Towards Virtuous Cloud Data Storage Using Access Policy Hiding in Ciphertext Policy Attribute-Based Encryption

: Managing and controlling access to the tremendous data in Cloud storage is very challenging. Due to various entities engaged in the Cloud environment, there is a high possibility of data tampering. Cloud encryption is being employed to control data access while securing Cloud data. The encrypted data are sent to Cloud storage with an access policy deﬁned by the data owner. Only authorized users can decrypt the encrypted data. However, the access policy of the encrypted data is in readable form, which results in privacy leakage. To address this issue, we proposed a reinforcement hiding in access policy over Cloud storage by enhancing the Ciphertext Policy Attribute-based Encryption (CP-ABE) algorithm. Besides the encryption process, the reinforced CP-ABE used logical connective operations to hide the attribute value of data in the access policy. These attributes were converted into scrambled data along with a ciphertext form that provides a better unreadability feature. It means that a two-level concealed tactic is employed to secure data from any unauthorized access during a data transaction. Experimental results revealed that our reinforced CP-ABE had a low computational overhead and consumed low storage costs. Furthermore, a case study on security analysis shows that our approach is secure against a passive attack such as trafﬁc analysis.


Introduction
Cloud computing has become a priority and integral to modernizing the information technology (IT) environment. It spawned a whole new dimension of IT, which utilized a wide range of resources that contributed to many domains, such as business, military, health, and medical. In the healthcare and medical domain, Cloud computing has been adopted to facilitate day-to-day operations. This is because the Cloud provides 'on-thefly' services, that is, storage, computation, and data sharing, which allow healthcare and medical practitioners to run their business according to their required operations. For example, electronic health records (EHRs) have been widely employed in the healthcare industry to improve the accessibility and sharing of medical data among medical practitioners. Patients' information, laboratory results, medication lists, diagnostic tests, physical examinations, and historical observations are all kept in the EHR, which is stored in Cloud storage. Furthermore, resource management and system administration (infrastructure) can be effectively monitored through Cloud computing, making healthcare services easy to maintain [1]. Besides, Cloud Service Providers (CSPs) facilitated Cloud users by granting resource sharing regardless of geographical boundaries using the pay-per-use model [2][3][4], which can reduce organizations' management and maintenance costs. Moreover, Cloud adoption in organizations is expected to lift performance with the high-speed deployment of services and to improve clients' satisfaction.
Organizations are willing to adapt their business operations to the Cloud environment due to ultimately easier access to Cloud services and numerous benefits. One of the areas Therefore, inspired by the literature [23], we present a Policy Hiding using Logical Connective in CP-ABE (PHLC) scheme for Cloud storage, which adopts XOR operation to modify access policy information. This proposed work can overcome the encryption challenges outlined by [24] since it was designed to provide data confidentiality using a symmetric encryption scheme and offered fine-grained access control with data sharing provision. Besides, this scheme preserved users' privacy through an access policy hiding scheme. In addition, PHLC achieved efficient data storage utilization by using a preprocessing process to eliminate redundant data in raw shared data. This operation helps the scheme to reduce ciphertext size and decrease the computational overhead for the encryption process. Security analysis shows that the proposed scheme preserved Cloud users' privacy and guaranteed secure data sharing in cloud storage. Furthermore, we conducted an extensive simulation to demonstrate that PHLC CP-ABE was secure against passive attacks.
The rest of the paper is arranged as follows. Section 2 discusses related work and Section 3 provides some preliminaries of CP-ABE, whereas Section 4 presents the proposed scheme's implementation. Section 5 discusses security analysis and Section 6 provides results and discussion. Finally, Section 7 concludes this study.

