Secure Management of medical data has become a major issue as there is an increase in need for medical data exchange among different healthcare providers. Cloud platform can form an exchange platform that all healthcare organizations use and can serve as storage centre of medical records. However, there had been wide security and privacy concerns as medical records are known to third–party server and unauthorized parties. The medical data residing on a cloud server are subjected to many inside and outside malicious attacks. To keep sensitive medical data confidential in cloud, existing solutions apply encryption methods by disclosing data decryption keys only to authorized users. Then also issues like risk of information disclosure, user revocation, scalability in key management are present which hinders to achieve fine grained data access control. To achieve fine grained and scalable access control for medical records, attribute based encryption techniques are used to encrypt medical data. The main method is to map an access control policy into a secret encryption key and then to encrypt the data under the encryption key such that only authorized users who possess the decryption key can access the data in cloud. The secret key is associated with a set of attributes which identify the particular user. The user can decrypt the data if and only if his attributes satisfy access control policies. The proposed method supports efficient user revocation and achieves break glass in emergency situations. The proposed scheme is implemented at real time cloud environment in Microsoft Azure.

1. Zhuo-Rong Li1, En-Chi Chang1, Kuo-Hsuan Huang1, Feipei Lai2," A Secure Electronic Medical Record Sharing Mechanism in the Cloud Computing Platform," IEEE 15th International Symposium on Consumer Electronics 2011, pages 450-457.
2. V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-based encryption for fine-grained access control of encrypted data," in Proc. Of CCS'06, 2006.
3. S. D. C. di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, "Over-encryption: Management of access control evolution on outsourced data," in Proc. of VLDB'07, 2007.
4. R. Zhang and L. Liu, "Security Models and Requirements for Healthcare Application Clouds," Proceedings of IEEE 3rd International Conference on Cloud Computing, 2010, pages 268-275.
5. M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu, "Scalable secure file sharing on untrusted storage," in Proc. of FAST'03, 2003.
6. Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou, "Enabling public verifiability and data dynamics for storage security in cloud computing," in Proc. of ESORICS '09, 2009.
7. M. Atallah, K. Frikken, and M. Blanton, "Dynamic and efficient key management for access hierarchies," in Proc. of CCS'05, 2005.
8. Mrinmoy Barua, Xiaohui Liang, Rongxing Lu, and Xuemin (Sherman) Shen "PEACE: An Efficient and Secure Patient-centric Access Control Scheme for eHealth Care System," The First International Workshop on Security in Computers, Networking and Communications,2010.
9. G. Ateniese, K. Fu, M. Green, and S. Hohenberger, "Improved proxy re-encryption schemes with applications to secure distributed storage," in Proc. of NDSS'05, 2005.
10. Benaloh, J. , Chase, M. , Horvitz, E. , and Lauter, K. (2009) Patient controlled encryption:ensuring privacy of electronic medical records. Proceedings of the 2009 ACM workshop on Cloud computing security, New York, NY, USA, pp. 103{114, CCSW '09, ACM.
11. Microsoftwindows Azure. Http://www. microsoft. com/azure/.
12. Ran Canetti and Susan Hohenberger. Chosen-ciphertext secure proxy re-encryption. Cryptology,ePrint Report 2007/171, 2007.
13. M. Backes, C. Cachin, and A. Oprea, "Secure key-updating for lazy 0revocation," Technical Report RZ 3627, IBM Research, Aug. 2005.
14. Luis M. Vaquero, Luis Rodero-Merino, Juan Caceres, "A Break in the Clouds: Towards a Cloud Definition," in ACM SIGCOMM Computer Communication Review, Volume 39, Number 1, January 2009
15. Shucheng Yu,Cong Wang,Kui Ren and wenjing Lou,"Acheiving Secure,Scalable,and fine grained Data Access Control in Cloud Computing",IEEE INFOCOM 2010.
16. Luan Ibraimi,QiangTang,Pieter Hartel,and William Jonker,"A Type and Identity based Proxy Re-encryption scheme and its application in Healthcare",SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management,2010.
17. Achim D. Brucker,helmut Petritsch and Stefan G. Weber,"attribute based encryption with break glass",Springer 2010.
18. Saman Iftikhar, Wajahat Ali Khan, Maqbool Hussain, Muhammad Afzal, Farooq Ahmad," Design of Semantic Electronic Medical Record (SEMR) system as SaaS service model for Efficient Healthcare",IEEE 3rd International conference on cloud computing 2010,pages 344-347.

Medical Records cloud Computing attribute Based Encryption user Revocation.