Adoption of cloud solutions for enterprises has been growing rapidly recently. Despite the rising popularity, security remains one of the top challenges, such as tackling unauthorized access and data protection issues.
In the enterprise situation, files and data are usually encrypted and are shared and accessible by certain groups of staffs only. This could be securely encrypted by conventional cryptography, such as the public key infrastructure. However, this could require much computation power. If there are a large number of staffs sharing the same piece of information, the number of encryption computation could be very huge. As cloud is also often used together with mobile devices, with limited processing power and storage space in mobile devices, cryptographic protection is even more challenging.
Under this situation, attribute based encryption (ABE), a relatively younger cryptography, could possibly be a better alternative. Encryption and decryption are calculated based on attributes of individuals and a specified access control policy. Therefore, people with different secret keys would be able to decrypt the same ciphertext if the supplied attributes match the specified access control policy. This could allow more flexibility in information sharing while protecting from unauthorized access. Moreover, more recent researches have proposed outsourcing ABE which breaks the decryption process into stages, thereby reducing the computation power requirements.
The project would focus on the implementation of ciphertext-policy attribute based encryption (CP-ABE) in the context of electronic health record system. The project aims at protecting electronic health records by CP-ABE as well as to develop a convenient management for the access policy and attributes.
Detailed Project Plan
Project Web Page
Detailed Interim Report
Finalized Tested Implementation
Supervisor: Dr. Lucas Hui
Student: Chow Chi Ling