IEEE J Biomed Health Inform. 2019 May;23(3):1278-1289. doi: 10.1109/JBHI.2018.2850304. Epub 2018 Jun 25.
Attribute-based encryption has been a promising encryption technology to secure personal health records (PHRs) sharing in cloud computing. PHRs consist of the patient data often collected from various sources including hospitals and general practice centres. Different patients' access policies have a common access sub-policy. In this paper, we propose a novel attribute-based encryption scheme for fine-grained and flexible access control to PHRs data in cloud computing. The scheme generates shared information by the common access sub-policy, which is based on different patients' access policies. Then, the scheme combines the encryption of PHRs from different patients. Therefore, both time consumption of encryption and decryption can be reduced. Medical staff require varying levels of access to PHRs. The proposed scheme can also support multi-privilege access control so that medical staff can access the required level of information while maximizing patient privacy. Through implementation and simulation, we demonstrate that the proposed scheme is efficient in terms of time. Moreover, we prove the security of the proposed scheme based on security of the ciphertext-policy attribute-based encryption scheme.
基于属性的加密技术是一种很有前途的加密技术,可以保护云计算中的个人健康记录(PHR)共享。PHR 由经常从医院和全科医疗中心等各种来源收集的患者数据组成。不同患者的访问策略有一个共同的访问子策略。在本文中,我们提出了一种新的基于属性的加密方案,用于对云计算中的 PHR 数据进行细粒度和灵活的访问控制。该方案通过基于不同患者访问策略的共同访问子策略生成共享信息。然后,该方案结合了来自不同患者的 PHR 加密。因此,可以减少加密和解密的时间消耗。医务人员需要不同级别的 PHR 访问权限。所提出的方案还可以支持多权限访问控制,以便医务人员在最大程度保护患者隐私的同时访问所需级别的信息。通过实现和模拟,我们证明了该方案在时间方面是高效的。此外,我们还基于密文策略属性基加密方案的安全性证明了所提出方案的安全性。
