the study and write the manuscript: Jiang LH

Provided administrative, technical, and material support: Wang C, Shen J

Availability of data and materials

The related data used to support the findings of this study are included within the article.

Financial support and sponsorship

This work is supported by the National Natural Science Foundation of China (No. U1836115, No. 61672295, No. 61922045, No. 61672290), the Natural Science Foundation of Jiangsu Province (No. BK20181408), Henan Key Laboratory of Network Cryptography Technology (No. LNCT2019-A01), the Peng Cheng Laboratory Project of Guangdong Province (No. PCL2018KP004), the 2020 Research Innovation Program for Postgraduates of Jiangsu Province (No. KYCX20-0936), the CICAEET fund, and the PAPD fund.

Conflicts of interest

All authors declared that there are no conflicts of interest.

Ethical approval and consent to participate

Not applicable.

Consent for publication

Not applicable.

Copyright

© The Author(s) 2020.

REFERENCES

1. Qian L, Luo ZG, Du YJ, Guo LT. Cloud computing: an overview. Proceedings of the IEEE International Conference on Cloud Computing Bangalore, India. Springer; 2009. pp. 626-31.

2. Ion I, Sachdeva N, Kumaraguru P, Čapkun S. Home is safer than the cloud!: privacy concerns for consumer cloud storage. Proceedings of the Seventh Symposium on Usable Privacy and Security Pittsburgh, PA, USA. ACM; 2011. pp. 1-20.

3. Yu Y, Au MH, Ateniese G, Huang XY, Susilo W, et al. Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE T Inf Foren Sec 2016;12:767-78.

4. Kang B, Wang J, Shao D. Attack on privacy-preserving public auditing schemes for cloud storage. Math Probl Eng 2017;2017:8062182.

5. Li Y, Yu Y, Yang B, Min G, Wu H. Privacy preserving cloud data auditing with efficient key update. Future Gener Comp Sy 2018;78:789-98.

6. Mehmood A, Natgunanathan I, Xiang Y, Hua G, Guo S. Protection of big data privacy. IEEE access 2016;4:1821-34.

7. More S, Chaudhari S. Third party public auditing scheme for cloud storage. Procedia Computer Science 2016;79:69-76.

8. Shen W, Yu J, Xia H, Zhang H, Lu X, et al. Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J Netw Comp Appl 2017;82:56-64.

9. Wang H, He D, Yu J, Wang ZW. Incentive and unconditionally anonymous identity-based public provable data possession. IEEE T Serv Comput 2019;12:824-35.

10. Balasubramanian V, Mala T. Cloud data integrity checking using bilinear pairing and network coding. Cluster Comput 2019;22:6927-35.

11. Yang G, Yu J, Shen W, Su Q, Fu Z, et al. Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. J Syst Software 2016;113:130-9.

12. Deswarte Y, Quisquater JJ, Sadane A. Remote integrity checking. In: Working Conference on Integrity and Internal Control in Information Systems. Springer; 2003. pp. 1-11.

13. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, et al. Provable data possession at untrusted stores. Proceedings of the 14th ACM conference on Computer and communications security Alexandria, Virginia, USA. ACM; 2007. pp. 598-609.

14. Juels A, Kaliski BS. PORs: proofs of retrievability for large files. Proceedings of the 14th ACM conference on Computer and communications security Alexandria, Virginia, USA. ACM; 2007. pp. 84-97.

15. Wang C, Wang Q, Ren K, Lou WJ. Privacy-preserving public auditing for data storage security in cloud computing. Proceedings of the 29th IEEE Conference on Computer Communications San Diego, CA, USA. IEEE ComSoc; 2010. pp. 1-9.

16. Wang Q, Wang C, Li J, Ren K, Lou W. Enabling public verifiability and data dynamics for storage security in cloud computing. Proceedings of the 14th European Symposium on Research in Computer Security Saint-Malo, France. Springer; 2009. pp. 355-70.

17. Worku SG, Xu C, Zhao J, He X. Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput Electr Eng 2014;40:1703-13.

18. Wang C, Chow SSM, Wang Q, Ren K, Lou W. Privacy-preserving public auditing for secure cloud storage. IEEE T Comput 2013;62:362-75.

19. Garg N, Bawa S, Kumar N. An efficient data integrity auditing protocol for cloud computing. Future Gener Comput Syst 2020;109:306-16.

