With the advancement of information and communication technology (ICT), the medical sector is undergoing a massive transformation. Health records are being digitized, stored remotely in the cloud and shared with different stakeholders. However, the use of the cloud for personal health record (PHR) storage presents data security and privacy challenges. Ciphertext-policy attribute-based encryption (CP-ABE) is being widely studied for fine-grained access control of PHRs in the cloud. Expressiveness, efficiency and attribute revocation, among others, are some key requirements of a cloud based health systems. But, many of the proposed CP-ABE schemes rely on access structures that are either restrictive or cumbersome and thus result in less expressive and efficient schemes. Many of the schemes also lack mechanisms for efficient and immediate attribute/user revocation. In this work, we propose an expressive and efficient access control scheme with attribute/user revocation based on ordered binary decision diagram (OBDD) access structure. We use the attribute group approach to achieve the attribute/user revocation in our work. Additionally, the ciphertexts and private keys are assigned version numbers to prevent the revoked group members from colluding with non-revoked members. Security and efficiency analysis show that our proposed scheme is secure, expressive and efficient.
Bibliographical noteFunding Information:
This work was supported in part by the National Research Foundation of Korea through the Basic Science Research Program, Ministry of Education, under Grant NRF-2017R1D1A1B03028097 and in part by Institute of Information and Communications Technology Planning and Evaluation (IITP) grant funded by the Korea government (MSIT) (A Research on Safe and Convenient Big Data Processing Methods) under Grant 2018-0-00269.
© 2013 IEEE.
All Science Journal Classification (ASJC) codes
- Computer Science(all)
- Materials Science(all)