Edinburgh Napier University

  This paper proposes a secure medical document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data protection issues. The paper extends the popular Office Open XML (OOXML) document format with eXtensible Access Control Mark-up Language (XACML) data which is defined with a sticky-policy and is carried by the document package to enforce data owner access preferences in untrusted networks. Furthermore, it uses Identity Based Encryption (IBE) and Authenticated IBE, which are two next generation public key cryptographic techniques to guarantee data security. The defined model amends the original IBE construction properties and uses an XACML policy as a public key. With this the authenticated encryption, with associated data concept applied to the model, ensures the protection of sensitive data. Shared data is thus encrypted and signed, while the public key (i.e. sticky-policy) is attached to encrypted data remains in plain text format.