Role-based Access Control for Body Area Networks Using Attribute-based Encryption in Cloud Storage

In order to save storage space, the data collected from body area networks can be stored in a third party. However, this may bring security problems. The common method is encrypting data before outsourcing. In this paper, we design a role-based access control scheme (RACS) used in the cloud. Firstly, we classify the data which are collected from body area networks into different types, and use the ciphertext-policy attribute-based encryption to encrypt them. Secondly, we divide the ciphertext into two parts, one part is stored in cloud, and the other is in the owner. Different users own different attributes, therefore, they only can access the data when their attributes satisfy the corresponding access structure. The security of medical data is assured in this way. Thirdly, we also add the user revocation to prevent the vicious user from obtaining and modifying the data. Lastly, when the emergency happens, users can obtain the temporary key to access medical data, so as to cure the patients in the first time. We analyze the correctness, security, storage and computation overhead of the scheme. The results show that RACS can resist the ciphertext attack and superior to others in the storage space and computation overhead.