posted on 2024-11-17, 13:35authored byJianchang Lai, Willy Susilo, Robert H Deng, Fuchun Guo
E-healthcare as a significant facet of the Internet of Things (IoT) relies on wearable devices to continuously monitor users' vital signals for health-related purposes. The sensitive and vast nature of the collected data necessitate secure encryption and storage on the cloud. Simultaneously, there is a need to share these data for healthcare purposes. How to balance the privacy and usability of these data is a challenging problem in the e-healthcare applications. A central problem arose from the continuous data collection is how to effectively share the data collected in one specific time period when users are unwell. We formalize it as the sequential data sharing problem. This problem appears in various IoT applications apart from e-healthcare, such as video surveillance. In this paper, we explain why all existing solutions cannot address the above problem. Then, we propose a novel sequential data sharing system (SDSS), where the data encrypted at any specific time period can be efficiently shared. We first present a practical construction of SDSS that supports securely sharing data within one specific time period in a symmetric manner. The decryption key are retrieved sequentially by utilizing the shared key and hash function. All involved calculations in the system are lightweight. Data pertaining to other non-selected time periods remain unknown. We then extend the SDSS to a multiple-range version, enabling simultaneous sharing data for multiple specific time periods, and show an example. We formalize the definition of security models and analyze the security of our systems. Finally, we evaluate the performance of our systems using SHA-256 and AES-256. Experimental results demonstrate that our systems are highly efficient. It takes less than 1 millisecond to encrypt 100KB data and less than 0.4 milliseconds to decrypt the corresponding cipher data. Our proposed systems provide a solution to balance the privacy and usability in the context of sequentially collected data. We believe that this work will enhance the adoption and practicality of IoT applications.
Funding
Australian Research Council (RF1028623200)
History
Journal title
IEEE Transactions on Information Forensics and Security