A Basic Framework for Policy Updates for the Outsourced Exchange of Private Medical Records

V. Jayaganesh

Abstract: Since cloud computing and other data outsourcing settings offer high flexibility and accessibility, many healthcare providers se personal health records (PHRs) that are electronic to let patients manage their own health data in a scalable and robust environment. However, PHRs contain extremely sensitive data, thus security and privacy issues are crucial. PHR owners should be free to create their own flexible and safe access rules for their data that is outsourced. Beyond the fundamental authentication feature, most commercial cloud platforms offer tenants the option of symmetric or public key encryption to protect their data. But because symmetric encryption has a large key management overhead and requires a lot of upkeep, In this study, we develop a fine-grained, secure access control system for outsourced PHRs that incorporates updates to the policies in a lightweight manner. Our suggested solution (PRE) is based on proxy re-encryption and ciphertext policy attribute-based encryption (CP-ABE). To assist complete policy change tracing, we also offer a policy versioning approach. Ultimately, an assessment of performance was carried out to demonstrate the efficacy of the suggested approach.

Keywords: Policy versioning, proxy re-encryption, PHRs, access control, CP-ABE, policy updating, and performance evaluation