Secure Electronic Health Record System Based On Online/Offline Access Control In Cloud

Following the rise and development of new computer technology, society un-precedentedly relies on information technology. The cloud computing brings var-ious of convenience for data owners and users. It is flexible and scalability to be utilized extensively. However, in order to take full advantage of cloud computing and play the cloud as a platform for computing value, the data stored in the cloud and the services provided by the cloud must be effectively protected. The online electronic health records (EHR) make it possible for everyone to centrally manage their own medical data, which greatly facilitates user storage, access and sharing of EHR. Following the pace of cloud computing, people prefer to outsource e-health data to cloud servers, greatly improving the efficiency of storing and accessing data. However, for data owners, because the user in the cloud computing environ-ment has lost physical control of personal data, once the data will cause serious privacy problems. Therefore, it is necessary to provide a user with the relevant attributes to perform a cryptographic scheme of a more appropriate solution for the access policy.First of all, the dissertation introduces the current cloud computing trends and basic institutions, as well as the current development of cloud computing in a variety of security issues.Secondly, it mainly describes several access control structures, based on the development of attribute-based encryption cryptosystem and the background of online/offline attribute encryption. Attribute-based encryption is mainly divid-ed into categories: one is the key-policy attribute-based encryption, the other is the ciphertext-policy attribute-based encryption. Both of schemes are described and analyzed respectively. Based on the encryption of key-policy attributes, the attribute-based encryption of online/offline secret key-policy is described and an-alyzed.Finally, we propose a framework with fine-grained access control mechanisms to protect e-health data for a variety of devices, including smart mobile devices. We provide EHR security by designing an encryption scheme based on an online/offline policy attribute that is based on identity-based encryption (IBE) extensions. The scheme can provide fine-grained access policies and efficiency for user data. In par-ticular, it greatly reduces the complexity and computational power of encryption and key generation.