Abstract
A personal health record (PHR) system is a smart health system that serves patients and doctors. A PHR is usually stored in a cloud and managed by a semitrusted cloud provider. However, there is still a possibility of the exposure of personal health information to semitrusted parties and unauthorized users. To protect the privacy of patients and ensure that patients can control their PHRs, a patient-centric PHR sharing framework is proposed in this article. In this framework, all PHRs are protected with multiauthority attribute-based encryption before outsourcing, which solves the key hosting problem and achieves fine-grained access control to PHRs. Furthermore, an anonymous authentication between the cloud and the user is proposed to ensure data integrity on the cloud while not exposing the user’s identity during authentication. The proposed authentication is issued from a new online–offline attribute-based signature. It can make the encrypted PHRs resist collusion attacks and not be forged during the period of sharing, which enhances patients’ control of their PHRs. Online–offline and outsourcing decryption also reduces calculation costs and improves operational efficiency. Finally, comparisons are given based on numerical experiments.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
