Dual locks: Partial sharing of health documents in cloud

Abstract

While working with the sensitive data e.g., related to health, there is a barrier of mistrust while selecting cloud services. To overcome this barrier various standards of cryptosystem are used like encrypted outsourcing, attribute based encryption and oblivious access policies. The default access model of authorization on encrypted data gives full access permission to its user. To narrow down the access scope as a subset on given authorization is a non-trivial task. To design such systems multiple encryption and decryption keys, data partitioning or attribute based encryption are few available options. These techniques involve extra computation cost and complex issue of key management. In this paper we have proposed a framework to restrict authorization on encrypted data with selective access. The underlying model is independent from complex issue of key management. The proposed model also avoids one dimension of side channel attacks on secure data and that is to learn from the patterns of encrypted traffic. Our experimental results show that selective authorization based on proposed model is compute efficient and create random pattern for user access even for similar queries.