An Authentication and Access Control Model for Healthcare based Cloud Services
Main Article Content
Abstract
Electronic Health Record (EHR) systems are used as an efficient and effective method of exchanging patients’ health information with doctors and other key stakeholders in the health sector to obtain improved patient treatment decisions and diagnoses. As a result, questions regarding the security of sensitive user data are highlighted. To encourage people to move their sensitive health records to cloud networks, a secure authentication and access control mechanism that protects users’ data should be established. Furthermore, authentication and access control schemes are essential in the protection of health data, as numerous responsibilities exist to ensure security and privacy in a network. So, the main goal of our suggested solution is to maintain a secure authentication and access control mechanism for health cloud data. Thus, in this work, Security Secret Key Provider (SSKP) phase is proposed for the E-healthcare-based cloud that consists of two parts. The first is an authentication scheme that is Security Secret Key (SSK) and the second is a modular access control mechanism. We explain the methodology of the proposed approach through appropriate evaluation results, which improves system security and performance by minimizing the time spent to get authentication and access the data. Simulation results indicate that our approach is significantly more effective than existing research.
Article received: 8/11/2022
Article accepted: 29/1/2023
Article published: 1/3/2023
Article Details
How to Cite
Publication Dates
References
Alzahrani, A. G. M., Alenezi, A., Mershed, A., Atlam, H., Mousa, F., and Wills, G. 2020. A framework for data sharing between healthcare providers using blockchain. In Proceedings of the 5th International Conference on Internet of Things, Big Data and Security (IoTBDS 2020), pp. 349-358. doi:10.5220/0009413403490358
Bakker, R., Barber, B., Tervo-Pellikka, R., and Treacher, A., 1995, Communicating health information in an insecure world. In Proceedings of the Helsinki Working Conference, 43 (1),p. 2.
Boyinbode, O., and Toriola, G., 2015. CloudeMR: a cloud based electronic medical record system. International Journal of Hybrid Information Technology, 8(4), pp. 201-212. doi:10.14257/ijhit.2015.8.4.23
Chenthara, S., Ahmed, K., Wang, H., and Whittaker, F., 2019. Security and privacy-preserving challenges of e-health solutions in cloud computing. IEEE access,7, pp. 74361-74382. doi: 10.1109/ACCESS.2019.2919982
Hossain, M. S., and Muhammad, G. 2014. Cloud-based collaborative media service framework for healthcare. International Journal of Distributed Sensor Networks, 10 (3), p. 858712. doi:10.1155/2014/858712
Huang, Q., Yue, W., He, Y., and Yang, Y. 2018. Secure identity-based data sharing and profile matching for mobile healthcare social networks in cloud computing. I EEE Access, 6, pp. 36584-36594. doi: 10.1109/ACCESS.2018.2852784
Kumar, P., and Gaba, G. S. 2020. Biometric‐based robust access control model for industrial internet of things applications. IoT Security: Advances in Authentication, pp. 133-142. doi:10.1002/9781119527978
Li, M., Yu, S., Ren, K., and Lou, W., 2010. Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In Security and Privacy in Communication Networks: 6th International ICST Conference, SecureComm 2010, Singapore, September 7-9, 2010. Proceedings 6, pp. 89-106. doi:10.1007/978-3-642-16161-2_6
Luna, J., Dikaiakos, M., Marazakis, M., and Kyprianou, T. 2010. Data-centric privacy protocol for intensive care grids. IEEE Transactions on Information Technology in Biomedicine, 14(6), pp. 1327-1337. doi: 10.1109/TITB.2010.2073478
Mercy, S.S., and Srikanth, G.U., 2014. An efficient data security system for group data sharing in cloud system environment. International Conference on Information Communication and Embedded Systems (ICICES2014), IEEE, pp. 1-4. doi: 10.1109/ICICES.2014.7033956
Patel, A., and Kantzavelou 1995. Implementing network security guidelines in health care information systems. Medinfo. MEDINFO, 8, pp. 671-674.
Sharon, R.S., and Manoj, R.J., 2017. E-health care data sharing into the cloud based on deduplication and file hierarchical encryption. International Conference on Information Communication and Embedded Systems (ICICES), IEEE, pp. 1-6. doi:10.1109/ICICES.2017.8070739
Singh, A., and Chatterjee, K. 2017. A mutual trust based access control framework for securing electronic healthcare system. 14th IEEE India Council International Conference (INDICON). IEEE, pp. 1-6. doi: 10.1109/INDICON.2017.8487658
Van Gorp, P., and Comuzzi, M. 2013. Lifelong personal health data and application software via virtual machines in the cloud. IEEE Journal of biomedical and health informatics, 18(1), pp. 36-45. doi: 10.1109/JBHI.2013.2257821
Xia, Q.I., Sifah, E.B., Asamoah, K.O., Gao, J., Du, X., and Guizani, M., 2017. MeDShare: Trust-less medical data sharing among cloud service providers via blockchain. IEEE access, 5, pp. 14757-14767. doi: 10.1109/ACCESS.2017.2730843
Xiao, Z., and Xiao, Y., 2012. Security and privacy in cloud computing. IEEE communications surveys & tutorials, 15(2), pp. 843-859. doi: 10.1109/SURV.2012.060912.00182