Indexed on: 18 Apr '18Published on: 17 Apr '18Published in: Education and Information Technologies
In recent years, the Internet of Things (IoT), cloud computing, and wireless body area networks (WBANs) have converged and become popular due to their potential to improve quality of life. This convergence has greatly promoted the industrialization of e-healthcare. With the flourishing of the e-healthcare industry, full electronic health records (EHRs) are expected to promote preventative health services as well as global health. However, the outsourcing of EHRs to third-party servers, like the cloud, involves many challenges, including securing health information and preserving privacy. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising scheme for storing and sharing information in third-party servers. This scheme enables patients and doctors to encrypt or decrypt their information using access policies defined by attributes. In this scheme, the access policy is tied with the ciphertext in the form of plaintext, which may risk leaking personal patient information. Earlier protocols only partially hide the attribute values in the access policies but leave the attribute names unprotected. To address these security issues, we propose a secure cloud framework using modified CP-ABE and an attribute Bloom filter (ABF). In modified CP-ABE, we can hide the entire attribute, including values, in the access policies. The ABFs assist in data decryption by evaluating the presence of an attribute in the access policy and pointing to its position. Security analysis and performance evaluation demonstrate the efficiency and effectiveness of the proposed framework. Finally, the proposed framework is explored to verify its feasibility.