A Secure Role Based Access Policy for PHR Patient-Centric Model of Health Information Exchange Using Homomorphic Encryption

Cloud computing has being defined as a pool of virtualized computing resources. Due to this virtualization, there is an immense growth in applications of cloud computing. One of the important fields is Personal Health Records. In recent years, personal health records (PHR) has transpired as a patient-centric model for exchanging health information. The health information is outsourced to a third party like cloud service providers. But what if the service providers are compromised, this may create a huge threat to the patients information. Personal Health Records enables patients to manage their own medical records in a centralized way. But by storing PHRs in the cloud, the patients lose physical control to their personal health data, which makes it necessary for each patient to encrypt their PHR data before uploading to the cloud servers. In our proposed framework we securely share PHR files with fine- grained access. The framework efficiently handles the prime challenge of key management brought by introduction of multiple PHR users and owners. The framework addresses the unique challenges brought by multiple PHR owners and users, in that it will also reduce the key management complexity while enhance the privacy guarantees compared with previous works. The solution for securely storing PHR on cloud can be proved as both scalable and efficient though implementation and simulation.