Personal data leads to a trend that data owners adopt to remotely outsource their data to clouds for the enjoyment of the high-quality revival and storage service without worrying the load of local data management and maintenance. However, protected share and search for the outsourced data is a challenging task, which may easily incur the leakage of sensible personal information. Efficient data sharing and searching with security is of essential importance. This paper, for the first time, introduces a searchable attribute-based proxy re-encryption system. When we compare to existing systems only aiding both searchable attribute-based functionality and attribute-based proxy re-encryption, our new primitive supports both abilities and gives flexible keyword update service. Particularly, the system enables a data owner to efficiently share his data to a named group of users matching a sharing policy and the data will maintain its searchable property but also the respective search keyword can be uploaded after the data sharing. The new mechanism is suitable to many real-world applications, such as electronic health record systems. It is proved that chosen cipher text is secure in the random oracle model. To achieve fine-grained and efficient scalable data access control for PHRs, we grease attribute based encryption (ABE) techniques to encode each patient’s PHR file. The highest degree of patient privacy is assured simultaneously by using multi-authority ABE. Our scheme enables dynamic modification of access policies and file attributes, guide adequate on-demand user/attribute revocation and break-glass access based on emergency scenarios. Extensive detailed and empirical results are presented which shows the security, scalability and efficiency of proposed scheme.

M. Li, S. Yu, K. Ren, and W. Lou, “Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings,” in SecureComm’10, Sept.2010, pp. 89–106.

H. L¨ohr, A.-R. Sadeghi, and M. Winandy, “Securing the e-health cloud,” in Proceedings of the 1st ACM International Health Informatics Symposium, ser. IHI ’10, 2010, pp. 220–229.

M. Li, S. Yu, N. Cao, and W. Lou, “Authorized private keyword search over encrypted personal health records in cloud computing,” in ICDCS ’11, Jun. 2011.

“The health insurance portability and accountability act.” [Online].http://www.cms.hhs.gov/HIPAAGenInfo/01 Overview.asp

“Google, microsoft say hipaa stimulus rule doesn’t apply to them,” http://www.ihealthbeat.org/Articles/2009/4/8/.

“At risk of exposure – in the push for electronic medical records, concern is growing about how well privacy can be safeguarded,”2006.[Online].Available:http://articles.latimes.com/2006/jun/26/health/he-privacy26

K. D. Mandl, P. Szolovits, and I. S. Kohane, “Public standards and patients’ control: how to keep electronic medical records accessible but private,” BMJ, vol. 322, no. 7281, p. 283, Feb. 2001.

J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, “Patient controlled encryption: ensuring privacy of electronic medical records,”in CCSW ’09, 2009, pp. 103–114.

S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in IEEE INFOCOM’10, 2010.

C. Dong, G. Russello, and N. Dulay, “Shared and searchable encrypted data for untrusted servers,” in Journal of Computer Security, 2010.

V. Goyal, O. Pandey, A. Sahai, and B. Waters,“Attribute-based encryption for fine-grained access control of encrypted data,” in CCS ’06, 2006, pp. 89–98.

M. Li, W. Lou, and K. Ren, “Data security and privacy in wireless body area networks,” IEEEWireless Communications Magazine, Feb. 2010.

A. Boldyreva, V. Goyal, and V. Kumar, “Identity-based encryption with efficient revocation,” in ACM CCS, ser. CCS ’08, 2008, pp.417–426.

L. Ibraimi, M. Petkovic, S. Nikova, P. Hartel, and W. Jonker, “Ciphertext-policy attribute-based threshold decryption with flexible delegation and revocation of user attributes,” 2009.

S. Yu, C. Wang, K. Ren, and W. Lou,“Attribute based data sharing with attribute revocation,” in ASIACCS’10, 2010.