Secure of personal health records shared in cloud computing using cipher-text attribute based encryption

摘要

Storing critical medical data in third parties like semi-trusted cloud servers can be the subject of cloud data rupture incidents that happened intensively in recent years, for this reasons, secure methods become the most important issue in healthcare domain. This paper presents a design and development of personal healthcare record (PHR) system, as well as the security process of the data while stored at un-trusted or semi-trusted party. Through our system, patients can participate on the control over access to their own PHR. In order to achieve the security of PHRs, we use a combination between the advanced encryption standard (AES) and the attribute based encryption (ABE) to encrypt the data before outsourcing it, and elliptic curve cryptography (ECC) that secured the exchange of the users' private key. The proposed scheme guarantees a high degree of patients privacy, and owner full control of his medical data.