Journal of Communications and Networks

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지

PEC: A Privacy-Preserving Emergency Call Scheme for Mobile Healthcare Social Networks

  • Liang, Xiaohui (Department of Electrical and Computer Engineering, University of Waterloo) ;
  • Lu, Rongxing (Department of Electrical and Computer Engineering, University of Waterloo) ;
  • Chen, Le (Department of Electrical and Computer Engineering, University of Waterloo) ;
  • Lin, Xiaodong (Faculty of Business and Information Technology, University of Ontario Institute of Technology) ;
  • Shen, Xuemin (Sherman) (Department of Electrical and Computer Engineering, University of Waterloo)
  • Received : 2010.10.10
  • Published : 2011.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

In this paper, we propose a privacy-preserving emergency call scheme, called PEC, enabling patients in life-threatening emergencies to fast and accurately transmit emergency data to the nearby helpers via mobile healthcare social networks (MHSNs). Once an emergency happens, the personal digital assistant (PDA) of the patient runs the PEC to collect the emergency data including emergency location, patient health record, as well as patient physiological condition. The PEC then generates an emergency call with the emergency data inside and epidemically disseminates it to every user in the patient's neighborhood. If a physician happens to be nearby, the PEC ensures the time used to notify the physician of the emergency is the shortest. We show via theoretical analysis that the PEC is able to provide fine-grained access control on the emergency data, where the access policy is set by patients themselves. Moreover, the PEC can withstandmultiple types of attacks, such as identity theft attack, forgery attack, and collusion attack. We also devise an effective revocation mechanism to make the revocable PEC (rPEC) resistant to inside attacks. In addition, we demonstrate via simulation that the PEC can significantly reduce the response time of emergency care in MHSNs.

