SPS: Secure personal health information sharing with patient-centric access control in cloud computing

In this paper, we propose a patient-centric personal health information (PHI) sharing and access control scheme, SPS. Proposed SPS encompasses identity based cryptography to ensure security and privacy of PHI by using short digital signature and patient´s pseudo-identity. SPS relieves the health service provider´s (HSP) additional burden for PHI storage, management, and maintenance by incorporating cloud storage services to electronic Health (eHealth) care system. SPS adopts attribute based encryption and assigns different attributes to PHI access requesters based on their roles and relation to the patient. To ensure authenticated PHI access with minimum computation, SPS introduces multi-parties proxy re-encryption protocol. Light weight partial and block PHI audits make the scheme efficient to ensure stored PHI integrity and availability. Extensive performance and security analyses demonstrate that SPS is able to achieve desired security requirements with acceptable computation and storage costs.