RS-HABE: Revocable-storage and Hierarchical Attribute-based Access Scheme for Secure Sharing of e-Health Records in Public Cloud

Personal electronic health records (EHR) enable medical workers to conveniently and quickly access each patient's medical history through the public cloud, which greatly facilitates patients' visits and makes telemedicine feasible. Additionally, since EHR involve patients' personal privacy information, EHR holders would hesitate to directly outsource their data to cloud servers. A natural and favorite manner of conquering this issue is to encrypt these outsourced EHR such that only authorized medical workers can access them. Particularly, the ciphertext-policy attribute-based encryption (CP-ABE) supports fine-grained access over encrypted data and is considered to be a perfect solution of securely sharing EHR in the public cloud. In this paper, to strengthen the system security and meet the requirement of specific applications, we add new functionalities, namely, user revocation, secret key delegation and ciphertext update to the original ABE, and propose a revocable-storage hierarchical attribute-based encryption (RS-HABE) scheme. The proposed RS-HABE scheme features of forward security and backward security simultaneously, and is proved to be selectively secure. The theoretical analysis indicates that the proposed scheme surpasses existing similar works in terms of functionality and security, at the acceptable cost of computation overhead. Moreover, we implement the proposed scheme and present experiments to demonstrate its practicability.