Qi Li,Hongbo Zhu

DOI: https://doi.org/10.1109/WCSP.2017.8171106

2017-10-01

Abstract:Multi-Authority Attribute-Based Encryption (MA-ABE) is a practical cryptographic primitive for enforcing fine-grained attribute-based access control of personal health information (PHI) in mobile healthcare (mHealth) cloud. Existing schemes are either limited to restricted attribute universe or lack of efficient decryption algorithm for users. In this paper, we propose an efficient and secure multi-authority attribute-based access control scheme for PHI in mHealth cloud. The proposed scheme simultaneously supports unbounded attribute universe and offers efficient decryption outsourcing approach without leaking the PHI privacy. It enables the PHI owner to define access policy in the form of any monotonic access structures. We prove the security in the standard model. Compared with relevant schemes, our scheme can reduce the user's decryption cost from increasing linearly with the number of attributes to constant.

Computer Science

Shuming Xiong,Qiang Ni,Liangmin Wang,Qian Wang

DOI: https://doi.org/10.1109/jiot.2020.2963899

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:Data access control in a cloud storage system is regarded as a promising technique for enhanced efficiency and security utilizing a ciphertext-policy attribute-based encryption (CP-ABE) approach. However, due to a large number of data users as well as limited resources and heterogeneity of data devices in Internet of Things (IoT), existing access control schemes for the cloud storage are not effectively applicable to IoT applications. In this article, we construct a new CP-ABE-based storage model for data storing and secure access in a cloud for IoT applications. Our new framework introduces an attribute authority management (AAM) module in the cloud storage system functioned as an agent that provides a user-friendly access control and highly reduces the storage overhead of public keys. Then, we propose a novel secure and efficient multiauthority access control scheme of the cloud storage system for IoT, namely, SEM-ACSIT, which obtains both backward security and forward security when an attribute of a user is revoked. By exploiting encryption outsourcing, simplified key structuring and the AAM module, the computational overhead of a user is immensely decreased. Moreover, a user access control list (UACL) in the cloud server is constructed newly to support authorization access for a specific user. The analysis and simulation results demonstrate that our SEM-ACSIT scheme achieves powerful security with less computational overhead and lower storage costs than the existing schemes.

Kaiqing Huang,Xueli Wang,Zhiqiang Lin

DOI: https://doi.org/10.1155/2021/8872699

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:With the assistance of edge computing which reduces the heavy burden of the cloud center server by using the network edge servers, the Internet of Things (IoTs) architectures enable low latency for real-time devices and applications. However, there still exist security challenges on data access control for the IoT. Multiauthority attribute-based encryption (MA-ABE) is a promising technique to achieve access control over encrypted data in cross-domain applications. Based on the characteristics and technical requirements of the IoT, we propose an efficient fine-grained revocable large universe multiauthority access control scheme. In the proposed scheme, the most expensive encryption operations have been executed in the user’s initialization phase by adding a reusable ciphertext pool besides splitting the encryption algorithm to online encryption and offline encryption. Massive decryption operations are outsourced to the near-edge servers for reducing the computation overhead of decryption. An efficient revocation mechanism is designed to change users’ access privileges dynamically. Moreover, the scheme supports ciphertext verification. Only valid ciphertext can be stored and transmitted, which saves system resources. With the help of the chameleon hash function, the proposed scheme is proven CCA2-secure under the q-DPBDHE2 assumption. The performance analysis results indicate that the proposed scheme is efficient and suitable in edge computing for the IoT.

