A secure authorization system in PHR based on CP-ABE

In this paper, we proposed a method based on the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) to dynamically authorize the user according to their private keys. The key feature of our model is the users do not have to involve in key revocation process. Our model utilizes an additional Key Management Server (KMS) which uses the lazy revocation technique and additional attribute keys to perform effective user revocation. It enables the cloud to differentiate user authentication sessions to protect their keys from different session attackers and this approach could perform direct user revocations from a group without user interventions. The operation does not require re-encryption of existing ciphertext. Our method supports backward and perfect forward secrecy and is escrow-free. Lastly, we present that our method is secure under the chosen identity key attack.