20. Yuan J, Yu S. Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans Inform Forensic Secur 2015;10:1717-26.

21. Suguna M, Mercy Shalinie S, Sivaranjani R. Integrity verification for shared data in group with user revocation. In: Zungeru AM, Subashini S, Vetrivelan P, editors. Wireless Communication Networks and Internet of Things. Singapore: Springer; 2019. pp. 41-9.

22. Wang X, Weng J, Ma J, Yang X. Cryptanalysis of a public authentication protocol for outsourced databases with multi-user modification. Inform Sciences 2019;488:13-8.

23. Zhang Y, Yu J, Hao R, Wang C, Kui R. Enabling efficient user revocation in identity-based cloud storage auditing for shared big data. IEEE T Depend Secure 2020;17:608-19.

24. Wu Y, Jiang ZL, Wang X, Yiu SM, Zhang P. Dynamic data operations with deduplication in privacy-preserving public auditing for secure cloud storage. Proceedings of the IEEE International Conference on Computational Science and Engineering and IEEE International Conference on Embedded and Ubiquitous Computing Guangzhou, Guangdong, China. IEEE; 2017. pp. 562-7.

25. Daniel E, Vasanthi NA. LDAP: a lightweight deduplication and auditing protocol for secure data storage in cloud environment. Cluster Comput 2019;22:1247-58.

26. Tang X, Huang Y, Chang C, Zhou L. Efficient real-time integrity auditing With privacy-preserving arbitration for images in cloud storage system. IEEE Access 2019;7:33009-23.

27. Zhao C, Xu L, Li J, Wang F, Fang H. Fuzzy identity-based dynamic auditing of big data on cloud storage. IEEE Access 2019;7:160459-71.

28. Barua R, Dutta R, Sarkar P. Extending Joux’s protocol to multi party key agreement. In: Johansson T, Maitra S, editors. Progress in Cryptology - INDOCRYPT 2003. Berlin: Springer Berlin Heidelberg; 2003. pp. 205-17.

29. Kate A, Zaverucha G, Goldberg I. Pairing-based onion routing. In: Borisov N, Golle P, editors. Privacy Enhancing Technologies. Berlin: Springer Berlin Heidelberg; 2007. pp. 95-112.

Cite This Article

Export citation file: BibTeX | RIS

OAE Style

Jiang LH, Wang C, Shen J. Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. J Surveill Secur Saf 2020;1:61-78. http://dx.doi.org/10.20517/jsss.2020.09

AMA Style

Jiang LH, Wang C, Shen J. Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. Journal of Surveillance, Security and Safety. 2020; 1(1): 61-78. http://dx.doi.org/10.20517/jsss.2020.09

Chicago/Turabian Style

Jiang, Ling-Hong, Chen Wang, Jian Shen. 2020. "Stereo storage structure assisted one-way anonymous auditing protocol in e-health system" Journal of Surveillance, Security and Safety. 1, no.1: 61-78. http://dx.doi.org/10.20517/jsss.2020.09

ACS Style

Jiang, L.H.; Wang C.; Shen J. Stereo storage structure assisted one-way anonymous auditing protocol in e-health system. J. Surveill. Secur. Saf. 2020, 1, 61-78. http://dx.doi.org/10.20517/jsss.2020.09

About This Article

© The Author(s) 2020. Open Access This article is licensed under a Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, sharing, adaptation, distribution and reproduction in any medium or format, for any purpose, even commercially, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Data & Comments

Data

Views
2014
Downloads
717
Citations
1
Comments
0
21

Comments

Comments must be written in English. Spam, offensive content, impersonation, and private information will not be permitted. If any comment is reported and identified as inappropriate content by OAE staff, the comment will be removed without notice. If you have any queries or need any help, please contact us at support@oaepublish.com.

0
Download PDF
Cite This Article 5 clicks
Like This Article 21 likes
Share This Article
Scan the QR code for reading!
See Updates
Contents
Figures
Related
Journal of Surveillance, Security and Safety
ISSN 2694-1015 (Online)
Follow Us

Portico

All published articles are preserved here permanently:

https://www.portico.org/publishers/oae/

Portico

All published articles are preserved here permanently:

https://www.portico.org/publishers/oae/