Journal of Medical Systems

, 40:267 | Cite as

Privacy-Preserving and Secure Sharing of PHR in the Cloud

  • Leyou Zhang
  • Qing Wu
  • Yi Mu
  • Jingxia Zhang
Systems-Level Quality Improvement
Part of the following topical collections:
  1. Security and Privacy in e-healthcare


As a new summarized record of an individual’s medical data and information, Personal Health Record (PHR) can be accessible online. The owner can control fully his/her PHR files to be shared with different users such as doctors, clinic agents, and friends. However, in an open network environment like in the Cloud, these sensitive privacy information may be gotten by those unauthorized parties and users. In this paper, we consider how to achieve PHR data confidentiality and provide fine-grained access control of PHR files in the public Cloud based on Attribute Based Encryption(ABE). Differing from previous works, we also consider the privacy preserving of the receivers since the attributes of the receivers relate to their identity or medical information, which would make some sensitive data exposed to third services. Anonymous ABE(AABE) not only enforces the security of PHR of the owners but also preserves the privacy of the receivers. But a normal AABE with a single private key generation(PKG) center may not match a PHR system in the hierarchical architecture. Therefore, we discuss not only the construction of the PHR sharing system base on AABE but also how to construct the PHR sharing system based on the hierarchical AABE. The proposed schemes(especially based on hierarchical AABE) have many advantages over the available such as short public keys, constant-size private keys, which overcome the weaknesses in the existing works. In the standard model, the introduced schemes achieve compact security in the prime order groups.


PHR sharing system EMR Hierarchical identity-based encryption Anonymous ABE 



This work was supported partly by the Nature Science Foundation of China under Grant (61472307, 61402112, 61100165, 61100231) and Natural Science Basic Research Plan in Shaanxi Province of China(Program NO. 2016JM6004).


