Tian-shu ZHOU,Xing-hua ZHU,Jing-song LI

DOI: https://doi.org/10.3969/j.issn.1673-7571.2015.06.025

2015-01-01

Abstract:To meet the demand of big data sharing and communication in regional medical systems in a secure manner, we designed and developed a security system within HIE-oriented EMR, including identity authentication, privilege management, access log, and data encryption modules. The establish and deployment of the system could prevent access from the illegal users, keep EMR system accessibility while controllability, record the modification traces and make it undeniability, protect the medical data from intercepted by intruders, keep the data confidentiality from none stakeholders, and finally construct a complete security system in EMR.

Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Chin-Ling Chen,Po-Tsun Huang,Yung-Yuan Deng,Hsing-Chung Chen,Yun-Ciao Wang

DOI: https://doi.org/10.1186/s13673-020-00221-1

2020-05-07

Abstract:Abstract As cloud computing technology matures, along with an increased application of distributed networks, increasingly larger amounts of data are being stored in the cloud, and are thus available for pervasive application. At the same time, current independent medical record systems tend to be inefficient, and most previous studies in this field fail to meet the security requirements of anonymity and unlinkability. Some proposed schemes are even vulnerable to malicious impersonation attacks. The scheme proposed in this study, therefore, combines public and private clouds in order to more efficiently and securely preserve and manage electronic medical records (EMR). In this paper, a new secure EMR authorization system is proposed, which uses elliptic curve encryption and public-key encryption, providing a health care system with both public and private cloud environments with a message authentication mechanism, allowing the secure sharing of medical resources. The analysis shows that the proposed scheme prevents known attacks, such as replay attacks, man-in-the-middle attacks and impersonation attacks, and provides user anonymity, unlinkability, integrity, non-repudiation, forward and backward security.

computer science, information systems

ZHOU Kai,JIANG Xing-hao,SUN Tan-feng

DOI: https://doi.org/10.3969/j.issn.1009-8054.2012.04.046

2012-01-01

Abstract:With rapid development of medical informationization,the current EMR system couldn't well satisfy the needs of medical treatment and patient in information sharing and security.In this paper,an EMR system based on cloud storage is proposed,which could provide unified EMR registration and use services for patients and hospitals.Also this paper gives detailed discussion on EMR access control policies.By combining general RBAC and personalized authorization,the problem of dynamic authorization is effectively solved,thus the demand of patients in personal information security and privacy protection could be satisfied.

Song Luo,N. Han,Tan Hu,YuHua Qian

DOI: https://doi.org/10.1155/2024/5569121

IF: 1.938

2024-02-03

International Journal of Distributed Sensor Networks

Abstract:As network technology advances and more people use devices, data storage has become a significant challenge due to the explosive growth of information and the threat of data leaks. In traditional medical institutions, most medical data is stored centrally through cloud computing technology in the institution’s data center. This centralized storage method has many security risks, and once the central server is attacked, it will lead to the loss of medical data, which will lead to the leakage of patients’ private data. At the same time, electronic medical records are the most critical data in the current medical field. In the traditional centralized healthcare service system (HSS), there are data leakage problems and tampering with electronic medical records due to human factors. At the same time, each hospital is built independently, resulting in the current centralized healthcare service system having a data silo problem, making it difficult to share medical data between institutions securely. With the increase in the number of users in the system, the electronic medical record data in the system also increases gradually, resulting in the increasing overhead of decryption calculation. Therefore, this paper proposes a blockchain-based access control scheme with multiparty authorization to ensure the security of electronic medical records. The scheme uses an SM encryption algorithm to encrypt the medical data in the system. It adds the patient’s signature to ensure the confidentiality and security of the data, and the encrypted electronic medical records (EMRs) are stored in the InterPlanetary File System (IPFS) to realize the distributed storage of EMR. In addition, role-based multiauthorization access control is implemented through smart contract-based to ensure the security of EMR. We have analyzed the security of this paper’s solution and compared its performance with the existing schemes based on other cryptographic algorithms. The experimental results show that the proposed solution significantly improves the secure sharing of EMR and provides system performance.

