We present a temporary keyword search over sensitive and confidential health data in a cloud environment. The cloud constitutes a semi-trusted domain, making it necessary for data owners to secure their data before outsourcing it through techniques like encryption. Attribute-based keyword search techniques tend to perform a search operation using a search token generated by an authorized user. These search tokens can lead to serious privacy threats, as they can extract all ciphertexts that may have been generated along with their keyword. Therefore, restricting search tokens to extract ciphertexts generated within a time interval is a more promising solution. In this paper, we present a novel ciphertext policy fine-grained temporary keyword that prevents the misuse of these search tokens. Further, it mitigates the risk of insider threats within healthcare organizations by limiting the window of opportunity for unauthorized access to minimum. To assess the security, our proposed scheme is formally proven to be secure against Selectively Chosen Keyword Attacks in the generic bilinear group model. Additionally, we demonstrate that the encryption algorithm’s complexity is linear in relation to the number of attributes. Our scheme’s significance and practicality are revealed by the performance evaluation.
Read full abstract