Related Work
Numerous works of research such as revocable CP-ABE [25], lightweight CP-ABE [26], multi-authority CP-ABE [4,27], and large universe CP-ABE [28] have been developed in response to upgrading the competency of the Ciphertext Policy Attribute-based Encryption (CP-ABE) scheme. However, most of the schemes exposed the access policy in plaintext, which incurred privacy leakage. As a result, there are other works that focus on encrypting the data while hiding the access policy during data sharing. Nishide et al. [29] proposed the hiding access policy by splitting attributes into attribute names and multiple attribute values, where they then hid the attribute values. Meanwhile, Zhou et al. [30] proposed the partially hidden access algorithm, whereby the hidden access policies are implemented with wildcards regardless of the number of attributes. Although the data construction effectively secures the shared information, it fails to offer total data security. It is due to the wildcard attributes not yet being in readable form and might cause privacy leakage. The authors of [23] supported fast decryption while hiding the access policy by sending the access matrix and the defined function along with ciphertext to the Cloud environment. However, it is unable to preserve privacy in the access policy. In [31], the authors eliminated all redundant attributes in the access policy, and their approach significantly reduced computation overhead. With the same intention, the author of [32] proposed the 'testdecrypt-verify' approach to reduce the computation cost in their CP-ABE scheme. In their scheme, the testing phase is added before the encryption phase, and the new component, Outsourcing Cloud Server, is adopted as an outsource agent to reduce the decryption calculation. However, the proposed scheme only employed a partially hidden access policy. The authors of [33] also provided a partially hidden access policy by removing the attribute name from the access structure of the ciphertext. However, the probability of data exploitation by dishonest entities or unauthorized users is still high because only a part of the access policy is hidden.
Other researchers expressed access policies using Linear Secret Sharing Schemes (LSSS) in the CP-ABE scheme for better data access control. In Lai et al. [11], they proposed partial hiding access structures with LSSS that are able to accommodate any access structure. They proved that their scheme was suitable for outsourcing data with attribute values of the data that had been hidden. Other studies, such as [34][35][36] also constructed the LSSS-based access policy schemes with CP-ABE, which hid attribute values to secure the information. Besides the partially hidden access policy, Xiong's scheme [34] supported attribute revocation and verifiable outsourced decryption. However, the attribute values carry more intricate information in comparison to generic attribute names, which leads to high computing overhead during the decryption process. Meanwhile, the authors in [35] proposed the control access scheme to provide privacy protection via partial concealment of access policy. They have utilized CP-ABE in the intelligent healthcare system known as the privacy-aware-health access control system (PASH). PASH hides the attribute value of the access policy in the encrypted Smart Health Record and only specifies the attribute name, which destroys the system-user privacy. Therefore, the existing CP-ABE scheme needs improvement to prevent information leakage from access policies and ensure data sharing on the Cloud is secured. Although various approaches have been proposed in the existing literature on the policy hiding scheme, the study on privacy-preserving with a fully hidden access policy is still inadequate. It could not solve the privacy leakage issues completely. Thus, the privacy-preserving of data users cannot be guaranteed.

Design of CP-ABE
This section discussed the preliminary work involved in designing the CP-ABE. In addition, it also covers the overview of CP-ABE, PHLC scheme's system model, security goals, and security model.

Preliminaries Works
This section presents the bilinear map, Linear Secret Sharing Scheme (LSSS), XORbased Logical Connective, and notation definition.

Definition of Notations
This section gives notation explanations used in this research, as shown in Table 1. In our CP-ABE scheme, bilinear pairing is used to create a public key. The Attribute Authority generates this public key based on a composite order bilinear group with a distinct prime order N, which we adopted from [23]. The algorithm takes an input 1 λ where λ is a security parameter and produces a tuple (G, G T , e, p1, p2, p3, p4) where p1, p2, p3, p4 are distinct primes. The order of cyclic group G and G T is N= p1p2p3p4, and map e: G × G → G T , with properties: i.
Bilinearity: for all g, y ∈ G and d, w ∈ Z N , where e(g d , y w ) = e(g, y) dw ii. Non-degenerate: there exists g ∈ G such that e(g,g) has order N in G iii. Computable: e can be computed efficiently.

Linear Secret Sharing Schemes (LSSS)
The LSSS is used to express access policy in access structure (A, ρ), where A is a policy matrix and ρ is a mapping of each row A i of the matrix A to an attribute [37]. In this scheme, the presence of an attribute universe was denoted as AU, which has n categories of attributes.

