|
|
|
| Secure and Efficient Attribute Based Access Control for Brain-computer Interface |
| TU Yuanfei①②③ YANG Geng①② YUAN Fengjie③ |
①(College of Telecommunications and Information Engineering, Nanjing University of Post and Telecommunication, Nanjing 210003, China)
②(Jiangsu High Technology Research Key Laboratory for Wireless Sensor Networks, Nanjing 210003, China)
③(College of Computer Science and Technology, Nanjing Tech University, Nanjing 211800, China) |
|
|
|
|
Abstract Brain-Computer Interface (BCI) are expected to play a major role in field of medical-health monitoring in near future. Unfortunately, an increasing number of attacks to BCI applications underline the existence of security and privacy related issues, which gains tremendous attention amongst researchers. In this paper, a communication architecture is proposed for BCI applications, and an access control scheme is designed by employing Ciphertext-Policy Attribute Based Encryption (CP-ABE). The proposed scheme supports fully fine-grained attribute revocation by proxy re-encryption. The proposed scheme can efficiently and feasibly reduce the challenges of privacy preservation, and it works excellent in energy consumption and communication/ computation overhead.
|
|
Received: 13 December 2016
Published: 14 August 2017
|
|
|
| Fund:The National Natural Science Foundation of China (61572263, 61272084), The Natural Science Foundation of the Jiangsu Province Higher Education Institutions of China (11KJA520002), The Specialized Research Fund for the Doctoral Program of Higher Education (20113223110003), China Postdoctoral Science Foundation (2015M581794), Jiangsu Province Planned Projects for Postdoctoral Research Funds (1501023C), NUPTSF (NY214127) |
|
Corresponding Authors:
TU Yuanfei
E-mail: yuanfeitu@163.com
|
|
|
|
| [1] |
WOLPAW J, BIRBAUMER N, and HEETDERKS W. Brain-computer interface technology: A review of the first international meeting[J]. IEEE Transactions on Rehabilitation Engineering, 2000, 8(2): 164-173. doi: 10.1109/ TRE.2000.847807.
|
| [2] |
WOLPAW J, BIRBAUMER N, MCFARLAND D J, et al. Brain-computer interfaces for communication and control[J]. Clinical Neurophysiology Official Journal of the International Federation of Clinical Neurophysiology, 2002, 113(6): 767-791. doi: 10.1016/S1388-2457(02)00057-3.
|
| [3] |
Abdulkader S N, ATIA A, and MOSTAFA M S M. Brain computer interfacing: Applications and challenges[J]. Egyptian Informatics Journal, 2015, 16(2): 213-230. doi: 10.1016/j.eij.2015.06.002.
|
| [4] |
BLONDET M V R, BADARINATH A, KHANNA C, et al. A wearable real-time BCI system based on mobile cloud computing[C]. International IEEE/EMBS Conference on Neural Engineering, San Diego, CA, USA, 2013: 739-742. doi: 10.1109/NER.2013.6696040.
|
| [5] |
ELSAWY A S and ELDAWLATLY S. P300-based applications for interacting with smart mobile devices[C]. International IEEE/EMBS Conference on Neural Engineering. IEEE, Montpellier, France, 2015: 166-169. doi: 10.1109/NER.2015.7146586.
|
| [6] |
HONDA K and KUDOH S N. Air brain: The easy telemetric system with smartphone for EEG signal and human behavior[C]. International Conference on Body Area Networks, Brussels, Belgium, 2013: 343-346. doi: 10.4108/ icst.bodynets.2013. 253918.
|
| [7] |
LI Q Q, DING D, and CONTI M. Brain-computer interface applications: Security and privacy challenges[C]. IEEE Communications and Network Security, Florence, Italy, 2015: 663-666. doi: 10.1109/CNS.2015.7346884.
|
| [8] |
MARTINOVIC I, DAVIES D, FRANK M, et al. On the feasibility of side-channel attacks with brain-computer interfaces[C]. Usenix Conference on Security Symposium, Berkeley CA USA, 2012: 34.
|
| [9] |
CHIU Yutzu. Mind reading to predict the success of online games[OL]. http://spectrum.ieee.org/consumer-electronics/ gaming/mind-reading-to-predict-the-success-of-online-games.IEEESpectrum, Feb.5, 2013.
|
| [10] |
LUBER B, FISHER C, APPELBAUM P S, et al. Non- invasive brain stimulation in the detection of deception: scientific challenges and ethical consequences[J]. Behavioral Sciences & the Law, 2009, 27(2): 191-208. doi: 10.1002/bsl. 860.
