EACS: Expressible Access Control Scheme for Secure Services and Data Delegation in Collaborative E-health System

Abstract

ABSTRACT Recent technological advancements in health care delivery have paved the way for collaborative monitoring, diagnosis, and treatment of patients, which involve real-time monitoring of patients and remote storage of their health information in the cloud. However, controlling access to the stored health information in the cloud is not only difficult but also susceptible to different privacy- and security-related attacks. Besides, existing access control schemes for e-health do not support delegation of responsibilities, a common phenomenon in health care delivery, making complete adoption of e-health impracticable. In this paper, we propose a security scheme that provides fine-grained expressive access control on patients’ health information for secure data and responsibilities delegation among health officers in collaborative e-health systems. The scheme takes care of the key distribution and attribute or user revocation problems of CP-ABE and supports secure delegation of responsibilities. With this scheme, a health officer can treat patients and securely delegate responsibilities to other health officers within the team without jeopardizing the security and privacy of the patients. Security and performance analysis show that our proposed scheme is efficient, secure, and expressive.