Secure Multi-Keyword Search and Access Control over Electronic Health Records in Wireless Body Area Networks

Abstract

Wireless body area network (WBAN) consists of a number of sensors that are worn on patients to collect dynamic e-health records (EHRs) and mobile devices that aggregate EHRs. These EHRs are encrypted at mobile devices and then uploaded to the public cloud for storage and user access. To share encrypted EHRs with users effectively, help users retrieve EHRs accurately, and ensure EHRs confidentiality, a secure multi-keyword search and access control (SMKS-AC) scheme is proposed, which implements encrypted EHRs access control under the ciphertext-policy attribute-based encryption (CP-ABE). SMKS-AC provides multi-keyword search for accurate EHRs retrieval, supports the validation of decrypted EHRs, and traces and revokes the identity of users who leak private key. Security analysis shows that SMKS-AC is secure against chosen keyword and chosen plaintext attacks. Through theoretical analysis and experimental verification, the proposed SMKS-AC scheme requires less storage resources and computational costs on mobile devices than existing schemes.