TY  - EJOU
AU  - Manivannan, Dakshnamoorthy 

TI  - Attribute-Based Encryption for Secure Access Control in Personal Health Records
T2  - Computer Systems Science and Engineering

PY  - 2025
VL  - 49
IS  - 1
SN  - 

AB  - Attribute-based Encryption (ABE) enhances the confidentiality of Electronic Health Records (EHR) (also known as Personal Health Records (PHR)) by binding access rights not to individual identities, but to user attribute sets such as roles, specialties, or certifications. This data-centric cryptographic paradigm enables highly fine-grained, policy-driven access control, minimizing the need for identity management and supporting scalable multi-user scenarios. This paper presents a comprehensive and critical survey of ABE schemes developed specifically for EHR/PHR systems over the past decade. It explores the evolution of these schemes, analyzing their design principles, strengths, limitations, and the level of granularity they offer in access control. The review also evaluates the security guarantees, efficiency, and practical applicability of these schemes in real-world healthcare environments. Furthermore, the paper outlines the current state of ABE as a mechanism for safeguarding EHR data and managing user access, while also identifying the key challenges that remain. Open issues such as scalability, revocation mechanisms, policy updates, and interoperability are discussed in detail, providing valuable insights for researchers and practitioners aiming to advance the secure management of health information systems.
KW  - Attribute-based encryption; attribute-based access control; data security; cloud security; privacy-preserving healthcare; IoMT security; blockchain-based access control

DO  - 10.32604/csse.2025.072267