The electronic medical record (EMR) sharing systems promote medical services' efficiency, save human resources, and reduce energy consumption. A number of patients are ready to store their medical records in cloud. Nevertheless, owing to the medical record's privacy sensitivity, security problems are of critical importance in EMR sharing systems. This work presents a lightweight and fine-grained access control with data security for EMR sharing by combining fog and cloud using symmetric encryption algorithm and attribute-based encryption algorithm. Data owners encrypt the medical records with symmetric encryption and store them in cloud. The symmetric key is protected by ciphertext-policy attribute-based encryption and stored in fog. The keyword extracted from medical record is encrypted by data owner with key-policy attribute-based keyword search encryption and sent to fog. The requesters who satisfy with the keyword ciphertext's access policy can search for the keyword. They are capable of accessing the symmetric key if their attributes satisfy with the symmetric key ciphertext's access policy. The key management method and access control scheme guarantee the medical record's security and privacy. Security analysis demonstrates that our work is able to achieve privacy protection, secure search, fine-grained access control, and collusion resistance.

中文翻译：

---

基于云雾的电子病历共享系统的轻量级细粒度访问控制

电子病历（EMR）共享系统提高了医疗服务的效率，节省了人力资源，降低了能源消耗。许多患者已准备好将他们的医疗记录存储在云中。然而，由于医疗记录的隐私敏感性，安全问题在 EMR 共享系统中至关重要。这项工作通过使用对称加密算法和基于属性的加密算法将雾和云相结合，为 EMR 共享提供了一种轻量级、细粒度的访问控制，并具有数据安全性。数据所有者使用对称加密对医疗记录进行加密并将其存储在云中。对称密钥受基于密文策略属性的加密保护并存储在雾中。从病历中提取的关键字由数据所有者使用基于密钥策略属性的关键字搜索加密进行加密，然后发送到雾中。满足关键字密文访问策略的请求者可以搜索该关键字。如果它们的属性满足对称密钥密文的访问策略，它们就能够访问对称密钥。密钥管理方法和访问控制方案保证了病历的安全和隐私。安全分析表明，我们的工作能够实现隐私保护、安全搜索、细粒度访问控制和抗合谋。如果它们的属性满足对称密钥密文的访问策略，它们就能够访问对称密钥。密钥管理方法和访问控制方案保证了病历的安全和隐私。安全分析表明，我们的工作能够实现隐私保护、安全搜索、细粒度访问控制和抗合谋。如果它们的属性满足对称密钥密文的访问策略，它们就能够访问对称密钥。密钥管理方法和访问控制方案保证了病历的安全和隐私。安全分析表明，我们的工作能够实现隐私保护、安全搜索、细粒度访问控制和抗合谋。