Personal health record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. However, there have been wide privacy concerns as personal health information could be exposed to those third party servers and to unauthorized parties. To assure the patients` control over access to their own PHRs, it is a promising method to encrypt the PHRs before outsourcing. Yet, issues such as risks of privacy exposure, scalability in key management, flexible access, and efficient user revocation, have remained the most important challenges toward achieving fine-grained, cryptographically enforced data access control. In this proposal a novel patient-centric framework and a suite of mechanisms for data access control to PHRs stored in semi trusted servers. To achieve fine-grained and scalable data access control for PHRs, it leverages attribute-based encryption (ABE) techniques to encrypt each patient`s PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multiauthority ABE. This technique also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability, and efficiency of our proposed scheme.

Attribute, Encryption, Health Record, Cloud, Trusted Server

[1] A. Toninelli, R. Montanari, and A. Corradi, “Enabling Secure Service Discovery in Mobile Healthcare Enterprise Networks,” IEEE Wireless Comm., vol. 16, no. 3, pp. 24-32, June 2009.
[2] R. Lu, X. Lin, X. Liang, and X. Shen, “Secure Handshake with Symptoms-Matching: The Essential to the Success of Mhealthcare Social Network,” Proc. Fifth Int’l Conf. Body Area
Networks (BodyNets ’10), 2010.
[3] Y. Ren, R.W.N. Pazzi, and A. Boukerche, “Monitoring Patients via a Secure and Mobile Healthcare System,” IEEE Wireless Comm., vol. 17, no. 1, pp. 59-65, Feb. 2010.
[4] R. Lu, X. Lin, X. Liang, and X. Shen, “A Secure Handshake Scheme with Symptoms-Matching for mHealthcare Social Network,” Mobile Networks and Applications—special issue on wireless andpersonal comm., vol. 16, no. 6, pp. 683-694, 2011.
[5] M. Li, S. Yu, Y. Zheng, K. Ren, and W. Lou, “Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption,” IEEE Trans. Parallel and Distributed System, to be published.
[6] M.R. Yuce, S.W.P. Ng, N.L. Myo, J.Y. Khan, and W. Liu, “Wireless Body Sensor Network Using Medical Implant Band,” J. Medical Systems, vol. 31, no. 6, pp. 467-474, 2007.
[7] M. Avvenuti, P. Corsini, P. Masci, and A. Vecchio, “Opportunistic Computing for Wireless Sensor Networks,” Proc. IEEE Int’l Conf. Mobile Adhoc and Sensor Systems (MASS ’07), pp. 1-6, 2007.
[8] A. Passarella, M. Conti, E. Borgia, and M. Kumar, “Performance Evaluation of Service Execution in Opportunistic Computing,” Proc. 13th ACM Int’l Conf. Modeling, Analysis, and Simulation of Wireless and Mobile Systems (MSWIM ’10), pp. 291-298, 2010.
[9] M. Conti, S. Giordano, M. May, and A. Passarella, “From Opportunistic Networks to Opportunistic Computing,” IEEE Comm. Magazine, vol. 48, no. 9, pp. 126-139, Sept. 2010.
[10] M. Conti and M. Kumar, “Opportunities in Opportunistic Computing,” IEEE Computer, vol. 43, no. 1, pp. 42-50, Jan. 2010.
[11] W. Du and M. Atallah, “Privacy-Preserving Cooperative Statistical Analysis,” Proc. 17th Ann. Computer Security Applications Conf. (ACSAC ’01), pp. 102-111, 2001,
[12] J. Vaidya and C. Clifton, “Privacy Preserving Association Rule Mining in Vertically Partitioned Data,” Proc. Eighth ACM SIGKDD Int’l Conf. Knowledge Discovery and Data Mining (KDD ’02), pp. 639-644, 2002.
[13] A. Amirbekyan and V. Estivill-Castro, “A New Efficient Privacy-Preserving Scalar Product Protocol,” Proc. Sixth Australasian Conf. Data Mining and Analytics (AusDM ’07), pp. 209- 214, 2007.
[14] P. Paillier, “Public-Key Cryptosystems Based on Composite Degree Residuosity Classes,” Proc. 17th Int’l Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT ’99), pp. 223-238, 1999.
