| With the rapid development of cloud computing, big data and public cloud services have been widely used. The user can store his data in the cloud service, which brings great convenience for the data sharing. At the same time, a new health information exchange mode of personal health record on cloud has become a hot topic in the field of research and application. Similar to the same public cloud services, in the medical cloud system, with the help of the third party service, patient can online create, modify, and store electronic medical records in the cloud, which means that the patient will lose direct control of medical record files, and may lead to security problems such as leak of users' privacy. So, how to realize the safe and efficient sharing of electronic medical records is of great importance to ensure the effective implementation of the medical cloud.In order to ensure that the patient's privacy is not leaked by the cloud service, we present SE-PHR, a secure and efficient personal health record system. The cloud users are divided into private domain(PRD) and public domain(PUD) logically. As the number of users in PRD is small and their identity is clear, Improved Key-Aggregate Encryption called IKAE is suitable to encrypt the medical record files. For the algorithm can produce a constant aggregate key, PHR users can decrypt any of the access files with it, which can not only greatly improve the access efficiency, but greatly reduce the complexity of the key management. While for the PUD domain which has a large number of users with unknown identity, we adopt outsource-able MA-ABE which divides the decryption into two parts, one of which stored in users', the other of which in the CSP. When attribute revocation occurs, only the key stored in CSP need to be updated. The method largely eliminates the overhead for users and supports efficient attribute revocation without updating the user's private key. At the same time, the import of multi-authority reduces the complexity of the key management and avoids the single point of failure. Our scheme also presents a new algorithm which enables dynamic modification of access policies supporting operations which include add/delete/modify. This modification is done by proxy encryption techniques which can reduce the computational overheads of patients.The relevant background knowledge and security issues in the medical cloud system are analyzed in this thesis. This paper puts forward a secure and efficient Personal Health Record scheme called SE-PHR to realize the efficient and safe data sharing scheme in the medical cloud, then describes the system architecture and related technology of the scheme in detail, and dose the simulation and analysis from the security and complexity etc. The analysis and simulation results show that the proposed scheme can reduce calculation and traffic of the PHR users and can achieve the purpose of efficient and safe data sharing in the medical cloud. |
PDF Full Text Request