HealthShare: Achieving secure and privacy-preserving health information sharing through health social networks

In this paper, we propose two attribute-oriented authentication and transmission schemes for secure and privacy-preserving health information sharing in health social networks (HSNs). HSN users are tagged with formalized attributes. The attribute-oriented authentication scheme enables each HSN user to generate an attribute proof for itself, where its sensitive attributes are anonymized. By verifying provided attribute proof, other users are able to know what attributes an HSN user has. The attribute-oriented transmission scheme enables an HSN user to encrypt his/her health information into a ciphertext bonded with a customized access policy. The access policy is defined by a target set of attributes. Only users who satisfy the access policy are able to decrypt the ciphertext. Through security analysis, we show that the proposed schemes can effectively resist various attacks including forgery attack, attribute-trace attack, eavesdropping attack, and collusion attack. Through extensive simulation studies, we demonstrate that both schemes can offer satisfactory performance in helping HSN users to share health information.