Definition 1 (LSSS).
Let AU = (Att 1 , Att 2 , Att 3 , . . . , Att n ). Each attribute Att n contains two-part which are attribute name and attribute values. Possible values of the attribute value, Zp refers to a share-generating matrix, while each row in A is a map to an attribute name index, and that mapping was denoted as ρ. LSSS consisting of the two following algorithms: i.
Secret share: The secret shared, s Zp and the value λ x is computed for each row A x of A, where V = (s, y 2 , y 3 , . . . , y n )− ∈ R Z n p and y 2 , y 3 , . . . , y n are chosen randomly from Zp. Hence, the secret share value is given λ ii. Secret Construction: This algorithm takes in the secret share {λ x } and set P which contains the authorized attribute name index. Then it sets I = {x|ρ(x) ∈ P} ⊆ {1, 2, . . . , l} and computes the constant {ω x } x∈I such that ∑ x∈I ω x A x = (1, 0, 0, . . . , 0). Then the secret s is reconstructed by s = ∑ x∈I ω x λ x .
Similar to [23], we construct the LSSS matrices over Z N . In our proposed scheme, we denoted the user's attribute as S = (B s , J s ), where B s , ⊆ Z N is the attribute name index, and

XOR-Based Logical Connective Policy Hiding
The proposed policy hiding algorithm uses an XOR-based logical connective to hide the access policy in the CP-ABE scheme. We utilized XOR to modify the entire access policy to form a reliable proposition. According to Rosen [38], logical connective is defined by the truth table, which declares that a fact could be either true or false, but not both. Rosen described proposition logic as: 'Let p and q be propositions. The exclusive-or of p and q, denoted by p XOR q, is the proposition that is true when exactly one of p and q is true and is false otherwise. According to [39], XOR is a lightweight operation that does not incur much computational overhead. Therefore, it is very appropriate to be adopted in this scheme as a second layer of protection.

Overview of Ciphertext Policy Attribute-Based Encryption
In this work, we enhanced the functionality of the CP-ABE scheme to embrace the fully hidden access policy. Therefore, four significant modules of CP-ABE were involved in constructing our hiding reinforcement approach.
System Setup (1 λ ): It takes security parameter, 1 λ as an input, and produces a public parameter key PK, also a master key MSK as the outputs. They are used as input for the key generation algorithm.
Key Generation (PK, MSK, S): Attribute Authority is the main component in CP-ABE that we utilized to execute the key generation algorithm. The Attribute Authority used inputs from the system setup (i.e., public parameters PK, master key MSK, and users' attributes S) for generating a secret key SK. Later, the secret key is employed by the data user to decipher the encrypted data.
Encryption (PK, M, A): In this module, it captures the public parameters PK, a message M and an access structure (A, ρ, T ) as the inputs. The encryption algorithm then produced the ciphertext CT. The data owner sends out the ciphertext along with the hashed value in the Cloud environment.
Decryption (PK, CT, SK): The decryption module took the public parameters PK, a secret key SK associated with the attributes set (A, ρ), and a ciphertext CT as the input. All these three inputs are used to decrypt the ciphertext CT and produce message M. The data owner defined the access policy and performed a policy hiding process. While in the pre-processing process, the redundant data in the raw message is eliminated before it is encrypted in the encryption process. Next, the data owner uploads the ciphertext with the hidden value of the access policy to the Cloud storage. Hence, the DU (or recipients) who satisfy the access policy will be able to decrypt the data. In this work, Cloud Service Providers (CSPs) are assumed to be solitary entities that do not interest their users/clients. It means acting as a platform where various data and users can reach, passing the messages, and storing the files. The access policy is handled on the user's side (DO). The Attribute Authority (AA) is an accountable entity that works as a key generation center. The users' attributes will be authenticated by AA before granting access privileges to the authorized users to interact with the system. The AA might receive authentication privileges from the DO or any other Cloud security mechanism agreements.

