Multidata-Owner Searchable Encryption Scheme Over Medical Cloud Data With Efficient Access Control

Several schemes have been proposed to enable cloud servers to search encrypted medical data to preserve patients' privacy. However, the existing schemes use inefficient attribute-based encryption (ABE) approaches for access control. Also, servers cannot learn whether a doctor can achieve the ac...

Full description

Saved in:
Bibliographic Details
Published in:IEEE systems journal 2022-09, Vol.16 (3), p.5067-5078
Main Authors: Abdelfattah, Sherif, Baza, Mohamed, Mahmoud, Mohamed M. E. A., Fouda, Mostafa M., Abualsaud, Khalid A., Guizani, Mohsen
Format: Article
Language:English
Subjects:
Access control
Attribute-based encryption (ABE)
Cloud computing
cloud services
Data search
Documents
e-health
Encryption
Keywords
Medical diagnostic imaging
Medical services
Physicians
Privacy
privacy preservation
search over encrypted data
Servers
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Several schemes have been proposed to enable cloud servers to search encrypted medical data to preserve patients' privacy. However, the existing schemes use inefficient attribute-based encryption (ABE) approaches for access control. Also, servers cannot learn whether a doctor can achieve the access policy of a document and this check is done by doctors, so unrelated documents are outsourced. Moreover, the existing schemes only support single data-owner setting, where a doctor needs to share a key with each patient. To address these limitations, we develop an efficient ABE approach. Patients use it to encrypt the symmetric key (that encrypted a document), so that only authorized doctors can obtain the key and decrypt the document. Patients also send to the server the encryptions of an access policy and the document's keywords. Doctors send the encryptions of the keywords, and their attributes. Then, the server returns the documents the doctor is authorized to access without being able to learn the keywords, the access policy, and the doctor's attributes to preserve privacy. Our analysis indicates that our scheme can preserve privacy, and our experimental results demonstrate that our scheme requires less communication/computation overhead compared to the existing schemes. Also, the number of keys in the system are significantly reduced.
ISSN:1932-8184
1937-9234
DOI:10.1109/JSYST.2021.3123956