Lightweight, verifiable and revocable EHRs sharing with fine-grained bilateral access control

EHRs sharing systems provide a secure and efficient way for patients and doctors to share information in smart healthcare. Due to the concern about data confidentiality and authorized access, the exploitation of attribute-based encryption (ABE) is widely adopted for EHRs sharing in cloud storage. However, most ABE-based EHRs sharing system only considered unilateral access control or supported non-flexible bilateral access control. Hence, we propose a lightwight and flexible healthcare data sharing system, LiVeRe, which enables fine-grained bilateral access control and moreover supports efficient user revocation and ciphertext integrity verification for the access control property. Technically, we employ the dual-policy framework to specify the access policy and pre-decryption techniques to alleviate the computational burden, and efficient revocation of user access rights by the KUNode algorithm. We also provide formal security models and correspondingly prove its security. Moreover, we conduct experiments on the cloud to demonstrate the practicality of our LiVeRe scheme.