Abstract
PHRs are a new patient-centric model of health information exchange that is often outsourced and processed by third parties such as cloud providers. Third-party servers and unauthorised parties can have access to personal health information, causing widespread privacy concerns. Encrypting PHRs before outsourcing is a promising way to keep patients in charge of their PHRs. However, issues like privacy risks, scalability in key management, versatile access, and successful user revocation have remained the most important roadblocks to achieving fine-grained, cryptographically enforced data access control. We use attribute based encryption (ABE) techniques to encrypt each patient’s PHR file in order to achieve fine-grained and scalable data access control for PHRs. We concentrate on the multiple data owner situation, and separate users in the PHR scheme into multiple protection domains, which significantly reduces key management complexity for owners and users. Using multi-authority ABE, a high standard of patient privacy is maintained at the same time. Our framework also allows for dynamic changes to access policies or file attributes, as well as powerful emergency break-glass control and on-demand user/attribute revocation. The security, scalability, and efficiency of the system are demonstrated via comprehensive analytical and experimental results.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
