Wiki » History » Version 44
Lan Wang, 11/24/2025 12:14 AM
| 1 | 1 | Suravi Regmi | # MGuard: A Secure mHealth Infrastructure for Real-Time Data transfer with Fine-grained Access Control over NDN |
|---|---|---|---|
| 2 | |||
| 3 | |||
| 4 | 15 | Lan Wang | **MGuard** is an NDN-based system designed to support high-frequency mHealth data sharing with **fine-grained contextual access control** and **real-time data distribution**. It is built on name-based access control (NAC/NAC-ABE) and PSync to enable timely access to sensitive mobile health data. |
| 5 | 1 | Suravi Regmi | |
| 6 | --- |
||
| 7 | |||
| 8 | ## Purpose |
||
| 9 | MGuard addresses two core challenges in mHealth data sharing: |
||
| 10 | |||
| 11 | 1. **Access to privacy-sensitive data is limited to authorized users based on well defined polcies** |
||
| 12 | |||
| 13 | 2. **Supporting real-time sharing of high-frequency sensor data** |
||
| 14 | |||
| 15 | --- |
||
| 16 | |||
| 17 | ## Core Components |
||
| 18 | |||
| 19 | 44 | Lan Wang | ### Producer publishes mHealth data. |
| 20 | 1 | Suravi Regmi | |
| 21 | 26 | Lan Wang | - converts raw or derived data streams into NDN-named data objects, |
| 22 | - associates each object with appropriate attributes, |
||
| 23 | - stores encrypted data into the NDN repository, |
||
| 24 | - notifies subscribers when new data is available (via published manifest names). |
||
| 25 | 19 | Lan Wang | |
| 26 | 44 | Lan Wang | ### Controller manages access control policies. |
| 27 | 39 | Lan Wang | |
| 28 | It has two sub components: |
||
| 29 | 22 | Lan Wang | |
| 30 | 41 | Lan Wang | #### Access Manager |
| 31 | 22 | Lan Wang | |
| 32 | 1 | Suravi Regmi | - defines **who** can access **which** data streams, |
| 33 | 31 | Lan Wang | - parses and manages access control policies, |
| 34 | 1 | Suravi Regmi | - collaborates with the Attribute Authority to issue decryption keys (DKEYs) to validated data requesters. |
| 35 | |||
| 36 | 41 | Lan Wang | #### Attribute Authority (AA) |
| 37 | 23 | Lan Wang | |
| 38 | 32 | Lan Wang | - validates consumer and producer identities (using the system’s trust anchor), |
| 39 | 31 | Lan Wang | - issues policy-compliant decryption keys based on KP-ABE, |
| 40 | 33 | Lan Wang | - publishes public parameters required for encryption and decryption. |
| 41 | 1 | Suravi Regmi | |
| 42 | 44 | Lan Wang | ### Consumer retrieves mHealth data. |
| 43 | 29 | Lan Wang | |
| 44 | 34 | Lan Wang | - receives notifications of new manifests (manifests contain new data names) |
| 45 | - fetches the corresponding encrypted data objects from the repository, |
||
| 46 | 29 | Lan Wang | - decrypts data based on issued keys and permitted attributes. |
| 47 | 1 | Suravi Regmi | |
| 48 | 44 | Lan Wang | ### Repository (Repo) stores all published mHealth data objects, content keys, and manifests. |
| 49 | 42 | Lan Wang | |
| 50 | 44 | Lan Wang | It allows consumers to: |
| 51 | 1 | Suravi Regmi | - retrieve data independently of the producer, |
| 52 | - fetch CKs needed for decryption, and |
||
| 53 | - access previously published (historical) data. |
||
| 54 | |||
| 55 | --- |
||
| 56 | |||
| 57 | ## Navigation |
||
| 58 | 8 | Suravi Regmi | |
| 59 | 1 | Suravi Regmi | - **[[Architecture]]** |
| 60 | 8 | Suravi Regmi | - **[[Architecture_Details|Architecture Details]]** |
| 61 | - **[[Design_Elements|Design Elements]]** |
||
| 62 | - **[[Naming_Scheme|Naming Scheme]]** |
||
| 63 | - **[[Trust_Model|Trust Model]]** |
||
| 64 | - **[[Access_Control|Access Control]]** |
||
| 65 | - **[[NAC-ABE_Design|NAC-ABE Design]]** |
||
| 66 | - **[[Manifest_Design|Manifest Design]]** |
||
| 67 | - **[[PSync_Design|PSync Design]]** |
||
| 68 | 12 | Suravi Regmi | - **[[Pub-Sub API|Pub-Sub API Design]]** |
| 69 | 13 | Suravi Regmi | - **[[Repo|Repo Design]]** |
| 70 | 8 | Suravi Regmi | - **[[Developer_Guide|Developer Guide]]** |
| 71 | 11 | Suravi Regmi | - [Open editable Figma diagram](https://www.figma.com/design/I2SLqGN17XJHh8KsyAJ88l/Untitled?node-id=0-1&t=xWqhvwrDlUOlkeVU-1) |