[15] R. Lu, X. Liang, X. Li, X. Lin, and X. Shen, “Eppa: An Efficient and Privacy-Preserving Aggregation Scheme for Secure Smart Grid Comm.,” IEEE Trans. Parallel Distributed and Systems, to be published.
[16] X. Lin, R. Lu, X. Shen, Y. Nemoto, and N. Kato, “Sage: A Strong Privacy-Preserving Scheme against Global Eavesdropping for Ehealth Systems,” IEEE J. Selected Areas in Comm., vol. 27, no. 4, pp. 365-378, May 2009.
[17] M. Li, W. Lou, and K. Ren, “Data Security and Privacy in Wireless Body Area Networks,” IEEE Wireless Comm., vol. 17, no. 1, pp. 51-58, Feb. 2010.
[18] J. Sun and Y. Fang, “Cross-Domain Data Sharing in Distributed Electronic Health Record Systems,” IEEE Trans. Parallel Distributed and Systems, vol. 21, no. 6, pp. 754-764, June 2010.
[19] “Exercise and Walking is Great for the Alzheimer’s and Dementia Patient’s Physical and Emotional Health,” http://freealzheimers-support.com/wordpress/2010/06/exercise-andwalking/, June 2010.
[20] R. Lu, X. Li, X. Liang, X. Shen, and X. Lin, “GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications,” IEEE Comm. Magazine, vol. 49, no. 4, pp. 28-35, Apr. 2011.
[21] D. Boneh and M.K. Franklin, “Identity-Based Encryption from the Weil Pairing,” Proc. Ann. Int’l Conf. Cryptology Organized (CRYPTO ’01), pp. 213-229, 2001.
[22] X. Lin, X. Sun, P. Ho, and X. Shen, “GSIS: A Secure and Privacy Preserving Protocol for vehicular communications,” IEEE Trans.Vehicular Technology, vol. 56, no. 6, pp. 3442-3456, Nov. 2007.
[23] R. Lu, X. Lin, H. Zhu, and X. Shen, “An Intelligent Secure and Privacy-Preserving Parking Scheme through Vehicular Communications,” IEEE Trans. Vehicular Technology, vol. 59, no. 6,pp. 2772-2785, July 2010.
[24] R. Lu, X. Lin, H. Luan, X. Liang, and X. Shen, “Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in Vanets,” IEEE Trans. Vehicular Technology, vol. 61,
pp. 86-96, 2012.
[25] http://www.uaproperty.com/articles/In-Ukraine-ambulancecome-patient-10-minute s.html, 2012.
[26] S. Ross, Introduction to Probability Models, Ninth Ed., 2007.
[27] X. Lin, R. Lu, X. Liang, and X. Shen, “STAP: A Social-Tier-Assisted Packet Forwarding Protocol for Achieving Receiver-Location Privacy Preservation in Vanets,” Proc. of INFOCOM ’11, pp. 2147-2155, 2011.
[28] W. Du and Z. Zhan, “Building Decision Tree Classifier on Private Data,” Proc. of CRPIT ’14, ser. CRPIT ’14, pp. 1-8, 2002.
[29] I. Ioannidis, A. Grama, and M. Atallah, “A Secure Protocol for Computing Dot-Products in Clustered and Distributed Environments,”Proc. of ICPP ’02, pp. 379-384, 2002.
[30] W. Dong, V. Dave, L. Qiu, and Y. Zhang, “Secure Friend Discovery in Mobile Social Networks,” Prof. of INFOCOM ’11,pp. 1647-1655, 2011.
[31] R. Zhang, Y. Zhang, J. Sun, and G. Yan, “Fine-Grained Private Matching for Proximity-Based Mobile Social Networking,” Prof. of INFOCOM ’12, pp. 1-9, 2012.
[32] M. Li, N. Cao, S. Yu, and W. Lou, “Findu: Privacy-Preserving Personal Profile Matching in Mobile Social Networks,” Proc. INFOCOM, pp. 2435-2443, 2011.
[33] K.-H. Huang, Y.-F.Chung, C.-H.Liu, F. Lai, and T.-S. Chen, “Efficient Migration for Mobile Computing in Distributed Networks,”Computer Standards and Interfaces, vol. 31, no. 1, pp. 40-47,2009.