A Secure EMR Sharing System With Tamper Resistance and Expressive Access Control

Abstract

To reduce the cost of human and material resources and improve the collaborations among medical systems, research laboratories and insurance companies for healthcare researches and commercial activities, electronic medical records (EMRs) have been proposed to shift from paperwork to friendly shareable electronic records. To take advantage of EMRs efficiently and reduce the cost of local storage, EMRs are usually outsourced to the remote cloud for sharing medical data with authorized users. However, cloud service providers are untrustworthy. In this paper, we propose an efficient, secure, and flexible EMR sharing system by introducing a novel cryptosystem called dual-policy revocable attribute-based encryption and tamper resistance blockchain technology. Our proposed system enables EMRs to be shared at a fine-grained level and allows data users to detect any unauthorized manipulation. Moreover, the key generation center can revoke malicious users without affecting the honest users. We provide the formal security model as well as the concrete scheme with security analysis. The experimental simulation and experimental analysis of our proposed scheme demonstrate that our proposed system has superior performances to the most relevant solutions.