Granular Data Access Control with a Patient-Centric Policy Update for Healthcare

Fawad Khan, Saad Khan, Shahzaib Tahir, Ahmad Jawad, Hasan Tahir, Syed Aziz Shah

    Research output: Contribution to journalArticlepeer-review

    9 Citations (Scopus)
    33 Downloads (Pure)


    Healthcare is a multi-actor environment that requires independent actors to have a different view of the same data, hence leading to different access rights. Ciphertext Policy-Attribute-based Encryption (CP-ABE) provides a one-to-many access control mechanism by defining an attribute’s policy over ciphertext. Although, all users satisfying the policy are given access to the same data, this limits its usage in the provision of hierarchical access control and in situations where different users/actors need to have granular access of the data. Moreover, most of the existing CP-ABE schemes either provide static access control or in certain cases the policy update is computationally intensive involving all non-revoked users to actively participate. Aiming to tackle both the challenges, this paper proposes a patient-centric multi message CP-ABE scheme with efficient policy update. Firstly, a general overview of the system architecture implementing the proposed access control mechanism is presented. Thereafter, for enforcing access control a concrete cryptographic construction is proposed and implemented/tested over the physiological data gathered from a healthcare sensor: shimmer sensor. The experiment results reveal that the proposed construction has constant computational cost in both encryption and decryption operations and generates constant size ciphertext for both the original policy and its update parameters. Moreover, the scheme is proven to be selectively secure in the random oracle model under the q-Bilinear Diffie Hellman Exponent (q-BDHE) assumption. Performance analysis of the scheme depicts promising results for practical real-world healthcare applications.
    Original languageEnglish
    Article number3556
    Issue number10
    Publication statusPublished - 20 May 2021


    • Constant computations
    • Constant size ciphertext
    • Hierarchal
    • Multi message
    • Policy update

    ASJC Scopus subject areas

    • Analytical Chemistry
    • Information Systems
    • Atomic and Molecular Physics, and Optics
    • Biochemistry
    • Instrumentation
    • Electrical and Electronic Engineering


    Dive into the research topics of 'Granular Data Access Control with a Patient-Centric Policy Update for Healthcare'. Together they form a unique fingerprint.

    Cite this