Project

General

Profile

History

Wiki » History » Revision 30

Revision 29 (Lan Wang, 11/24/2025 12:02 AM) → Revision 30/50 (Lan Wang, 11/24/2025 12:02 AM) 

# MGuard: A Secure mHealth Infrastructure for Real-Time Data transfer with Fine-grained Access Control over NDN 


 **MGuard** is an NDN-based system designed to support high-frequency mHealth data sharing with **fine-grained contextual access control** and **real-time data distribution**.    It is built on name-based access control (NAC/NAC-ABE) and PSync to enable timely access to sensitive mobile health data. 

 --- 

 ## Purpose 
 MGuard addresses two core challenges in mHealth data sharing: 

 1. **Access to privacy-sensitive data is limited to authorized users based on well defined polcies**   

 2. **Supporting real-time sharing of high-frequency sensor data**   

 --- 

 ## Core Components 

 ### **Producer** 

 - converts raw or derived data streams into NDN-named data objects, 
 - associates each object with appropriate attributes, 
 - stores encrypted data into the NDN repository, 
 - notifies subscribers when new data is available (via published manifest names). 

 ### **Controller** (two sub components) 

 Policy Manager  

 - defines **who** can access **which** data streams,   
 - parses and manages access control policies, and   
 - collaborates with the Attribute Authority to issue decryption keys (DKEYs) to validated data requesters. 

 Attribute Authority (AA)   

 - validates requester identities (using the system’s trust anchor), 
 - issues policy-compliant decryption keys based on KP-ABE, and   
 - publishes public parameters required for encryption. 

 ### **Consumer** 

 - receives notifications for new manifests,   
 - fetches the corresponding encrypted data objects from the repository, and   
 - decrypts data based on issued keys and permitted attributes. 

 ### **Repository** 
 Persistent storage for all published mHealth data objects, content keys, and manifests.   
 The repository allows consumers to: 
 - retrieve data independently of the producer,   
 - fetch CKs needed for decryption, and   
 - access previously published (historical) data.   

 --- 

 ## Navigation 

 - **[[Architecture]]** 
   - **[[Architecture_Details|Architecture Details]]** 
 - **[[Design_Elements|Design Elements]]** 
   - **[[Naming_Scheme|Naming Scheme]]** 
   - **[[Trust_Model|Trust Model]]** 
   - **[[Access_Control|Access Control]]** 
   - **[[NAC-ABE_Design|NAC-ABE Design]]** 
   - **[[Manifest_Design|Manifest Design]]** 
   - **[[PSync_Design|PSync Design]]** 
   - **[[Pub-Sub API|Pub-Sub API Design]]** 
   - **[[Repo|Repo Design]]** 
 - **[[Developer_Guide|Developer Guide]]** 
 - [Open editable Figma diagram](https://www.figma.com/design/I2SLqGN17XJHh8KsyAJ88l/Untitled?node-id=0-1&t=xWqhvwrDlUOlkeVU-1)