An attribute-based encryption scheme with multiple authorities on hierarchical personal health record in cloud

摘要

In the personal health record (PHR) system, the patient's health records are usually outsourced to a large database, such as the cloud service provider. In order to guarantee the confidentiality of this data , achieve access control with flexibility and fine-grained property, it usually employs ciphertext-policy attribute-based encryption (CP-ABE) scheme in cloud computing. However, the outsourced data have the characteristic of multi-level hierarchy, and the general CP-ABE is inappropriate for being applied in distributed cloud service systems directly to provide the security of hierarchy structure of outsourced data. In this paper, to overcome this challenge, a PHR hierarch CP-ABE scheme with multiple authorities is presented. This protocol integrated some different access structures into a single one, which the hierarchical PHR is encrypted based on. There are multiple authorities to generate and distribute user's private key all together. According to this mode, it enables to avoid the problem of key escrow and conform to the distributed characteristic of cloud service systems. However, it has no trusted single or central one in these authorities. Moreover, this proposed scheme resists (N-1) corrupted authorities out of N authorities in the collusion attack. Based on the intractability of the standard decisional bilinear Diffie-Hellman problem, the security of this protocol is proven to be semantic secure. Finally, by comparison analysis, this protocol exhibits a better performance.