The sharing of electronic health records (EHR) in cloud servers is an increasingly important development that can improve the efficiency of medical systems. However, there are several concerns focusing on the issues of security and privacy in EHR system. The EHR data contains the EHR owner's sensitive personal information, if these data are obtained by a malicious user, it will not only cause the leakage of patient's privacy, but also affect the doctor's diagnosis. It is a very challenging problem for the EHR owner fully controls over own EHR data as well as preserves the privacy of himself. In this paper, we propose a new privacy-preserving access control (PPAC) scheme for EHR. To achieve fine-grained access control of the EHR data, we utilize the attribute-based signcryption (ABSC) mechanism to signcrypt data based on the access policy for the linear secret sharing schemes. Employing the cuckoo filter to hide the access policy, it could protect the EHR owner's privacy information. In addition, the security analysis shows that the proposed scheme is provably secure under the decisional bilinear Diffie-Hellman exponent assumption and the computational Diffie-Hellman exponent assumption in the standard model. Furthermore, the performance analysis indicates that the proposed scheme achieves low costs of communication and computation compared with the related schemes, meanwhile preserves the EHR owner's privacy. Therefore, the proposed scheme is better suited to EHR system.
Keywords: access control; attribute-based signcryption; cuckoo filter; electronic health records; privacy preserving.