Abstract
An Electronic Health Record (EHR) is a standard collection of health data from the general population and patients that is electronically stored in a digital format. User authentication and data security are the key issues in distributing EHRs. For researchers, handling larger-scale data along with preserving the patient’s privacy has been an issue for a long duration. In data collection, storage, and distribution, the prevailing EHR suffers from data manipulation, delayed communication, and trust-less cooperation. Therefore, by utilizing Hospital id - Patient id Username – Public Private key Caesar Cipher Digit Folding BCrypt (HPU-PPCC-DF-BCrypt) and Correlation Coefficient based Elliptic Curve Cryptography (CCECC), an efficient Cipher Hash based user authentication, Hashed Access Policy verification along with Data Security was proposed. For engendering secure validates for authentication, HPU- PPCC is wielded. For changing the cipher text to hash code, DF-BCrypt is employed. By employing the hash codes generated by the Secure Hash Algorithm (SHA 512), the hash tree access structure is built for performing efficient authorization. The data is encrypted and decrypted by utilizing the CCECC for enhancing data security. The proposed method is compared to the current methodologies. As per experimental evaluation, the proposed method effectively secures EHR data.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Pai, M.M., Ganiga, R., Pai, R.M., Sinha, R.K.: Standard electronic health record (EHR) framework for Indian healthcare system. Health Serv. Outcomes Res. Method. 21(3), 339–362 (2021)
Zhang, J., Liu, H., Ni, L.: A secure energy-saving communication and encrypted storage model based on RC4 for EHR. IEEE Access 8, 38995–39012 (2020)
Alruwaili, F.F.: Artificial intelligence and multi agent based distributed ledger system for better privacy and security of electronic healthcare records. PeerJ Comput. Sci. 6, 1–14 (2020)
Sivan, R., Zukarnain, Z.A.: Security and privacy in cloud-based e-health system. Symmetry 13(5), 1–14 (2021)
Prathap, R., Mohanasundaram, R., Ashok Kumar, P.: Design of EHR in cloud with security. In: Satapathy, S., Bhateja, V., Das, S. (eds.) Smart Intelligent Computing and Applications. Smart Innovation, Systems and Technologies, vol. 2, pp. 419–425. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-1927-3_45
Chenthara, S., Ahmed, K., Wang, H., Whittaker, F.: Security and privacy-preserving challenges of e-health solutions in cloud computing. IEEE Access 7, 74361–74382 (2019)
Aljuaid, H., Parah, S.A.: Secure patient data transfer using information embedding and hyperchaos. Sensors 21(1), 1–20 (2021)
Bani Issa, W., et al.: Privacy, confidentiality, security and patient safety concerns about electronic health records. Int. Nurs. Rev. 67(2), 218–230 (2020)
Thakkar, V., Shah, V.: Investigation of techniques used for mitigating security and privacy issues in cloud based electronic health record (EHR) systems 8(2), 466–478 (2021)
Premarathne, U., et al.: Hybrid cryptographic access control for cloud-based EHR systems. IEEE Cloud Comput. 3(4), 58–64 (2016)
Ganiga, R., Pai, R.M., Sinha, R.K.: Security framework for cloud based electronic health record (EHR) system. Int. J. Electr. Comput. Eng. 10(1), 455–466 (2020)
Joshi, M., Joshi, K.P., Finin, T.: Delegated authorization framework for EHR services using attribute-based encryption. IEEE Trans. Serv. Comput. 14(6), 1612–1623 (2019)
Al-Sharhan, S., Omran, E., Lari, K.: An integrated holistic model for an eHealth system: a national implementation approach and a new cloud-based security model. Int. J. Inf. Manage. 47, 121–130 (2019)
