Enabling authorized encrypted search for multi-authority medical databases

Lei Xu, Shifeng Sun, Xingliang Yuan, Joseph K. Liu, Cong Zuo, Xu Chungen

Research output: Contribution to journalArticleResearchpeer-review

2 Citations (Scopus)

Abstract

E-medical records are sensitive and should be stored in a medical database in encrypted form. However, simply encrypting these records will eliminate data utility and interoperability of the existing medical database system because encrypted records are no longer searchable. Moreover, multiple authorities could be involved in controlling and sharing the private medical records of clients; thus, authorizing different clients to search and access records originating from multiple authorities in a secure and scalable manner is a nontrivial matter. To address the above issues, we propose an authorized searchable encryption scheme under a multi-authority setting. Specifically, our proposed scheme leverages RSA function to enable each authority to limit the search capability of different clients based on the client's privileges. To improve scalability, we utilize multi-authority attribute-based encryption to allow the authorization process to be performed only once even over policies from multiple authorities. We conduct rigorous security and cost analysis, and perform experimental evaluations to demonstrate that the proposed scheme introduces moderate overhead to existing searchable encryption schemes.

Original languageEnglish
Number of pages12
JournalIEEE Transactions on Emerging Topics in Computing
DOIs
Publication statusAccepted/In press - 18 Mar 2019

Keywords

  • Access control
  • Cloud computing
  • cloud storage
  • e-medical system
  • encrypted data search
  • Encryption
  • forward security
  • Medical diagnostic imaging
  • Multi-authority
  • Servers

Cite this