Arthur S. Voundi Koe,Qi Chen,Juan Tang,Shan Ai,Hongyang Yan,Shiwen Zhang,Duncan S. Wong

DOI: https://doi.org/10.1002/int.23009

IF: 8.993

2022-09-09

International Journal of Intelligent Systems

Abstract:With recent advances in cloud computing, mobile devices are increasingly being used to record patient physiological parameters, and transfer them to a cloud‐based hospital information system, for access control mediation over a variety of stakeholders. In such a cloud‐based architecture, the patient must specify an access policy for a group of authorized parties towards its outsourced data. Multiauthority ciphertext‐policy attribute‐based encryption (CP‐ABE) was provided as an innovative cloud‐based access control cryptographic primitive to tackle the key escrow issue in a centralized architecture, and boost flexibility through cross‐domain attributes management. Existing works, however, still have glaring drawbacks. First, they still rely on a trusted authority to generate and distribute user secret keys. Second, they do not simultaneously provide encryption, decryption, or revocation outsourcing, resulting in high processing and communication cost for both the data sender and the data receiver. Third, they do not support both user and attribute revocation, and the integrity of ciphertext downloaded from the cloud is not always verified at the user end. As a result, this paper exploits the dummy attribute technique and introduces a novel, efficient, and secure multiauthority ciphertext‐policy ABE method for mediating access control over medical data, in the mobile cloud. The ciphertext access policy enforcement, partial ciphertext decryption, and both the user and attribute indirect revocation updates are safely outsourced to the cloud server in this study. Theoretical analysis demonstrates that our scheme is efficient and verifiable, and we prove that our construction is secure under the decisional bilinear Diffie‐Hellman assumption.

computer science, artificial intelligence

Reetu Gupta,Priyesh Kanungo,Nirmal Dagdee,Golla Madhu,Kshira Sagar Sahoo,N Z Jhanjhi,Mehedi Masud,Nabil Sharaf Almalki,Mohammed A AlZain

DOI: https://doi.org/10.3390/s23052617

2023-02-27

Abstract:With continuous advancements in Internet technology and the increased use of cryptographic techniques, the cloud has become the obvious choice for data sharing. Generally, the data are outsourced to cloud storage servers in encrypted form. Access control methods can be used on encrypted outsourced data to facilitate and regulate access. Multi-authority attribute-based encryption is a propitious technique to control who can access encrypted data in inter-domain applications such as sharing data between organizations, sharing data in healthcare, etc. The data owner may require the flexibility to share the data with known and unknown users. The known or closed-domain users may be internal employees of the organization, and unknown or open-domain users may be outside agencies, third-party users, etc. In the case of closed-domain users, the data owner becomes the key issuing authority, and in the case of open-domain users, various established attribute authorities perform the task of key issuance. Privacy preservation is also a crucial requirement in cloud-based data-sharing systems. This work proposes the SP-MAACS scheme, a secure and privacy-preserving multi-authority access control system for cloud-based healthcare data sharing. Both open and closed domain users are considered, and policy privacy is ensured by only disclosing the names of policy attributes. The values of the attributes are kept hidden. Characteristic comparison with similar existing schemes shows that our scheme simultaneously provides features such as multi-authority setting, expressive and flexible access policy structure, privacy preservation, and scalability. The performance analysis carried out by us shows that the decryption cost is reasonable enough. Furthermore, the scheme is demonstrated to be adaptively secure under the standard model.

Hongyang Yan,Jin Li,Xuan Li,Gansen Zhao,Sun-Young Lee,Jian Shen

DOI: https://doi.org/10.1080/10798587.2015.1132586

2016-01-01

Abstract:Cloud computing is a new paradigm, which provides low-cost and effective outsourced data storage service. People are used to storing personal data in cloud server. E-Health system (EHS) privacy should be protected, because it is national security for citizen privacy. Personal Health Record (PHR) is the core of EHS that should be protected. Thus, how to efficiently store, access and share these data is critical. Attribute-based encryption (ABE) is a new public key encryption based on users' attributes. In this paper, we present a new method to realize a secure fine-grained access control to PHRs, which is based on emerging ABE primitives. In more details, PHR owners divide the PHR data in terms of the privacy levels. A key-policy ABE (KP-ABE) is utilized to provide a fine-grained access control storage system for outsourced sensitive data. It can also provide efficient user revocation by using the timestamp in the private key. Security analysis shows that our construction achieves the data confidentiality. That is, any unauthorized user is not allowed to access the data outsourced in the cloud.