computer science, information systems,telecommunications

Hui Ma,Rui Zhang,Guomin Yang,Zishuai Song,Kai He,Yuting Xiao

DOI: https://doi.org/10.1109/tdsc.2018.2844814

2020-01-01

Abstract:Sharing digital medical records on public cloud storage via mobile devices facilitates patients (doctors) to get (offer) medical treatment of high quality and efficiency. However, challenges such as data privacy protection, flexible data sharing, efficient authority delegation, computation efficiency optimization, are remaining toward achieving practical fine-grained access control in the Electronic Medical Record (EMR) system. In this work, we propose an innovative access control model and a fine-grained data sharing mechanism for EMR, which simultaneously achieves the above-mentioned features and is suitable for resource-constrained mobile devices. In the model, complex computation is outsourced to public cloud servers, leaving almost no complex computation for the private key generator (PKG), sender and receiver. Additionally, the communication cost of the PKG and users is optimized. Moreover, we develop an extensible library called libabe that is compatible with Android devices, and the access control mechanism is actually deployed on realistic environment, including public cloud servers, a laptop and an inexpensive mobile phone with constrained resources. The experimental results indicate that the mechanism is efficient, practical and economical.

Chin-Ling Chen,Tsai-Tung Yang,Mao-Lun Chiang,Tzay-Farn Shih

DOI: https://doi.org/10.1007/s10916-014-0143-9

IF: 4.92

2014-10-15

Journal of Medical Systems

Abstract:With the rapid development of the information technology, the health care technologies already became matured. Such as electronic medical records that can be easily stored. However, how to get medical resources more convenient is currently concerning issue. In spite of many literatures discussed about medical systems, these literatures should face many security challenges. The most important issue is patients’ privacy. Therefore, we propose a privacy authentication scheme based on cloud environment. In our scheme, we use mobile device’s characteristics, allowing peoples to use medical resources on the cloud environment to find medical advice conveniently. The digital signature is used to ensure the security of the medical information that is certified by the medical department in our proposed scheme.

health care sciences & services,medical informatics

Yi-Ning Liu,Yan-Ping Wang

DOI: https://doi.org/10.1080/02533839.2018.1537754

2019-01-01

Abstract:With the development of cloud service, electronic medical record systems enable hospitals and doctors to capture, transmit and analyze patients' medical and health information more efficiently, which provides very useful and economic services for patients, medical institutions and government. However, security and privacy issues have not been well addressed in the existing schemes. This article presents an improved electronic medical record system (IEMRS) with two desirable functionalities, where a mutual authentication is used to guarantee authorized requests, and the privacy of a request query is achieved to resist the intruder. Performance analysis demonstrates that the IEMRS scheme outperforms other schemes.

Xingguang Zhou,Jianwei Liu,Zongyang Zhang,Qianhong Wu

DOI: https://doi.org/10.1155/2020/8347213

IF: 1.968

2020-01-01

Security and Communication Networks

Abstract:The application of cloud storage system has been deployed widely in recent years. A lot of electronic medical records (EMRs) are collected and uploaded to the cloud for scalable sharing among the authority users. It is necessary to guarantee the confidentiality of EMRs and the privacy of EMR owners. To achieve this target, we summarize a series of attack behaviors in the cloud storage system and present the security model against many types of unexpected privacy leakage. Privacy of unassailed EMRs is guaranteed in this model, and the influence of privacy leakage is controlled in a certain scope. We also propose a role-based access control scheme to achieve flexible access control on these private EMRs. One can access medical records only if his/her role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.

