期刊名称:International Journal of Computer Science and Information Technologies
电子版ISSN:0975-9646
出版年度:2014
卷号:5
期号:4
页码:5038-5040
出版社:TechScience Publications
摘要:Personal health record (PHR) is a patient-centric model of health information exchange, and is stored at a third party i.e., cloud providers. But there are concerns such as personal health information can be exposed to third party servers and to unauthorized parties. In order to assure the patients’ authority over approach to their personal PHRs, it is an assuring method to encrypt the PHRs before outsourcing. These are issues like flexible access, scalability in key management, privacy exposure and efficient user revocation have continued to be the most significant dispute towards accomplishing fine-grained, cryptographically imposed data access control. Sequentially to have control for data access to PHRs stored in semitrusted severs, a novel patient-centric structure and a suite of methods is proposed in this paper. We leverage attribute-based encryption (ABE) practices to attain scalable and fine grained data access control for personal health records to encrypt each patient’s PHR file. In this paper, we concentrate on the multiple data owner situation, which is distinct from previous works in secure data outsourcing. It divides the users in the PHR system into several security domains which decreases the key management complexity for owners and users. Simultaneously, patient confidentiality is maintained and guaranteed by exploiting multiauthority ABE. In emergency scenario, proposed scheme provides dynamic change of access policies or file attributes, supports break-glass access and well-organized on-demand user/attribute revocation. Extensive analytical and experimental results are given which shows the security, scalability, and efficiency of our scheme.
关键词:Personal health records (PHR); Cloud computing;Data privacy; Attribute based encryption
