SPEMR: A new secure personal electronic medical record scheme with privilege separation

With the pervasiveness of cloud computing, personal health record (PHR), which is outsourced to the third-party service providers and exchanges health information with patient-centric, has attracted considerable interest recently. However, the flourish of PHR still faces many challenges including privacy preservation and efficiency. Especially, PHR system allows patients to modify electronic medical record (EMR) documents, in which the veracity of patients´ EMR data has been questioned, even resulting in a few health accidents. In this paper, based on the attribute-based encryption and re-encryption under the attribute group keys, we present a new secure personal electronic medical record scheme, called SPEMR, which is privilege separation under the multi-owner settings. In specific, to achieve the veracity of patients´ EMR data and fine-grained access control, we introduce a privilege separation mechanism in SPEMR based on the RSA-Based proxy encryption. And in the SPEMR scheme, each patient can fully control the authorization of accessing to their EMR documents, achieve a fine-grained access policy and on-demand revocation. Detailed security analysis shows that the proposed SPEMR can achieve the data privacy preserving, privilege separation, and on-demand revocation.