Research On Attribute-based Encryption Policy In Cloud Outsourcing Personal Health Record

Recently,plenty of researches have been carried out to construct a secure on-cloud Personal Health Record(PHR)system via Ciphertext-Policy Attribute-Based Encryption(CPABE).However,access policy in the traditional CP-ABE is in cleartext form that leaks significant sensitive information about data owners or requesters.To mitigate this problem,two approaches have been proposed in the literature.One approach is partially hiding the access policy in which attribute names are in cleartext while attribute values are hidden.The other approach is fully hiding the attributes in the access policy which,unfortunately,hinders efficient and correct decryption as well as dynamic policy update.The specific research results:1)In view of the shortcomings in security and correctness of existing policy hiding schemes,as well as the mutual exclusion between policy updating and policy hiding in theory.Based on Cuckoo Filter(CF)and Linear Secret Sharing Scheme(LSSS),this thesis designs a CP-ABE scheme which can completely hide the access policy without causing decryption failure,and supports policy updating under policy hiding called Privacy-Preserving Policy Updating Attribute-Based Encryption(3PU-ABE).The experimental results show that compared with other strategy hiding schemes,the 3PU-ABE reduces the computational overhead by nearly.In the recovery phase of policy hiding,3PU-ABE is correct.Furthermore,compared with other update schemes,3PU-ABE not only considers ciphertext update,but also considers policy updating in hidden state for the first time,which makes up for the blank in policy updating field.2)Focusing on the shortcomings of the proposed 3PU-ABE scheme in policy hiding,and the issues of attribute flexibility in the implementation of the existing solutions.Based on Attribute Cuckoo Filter(ACF)and Fast Attribute-based Message Encryption(FAME),this thesis proposes a large universe attribute-based encryption called Fast Policy-Hiding and Updating Attribute-Based Encryption(FHU-ABE)which does not limit the number of attributes in access policy,the number as well as the format of attributes in system,and supports policy updating under policy hiding.The experimental and analysis results show that compared with 3PU-ABE and similar schemes,FHU-ABE does not limit the number of attributes in access policies,and has nearly performance advantage in policy hiding.In addition,compared with the similar schemes,FHU-ABE has better performance in computing and storage overhead.