CP-ABE with Hidden Access Policy and Outsourced Decryption for Cloud-Based EHR Applications

Electronic health record (EHR) stores not only the patient’s health-related data but also the sensitive individual information. Consequently, data security and access privacy are the greatest concern of EHR applications while sharing the data through the cloud. Ciphertext policy attribute-based encryption (CP-ABE) is one of the popular one-to-many encryption schemes, which helps to attain fine-grained access control in cloud domain. In CP-ABE, since the access policy is attached to the ciphertext, anyone with the ciphertext can see the data owner’s policy that may cause privacy leakage. In this paper, we proposed a CP-ABE cryptosystem that supports access policy obfuscation and outsourced decryption enabling efficient and secure operations in cloud environment. Linear secret sharing (LSS) scheme is used for supporting any monotonic access structures, thereby improving the access policy’s expressiveness. We have incorporated prime-order bilinear group and matrix-based LSS scheme that increases the computational efficiency of the cryptosystem. Finally, we have evaluated the performance of our CP-ABE cryptosystem using practical implementation utilizing Charm framework.

[1]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[2]  Milan Petkovic,et al.  Secure management of personal health records by applying attribute-based encryption , 2009, Proceedings of the 6th International Workshop on Wearable, Micro, and Nano Technologies for Personalized Health.

[3]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[4]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[5]  Jung Hee Cheon,et al.  Beyond the Limitation of Prime-Order Bilinear Groups, and Round Optimal Blind Signatures , 2012, TCC.

[6]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[7]  Timothy W. Finin,et al.  Attribute Based Encryption for Secure Access to Cloud Based EHR Systems , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[8]  Ankit Pradhan,et al.  Attribute-Based Data Security with Obfuscated Access Policy for Smart Grid Applications , 2020, 2020 International Conference on COMmunication Systems & NETworkS (COMSNETS).

[9]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[11]  Yao Zheng,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption , 2019, IEEE Transactions on Parallel and Distributed Systems.