  1. 1.
    Sun, J., and Fang, Y., Cross-domain data sharing in distributed electronic health record systems. IEEE Transactions on Parallel and Distributed System 21(6):754–764, 2009.Google Scholar
  2. 2.
    Liu, C., Lin, F., Chiang, D., et al: Secure PHR access control scheme for healthcare application clouds. In: Proceeding of 42nd International Conference on Parallel Processing, pp. 1067–1076. IEEE Computer Society Washington (2013)Google Scholar
  3. 3.
    Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed System 24(1): 131–143, 2013.CrossRefGoogle Scholar
  4. 4.
    Tang, P., Ash, J., Bates, D., et al, Personal health records: Definitions, Benefits, and strategies for overcoming barriers to adoption. Journal of the American Medical Informatics Association 13(2):121–126, 2006.Google Scholar
  5. 5.
    Sahai, A., and Waters, B., Fuzzy identity-based encryption, Advances in cryptology-EUROCRYPT 2005, pp. 457–473. Berlin: Springer-Verlag, 2005.Google Scholar
  6. 6.
    Goyal, V., Pandey, O., Sahai, A., Waters, B., Attribute-based encryption for fine-grained access control of encrypted data, pp. 89–98: ACM CCS, ACM press, 2006.Google Scholar
  7. 7.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of Symposium on Security and Privacy, pp. 321–334. IEEE press (2007)Google Scholar
  8. 8.
    Narayan, S., Gagne, M., Safavi-Naini, R.: Privacy preserving EHR system using attribute-based infrastructure. In: Proceedings ACM Cloud Computing Security Workshop (CCSW’10), pp. 47–52. ACM press (2010)Google Scholar
  9. 9.
    Liang, X., Lu, R., Lin, X., Shen, X.S.: Patient self-controllable access policy on phi in Ehealthcare systems. In: Proceedings Advances in Health Informatics Conference (AHIC 10), pp. 1–5 (2010)Google Scholar
  10. 10.
    Akinyele, J.A., Lehmann, C.U., Green, M.D., Pagano, M.W., Peterson, Z.N.J., Rubin, A.D.: Self-Protecting Electronic Medical Records Using Attribute-Based Encryption, Cryptology ePrint Archive, Report 2010/565, (2010)
  11. 11.
    Gondkar, D.A., and Kadam, V.S.: Attribute Based Encryption for Securing Personal Health Record on Cloud, 2nd IEEE International Conference on Devices, Circuits and Systems (ICDCS), pp. 1–5, IEEE press (2014). Ibraimi, L., Asim, M., Petkovic, M., Secure management of personal health records by applying attribute-based encryption, In: Proceeding of the pHealth’09, IEEE, pp. 71–74 (2009)Google Scholar
  12. 12.
    Sangeetha, D., Vijayakumar, V., Thirunavukkarasu, V., Ramesh, A.: Enhanced security of PHR system in cloud using prioritized level based encryption. In: Proceeding SNDS, CCIS 420, pp. 57–69. Springer-Verlag, Berlin (2014)Google Scholar
  13. 13.
    Xhafa, F., Feng, J., Zhang, Y., Chen, X., Li, J., Privacy-aware attribute-based PHR sharing with user accountability in cloud computing. Journal of Supercomputing 71:1607–1619, 2015.CrossRefGoogle Scholar
  14. 14.
    Boneh, D., and Franklin, M.: Identity-based encryption from the weil pairing. In: Proceedings of Advance in Cryptology-CRYPTO, LNCS 2139, pp. 213–229. Springer-Verlag, Berlin (2001)Google Scholar
  15. 15.
    Boneh, D., Crescenzo, G., Ostrovsky, R., Persiano, G.: Public key encryption with keyword search. In: Proceedings of Advances in Cryptology-Eurocrypt, LNCS 3027, pp. 506–522. Springer-Verlag, Berlin (2004)Google Scholar
  16. 16.
    Abdalla, M., Bellare, M., Catalano, D.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: Proceedings of Advances in Cryptology-CRYPTO, LNCS 3621, pp. 205–222. Springer-Verlag, Berlin (2005)Google Scholar
  17. 17.
    Kapadia, A., Tsang, P.P., Smith, S.W.: Attribute-based publishing with hidden credentials and hidden policies. In: Proceedings of IEEE Symposium of Network and Distributed System Security, pp. 179–192. IEEE press (2007)Google Scholar
  18. 18.
    Yu, S., Ren, K., Lou, W.: Attribute-based content distribution with hidden policy. Proceedings of IEEE Workshop on Secure Network Protocols, pp. 39–44. IEEE press (2008)Google Scholar
  19. 19.
    Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: ACNS, LNCS 5037, pp. 111–129. Springer-Verlag, Berlin (2008)Google Scholar
  20. 20.
    Li, J., Ren, K., Zhu, B., Wan, Z.: Privacy-aware attribute-based encryption with user accountability. In: ISC 2009, LNCS 5735, Vol. 347–362. Springer-Verlag, Berlin (2009)Google Scholar
  21. 21.
    Chaudhari, P., Lal Das, M., Mathuria, A.: On anonymous attribute based encryption. In: ICISS 2015, LNCS 9478, pp. 378–392. Springer-Verlag, Berlin (2015)Google Scholar
  22. 22.
    Zhang, Y., Chen, X., Li, J., Wong, D.S., Li, H.: Anonymous attribute-based encryption supporting efficient decryption test. In: Proceedings of the ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 511–516 (2013)Google Scholar
  23. 23.
    Gentry, C., and Silverberg, A.: Hierarchical ID-Based cryptography. In: Proceedings of Advances in Cryptology-ASIACRYPT, LNCS 2501, pp. 548–566. Springer-Verlag, Berlin (2002)Google Scholar
  24. 24.
    Boneh, D., and Boyen, X.: Efficient selective-ID secure identity based encryption without random oracles. In: Proceedings of Advances in Cryptology-EUROCRYPT, LNCS 3027, pp. 223–238. Springer-Verlag, Berlin (2004)Google Scholar
  25. 25.
    Boneh, D., Boyen, X., Shacham, H.: Short group signature. In: Proceedings of Advances in Cryptology-CRYPT, LNCS 3152, pp. 41–55. Springer-Verlag, Berlin (2004)Google Scholar
  26. 26.
    Lee, J.H.P., Anonymous HIBE: Compact construction over prime-order groups. IEEE Transactions on Information Theory 59(4):2531–2541, 2013.CrossRefGoogle Scholar
  27. 27.
    Xie, Y., Wen, H., Wu, B., Jiang, Y., Meng, J.: A modified hierarchical attribute-based encryption access control method for mobile cloud computing. IEEE Transactions on Cloud Computing, doi: 10.1109/TCC.2015.2513388, will apper (2016)
  28. 28.
    Abdalla, M., Catalano, D., Fiore, D.: Verifiable random functions from identity-based key encapsulation. In: Proceedings of Advances in Cryptology-Eurocrypt, LNCS 5479, pp. 554–571. Springer-Verlag, Berlin (2009)Google Scholar
  29. 29.
    Boyen, X., and Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Proceedings of Advances in Cryptology-CRYPTO 06, LNCS 5677, pp. 290–317. Springer-Verlag, Berlin (2006)Google Scholar
  30. 30.
    Liu, X., Liu, Q., Peng, T., Wu, J.: HCBE achieving fine-grained access control in cloud-based PHR systems. In: Proceedings of ICA3PP 2015, Part III, LNCS 9530, pp. 562–576. Springer-Verlag, Berlin (2015)Google Scholar
  31. 31.
    He, D., Zeadally, S., Kumar, N., Lee, J., Anonymous authentication for wireless body area networks with provable security. IEEE Systems Journal PP(99):1–12, 2016. doi: 10.1109/JSYST.2016.2544805.Google Scholar
  32. 32.
    He, D., Zeadally, S., Wu, L., Certificateless public auditing scheme for cloud-assisted wireless body area networks. IEEE Systems Journal PP(99):1–10, 2015. doi: 10.1109/JSYST.2015.2428620.CrossRefGoogle Scholar
  33. 33.
    He, D., Kumar, N., Shen, H., Lee, J., One-to-many authentication for access control in mobile pay-TV systems. Science China-Information Sciences 59(5):1–14, 2016.CrossRefGoogle Scholar
  34. 34.
    Li, F., and Wu, W., Pairing-based cryptography. Beijing, China: Science Press, 2014.Google Scholar

Copyright information

© Springer Science+Business Media New York 2016

Authors and Affiliations

  1. 1.School of Mathematics and StatisticsXidian UniversityXi’anChina
  2. 2.School of AutomationXi’an University of Posts and TelecommunicationXi’anChina
  3. 3.School of Computer Science and Software EngineeringUniversity of WollongongWollongongAustralia

Personalised recommendations