Ming Li,Shucheng Yu,Yao Zheng,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tpds.2012.97

IF: 5.3

2013-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients' control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this paper, we propose a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute-based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.

Jialu Hao,Wenjuan Tang,Cheng Huang,Jian Liu,Huimei Wang,Ming Xian

DOI: https://doi.org/10.1109/tetc.2021.3052377

2022-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:Cloud-assisted Internet of Medical Things (IoMT) is becoming an emerging paradigm in the healthcare domain, which involves collection, storage and usage of the medical data. Considering the confidentiality and accessibility of the outsourced data, secure and fine-grained data sharing is a crucial requirement for the patients. Attribute-based encryption (ABE) is a promising solution to deal with this issue, but considering its property of each attribute sharing with multiple users, how to flexibly and efficiently update access privileges of certain users without affecting others is still a serious challenge. In this article, we propose a secure and fine-grained data sharing scheme with flexible user access privilege update in cloud-assisted IoMT environment. Specifically, we take ABE as the basic building block, and utilize proxy re-encryption and key blinding techniques to empower the cloud server to re-encrypt the ciphertext affected by revocation and update keys for unrevoked users. In addition, adding attributes for users to extend their access rights is realized only based on few key components stored in cloud without entirely re-computing and re-issuing keys for them. As a result, the patients are able to flexibly and efficiently share their data and manage users’ privileges. Formal proof and detailed performance evaluation demonstrate the security and efficiency of the proposed scheme.

Xiyu Liang,Yali Liu,Jianting Ning

DOI: https://doi.org/10.1109/JBHI.2024.3391218

Abstract:IoT and 5G-enabled smart healthcare allows medical practitioners to diagnose patients from any location via electronic health records (EHRs) by wireless body area network (WBAN) devices. Privacy, including the medical practitioner's identity and the patient's EHR, can easily be leaked from hospitals or cloud servers, and secret keys used to access EHRs must be revoked after diagnosis. In response to the challenges associated with user authentication and secret key revocation, this paper proposes an access control scheme with privacy-preserving authentication and flexible revocation for smart healthcare using attribute-based encryption (ABE), named PAFR-ABE, which provides access control to prevent malicious users from decrypting EHRs. Meanwhile, PAFR-ABE ensures privacy-preserving authentication for users during secret key generation, which safeguards users' identities and prevents unauthorized requests for secret keys. In addition, PAFR-ABE achieves flexible revocation and recovery of secret keys, which eliminates the need to update secret keys for unrevoked users. Security analysis indicates that PAFR-ABE meets the security requirements of an access control scheme for smart healthcare, especially in terms of forward security and backward security. Performance analysis shows that PAFR-ABE is efficient in the key generation and revocation algorithms compared with typical access control schemes.

Yang Zhao,Pengcheng Fan,Haoting Cai,Zhiguang Qin,Hu Xiong

DOI: https://doi.org/10.6633/ijns.201711.19(6).21

2017-01-01

Abstract:By sharing the personal health information (PHI) in the healthcare provider (HP) which is equipped with cloud servers, mobile-healthcare (m-healthcare) significantly promotes a huge revolution of medical consultation. Nonetheless there is a series of challenges such as PHI confidentiality and the attribute revocation. To deal with these problems, we propose a scheme based on the attribute-based encryption. The scheme which supports non-monotonic access structures and fine-grained attribute revocation is established over the composite order bilinear groups. By utilizing this scheme, we can well protect PHI and achieve the goal of revocation. Furthermore, the security analysis and comparison show that our scheme is more expressive despite of the lower efficiency.

