RFABE

RFABE (Revocable Fast Attribute-Based Encryption) is a cloud-based medical records system that controls who can read patient data using a form of cryptography that ties access rights to a person's attributes, such as their role or department, rather than to a traditional username and password. The README is written in Chinese.

The core idea is that a patient's medical record is encrypted, and only users whose attributes match the access policy attached to that record can decrypt it. A doctor in the cardiology department, for example, could be granted access to cardiac records without needing someone to manually update a permission table. Patients themselves can set the access policy for their own records, deciding which roles or departments are allowed to view them.

A key technical feature is user revocation: when a doctor leaves, their access can be removed immediately by issuing a key update rather than re-encrypting every file. This is handled through a binary tree structure built into the key management system. Under the hood, the encryption combines AES (a standard symmetric cipher for bulk data) with CP-ABE (Ciphertext-Policy Attribute-Based Encryption) for the keys, keeping performance practical.

The system has three user roles: administrators who manage departments, schedules, and user accounts; doctors who write and read medical records; and patients who book appointments, view their records, and configure access policies. The frontend is built with Vue.js and the backend with Spring Boot (Java). The cryptographic layer is implemented in Python using the Charm-Crypto library, which requires the GMP and PBC mathematical libraries to be installed first.

The README includes full setup instructions, default test accounts, and a link to download a pre-packaged 271 MB release archive.