Electronic health (e-health) systems may outsource data such as patient e-health records to mobile cloud servers for efficiency gains (e.g., minimizing local storage and computation costs). However, such a move may result in privacy implications in the presence of semi-honest cloud servers. Searchable Encryption (SE) can potentially facilitate privacy-preserving searches based on keywords for encrypted data stored in the mobile cloud, but most existing SE solutions do not support temporal access control (i.e., a mechanism that grants access permissions to users for specified time ranges). Hence, in this paper we design a time-controllable keyword search scheme by using an attribute-based comparable access control. This allows users to match indexes encrypted at specified time intervals. Then, we improve the basic framework to support efficient user revocation using secret sharing. We then formally prove the security of our proposed frameworks against chosen-keyword attack and key collusion attack, as well as achieving keyword secrecy. We also evaluate the performance of our proposed approach using a real-world dataset to demonstrate their practical utility.
Read full abstract