Zhen Qin,Jianfei Sun,Dajiang Chen,Hu Xiong

DOI: https://doi.org/10.1155/2017/7514867

2017-01-01

Mobile Information Systems

Abstract:Online healthcare social networks (OHSNs) play an essential role in sharing information among medical experts and patients who are equipped with similar experiences. To access other patients’ data or experts’ diagnosis anywhere and anytime, it is necessary to integrate the OHSN into the Internet as part of the Internet of Things (IoT). Therefore, it is crucial to design an efficient and versatile access control scheme that can grant and revoke a user to access the OHSN. In this paper, we propose novel attribute-based encryption (ABE) features with user revocation and verifiable decryption outsourcing to control the access privilege of the users. The security of the proposed ABE scheme is given in the well-studied random oracle model. With the proposed ABE scheme, the malicious users can be excluded from the system and the user can offload most of the overhead in the decryption to an untrusted cloud server in a verifiable manner. An access control scheme for the OHSN has been given in the context of the IoT based on the proposed ABE scheme. The simulation demonstrates that our access control mechanism is practical.

Shengmin Xu,Yingjiu Li,Robert H. Deng,Yinghui Zhang,Xiangyang Luo,Ximeng Liu

DOI: https://doi.org/10.1109/TCC.2019.2936481

IF: 5.697

2022-01-01

IEEE Transactions on Cloud Computing

Abstract:Healthcare Internet-of-Things (IoT) is an emerging paradigm that enables embedded devices to monitor patients vital signals and allows these data to be aggregated and outsourced to the cloud. The cloud enables authorized users to store and share data to enjoy on-demand services. Nevertheless, it also causes many security concerns because of the untrusted network environment, dishonest cloud service providers and resource-limited devices. To preserve patients' privacy, existing solutions usually apply cryptographic tools to offer access controls. However, fine-grained access control among authorized users is still a challenge, especially for lightweight and resource-limited end-devices. In this paper, we propose a novel healthcare IoT system fusing advantages of attribute-based encryption, cloud and edge computing, which provides an efficient, flexible, secure fine-grained access control mechanism with data verification in healthcare IoT network without any secure channel and enables data users to enjoy the lightweight decryption. We also define the formal security models and present security proofs for our proposed scheme. The extensive comparison and experimental simulation demonstrate that our scheme has better performance than existing solutions.

Hui Yin,Yin Zhu,Hua Deng,Lu Ou,Zheng Qin,Keqin Li

DOI: https://doi.org/10.1109/jiot.2024.3470891

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:The deep integration of Internet of Things (IoT) and cloud computing promotes a wide deployment of Body Area Networks (BAN) for smart health services. The data security raises new challenges when patients’ Health Records (HRs) are uploaded into the cloud server by BAN. The Attribute-Based Encryption (ABE) primitive is a potential option to ensure HRs security, which provides the data confidentiality guarantee and fine-grained access control simultaneously via cryptographic means. However, most ABE schemes are unsuitable to be deployed in smart health application as access policies associated with encrypted HRs reveal patient’s privacies. Though the recently proposed ABE with partially hidden access policy based on composite order can alleviate the privacy leakage by only disclosing the attribute names and concealing the practical attribute values, the exposed attribute names still leak individual privacies. In this paper, we put forward a privacy-enhanced and efficient ABE construction with fully hidden access policy over prime order group based on the prominent ABE construction due to Bethencourt et al.. Our scheme hides the sensitive attributes in the access structure by several non-trivial designs without compromising the correctness and security. Moreover, our scheme’s performance is far superior to the attribute partially hidden schemes. Extensive experiments demonstrate the conclusion.

Wei Li,Wei Ni,Dongxi Liu,Ren Ping Liu,Peishun Wang,Shoushan Luo

DOI: https://doi.org/10.1109/jbhi.2018.2850304

2017-01-01

Abstract:This paper presents a novel access control scheme for personal health record(PHR) data in cloud computing. The scheme utilizes attribute-based encryption(ABE), hash function and symmetric encryption to realize a fine-grained, multiprivilege access control to PHR. The patients can share their PHR with medical staff from various departments with different privileges securely. The experimental results show the efficiency of our scheme in terms of running-time, communication cost and storage overhead.

