International Association
for Cryptologic Research

Electronic Health Record (EHR) system facilitates us a lot for health record management. Privacy risk of patients’ records is the dominating obstacle in the widely deployed EHRs. Role-based access control (RBAC) schemes offer an access control on EHRs according to one’s role. Only the medical staff with roles satisfying the specified access policies can read EHRs. In existing schemes, attackers can link patients’ identities to their doctors. Therefore, the classification of patients’ diseases are leaked without actually knowing patients’ EHRs. To address this problem, we present an anonymous RBAC scheme. Not only it achieves flexible access control, but also realizes privacy-preserving for individuals. Moreover, our scheme maintains the property of constant size for the encapsulated EHRs. The proposed security model with both semantic security and anonymity can be proven under decisional bilinear group assumptions. Besides, we provide an approach for EHR owners to search out their targeted EHR in the anonymous system. For better user experience, we apply “online/offline” approach to speed up data processing in our scheme. Experimental results show that the time consumption for key generation and EHR encapsulation can be done in milliseconds.