This involves privacy issues since the sensitive health information can become accessible to the cloud providers and at times, to unauthorized parties. This makes encryption mandate. The data should be encrypted by a trusted method that performs encryption before the data is outsourced and stored in the cloud. Encrypting data would raise issues such as risks like sensitive data being exposed, a large number of keys to be generated, differences in security level provided by the system and expected by the user and inability to access during emergency. In this paper, we propose a novel method to encrypt the data at different security levels, as the patient desires. Efficiency is achieved by dividing the users into two different domains. The domain containing doctors whom the patients send their queries to, can access the patient details. Whereas, the health care departments like insurance providers can access only the details that are insecure. Key revocation is used invalidate the existing key and generate a new one. This can be of great help in emergency scenarios when there is a demand for a new …show more content…
This made multi-authority scheme scalable and efficient [12]. The problems to be addressed in data sharing led to many proposals, each describing various ways to solve security issues. Most of them proposed to provide keys to effect security access. However, it led to another challenge of the key escrow problem. Authorities had to deal with a wide pool of users to provide their keys. Proposals to build a system without the key escrow problem were made [11].Identity based broadcast encryption was employed in sensor networks to reduce key size. This caused computation and storage overhead. Systems were proposed in later years, which reduced both computational times and storage overhead [15]. However, attribute based encryption is the suitable method of encrypting the health records. The attributes that require high security can only be encrypted and the key to decrypt the file is created by using the values of attributes.
3. Architecture
The architecture of the proposed HCI system is as follows. A new patient registers in the system. The profile the doctor then updates the prescription and comments for the patient. After this is updated in the cloud, the Admin of the health records encrypts the attributes that require high security. There are various security levels ranging from 0 to 4. Each level of security corresponds to different types of key generation. Health