A Secure Framework for Ensuring EHR's Integrity using Fine-Grained Auditing and CP-ABE

In this paper, a secured framework for storing the Electronic Health Records (EHR's) on the cloud platform without losing integrity. With the help of cloud computing, healthcare industries outsourcing their services like storing and processing of EHR's from local servers to the cloud servers. Unfortunately, Cloud Computing poses a security risk; that is EHR's integrity in the cloud server which is subjected to suspicious because of the presence of hardware/software crashes or human mistakes. Various schemes were proposed to audit cloud data integrity. However, at the time of auditing, the public auditors undoubtedly reveal the patient information. Therefore, this is a primary issue in EHR's security. To solve this problem, we introduced a secure framework, which enables the public auditor to verify EHR's without revealing patient identity. Our framework allows the auditors to audit EHR's without retrieving complete EHR files. Additionally, our framework solves the key escrow issue by using two-authority key generation scheme. Here, Key Generation Authority (KGA) and cloud server play a significant role to assign each part of the file to auditors for auditing by using Ciphertext Policy Attribute Based Encryption (CP-ABE). It allows independent auditing assignments instead of one by one.