Joshi, Maithilee P.Mittal, SudipJoshi, Karuna PandeFinin, Tim2018-10-192018-10-192017-09-11Maithilee Joshi, Karuna Joshi, Tim Finin, "Attribute Based Encryption for Secure Access to Cloud Based EHR Systems", Cloud Computing (CLOUD) 2018 IEEE 11th International Conference on, pp. 932-935, 2018, DOI: 10.1109/IEEE.EDGE.2017.2710.1109/IEEE.EDGE.2017.27http://hdl.handle.net/11603/116012017 IEEE International Conference on Edge Computing (EDGE)Securing their critical documents on the cloud from data threats is a major challenge faced by organizations today. Controlling and limiting access to such documents requires a robust and trustworthy access control mechanism. In this paper, we propose a semantically rich access control system that employs an access broker module to evaluate access decisions based on rules generated using the organizations confidentiality policies. The proposed system analyzes the multi-valued attributes of the user making the request and the requested document that is stored on a cloud service platform, before making an access decision. Furthermore, our system guarantees an end-to-end oblivious data transaction between the organization and the cloud service provider using oblivious storage techniques. Thus, an organization can use our system to secure their documents as well as obscure their access pattern details from an untrusted cloud service provider.8 pagesen-USThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.© 20XX IEEEAccess ControlAccess BrokerOntologiesConfidentiality PolicyOblivious StorageCloud ComputingUMBC Ebiquity Research GroupText