Publication Type

Journal Article

Version

publishedVersion

Publication Date

9-2020

Abstract

Sharing digital medical records on public cloud storage via mobile devices facilitates patients (doctors) to get (offer) medical treatment of high quality and efficiency. However, challenges such as data privacy protection, flexible data sharing, efficient authority delegation, computation efficiency optimization, are remaining toward achieving practical fine-grained access control in the Electronic Medical Record (EMR) system. In this work, we propose an innovative access control model and a fine-grained data sharing mechanism for EMR, which simultaneously achieves the above-mentioned features and is suitable for resource-constrained mobile devices. In the model, complex computation is outsourced to public cloud servers, leaving almost no complex computation for the private key generator (PKG), sender and receiver. Additionally, the communication cost of the PKG and users is optimized. Moreover, we develop an extensible library called libabe that is compatible with Android devices, and the access control mechanism is actually deployed on realistic environment, including public cloud servers, a laptop and an inexpensive mobile phone with constrained resources. The experimental results indicate that the mechanism is efficient, practical and economical.

Keywords

Data sharing mechanism, attribute based encryption, secure outsourced computation, cloud computing, electronic medical record

Discipline

Data Storage Systems | Information Security

Research Areas

Information Systems and Management

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

17

Issue

5

First Page

1026

Last Page

1038

ISSN

1545-5971

Identifier

10.1109/TDSC.2018.2844814

Publisher

Institute of Electrical and Electronics Engineers

Additional URL

http://doi.org/10.1109/TDSC.2018.2844814

Share

COinS