Leyou Zhang,Chuchu Zhao,Qing Wu,Yi Mu,Fatemeh Rezaeibagha

DOI: https://doi.org/10.1016/j.sysarc.2022.102654

IF: 5.836

2022-01-01

Journal of Systems Architecture

Abstract:Mobile healthcare (mHealth) is a smart health system, which makes people have the storage and share in their personal health data (PHD) in the cloud for rapidly medical treatment through mobile 5G-enabled Industrial Internet of Things (IIoT) equipments. But key hosting problem and privacy leakage problem issued by malicious users and revoked users bring new security challenges. Traceability and accountability to attackers have been an important issue in mHealth system. Among the methods solving the above, most of them still face key abusing and privacy leakage problems. In this article, an expressive privacy preserving attribute-based traceable approach is proposed, where it keeps PHD confidentiality, eliminates the key delegation issue and prevents the key from being abused, allowing for fine-grained access control to the shared data in mHealth. Under this framework, we imprint a robust unforgeable signature in the secret key to assure the tracked user's undeniability. We also add a revocable function that can efficiently remove the malicious users by only updating parts of ciphertext, and unrevoked users still can access the encrypted data using the original key. To achieve privacy protection, a bloom filter is used to hide the access policy. Security analysis and performance comparisons show the proposed method is secure and efficient.

Shahzad Khan,Waseem Iqbal,Abdul Waheed,Gulzar Mehmood,Shawal Khan,Mahdi Zareei,Rajesh Roshan Biswal

DOI: https://doi.org/10.3390/s22010336

2022-01-03

Abstract:The ever-growing ecosystem of the Internet of Things (IoT) integrating with the ever-evolving wireless communication technology paves the way for adopting new applications in a smart society. The core concept of smart society emphasizes utilizing information and communication technology (ICT) infrastructure to improve every aspect of life. Among the variety of smart services, eHealth is at the forefront of these promises. eHealth is rapidly gaining popularity to overcome the insufficient healthcare services and provide patient-centric treatment for the rising aging population with chronic diseases. Keeping in view the sensitivity of medical data, this interfacing between healthcare and technology has raised many security concerns. Among the many contemporary solutions, attribute-based encryption (ABE) is the dominant technology because of its inherent support for one-to-many transfer and fine-grained access control mechanisms to confidential medical data. ABE uses costly bilinear pairing operations, which are too heavy for eHealth's tiny wireless body area network (WBAN) devices despite its proper functionality. We present an efficient and secure ABE architecture with outsourcing intense encryption and decryption operations in this work. For practical realization, our scheme uses elliptic curve scalar point multiplication as the underlying technology of ABE instead of costly pairing operations. In addition, it provides support for attribute/users revocation and verifiability of outsourced medical data. Using the selective-set security model, the proposed scheme is secure under the elliptic curve decisional Diffie-Hellman (ECDDH) assumption. The performance assessment and top-ranked value via the help of fuzzy logic's evaluation based on distance from average solution (EDAS) method show that the proposed scheme is efficient and suitable for access control in eHealth smart societies.

Jianfei Sun,Hu Xiong,Ximeng Liu,Yinghui Zhang,Xuyun Nie,Robert H. Deng

DOI: https://doi.org/10.1109/JIOT.2020.2974257

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:With the booming of Internet of Things (IoT), smart health (s-health) is becoming an emerging and attractive paradigm. It can provide an accurate prediction of various diseases and improve the quality of healthcare. Nevertheless, data security and user privacy concerns still remain issues to be addressed. As a high potential and prospective solution to secure IoT-oriented s-health applications, ciphertext policy attribute-based encryption (CP-ABE) schemes raise challenges, such as heavy overhead and attribute privacy of the end users. To resolve these drawbacks, an optimized vector transformation approach is first proposed to efficiently transform the access policy and user attribute set into respective vectors of shorter length while other approaches result in redundant and longer vectors. Our transformation approach can greatly relieve the costly overheard of key generation, encryption, and decryption phases. Then, based on the transformation approach and the offline/online computation technology, we propose a lightweight policy-hiding CP-ABE scheme for the IoT-oriented s-health application. With our proposed scheme, data users in the s-health system can perform lightweight encryption and decryption without leaking any sensitive privacy about the attributes of the user. Finally, the formal security analysis, the theoretic performance evaluation and experiment results indicate that the solution is secure and efficient.

