A secure role-based cloud storage system for encrypted patient-centric health records

Lan Zhou, Vijay Varadharajan*, K. Gopinath

*Corresponding author for this work

    Research output: Contribution to journalArticlepeer-review

    14 Citations (Scopus)


    With the rapid developments occurring in cloud services, there has been a growing trend to use cloud for large-scale data storage. Due to the increasing popularity of cloud storage, many healthcare organizations have started moving electronic health records (EHRs) to cloud-based storage systems. However, this has raised the important security issue of how to protect and prevent unauthorized access to EHR data stored in a public cloud. Several cryptographic access control schemes have been proposed to protect the security of data stored in the cloud by integrating cryptographic techniques with access control models. In this paper, we consider a novel role-based encryption technique to build a secure and flexible large-scale EHR system where role-based access control policies are enforced in a cloud environment. Then we discuss a practical EHR system called the personally controlled electronic health record (PCEHR) system recently developed by the Australian Government, and show how the security weaknesses in the PCEHR system can be addressed by our proposed scheme. The proposed system has the potential to be useful in commercial healthcare systems as it captures practical access policies based on roles in a flexible manner and provides secure data storage in the cloud enforcing these access policies.

    Original languageEnglish
    Pages (from-to)1593-1611
    Number of pages19
    JournalComputer Journal
    Issue number11
    Publication statusPublished - 3 Nov 2016


    • cloud data storage security
    • role-based encryption
    • secure encrypted health records
    • secure role-based access control


    Dive into the research topics of 'A secure role-based cloud storage system for encrypted patient-centric health records'. Together they form a unique fingerprint.

    Cite this