Multidata-Owner Searchable Encryption Scheme over Medical Cloud Data with Efficient Access Control

Abstract

Several schemes have been proposed to enable cloud servers to search encrypted medical data to preserve patients' privacy. However, the existing schemes use inefficient attribute-based encryption (ABE) approaches for access control. Also, servers cannot learn whether a doctor can achieve the access policy of a document and this check is done by doctors, so unrelated documents are outsourced. Moreover, the existing schemes only support single data-owner setting, where a doctor needs to share a key with each patient. To address these limitations, we develop an efficient ABE approach. Patients use it to encrypt the symmetric key (that encrypted a document), so that only authorized doctors can obtain the key and decrypt the document. Patients also send to the server the encryptions of an access policy and the document's keywords. Doctors send the encryptions of the keywords, and their attributes. Then, the server returns the documents the doctor is authorized to access without being able to learn the keywords, the access policy, and the doctor's attributes to preserve privacy. Our analysis indicates that our scheme can preserve privacy, and our experimental results demonstrate that our scheme requires less communication/computation overhead compared to the existing schemes. Also, the number of keys in the system are significantly reduced.