Sciweavers

IACR
2016

Anonymous Role-Based Access Control on E-Health Records

8 years 8 months ago
Anonymous Role-Based Access Control on E-Health Records
Electronic Health Record (EHR) system facilitates us a lot for health record management. Privacy risk of patients’ records is the dominating obstacle in the widely deployed EHRs. Role-based access control (RBAC) schemes offer an access control on EHRs according to one’s role. Only the medical staff with roles satisfying the specified access policies can read EHRs. In existing schemes, attackers can link patients’ identities to their doctors. Therefore, the classification of patients’ diseases are leaked without actually knowing patients’ EHRs. To address this problem, we present an anonymous RBAC scheme. Not only it achieves flexible access control, but also realizes privacy-preserving for individuals. Moreover, our scheme maintains the property of constant size for the encapsulated EHRs. The proposed security model with both semantic security and anonymity can be proven under decisional bilinear group assumptions. Besides, we provide an approach for EHR owners to searc...
Xingguang Zhou, Jianwei Liu, Weiran Liu, Qianhong
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Where IACR
Authors Xingguang Zhou, Jianwei Liu, Weiran Liu, Qianhong Wu
Comments (0)