A Novel Framework for Secure Sharing of Personal Health Records (PHR) in Cloud Computing

Online personal health record (PHR) enables patients to manage their own medical records in a centralized way, which greatly helps the storage, access and sharing of personal health data. PHR system could allow patients to better manage their health information and share it to enhance the quality and efficiency of their healthcare. Unfortunately, abuse of information stored in PHR systems will create new risks for patients, and we need to empower them to protect their health information to avoid problems such as medical identity theft. This project introduces the notion of Accountable use and updates of personal health records and design a patient-centric monitoring system based on it. Each patient encrypts his PHR data before uploading to the cloud server. However, issues such as risks of privacy exposure, flexible policy access, scalability in key management and efficient on-demand user revocation, have remained the most vital challenges to achieve secure, scalable and fine-grained data access control. To enable fine-grained and scalable access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patients' PHR data. ABE applied on multi authority owner scenario that greatly reduces the key management complexity for owners and users. This proposed scheme enhances the Accountability of Personal Health Record usage via patient-centric monitoring. This scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand revocation and break-glass access under emergency scenarios.