explaingit

djs0618/rfabe

18PythonAudience · researcherComplexity · 5/5Setup · hard

TLDR

RFABE is a cloud-based medical records system where patient data is encrypted so only users whose job role or department matches the access policy can read it. Access can be revoked instantly when staff leave, without re-encrypting every file.

Mindmap

mindmap
  root((repo))
    What It Does
      Encrypt medical records
      Role-based access
      Instant revocation
    User Roles
      Administrator
      Doctor
      Patient
    Tech Stack
      Vue.js frontend
      Spring Boot backend
      Python crypto layer
      Charm-Crypto
    Crypto Approach
      CP-ABE key policy
      AES bulk encryption
      Binary tree revocation
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Build a medical records portal where patients define access policies and doctors whose attributes match can automatically decrypt their records.

USE CASE 2

Study CP-ABE (Ciphertext-Policy Attribute-Based Encryption) in a real healthcare context as an alternative to traditional permission tables.

USE CASE 3

Test attribute-based revocation by removing a user's department assignment and verifying they can no longer access previously readable records.

USE CASE 4

Use as a reference implementation for cloud storage systems where access must be expressible as policies over user attributes rather than fixed roles.

Tech stack

PythonJavaSpring BootVue.jsCharm-Crypto

Getting it running

Difficulty · hard Time to first run · 1day+

Requires GMP and PBC math libraries before the Python Charm-Crypto layer works, full stack has three separate components to run.

In plain English

RFABE (Revocable Fast Attribute-Based Encryption) is a cloud-based medical records system that controls who can read patient data using a form of cryptography that ties access rights to a person's attributes, such as their role or department, rather than to a traditional username and password. The README is written in Chinese. The core idea is that a patient's medical record is encrypted, and only users whose attributes match the access policy attached to that record can decrypt it. A doctor in the cardiology department, for example, could be granted access to cardiac records without needing someone to manually update a permission table. Patients themselves can set the access policy for their own records, deciding which roles or departments are allowed to view them. A key technical feature is user revocation: when a doctor leaves, their access can be removed immediately by issuing a key update rather than re-encrypting every file. This is handled through a binary tree structure built into the key management system. Under the hood, the encryption combines AES (a standard symmetric cipher for bulk data) with CP-ABE (Ciphertext-Policy Attribute-Based Encryption) for the keys, keeping performance practical. The system has three user roles: administrators who manage departments, schedules, and user accounts, doctors who write and read medical records, and patients who book appointments, view their records, and configure access policies. The frontend is built with Vue.js and the backend with Spring Boot (Java). The cryptographic layer is implemented in Python using the Charm-Crypto library, which requires the GMP and PBC mathematical libraries to be installed first. The README includes full setup instructions, default test accounts, and a link to download a pre-packaged 271 MB release archive.

Copy-paste prompts

Prompt 1
I am running the RFABE system with Charm-Crypto on Python. Walk me through adding a new department attribute that doctors can be assigned to for access control.
Prompt 2
In the RFABE Spring Boot backend, how does the binary tree structure let the system revoke a single doctor's access without re-encrypting patient records?
Prompt 3
Explain how CP-ABE combines with AES in the RFABE architecture to keep encryption practical while supporting flexible attribute-based policies.
Prompt 4
Help me set up the Charm-Crypto Python layer with GMP and PBC libraries on Ubuntu so I can run the RFABE cryptographic component.
Open on GitHub → Explain another repo

← djs0618 on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.