Security Goals
Our reinforcement hiding in access policy means to conceal the attributes' details. Hence, it ought to consider the security features as follows: Confidentiality: It is achieved when unauthorized users are unable to access the encrypted data, and only users who satisfy the access policy can perform the encryption and decryption module. Data confidentiality is also achieved when other entities, including the CSPs, cannot read/access any information from the encrypted data.
Data privacy: The access policy in our scheme complied with the encrypted data features where it had been hidden even though it was already in the ciphertext. It is performed in a two-level data concealment strategy that fully hides the attributes and data compression. When it reaches its destination, the decryption is performed with the respective key to disclose the data in a readable form. Therefore, it prevented the user's privacy from being exposed. Fine-grained access control: Users of the Cloud do not have the equal privilege of retrieving data. The privilege depends on the extent to which the user is involved or responsible. In our design, users are assigned to dissimilar access privileges defined based on the access policy imposed by the Attribute Authority (AA). All the attributes should be matched with the user access policy structure to retrieve the required information.

Security Model
This section discusses the security model for the proposed PHLC scheme. This scheme was constructed based on Zhang's scheme [23] by re-simulating their works. Hence, this scheme's security model is based on a security game between adversary A and challenger B as presented in [23]. The following is a full description of the game: Setup. To obtain the public parameters PK and the master key MSK, Challenger B runs the setup algorithm. The Challenger B holds the master key MSK and sends adversary A the public parameters PK. Phase 1: Adversary A adaptively issues a secret key query to the key generation module. For each query on an attribute set S i , challenger B returns a Secret Key SK si to Adversary A.
Challenge. Adversary A generates two messages M * 0 , M * 1 , (|M * 0 | = |M * 1 |) and an access structure ((A * , ρ * ), T * 0 ), ((A * , ρ * ), T * 1 ) in Phase 1 with the restriction that none of them can fulfill any of the queried attributes set S i . In response, challenger B selects a bit b ← {0,1}, choose Q 0 , Q x ∈ Gp4 at random. The challenge ciphertext CT * of the message M * b was then computed under the access structure ((A * , ρ * ), T * ), and the challenge ciphertext CT * was sent to Adversary A.
Phase 2: Repeat Phase 1. The adversary A request a private key, however none of the attribute S i met the access structure.
Guess: If b = b , the adversary A produces a guess bit b ∈ {0, 1} and wins the game. In this game, the adversary A's advantage is defined as Pr where the probability is divided by the number of random bits used by the adversary A and the challenger B.

Implementation of Policy Hiding in CP-ABE Using Logical Connective
Note that the attribute values of the access policy contain sensitive users' data. For example, the medical and healthcare Cloud system's attribute value could include information on patients' ailments and family history of hereditary diseases. Hence, such information needs to be concealed to protect the users' privacy. Applying the attribute hiding in access policy preserves the attribute values for gaining Cloud data privacy.
In our encryption solution, the access policy is constructed in CP-ABE using the policy hiding logical connective (PHLC) strategy. Specifically, as mentioned earlier, we integrate policy hiding schemes into CP-ABE components, that is, Setup, Key Generation, Encryption, and Decryption. We improved the Data Owner (DO) roles in the CP-ABE by appointing the encryption process with a hiding policy. Figure 3 describes in detail our enforcement of hiding by enhancing CP-ABE.

SETUP (1 λ ) → PK, MSK
The Attribute Authority (AA) ran the setup algorithm by taking 1 λ as a security parameter in the setup module. The setup algorithm produced a tuple N = (p1p2p3p4; G; G T ; e) which contained four prime numbers, p1, p2, p3, p4. Meanwhile, four distinct ordered subgroups given as Gp1, Gp2, Gp3, Gp4 are structured based on the prime numbers. Let G and G T ; be a cyclic group with order N. Therefore, the attribute authority uniformly chooses a, α, α1,β ∈ R Z N and g,g1 ∈ Gp. H, H 1 were set as public hash functions, with H mapped the attribute value, AV x to an element in Z N , and H 1 was a pseudo-random function that mapped elements in G and M to elements in M. e is a bilinear map, and it will be computed value Y, Public Parameters PK, and Master Key MSK as: Y = e(g, g 1 ) αα1 , PK = N, g, g a , g α1 , g β , Y , MSK = {a, α, α 1 , β, g 1 }

