Building a dynamic searchable encrypted medical database for multi-client

E-medical record is an emerging health information exchange model based on cloud computing. As cloud computing allows companies and individuals to outsource their data and computation, the medical data is always stored at a third party such as cloud, which brings a variety of risks, such as data leakage to the untrusted cloud server, unauthorized access or modification operations. To assure the confidentiality of the data, the data owner needs to encrypt the sensitive data before uploading to the third party. Yet, issues like encrypted data search, flexible access and control on sensitive data have also remained the most significant challenges. In this paper, we investigate a novel searchable encrypted e-medical framework for multi-client which provides both confidentiality and searchability. Different from previous privacy protecting works in secure data outsourcing, we focus on providing a fine-grained access control encrypted data search scheme including clients and data. Our scheme also enables secure data update of the encrypted database by leveraging a secure dynamic searchable encryption. Furthermore, we implement the proposed scheme based on some existed cryptography library, and conduct several experiments on a selected dataset to evaluate its performance. The results demonstrate that our scheme provides a balance between security and efficiency.