Secure Access Control of E-Health System with Attribute-Based Encryption.

Cloud computing is a new paradigm, which provides low-cost and effective outsourced data storage service. People are used to storing personal data in cloud server. E-Health system (EHS) privacy should be protected, because it is national security for citizen privacy. Personal Health Record (PHR) is the core of EHS that should be protected. Thus, how to efficiently store, access and share these data is critical. Attribute-based encryption (ABE) is a new public key encryption based on users’ attributes. In this paper, we present a new method to realize a secure fine-grained access control to PHRs, which is based on emerging ABE primitives. In more details, PHR owners divide the PHR data in terms of the privacy levels. A key-policy ABE (KP-ABE) is utilized to provide a fine-grained access control storage system for outsourced sensitive data. It can also provide efficient user revocation by using the timestamp in the private key. Security analysis shows that our construction achieves the data confidentiality. That is, any unauthorized user is not allowed to access the data outsourced in the cloud. [ABSTRACT FROM AUTHOR]