KEYGEN (PK, MSK, S) → SK
Attribute Authority (AA) checked the users to ensure that only legitimate users could access the file system. The AA aborted any illegal access towards the file system by generating the secret key. Specifically, it takes input public parameters PK, master key MSK, users' attributes S = (B s , J s ) to generate the secret key, SK. Given B s represents the attribute name index set and J s is the attribute value set for the user. The AA ran the KeyGen module as follows: AA chose t ∈ RZ N and R, R 1 , R i ∈ R Gp3 for i ∈ B s . It computed K 1 , K 2 , K i as Then, the secret keys associated with attribute set S = (B s , J s ) were calculated as

PRE-PROCESSES (rM) → (M)
This new module is constructed to eliminate redundant data in a raw file before it has been encrypted in the encryption module. Each data in the input message is assigned an index number. For each re-appearance word, the index number is combined with the existing word, and the new message without redundant data is saved as message M. Algorithm 1 represents the pre-processing process named FWA pre-processing.

ENCRYPT (PK, M, A) → CT
In this module, we input public parameter PK, Message M and access structure A = ((A, ρ)T )) and produced the ciphertext, CT. In access structure A, A is an access matrix l × n and ρ mapped each row A x to an index of the attribute name. Mean- is a set of attribute-value related to the access policy (A, ρ). The encryption algorithm selected a random vector V = (s, y 2 , y 3 , . . . , y n where s, y 2 , y 3 , . . . , y n was randomly selected from Z N and s is a shared value. For x = 1 to l, it computed λ x = A x × V, where A x corresponded to the x th row of A and calculated X = E Enc (k, M ), F = H 1 (k M ). Additionally, it also randomly took Q 0 , {Q x } 1≤x≤1∈R G p4 . Finally, it calculated the entire ciphertext components C 0 , C 1 {C x } 1≤x≤1 as follows: Previously, the access policy ( (A, ρ), T ) is appended to the ciphertext CT then outsourced to the cloud storage. However, this access policy is in a readable format, possibly exposing several sensitive information about the users. The researchers in [25] had emphasized that the attribute mapping function ρ will be caused attribute leakage. Hence, we improved the scheme to prevent the user's privacy leakage by eliminating the attribute mapping function. In this scheme, we replaced attribute value in access structure A = ((A, ρ)T )) with attribute location in the form of (x, y). Nonetheless, this strategy is insufficient to preserve Cloud data privacy. Therefore, XOR-based logical connective is used in policy hiding strategy to enhance the privacy of access policy.
Our policy hiding logical connective (PHLC) strategy is used to convert the location attribute value (T ) in the access policy to ciphertext. We specifically extracted the exact location of attribute value from the access policy ( (A, ρ), T ). Once the location is obtained, it has then been converted into a ciphertext based on the XOR operation. Figure 4 portrays the example of the access matrix Att (x,y) where the −x and −y values are represented as the location of the attribute value, which comprises of attribute name, attribute value, and the act of mapping ρ to the index of the attribute name. We removed the mapping ρ and used the attribute location (Att x,y ). The post-encryption module is then executed where it is where our main contribution of CP-ABE extension takes place. It is deliberated as below:

Policy Hiding ((A, ρ), T ) → HV
In this process, we derived the hidden value HV, which is the location of the attribute value that has been encrypted. The policy hiding algorithm adopts an access policy ( (A, ρ), T ) as an input. It first extracted the attribute values' set associated with access policy (T ) and then got the exact location (x, y) of each attribute value. Each location is converted to ciphertext via operation ⊕ and . Finally, our CP-ABE solution produced the output of ciphertext and hidden value in (CT, HV) and outsourced it to Cloud servers. Algorithm 2 depicts the entire Policy Hiding Algorithm.

Algorithm 2 Policy Hiding Algorithm
Input: Access policy ((A, ρ), T ) Output: Hidden Access Policy (HV) Begin Convert Binary to Hexadecimal for each β x , store as = HV x End the process

Decryption
Data users (recipients) accessed the encrypted data from the Cloud and downloaded it according to their preferences. Nonetheless, the decryption process is secured via access controls in which only legitimate data users are allowed to decrypt the ciphertext. Hence, when the user attribute S = (B s , J s ) satisfied with the access policy; the users are eligible to perform the decryption process. In prior, the data user (DU) needs to extract the hidden policy after receiving CT = (C 0 , C 1 {C x } 1≤x≤1 , HV) from the Cloud storage based on the following decryption algorithm.

