Revocable and verifiable weighted attribute-based encryption with collaborative access for electronic health record in cloud

Abstract

AbstractThe encryption of user data is crucial when employing electronic health record services to guarantee the security of the data stored on cloud servers. Attribute-based encryption (ABE) scheme is considered a powerful encryption technique that offers flexible and fine-grained access control capabilities. Further, the multi-user collaborative access ABE scheme additionally supports users to acquire access authorization through collaborative works. However, the existing multi-user collaborative access ABE schemes do not consider the different weights of collaboration users. Therefore, using these schemes for weighted multi-user collaborative access results in redundant attributes, which inevitably reduces the efficiency of the ABE scheme. This paper proposes a revocable and verifiable weighted attribute-based encryption with collaborative access scheme (RVWABE-CA), which can provide efficient weighted multi-user collaborative access, user revocation, and data integrity verification, as the fundamental cornerstone for establishing a robust framework to facilitate secure sharing of electronic health records in a public cloud environment. In detail, this scheme employs a novel weighted access tree to eliminate redundant attributes, utilizes encryption version information to control user revocation, and establishes Merkle Hash Tree for data integrity verification. We prove that our scheme is resistant against chosen plaintext attack. The experimental results demonstrate that our scheme has significant computational efficiency advantages compared to related works, without increasing storage or communication overhead. Therefore, the RVWABE-CA scheme can provide an efficient and flexible weighted collaborative access control and user revocation mechanism as well as data integrity verification for electronic health record systems.