Skip to content

Review

Info

Enabling Privacy-Assured Fog-Based Data Aggregation in E-Healthcare Systems

(IEEE Transactions on Industrial Informatics'21)

"In this article, we design an improved symmetric homomorphic cryptosystem and a fog-based communication architecture to support delay- or time-sensitive monitoring and other-related applications."

Medical Monitoring Systems

  • 属于 e-healthcare system 中的一部分
  • 通过类似 wearable body area network (WBAN) 的环境进行无线通信
  • 可被植入,或穿戴在病人身上,或安装在医疗仪器中
  • 会不断地周期地发送信息 (continuously and periodically)

为什么需要 fog-based

  • 设备使用 ZigBee 或蓝牙等近距离通信协议
  • 如果传输到 Medical Cloud Server (MCS),会因为大量的信息内容和通信延迟而花费太长的时间

使用雾节点需要注意的是,因为雾节点处于不安全的环境中,所以传输的数据都需要进行加密。

both data-in-transit and data-at-rest at the fog servers (FSs) should remain encrypted.

这篇文章的贡献:

  • design a new symmetric homomorphic encryption-based data aggregation scheme for e-healthcare systems
  • use the proposed scheme in a fog-based architecture to support a time- or delay-sesitive medical monitoring system

How to execute data aggregation in privacy-preservign manners:

  • Paillier encryption technique
  • support fine-grained demands in smart grid
  • dynamic data aggregation framework for smart grid
  • MapReduce framework
  • several aggregated statistics

All above schemes are based on cloud server.

How to solve the problem of network latency:

  • two-layer encryption

How to preserve the integrity of the data:

  • ElGamal cryptosystem
  • emergency-response approach
  • P2DA by using Boneh-Goh-Nissim encryption system
  • aggregate multidimensional data, batch verification

None of above can satisfy all of the security requirements, and several schemes are too time-consuming to be practical.

Problem Statement

Four types of entities:

  • medical workers
  • MCS
  • FS
  • WBAN

One MCS connects to m FSs, each FS connects to n WBANs, each WBAN connects to l various medical sensors in real-time, denoted by \{md_1, md_2, \ldots, md_l\}.

Threat Moedl:

  • Fully Trustworthy: MCS, FSs

Preliminaries

Symmetric Homomorphic Cryptosystem (SHE):

  • KeyGen(\lambda)\to (s,v,u,d)
  • Enc(K, m, r)\to c: c=s^d(rv + m) \mbox{ mod } u
  • Dec(K, c)\to m: m = (cs^{-d} \mbox{ mod } v) \mbox{ mod } v

同态加法:

c_1 + c_2 = s^d ((r_1 + r_2)v + (m_1 + m_2)) \mbox{ if } d_1 = d_2 = d

同态标量乘法:

c_1 \times m_2 = s^{d_1} ((r_1 m_2)v + m_1 m_2)

The proposed scheme

初始化:

  • TTP 选取安全参数 k,生成 (q, P, \mathbb{G}_1, \mathbb{G}_2, e),以及哈希函数 H(\cdot): \{0,1\}^* \to \mathbb{G}_1
  • TTP 公开参数
  • FS_i 选取 x_i\in \mathbb{Z}_q^* 作为私钥,Y_i = x_i P 作为公钥
  • TTP 将 K_{i,j} = (s_{i,j}, v_{i,j}, u_{i,j}, d_{i,j}) 分配给 WBAN_{i,j},每一个 FS_i 产生用户的私钥 K_i = \{K_{i,1}, K_{i,2},\ldots, K_{i,n}\}