Ext Hidden Policy (CT, HV) → (T )
In the decryption process, the hidden value, HV is used as an input that is retrieved from the cloud storage. Based on HV, it converted the value of HV into a binary set, then formed the operation of ⊕ and obtained the attribute's original location. It describes further in Algorithm 3.

Algorithm 3 Extracting Hidden Access Policy
Input: Hidden Access Policy (HV) Output: Access policy ( (A, ρ), T ) Begin foreach HV x of access policy ∀ x = index of HV. Convert hexadecimal HV x to binary; store as (X x, Y x ) Convert Ω x into Unicode Text End the process Upon successful concealment of the hidden access policy, the data users run the following decryption algorithm below: 4.8. Decrypt (PK, SK, CT, S) → M Similar to [23], after accepting CT, the decrypt algorithm checks whether the hash value of H(J s ) = H t ρ(x) . If the value is equal, then the system authorized the DU to decrypt the CT as below: Given that if the key k of the symmetric encryption scheme had been successfully computed, then the decryption algorithm determined the values F = H 1 (k M ). Only if the equation F = F holds, the message M will be produced. Otherwise, the process will be terminated. The plaintext is recovered via the calculation M = E Dec (k, x). Specifically, the reinforcement hiding in access policy is employed to maintain the Cloud data privacy by concealing the values of attributes. The policy hiding (Algorithm 2) is concealed in the encryption module, and it runs after the encryption algorithm. Algorithm 3 then extracted the policy hiding algorithm before the decryption algorithm.

Security Analysis
In this section, we have extended our investigation to security analysis. We focused on policy privacy preservation and designed the security analysis in the following discussion.

Security Proof
This section discusses the security proof of the proposed scheme. Our proposed scheme is constructed by re-simulating the CP-ABE scheme published in [23], which has been proved to be secure by attaining full security in the standard model utilizing the dual system encryption approach under static assumptions. Therefore, we provide a security analysis of the enhanced scheme on hidden access policy presented in Theorem 1. While in theorem 2 we discussed our scheme against traffic analysis. Theorem 1. PHLC preserves the privacy of access policy against the polynomial-time adversary in the security parameter λ.
Proof. In the PHLC scheme, the attribute's location in the access policy is converted into a hidden value using X-OR operation. So, this hidden access policy stored in Cloud together with CT = (C 0 , C 1 {C x } 1≤x≤1 , HV)). DU with attributes set s that satisfied access structure A = ((A, ρ)T )) can decrypt CT. The adversary A who has no knowledge about the scheme used to convert the hidden access policy could not launch the brute force attack to guess the attribute string within polynomial time. Furthermore, they are unable to sniff any sensitive data from the modified access policy established as HVx. DU is only permitted to validate their attributes in the hidden access policy, and it is forbidden to inspect any attributes in the attribute universe unless they collude with others.

Theorem 2. PHLC secures against Traffic Analysis.
Proof. In our scheme, the CT is stored in Cloud storage together with HV. We assume that an adversary A successfully analyses the packet during the transmission to the Cloud and gain access to ciphertext and hidden value (CT = (C 0 , C 1 {C x } 1≤x≤1 , HV)), thus the adversary A could not read the message because it is in the unreadable format (ciphertext). In this case, we assume that the symmetric encryption key based on AES is secured. In addition, the adversary A also could not gather any information from the access policy because the access policy is in the ciphertext. Hence it is intractable to compute the access policy.

