Biometric based multi-authority inner product encryption for electronic health record

Abstract

Introduction: Attribute-based encryption enhances the security of electronic health records outsourced to the cloud. At the same time, single authority attribute based encryption leads to user privacy breech and attribute management complexity. Multi authority attribute-based encryption enhances user privacy and attribute management, but lacks privacy and integrity of data. Therefore, biometric-based multi-authority inner product encryption is proposed to improve data integrity, data privacy, and user privacy. Objectives: The proposed scheme aims to enhance data integrity, data privacy, and user privacy in cloud-based Electronic Health Record. Methods: An exhaustive literature review has been made related to securing electronic health record outsourced to the cloud and found that data integrity is lacking in existing schemes. So an efficient encryption scheme has been proposed which adopts elliptic curve cryptography to enhance data integrity. The security analysis and computational complexity of the proposed scheme is done and compared with existing schemes. Results: The proposed scheme guarantees data integrity and privacy of the sensitive information stored in the electronic health records. The scheme also satisfied the security requirements user privacy, fine-grained access control, and scalability needed for electronic health record outsourced to the cloud. The computational complexity of the proposed scheme is compared with the existing schemes. The result shows that user access rejection complexity and key generation complexity are comparatively low. Conclusion: Biometric, as a global identifier of the user, could improve data integrity for the electronic health records outsourced to the cloud. Multi-authority Inner Product Encryption hides the access structure, along with the data, could improve data privacy and user privacy. Employing NOT gate in the access structure reduces user access rejection complexity.