ARP-CP-ABE: Toward Efficient, Secure and Flexible Access Control for Personal Health Record Systems

Personal health record (PHR) systems contain a large amount of private and sensitive data so that an access control paradigm is required to guarantee security and flexibility. Ciphertext-policy attribute-based encryption (CP-ABE) supports access control on encrypted data, which is a promising technique for PHR systems. However, current CP-ABE schemes consume much computing resources for encryption, decryption, and revocation. Furthermore, since there is much value behind mass health records it is often to see unauthorized access to these data by private keys obtained from illegal trade, which is called key abuse problem. Worse still, existing CP-ABE schemes are short of an effective mechanism to keep away from key abuse. In this paper, we propose an accountable, revocable, and pairing-free ciphertext-policy attribute-based encryption (ARP-CP-ABE). Each private key is inserted by a unique identity so that key abuse can be detected in decryption. Meanwhile, the traitor can also be immediately locked. Then we construct a fine-grained and immediate revocation mechanism based on attribute group and optimize its computational efficiency. In addition, no pairing computation is needed in ARP-CP-ABE, which reduces computation overhead and make it more suitable for mobile applications of PHR systems.