Personal health record (PHR) is often seen as a patient-centric model of health information exchange. However there has been privacy concerns when information is outsourced to be stored at a third party. Also when patient is given full control of his own PHR, he proves to be inefficient in maintaining the information. Yet, issues such as risks of privacy exposure, Scalability in key management, flexible access and efficient user revocation, have remained the most important challenges toward

more »

... eving fine-grained, cryptographically enforced data access control. Thus, in this paper, we propose a novel framework and a suite of mechanisms for data access control to PHRs stored in semitrusted servers. To achieve fine-grained and scalable data access control for PHRs, we leverage attribute based encryption (ABE) techniques to encrypt each patient's PHR file. Different from previous works in secure data outsourcing, we focus on the multiple data owner scenario, and divide the users in the PHR system into multiple security domains that greatly reduces the key management complexity for owners and users. A high degree of patient privacy is guaranteed simultaneously by exploiting multi-authority ABE. Our scheme also enables dynamic modification of access policies or file attributes, supports efficient on-demand user/attribute revocation and break-glass access under emergency scenarios. Extensive analytical and experimental results are presented which show the security, scalability and efficiency of our proposed scheme.