Secure sharing of personal health records in cloud computing: ciphertext-policy attribute-based signcryption

Jianghua Liu, Xinyi Huang, Joseph K. Liu

Research output: Contribution to journalArticleResearchpeer-review

171 Citations (Scopus)


The sharing of Personal Health Records (PHR) in cloud computing is a promising platform of health information exchange. However, the storage of personal medical and health information is usually outsourced to some third parties which may result in the exposure of patients’ privacy to unauthorized individuals or organizations. In order to address this security loophole, we suggest a promising solution.

We propose a new approach for fine-grained access control and secure sharing of signcrypted (sign-thenencrypt) data. We call our new primitive Ciphertext-Policy Attribute-Based Signcryption (CP-ABSC) which satisfies the requirements of cloud computing scenarios for PHR. CP-ABSC combines the merits of digital signature and encryption to provide confidentiality, authenticity, unforgeability, anonymity and collusion resistance. The correctness, security and efficiency of this scheme are also proven.
Original languageEnglish
Pages (from-to)67-76
Number of pages10
JournalFuture Generation Computer Systems
Publication statusPublished - Nov 2015
Externally publishedYes


  • Personal Health Records (PHR)
  • Fine-grained access control
  • Attribute-based signcryption
  • Cloud computing

Cite this