Qi Li,Jianfeng Ma,Rui Li,Ximeng Liu,Jinbo Xiong,Danwei Chen

DOI: https://doi.org/10.1016/j.cose.2016.02.002

IF: 5.105

2016-01-01

Computers & Security

Abstract:Multi-Authority Attribute-Based Encryption (MA-ABE) is an emerging cryptographic primitive for enforcing fine-grained attribute-based access control on the outsourced data in cloud storage. However, most of the previous multi-authority attribute-based systems are either proven to be secure in a weak model or lack of efficiency in user revocation. In this paper, we propose MAACS (Multi-Authority Access Control System), a novel multi-authority attribute-based data access control system for cloud storage. We construct a new multi-authority ciphertext-policy ABE (MA-CP-ABE) scheme with decryption outsourcing. The decryption overhead for users is largely eliminated by outsourcing the undesirable bilinear pairing operations to the cloud servers. The proposed MA-CP-ABE scheme is proven adaptively secure in the standard model and supports any monotone access policy. We also design an efficient attribute-level user revocation approach with less computation cost. The security analysis, numerical comparisons and implementation results indicate that our MAACS is secure, efficient and scalable.

Shunrong Jiang,Xiaoyan Zhu,Liangmin Wang

DOI: https://doi.org/10.3390/s150922419

IF: 3.9

2015-01-01

Sensors

Abstract:Mobile healthcare social networks (MHSNs) have emerged as a promising next-generation healthcare system, which will significantly improve the quality of life. However, there are many security and privacy concerns before personal health information (PHI) is shared with other parities. To ensure patients’ full control over their PHI, we propose a fine-grained and scalable data access control scheme based on attribute-based encryption (ABE). Besides, policies themselves for PHI sharing may be sensitive and may reveal information about underlying PHI or about data owners or recipients. In our scheme, we let each attribute contain an attribute name and its value and adopt the Bloom filter to efficiently check attributes before decryption. Thus, the data privacy and policy privacy can be preserved in our proposed scheme. Moreover, considering the fact that the computational cost grows with the complexity of the access policy and the limitation of the resource and energy in a smart phone, we outsource ABE decryption to the cloud while preventing the cloud from learning anything about the content and access policy. The security and performance analysis is carried out to demonstrate that our proposed scheme can achieve fine-grained access policies for PHI sharing in MHSNs.

Jiawei Zhang,Jianfeng Ma,Zhuo Ma,Ning Lu,Yanbo Yang,Teng Li,Dawei Wei

DOI: https://doi.org/10.1109/nana.2019.00062

2019-01-01

Abstract:Recently, the rapid development of Internet of things (IoT) and cloud computing technologies has greatly facilitated the electronic healthcare (eHealth) application. The widely deployed eHealth will significantly benefit for and bring convenience to people. However, there exist a large number of problems about data security and user privacy in eHealth. Although as one of the most promising technique, ciphertext-policy attribute-based encryption (CP-ABE) can provide fine-grained access control for data security in eHealth, there are still many drawbacks which impede the direct adoption of conventional CP-ABE. On the one hand, the personal health records (PHRs) in eHealth usually have hierarchical structures which are not compatible with access policies of conventional CP-ABE. On the other hand, the access policies in encrypted PHRs usually consist of much sensitive health-aware privacy information. Moreover, the high computation overhead also extremely hinders resource-limited users in eHealth. To solve these problems, we propose HPEH, a hierarchical policy-hiding eHealth access control system which is suitable for resource-limited users and privacy-aware access policies with hierarchical PHRs in eHealth. Specifically, in HPEH, we preserve the privacy of access policies by hiding only attribute values rather than attribute names. HPEH realizes hierarchical PHR encryption using integrated access structure and efficient PHR decryption with decryption test and outsourced decryption. In addition, HPEH introduces time-limit technique to provide more fine-grained access control for various requests. The security analysis and performance complexity evaluation indicate that HPEH is secure and efficient and is suitable for eHealth.