| As the continuous development of cloud computing applications and a wide range of hybrid cloud technology, it is a practical value of research of appling EHR data on hybrid cloud which is low-cost, convenience and efficiency. ABE encryption algorithm is currently accepted for cloud access control encryption algorithm. However there are still many problems before it been partical, such as the trusted center is not suitable for a cloud environment in which exist a large number of users, key management confusion caused by the property revocation of the ABE algorithm, information audit and trails and other issues.Focusing on the hybrid cloud environments applying on the EHR data sharing, we rised two problems: one is the computational complexity of the user to decrypt is too large, the other is separation between the data owners and data producers. To solve these two problems, we list our main work as follows:(A) We propose a pre-decrypting method, transferring the part of the decryption to the server. The main idea is to convey the private key of user to the server which use the user-provided key to predecrypt the data. User use another private key to decrypt the pre-decrypt data into message. As the decryption time of the user-side is much lower than origin algorithm, we conclude that this method can reduce the computational complexity of the decryption dramticly.(B) We propose an ABE encryption algorithm contains character information in the ciphertext using characteristic of GDH group. Data owner use its own role information instand of the attribute access-control tree to decrypt ciphertext. We distributed the role of the information in the ciphertext, so that the role of the owner cannot be taken by other users.(C) Finally, we use security model to analyzes these two encryption algorithm, and prove the algorithm is safe. Computational complexity of the algorithm is analyzed and compared. |
PDF Full Text Request