Keywords

References

  1. List of causes of death by rate. [Online]. Available: http://en.wikipedia.org/wiki/List_of_causes_of_death_by_rate
  2. S. Pavlopoulos, E. Kyriacou, A. Berler, S. Dembeyiotis, and D. Koutsouris, "A novel emergency telemedicine system based on wireless communication technology-ambulance," IEEE Trans. Inf. Technol. Biomed., vol. 2, no. 4, pp. 261-267, 1998. https://doi.org/10.1109/4233.737581
  3. T. Y. Kim, A. Coenen, and N. Hardiker, "A quality improvement model for healthcare terminologies," J. Biomed. Informat., 2010.
  4. N. Razack, "Time is critical in treating stroke victims." [Online]. Available:http://www2.tbo.com/content/2010/may/05/071105/timeiscritical-in-treating-stroke-victims/life-health/, 2010
  5. Emergency medical services. [Online]. Available: http://en.wikipedia.org/wiki/Emergency_medical_services
  6. R. Lu, X. Lin, X. Liang, and X. Shen, "Secure handshake with symptoms-matching: The essential to the success of mhealthcare social network," in Proc. BodyNets, 2010.
  7. D. Meltzer, J. Chung, P. Khalili, E. Marlowa, V. Arora, G. Schumock, and R. Burt, "Exploring the use of social network methods in designing healthcare quality improvement teams," in Proc. Soc. Sci. Med., vol. 71, no. 6, 2010, pp. 1119-1130. https://doi.org/10.1016/j.socscimed.2010.05.012
  8. M. Domingo, "Managing healthcare through social networks," in Proc. IEEE Comput. Mag., vol. 43, no. 7, 2010, pp. 20-25.
  9. H. Alemdar and C. Ersoy, "Wireless sensor networks for healthcare: A survey," in Proc. Comput. Netw., vol. 54, no. 15, 2010, pp. 2688-2710. https://doi.org/10.1016/j.comnet.2010.05.003
  10. K. Malasri and L. Wang, "Addressing security in medical sensor networks," in Proc. HealthNet, 2007, pp. 7-12.
  11. A. Mohan, D. Bauer, D. M. Blough, M. Ahamad, B. Bamba, R. Krishnan, L. Liu, D. Mashima, and B. Palanisamy, "A patient-centric, attributebased, source-verifiable framework for health record sharing," Technique Reports. [Online]. Available: http://www.cercs.gatech.edu/techreports/tr2009/git-cercs-09-11.pdf, 2009
  12. A. Mohan and D. M. Blough, "An attribute-based authorization policy framework with dynamic conflict resolution," in Proc. IDtrust, 2010, pp. 37-50
  13. X. Liang, R. Lu, X. Lin, and X. Shen, "Patient self-controllable access policy on phi in ehealthcare systems," in Proc. Advances in Health Informat. Conf., 2010.
  14. K. J. Leonard, "One patient, one record: Report on one-day symposium to promote patient ehealth," in Proc. Technique Reports. [Online]. Available:http://patientdestiny.typepad.com/OPOR%20Report%20-%20Ottawa.pdf, 2010
  15. M. Kim, D. Kotz, and S. Kim, "Extracting a mobility model from real user traces," in Proc. IEEE INFOCOM, 2006, pp. 1-13.
  16. B. Waters, "Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization," in Proc. Cryptology ePrint Archive: Report 2008/290, 2008.
  17. X. Liang, Z. Cao, J. Shao, and H. Lin, "Short group signature without random oracles," in Proc. ICICS, 2007, pp. 69-82.
  18. X. Boyen and B. Waters, "Full-domain subgroup hiding and constant-size group signatures," in Proc. PKC, 2007, pp. 1-15.
  19. J. Daemen and V. Rijmen, The Design of Rijndael: AES-The Advanced Encryption Standard. Springer, 2002.
  20. A. Boldyreva, V. Goyal, and V. Kumar, "Identity-based encryption with efficient revocation," in Proc. ACM CCS, 2008, pp. 417-426.
  21. D. Boneh and X. Boyen, "Efficient selective-id secure identity-based encryption without random oracles," in Proc. EUROCRYPT, 2004, pp. 223-238.
  22. S. Yu, K. Ren, and W. Lou, "Fdac: Toward fine-grained distributed data access control in wireless sensor networks," in Proc. IEEE INFOCOM, 2009, pp. 963-971.
  23. M. Li, W. Lou, and K. Ren, "Data security and privacy in wireless body area networks," IEEE Wireless Commun., vol. 17, no. 1, pp. 51-58, 2010.
  24. X. Lin, R. Lu, X. Shen, Y. Nemoto, and N. Kato, "Sage: A strong privacy-preserving scheme against global eavesdropping for ehealth systems," IEEE J. Sel. Areas Commun., vol. 27, no. 4, pp. 365-378, 2009. https://doi.org/10.1109/JSAC.2009.090502
  25. F. Currim, E. Jung, X. Xiao, and I. Jo, "Privacy policy enforcement for health information data access," in Proc. WiMD, 2009, pp. 39-44.
  26. F.W. Dillema and S. Lupetti, "Rendezvous-based access control for medical records in the pre-hospital environment," in Proc. HealthNet, 2007, pp. 1-6.
  27. J. Kim, A. Beresford, and F. Stajano, "Towards a security policy for ubiquitous healthcare systems (position paper)," in Proc. ICUCT, 2006, pp. 263-272.
  28. J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-policy attributebased encryption," in Proc. IEEE Symp. Security and Privacy, 2007, pp. 321-334.
  29. L. Cheung and C. Newport, "Provably secure ciphertext policy abe," in Proc. ACM Conf. Comput. Commun. Security, 2007, pp. 456-465.
  30. V. Goyal, A. Jain, O. Pandey, and A. Sahai, "Bounded ciphertext policy attribute based encryption," in Proc. ICALP (2), 2008, pp. 579-591.
  31. D. Boneh, X. Ding, G. Tsudik, and M. Wong, "A method for fast revocation of public key certificates and security capabilities," in Proc. USENIX Security Symp., 2001, pp. 22-22.
  32. B. Libert and J.-J. Quisquater, "Efficient revocation and threshold pairing based cryptosystems," in Proc. ACM Symp. Principles of Distributed Comput., 2003, pp. 163-171.