Comparison of attribute-based encryption schemes in securing healthcare systems

Abstract

E-health has become a top priority for healthcare organizations focused on advancing healthcare services. Thus, medical organizations have been widely adopting cloud services, resulting in the effective storage of sensitive data. To prevent privacy and security issues associated with the data, attribute-based encryption (ABE) has been a popular choice for encrypting private data. Likewise, the attribute-based access control (ABAC) technique has been widely adopted for controlling data access. Researchers have proposed electronic health record (EHR) systems using ABE techniques like ciphertext policy attribute-based encryption (CP-ABE), key policy attribute-based encryption (KP-ABE), and multi authority attribute-based encryption (MA-ABE). However, there is a lack of rigorous comparison among the various ABE schemes used in healthcare systems. To better understand the usability of ABE techniques in medical systems, we performed a comprehensive review and evaluation of the three popular ABE techniques by developing EHR systems using knowledge graphs with the same data but different encryption mechanisms. We have used the MIMIC-III dataset with varying record sizes for this study. This paper can help healthcare organizations or researchers using ABE in their systems to comprehend the correct usage scenario and the prospect of ABE deployment in the most recent technological evolution.