Privacy-preserving medical information systems using multi-authority content-based encryption in cloud

Abstract

In the Medical Information Systems (MIS), the patient outsources his e-health records, a dramatically huge amount of health data, to a third party like cloud service provider. The Internet providing host-to-host communication using TCP/IP network topology has not satisfied the growing demands of data processing in MIS. Based on the content-to-consumer paradigm, content-centric networking architecture was proposed for simple easy-to-manage caching features to users. In this paper, we proposed a privacy-preserving e-health records scheme that protects name and content simultaneously. Our proposal has multi-authority without a trusted single or central authority to distribute secret keys, which avoids the key escrow problem and meets the distributed features of MIS. As we know, this scheme is the first multi-authority content-based encryption (MA-CBE). Furthermore, this MA-CBE resists up to (N-1) corrupted authorities collusion attack, and the security is proven to be semantically secure based on the standard decisional bilinear Diffie-Hellman assumption. Our comparison analysis reports that the proposal gives a better performance than other related schemes.