|
| [11] |
U.S. Centers for Medicare & Medicaid Services. Hippa basics for providers: privacy, security, and breach notification rules[OL]. https://www.cms.gov/Outreach-and-Education/ Medicare-Learning-Network-MLN/MLNProducts/Downloads/HIPAAPrivacyandSecurityTextOnly.pdf. 2016.
|
| [12] |
U.S. Federal Trade Commission. Federal trade commission act[OL]. https://www.ftc.gov/enforcement/statutes/federal- trade-commission-act.Apr.12, 2015.
|
| [13] |
CHIZECK H J and BONACI T. Brain-computer interface anonymizer[OL]. https://docs.google.com/viewer?url= patentimages.storage.googleapis.com/pdfs/US20140228701.pdf. Aug.14, 2014.
|
| [14] |
BONACI T, CALO R, and CHIZECK H. App stores for the brain: privacy and security in brain-computer interfaces[J]. Technology & Society Magazine IEEE, 2015, 34(2): 32-39. doi: 10.1109/MTS.2015.2425551.
|
| [15] |
VENKATASUBRAMANIAN K K, BANERIEE A, and GUPTA S K S. EKG-based key agreement in body sensor networks[C]. INFOCOM Workshops. IEEE, Phoenix, AZ, USA, 2008: 1-6. doi: 10.1109/INFOCOM.2008.4544608.
|
| [16] |
CHERUKURI S, VENKATASUBRAMANIAN K K, and GUPTA S K S. BioSec: A biometric based approach for securing communication in wireless networks of biosensors implanted in the human body[C]. International Conference on Parallel Processing Workshops, Kaohsiung, 2003: 432-439. doi: 10.1109/ICPPW.2003.1240399.
|
| [17] |
TAN C C, WANG H, ZHONG S, et al. Body sensor network security: An identity-based cryptography approach[C]. ACM Conference on Wireless Network Security, Alexandria, VA, USA, 2008: 148-153. doi: 10.1145/1352533.1352557.
|
| [18] |
MALEK B and MIRI A. Combining attribute-based and access systems[C]. 2009 International Conference on Computational Science and Engineering, Vancouver, BC, Canada, 2009, 3: 305-312. doi: 10.1109/CSE.2009.157.
|
| [19] |
HAN R F, WANG H X, XIAO Q, et al. A united access control model for systems in collaborative commerce[J]. Journal of Networks, 2009, 4(4): 279-289. doi: 10.4304/jnw. 4.4.279-289.
|
| [20] |
WAN Z, LIU J, and DENG R H. HASBE: A hierarchical attribute-based solution for flexible and scalable access control in cloud computing[J]. IEEE Transactions on Information Forensics & Security, 2012, 7(2): 743-754. doi: 10.1109/TIFS.2011.2172209.
|
| [21] |
GOYAL V, PANDEY O, SAHAI A, et al. Attribute-based encryption for fine-grained access control of encrypted data [C]. ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, 2006: 89-98. doi: 10.1145/1180405.1180418.
|
| [22] |
冯登国, 陈成. 属性密码学研究[J]. 密码学报, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.
|
|
FENG Dengguo and CHEN Cheng. Research on attribute- based cryptography[J]. Journal of Cryptologic Research, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001.
|
| [23] |
YU S, WANG C, REN K, et al. Attribute based data sharing with attribute revocation[C]. ACM Symposium on Information, Computer and Communications Security, ASIACCS 2010, Beijing, China, 2010: 261-270. doi: 10.1145/ 1755688.1755720.
|
| [24] |
NARUSE T, MOHRI M, and SHIRAISHI Y. Provably secure attribute-based encryption with attribute revocation and grant function using proxy re-encryption and attribute key for updating[J]. Human-centric Computing and Information Sciences, 2015, 5(1): 1-13. doi: 10.1186/s13673-015-0027-0.
|
| [25] |
WANDER A S, GURA N, EBERLE H, et al. Energy analysis of public-key cryptography for wireless sensor networks[C]. Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications, Kauai Island, HI, USA, 2005: 324-331. doi: 10.1109/PERCOM.2005.18.
|
| [26] |
BERTONI G M, CHEN L, FRAGNETO P, et al. Computing tate pairing on smartcards[OL]. http://citeseerx.ist.psu.edu/ viewdoc/download? doi: 10.1.1.83.9125&rep=rep1&type= pdf.
|
| [27] |
REN Kui, ZENG Kai, LOU Wenjing, et al. On broadcast authentication in wireless sensor networks[C]. International Conference on Wireless Algorithms, Systems, and Applications, Xi’an, China, 2006: 502-514. doi: 10.1007/ 11814856_48.
|
|
|
|
