Electronic Health Record (EHR) is a digital health documentary. It contains not only the health-related records but also the personal sensitive information. Therefore, how to reliably share EHR through the cloud is a challenging issue. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptography prototype, which can achieve fine-grained access control as well as one-to-many encryption. In CP-ABE, access policy is attached to the ciphertext, and however, the access policy is not protected, which will also cause some privacy leakage. In this paper, we propose a policy preserving EHR system on the basis of CP-ABE. Specifically, we designed an algorithm, which can hide the entire access policy as well as recover the hidden attributes from the access matrix. The subsequent evaluation of element insert, lookup, and recovery shows that our proposed scheme only introduces light-weighted overhead cost. The security analysis indicates that the scheme is selectively secure under q-BDHE assumption.

• 出版日期2018
• 单位南京邮电大学; 福州大学; 安徽大学