Shengmin Xu,Jianting Ning,Yingjiu Li,Yinghui Zhang,Guowen Xu,Xinyi Huang,Robert H. Deng

DOI: https://doi.org/10.1109/tdsc.2021.3126532

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:To reduce the cost of human and material resources and improve the collaborations among medical systems, research laboratories and insurance companies for healthcare researches and commercial activities, electronic medical records (EMRs) have been proposed to shift from paperwork to friendly shareable electronic records. To take advantage of EMRs efficiently and reduce the cost of local storage, EMRs are usually outsourced to the remote cloud for sharing medical data with authorized users. However, cloud service providers are untrustworthy. In this paper, we propose an efficient, secure, and flexible EMR sharing system by introducing a novel cryptosystem called dual-policy revocable attribute-based encryption and tamper resistance blockchain technology. Our proposed system enables EMRs to be shared at a fine-grained level and allows data users to detect any unauthorized manipulation. Moreover, the key generation center can revoke malicious users without affecting the honest users. We provide the formal security model as well as the concrete scheme with security analysis. The experimental simulation and experimental analysis of our proposed scheme demonstrate that our proposed system has superior performances to the most relevant solutions.

Sheng Cao,Gexiang Zhang,Pengfei Liu,Xiaosong Zhang,Ferrante Neri

DOI: https://doi.org/10.1016/j.ins.2019.02.038

IF: 8.1

2019-01-01

Information Sciences

Abstract:The wide deployment of cloud-assisted electronic health (eHealth) systems has already shown great benefits in managing electronic health records (EHRs) for both medical institutions and patients. However, it also causes critical security concerns. Since once a medical institution generates and outsources the patients’ EHRs to cloud servers, patients would not physically own their EHRs but the medical institution can access the EHRs as needed for diagnosing, it makes the EHRs integrity protection a formidable task, especially in the case that a medical malpractice occurs, where the medical institution may collude with the cloud server to tamper with the outsourced EHRs to hide the medical malpractice. Traditional cryptographic primitives for the purpose of data integrity protection cannot be directly adopted because they cannot ensure the security in the case of collusion between the cloud server and medical institution.

Wenjin Lei,Yidong Li,Yingpeng Sang,Hong Shen

DOI: https://doi.org/10.1109/icebe.2016.019

2016-01-01

Abstract:Based on smart devices and wireless communication infrastructure, the Electronic Medical Records (EMR) systems become more and more popular in hospitals by reason of its convenient operation, remote access, data integrity, facilitated resources sharing, statistical analysis and many other advantages. When entering an EMR system, patients can be treated by many kinds of services and also leave their privacy to the providers. It is a viable method to protect a patient's privacy in EMR by anonymous authentication, where identity of the patient is verified without demonstrating the true identity to the authenticator. This paper proposes an enhanced secure anonymous authentication scheme, based on smart card and biometrics with key agreement. According to security analysis, our scheme is secure against many types of attacks, including those not prevented by previous work, such as the smart card loss attack and impersonation attack. The performance of our scheme is also analyzed and compared with previous work, which shows that our scheme is more efficient in the computation cost.

Kirtirajsinh Zala,Hiren Kumar Thakkar,Rajendrasinh Jadeja,Neel H Dholakia,Ketan Kotecha,Deepak Kumar Jain,Madhu Shukla

DOI: https://doi.org/10.1155/2022/3804553

2022-08-18

Abstract:Traditional healthcare services have changed into modern ones in which doctors can diagnose patients from a distance. All stakeholders, including patients, ward boy, life insurance agents, physicians, and others, have easy access to patients' medical records due to cloud computing. The cloud's services are very cost-effective and scalable, and provide various mobile access options for a patient's electronic health records (EHRs). EHR privacy and security are critical concerns despite the many benefits of the cloud. Patient health information is extremely sensitive and important, and sending it over an unencrypted wireless media raises a number of security hazards. This study suggests an innovative and secure access system for cloud-based electronic healthcare services storing patient health records in a third-party cloud service provider. The research considers the remote healthcare requirements for maintaining patient information integrity, confidentiality, and security. There will be fewer attacks on e-healthcare records now that stakeholders will have a safe interface and data on the cloud will not be accessible to them. End-to-end encryption is ensured by using multiple keys generated by the key conclusion function (KCF), and access to cloud services is granted based on a person's identity and the relationship between the parties involved, which protects their personal information that is the methodology used in the proposed scheme. The proposed scheme is best suited for cloud-based e-healthcare services because of its simplicity and robustness. Using different Amazon EC2 hosting options, we examine how well our cloud-based web application service works when the number of requests linearly increases. The performance of our web application service that runs in the cloud is based on how many requests it can handle per second while keeping its response time constant. The proposed secure access scheme for cloud-based web applications was compared to the Ethereum blockchain platform, which uses internet of things (IoT) devices in terms of execution time, throughput, and latency.

