TRAC: Traceable and Revocable Access Control Scheme for mHealth in 5G-Enabled IIoT

Mobile healthcare (mHealth) enables people to collect and share their personal health records (PHRs) and gain rapid medical treatment via mobile 5G-enabled Industrial Internet of Things (IIoT) devices, which also brings the challenge of keeping the PHRs confidentiality and preventing unauthorized access. By the emerging ciphertext-policy attribute-based encryption (CP-ABE), the PHR owner can encrypt his/her PHR data under self-defined access policies. However, existing CP-ABE schemes are suffering from either heavy computation cost and storage overhead or traitor tracing and direct revocation. In this article, we propose an efficient, traceable, and revocable access control scheme named TRAC for mHealth in 5G-enabled IIoT. In TRAC, the ciphertext is composed of the attribute-relevant ciphertext encrypted under an and -gate access structure and the identity-relevant ciphertext associated with some potential receivers. The malicious user who leaks his/her privilege to unauthorized entities will be precisely tracked and added in the revocation list, by which the cloud server can update the identity-relevant ciphertext by itself. The length of final ciphertext and the time of bilinear pairing operations used in decryption are constant. The security analysis and performance evaluation indicate the security, efficiency, and practicality of TRAC.