Research On Privacy Protection Of Electronic Medical Records Based On Attribute-based Encyrption

In smart medicine,electronic medical records(EMRs)are frequently shared and used,and there are great risks of data theft and privacy disclosure.Therefore,the privacy protection of EMRs is an urgent problem to be solved.Although the ciphertext policy attribute-based encryption(CP-ABE)scheme can synchronously realize the encryption and access control of EMRs,most existing schemes have prominent defects,such as poor flexibility,only supporting Boolean function to represent the access policy,users can decrypt and obtain all the information of the file once authorized,only the encrypting party has write permission,and the decrypting party has read permission.Therefore,in order to follow the principles of least disclosure and least privilege when sharing EMRs,Based on searchable encryption technology,algebraic decision diagram(ADD)and CP-ABE technology,this paper studies the data security and privacy protection of EMRs,and proposes two CP-ABE schemes respectively.The main work includes the following:(1)A classified access control scheme for EMRs based on Ciphertext Policy AttributeBased Searchable Encryption(CP-ABSE)is proposed.First,EMRs are classified according to the content,and a classified access control framework for EMRs is proposed.The framework supports data users to retrieve and access information in EMRs on demand,so as to reduce the burden of information retrieval and reduce system overhead.Second,based on this framework,a new ADD access structure is proposed.The same ADD access structure can represent multiple access policies to assist in encryption and access control of multiple shared files.Third,a classified access control algorithm for EMRs based on CP-ABSE is constructed.The time complexity of key generation algorithm,trap algorithm,search algorithm and decryption algorithm are O(1).Finally,with the help of theoretical analysis,the security of the scheme against selective plaintext attack(CPA),selective keyword attack(CKA)and collusion attack and the flexibility of access control are proved.At the same time,the efficiency of the scheme is proved by comparative experiments.(2)A fine-grained EMRs sharing scheme supporting read and write operations is proposed.First,for the requirements of fine-grained operations in EMRs sharing,such as read-only,write-only and read-write,a novel access control system framework with controllable reading and writing is proposed.Second,the ADD access structure is improved to support the implementation of fine-grained access control.Third,according to the finegrained operation requirements of EMRs,a CP-ABE scheme with access conflict resolution ability and efficient operation is proposed based on the new ADD access structure.The new scheme can avoid the conflict when multiple users access EMRs synchronously,and the computational complexity of the key generation algorithm,read operation algorithm and write operation algorithm are O(1),which are not restricted by the number of attributes and other factors.Finally,combined with theoretical analysis and simulation experiments,the security,function realization and performance of the scheme are analyzed to verify the rationality and feasibility of the scheme design.