Xingguang Zhou,Jianwei Liu,Zongyang Zhang,Qianhong Wu

2020-01-01

Abstract:,e application of cloud storage system has been deployed widely in recent years. A lot of electronic medical records (EMRs) are collected and uploaded to the cloud for scalable sharing among the authority users. It is necessary to guarantee the confidentiality of EMRs and the privacy of EMR owners. To achieve this target, we summarize a series of attack behaviors in the cloud storage system and present the security model against many types of unexpected privacy leakage. Privacy of unassailed EMRs is guaranteed in this model, and the influence of privacy leakage is controlled in a certain scope. We also propose a role-based access control scheme to achieve flexible access control on these private EMRs. One can access medical records only if his/her role satisfies the defined access policy, which implies a fine-grained access control. ,eoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.

Lei Zhou,Anmin Fu,Jingyu Feng,Chunyi Zhou

DOI: https://doi.org/10.1109/icc40277.2020.9148673

2020-01-01

Abstract:Cloud computing provides an effective way to manage and share massive medical data for Electronic Medical Record (EMR), hence establishing cloud-based EMR has attracted more and more attention. The data integrity and privacy issue in cloud-based EMR should be emphasized since users do not want their medical records to be damaged or disclosed to others. To address the concern in this paper, we propose an efficient and secure Data Integrity Auditing scheme with Traceability for cloud-based EMR (DIAT), which provides data integrity and privacy. We store multiple copies so that data can be recovered quickly from damage as long as one copy remains intact; meanwhile, data cannot be leaked to unauthorized entities since it is stored as ciphertext. For supporting data dynamics, we have designed a two-dimensional data structure, called Dynamic Mapping Hash Table (DMHT). It does not require large auxiliary validation information, nor does it affect the sequence numbers of other blocks. Moreover, data traceability is achieved by organizing all versions of a data block as a chain so that doctors are enabled to track the changes of patients condition in their records. In addition, formal security analysis and experiment results confirm that DIAT is provably secure and efficient.

Dexin Zhu,Yu Sun,Nianfeng Li,Lijun Song,Jun Zheng

DOI: https://doi.org/10.1007/s10586-023-04110-x

2024-01-01

Abstract:Electronic medical records have the advantages of large storage capacity, convenience, improved efficiency, etc. However, since electronic medical records contain a large amount of patient’s private information, if they are stored directly in the cloud server, patients may face the risk of privacy data leakage and electronic medical record data tampering. To solve the above problems, this paper proposes a secure sharing scheme of electronic medical records combining quantum key and blockchain. Based on the true randomness of quantum keys, the multi-user secure forwarding mechanism of quantum keys is designed using proxy re-encryption technology and blockchain. A fine-grained access control scheme for electronic medical records by users with different roles was proposed using data desensitization technology. To facilitate secure retrieval from the cloud server, searchable encryption technology is used. This paper analyzes the comprehensive performance level of the proposed scheme through blockchain performance testing and system efficiency testing.

