Efficient Fine-Grained Data Sharing Mechanism for Electronic Medical Record Systems with Mobile Devices
IEEE Sharing digital medical records on public cloud storage via mobile devices facilitates patients (doctors) to get (offer) medical treatment of high quality and efficiency. However, challenges such as data privacy protection, flexible data sharing, efficient authority delegation, computation efficiency optimization, are remaining toward achieving practical fine-grained access control in the Electronic Medical Record (EMR) system. In this work, we propose an innovative access control model and a fine-grained data sharing mechanism for EMR, which simultaneously achieves the above-mentioned features and is suitable for resource-constrained mobile devices. In the model, complex computation is outsourced to public cloud servers, leaving almost no complex computation for the private key generator (PKG), sender and receiver. Additionally, the communication cost of the PKG and users is optimized. Moreover, we develop an extensible library called libabe that is compatible with Android devices, and the access control mechanism is actually deployed on realistic environment, including public cloud servers, a laptop and an inexpensive mobile phone with constrained resources. The experimental results indicate that the mechanism is efficient, practical and economical.