摘要
个人健康记录服务是一项新兴的医疗信息交换服务,在该服务中,病人的记录和信息都是由自己存放在网络上的,现实中都是外包给第三方的云服务器,而云服务商是不完全可信的,因此在云环境中提供高效而又安全的访问控制是当前亟待解决的问题之一.采用基于属性的加密方法加密病人的记录并上传至云服务器是安全可行的.为此设计出一种在个人健康记录服务中使用并支持属性撤销的加密方案,采用密文密钥定长的方式实现节约存储空间的目的,引入版本号标记和代理重加密技术实现属性的撤销.最后,从安全性以及效率方面得出方案的安全性与高效性,证明其适用于个人健康记录服务模型.
Personal health record (PHR) service is an emerging model for health information exchange. In PHR systems, patient's health records and information are maintained by the patient himself through the Web. In reality ,PHRs are often outsourced to be stored at the third parties like cloud service providers ,however, the cloud service providers are untrusted ,how to achieve safe and prac- ticable access control is an urgent issue to be solved. Using ciphertext-policy attribute-based encryption (CP-ABE) to encrypt patient' s PHRs in cloud environment, secure and flexible access control can be achieved. In this paper, we propose a new PHR system using CP-ABE, which supports efficient revocation. To be specific, our scheme achieves the goals ( 1 } scalable and finegrained access con- trol for PHRs by using constant size ciphertext and key, and (2) efficient attribute revocation and dynamic policy update. The analysis demonstrates that the scheme is secure and effective.
出处
《小型微型计算机系统》
CSCD
北大核心
2017年第4期834-838,共5页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61572263
61272084)资助
江苏省高校自然科学研究重大项目(11KJA520002)资助
高等学校博士学科点专项科研基金课题项目(20113223110003)资助
关键词
个人健康记录
云计算
基于属性的访问控制
属性撤销
隐私保护
personal health record
cloud computing
attribute-based access control
attribute revocation
privacy-preserving