Case Scenario Security Analysis Simulation
To prove the compelling of our CP-ABE enhancement solution against traffic analysis, we conducted a case study, as shown in Figure 5. In this experiment, we conducted a passive attack that attempted to learn the system's information without affecting the system's resources. We employed FileZilla Transfer Protocol (FTP) Client and Server Tools for transferring data between the owner and user, as shown in Figure 6. As an adversary in this experiment, the attacker had been designed to perform an unauthorized sniff and read the information through the access policy.  In this experiment, the FileZilla Client had been installed on the DO computer. The file is transferred via FTP upon a successful connection between the DO s computer and the DU. The adversary A exploited the communication between the DO and DU via the Wireshark packet analysis tool by sniffing the inter-communication and capture the data (in packet form).
We experimented with two scenarios. The first scenario involved the DO sending the ciphertext CT with access policy ((A, ρ), T ) in a readable format to the DU, as shown in Figure 7. While Figure 8 discovers the second scenario where the packet of the ciphertext had been applied with the Policy Hiding Algorithm and sent to the DU. The packet shown in Figure 8 are in unreadable format (HV).
Based on these results, the study proved that the adversary A unable to retrieve any information regarding the data because it is in unreadable (ciphertext) format. Additionally, the adversary A could not learn anything because the policy is also generated in scrambled form. This experiment shows that our proposed scheme resists any malicious act to sniff the information during the data transmission.

Result and Discussion
In this section, we addressed the experimental setting, performance evaluation and discussed the result.

Experiment Configuration
We developed our proposed scheme based on the Java Pairing-based Cryptography library (JPBC) in the Eclipse IDE for Java developers in 2019-03. In this experiment, the number of attributes used varies from 2 to 14, based on the author's experimental settings [23]. Our work placed Zhang's [23] research work as the benchmark because Zhang's work is closely related to our policy hiding approach, which focused on preserving Cloud data privacy. In addition, we also compared our scheme with the expressive CP-ABE scheme proposed by [33]. Similar to our scheme, both CP-ABE in [23,33] also employed LSSS to express the access structure and exhibited the same Cloud storage system architecture.

Result
In this section, we compared our scheme's performance regarding the storage cost of ciphertext and encryption time with previous works [23,33]. Figure 9 shows the ciphertext size for our PHLC-based CP-ABE scheme, Zhang's work [23,33]. As illustrated in this figure, our proposed scheme is comparable with the with Zhang's work and [33]. This figure indicates that our data privacy strategy realizes effective ciphertext size even though the PHLC scheme hide both attribute names and attribute values and attached it to the ciphertext. While in Figure 10 illustrates the time taken for the Data Owner (DO) to encrypt the file before outsourcing it to the Cloud storage. Based on the figure, it shows that the encryption time exhibits a linear increase with the number of attributes. Further, the PHLC encryption time is less than in Zhang's work [23], on average 20%. Even though the difference is slight, it greatly impacts the processing overhead and complexity of the encryption process. The data privacy approach by [33] showed the maximum encryption time, which can be improved to gain effective encryption time.  To reveal the effectiveness of our PHLC approach in terms of ciphertext size, we enhanced the experiment by adding a pre-processing module. This module eliminates redundant data in a raw shared file using a new technique called frequent wording appearance pre-processing. Based on Figure 11, the ciphertext size in PHLC after applying the pre-processing module have decreased by approximately 17% on average. Reducing the size of the ciphertext helps reduce the storage space and leads to efficient decryption process performance.

Conclusions
In the ever-increasing era of data breaches, providing the integrity and privacy of Healthcare Cloud storage is a challenging issue in the Cloud environment, especially when the demands and requests for Cloud services are increasing. Cloud computing must deliver a security solution that protects sensitive information and data sharing processes. This solution can prevent the third party from eavesdropping or tampering with the data while it is being transmitted. Therefore, this work enhances the CP-ABE approach by proposing two new modules: the pre-processing and the fully hidden access policy modules. In addition to performing the encryption algorithm, the data attributes in the access policy are further concealed. It makes the unauthorized party unable to learn any details about the access policy and encrypted data. The simulation results demonstrated that our CP-ABE preserved the Cloud data without incurring large sizes of ciphertext, compelling encryption time. As in the case of the passive attack, the security analysis also revealed that the enhanced CP-ABE is secure enough to be executed in the real environment. Therefore, Cloud data privacy has become an essential feature in multi-tenant computing environments where any form of data disruption is unacceptable.  Data Availability Statement: Not Applicable, the study does not report any data.