Mhatre, S., Nimkar, A.V.: Secure cloud-based federation for EHR using multi-authority ABE. In: Panigrahi, C., Pujari, A., Misra, S., Pati, B., Li, K.C. (eds.) Progress in Advanced Computing and Intelligent Engineering. Advances in Intelligent Systems and Computing, vol. 714, pp. 3–15. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-0224-4_1
Saleem, W.Y.B., Ali, H., AlSalloom, N.: A framework for securing EHR management in the era of internet of things. In: 2020 3rd International Conference on Computer Applications & Information Security (ICCAIS), pp. 1–5. IEEE, Riyadh (2020)
Masud, M., Gaba, G.S., Choudhary, K., Alroobaea, R., Hossain, M.S.: A robust and lightweight secure access scheme for cloud based E-healthcare services. Peer-to-peer Networking Appl. 14(5), 3043–3057 (2021)
Tran, N.H., Nguyen-Ngoc, T.A., Le-Khac, N.A., Kechadi, M.: A security-aware access model for data-driven EHR system. arXiv preprint: arXiv:1908.10229 (2019)
Misra, M.K., Chaturvedi, A., Tripathi, S.P., Shukla, V.: A unique key sharing protocol among three users using non-commutative group for electronic health record system. J. Discr. Math. Sci. Crypt. 22(8), 1435–1451 (2019)
Chinnasamy, P., Deepalakshmi, P.: HCAC-EHR: hybrid cryptographic access control for secure EHR retrieval in healthcare cloud. J. Ambient. Intell. Humaniz. Comput. 3(4), 1–19 (2022)
Riad, K., Hamza, R., Yan, H.: Sensitive and energetic IoT access control for managing cloud electronic health records. IEEE Access 7, 86384–86393 (2019)
Babrahem, A.S., Monowar, M.M.: Preserving confidentiality and privacy of the patient’s EHR using the OrBAC and AES in cloud environment. Int. J. Comput. Appl. 43(1), 50–61 (2021)
Parah, S.A., et al.: Efficient security and authentication for edge-based internet of medical things. IEEE Internet Things J. 8(21), 15652–15662 (2020)
Khan, F., Reyad, O.: Application of intelligent multi agent based systems for e-healthcare security. Inf. Sci. Lett. Int. J. 8(2), 67–72 (2019)
Gautam, P., Ansari, M.D., Sharma, S.K.: Enhanced security for electronic health care information using obfuscation and RSA algorithm in cloud computing. Int. J. Inf. Secur. Priv. (IJISP) 13(1), 59–69 (2019)
Vijayakumar, V., Priyan, M.K., Ushadevi, G., Varatharajan, R., Manogaran, G., Tarare, P.V.: E-health cloud security using timing enabled proxy re-encryption. Mob. Netw. Appl. 24(3), 1034–1045 (2019)
Cha, B., Seo, J., Kim, J.: Design of attribute-based access control in cloud computing environment. In: Kim, K., Ahn, S. (eds.) Proceedings of the International Conference on IT Convergence and Security 2011. Lecture Notes in Electrical Engineering, vol. 120, pp. 41–50. Springer, Dordrecht (2011). https://doi.org/10.1007/978-94-007-2911-7_4
Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: Proceedings of the 14th ACM conference on Computer and Communications Security, New York, United States, pp. 185–194 (2007)
Limbasiya, T., Sahay, S.K., Sridharan, B.: Privacy- preserving mutual authentication and key agreement scheme for multi-server healthcare system. Inf. Syst. Front. 23(4), 835–848 (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Prathima, S., Durga, R. (2024). An Efficient CH Based Authentication and Authorization for Secure EHR Using DF-BCrypt and Hashed Access Structure. In: Rajagopal, S., Popat, K., Meva, D., Bajeja, S. (eds) Advancements in Smart Computing and Information Security. ASCIS 2023. Communications in Computer and Information Science, vol 2039. Springer, Cham. https://doi.org/10.1007/978-3-031-59100-6_16
Download citation
DOI: https://doi.org/10.1007/978-3-031-59100-6_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-59099-3
Online ISBN: 978-3-031-59100-6
eBook Packages: Computer ScienceComputer Science (R0)