Xingguang Zhou,Jie Chen,Zongyang Zhang,Jianwei Liu,Qianhong Wu

DOI: https://doi.org/10.1007/978-3-319-69471-9_30

2017-01-01

Abstract:Along with large scale deployment of electronic medical record systems, huge amount of health data is collected. To protect the sensitive information, it must be securely stored and accessed. Considering secure storage on cloud servers, we summary a series of attack behaviors and present the security model against many types of unwanted privacy leakage. In this model, the privacy of unleaked medical records is guaranteed, and the influences of privacy leakage are confined in a strict manner. We also propose a role-based access control scheme for hierarchical healthcare organizations to achieve flexible access on these private records. One can access medical records only if his role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.

Jianghua Liu,Jinhua Ma,Wei Wu,Xiaofeng Chen,Xinyi Huang,Li Xu

DOI: https://doi.org/10.1145/2983625

2017-01-01

ACM Transactions on Embedded Computing Systems

Abstract:Electronic healthcare (eHealth) systems have replaced traditional paper-based medical systems due to attractive features such as universal accessibility, high accuracy, and low cost. As a major constituent part of eHealth systems, mobile healthcare (mHealth) applies Mobile Internet Devices (MIDs) and Embedded Devices (EDs), such as tablets, smartphones, and other devices embedded in the bodies of individuals, to improve the quality of life and provide more convenient healthcare services for patients. Unfortunately, MIDs and EDs have only limited computational capacity, storage space, and power supply. By taking this into account, we present a new design to guarantee the integrity of eHealth records and the anonymity of the data owner in a more efficient and flexible way. The essence of our design is a general method which can convert any secure Attribute-Based Signature (ABS) scheme into a highly efficient and secure Online/Offline Attribute-Based Signature (OOABS) scheme. We prove the security and analyze the efficiency improvement of the new design. Additionally, we illustrate the proposed generic construction by applying it to a specific ABS scheme.

Fatos Xhafa,Jingwei Li,Gansen Zhao,Jin Li,Xiaofeng Chen,Duncan S. Wong

DOI: https://doi.org/10.1007/s11042-013-1829-6

IF: 2.577

2014-01-01

Multimedia Tools and Applications

Abstract:With the development of cloud computing, electronic health record (EHR) system has appeared in the form of patient-centric, in which patients store their personal health records (PHRs) at a remote cloud server and selectively share them with physicians for convenient medical care. Although the newly emerged form has many advantages over traditional client-server model, it inevitably introduces patients’ concerns on the privacy of their PHRs due to the fact that cloud servers are very likely to be in a different trusted domain from that of the patients. In this paper, aiming at allowing for efficient storing and sharing PHRs and also eliminating patients’ worries about PHR privacy, we design a secure cloud-based EHR system, which guarantees security and privacy of medical data stored in the cloud, relying on cryptographic primitive but not the full trust over cloud servers. Based on our proposed basic EHR system, we provide several extensions including adding searchability, supporting revocation functionality and enabling efficient local decryption, which fills the gap between theoretical proposal and practical application.

Huixian Shi,Rui Guo,Chunming Jing,Shaocong Feng

DOI: https://doi.org/10.1109/access.2019.2918639

IF: 3.9

2019-01-01

IEEE Access

Abstract:Electronic Medical Records (EMRs) are the collection of patient's health data systematically in a digital format. They eliminate the complicated paper-based medical records and ensure the accuracy and legibility of health data to improve quality care. As the amount of the EMRs explosion, the traditional medical system is unable to equip with sufficient storage and computing capacities. Therefore, it is crucial to outsourcing this EMRs to the cloud server, which is a flexible and cost-effective mode in data management. However, the loss of control over the patient's EMRs makes it a severe challenge in the integrity of outsourced data. In this paper, we propose an efficient certificateless provable data possession (CL-PDP) scheme without bilinear pairing for the EMRs stored in the cloud medical server. A formal security proof on the random oracle model demonstrates the security of our proposal. In addition, our CL-PDP protocol satisfies the following properties: unconditionally anonymous, privacy preservation, public verifiability, and reliability of the trusted third party. At last, an elaborate performance evaluation with other related schemes shows that this proposal is efficient and practical.