Efficient File Sharing in Electronic Health Records

  • Clémentine GrittiEmail author
  • Willy Susilo
  • Thomas Plantard
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9065)


The issue of handling electronic health records have become paramount interest to the practitioners and security community, due to their sensitivity. In this paper, we propose a framework that enables medical practitioners to securely communicate among themselves to discuss health matters, and the patients can be rest assured that the information will only be made available to eligible medical practitioners. Specifically, we construct a new cryptographic primitive to enable File Sharing in Electronic Health Records (FSEHR). This primitive enables doctors to read the information sent by the hospital, or by any other individuals (such as patients’ health records), when the doctors have their ‘license’ validated by that given hospital. We construct such a cryptographic primitive and capture its security requirements in a set of security models. Subsequently, we present a concrete scheme, which is proven selectively chosen-ciphertext security (CCA-1) secure under the Decisional Bilinear Diffie-Hellman Exponent (DBDHE) assumption and fully collusion resistant.


File Sharing Electronic Health Records Broadcast Encryption Certificate-Based Encryption Bilinear map Chosen-Ciphertext Security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akinyele, J.A., Pagano, M.W., Green, M.D., Lehmann, C.U., Peterson, Z.N., Rubin, A.D.: Securing electronic medical records using attribute-based encryption on mobile devices. In: SPSM 2011, pp. 75–86. ACM (2011)Google Scholar
  2. 2.
    Alemán, J.L.F., Señor, I.C., Lozoya, P.A.O., Toval, A.: Security and privacy in electronic health records: A systematic literature review. Journal of Biomedical Informatics 46(3), 541–562 (2013)CrossRefGoogle Scholar
  3. 3.
    Benaloh, J., Chase, M., Horvitz, E., Lauter, K.: Patient controlled encryption: Ensuring privacy of electronic medical records. In: CCSW 2009, pp. 103–114. ACM (2009)Google Scholar
  4. 4.
    Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Dodis, Y., Fazio, N.: Public key broadcast encryption for stateless receivers. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 61–80. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  7. 7.
    Gentry, C.: Certificate-based encryption and the certificate revocation problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with short ciphertexts). In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 171–188. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    Motta, G.H.M.B.: A contextual role-based access control authorization model for electronic patient record. IEEE Transactions on Information Technology in Biomedicine 7(3), 202–207 (2003)CrossRefGoogle Scholar
  10. 10.
    Narayan, S., Gagné, M., Safavi-Naini, R.: Privacy preserving ehr system using attribute-based infrastructure. In: CCSW 2010, pp. 47–52. ACM (2010)Google Scholar
  11. 11.
    Okamoto, T., Pointcheval, D.: REACT: Rapid enhanced-security asymmetric cryptosystem transform. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 159–174. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Peleg, M., Beimel, D., Dori, D., Denekamp, Y.: Situation-based access control: Privacy management via modeling of patient data access scenarios. J. of Biomedical Informatics 41(6), 1028–1040 (2008)CrossRefGoogle Scholar
  13. 13.
    Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Frr: Fair remote retrieval of outsourced private medical records in electronic health networks. J. Biomed. Inform. (2014)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Clémentine Gritti
    • 1
    Email author
  • Willy Susilo
    • 1
  • Thomas Plantard
    • 1
  1. 1.Centre for Computer and Information Security Research, School of Computer Science and Software EngineeringUniversity of WollongongWollongongAustralia

Personalised recommendations