Cover
Vol. 21 No. 1 (2025)

Published: September 19, 2025

Pages: 69-82

Original Article

An Efficient EHR Secure Exchange Among Healthcare Servers Using Light Weight Scheme

Aqeel Adel Yaseen 1 Kalyani Patel 2 Abdulla J. Aldarwish Ali A. Yassin 3
1Department of Computer Science, Science College, Gujarat University, Ahmedabad, 380009, India
2K. S. School of Business Management and Information, Gujarat University, Ahmedabad, 380009, India
3Department of Computer Science, Education College for Pure Sciences, University of Basrah, Basrah, 61004, Iraq
History
  • Received: April 18, 2024
  • Revised: July 3, 2024
  • Accepted: July 12, 2024
  • Available Online: November 8, 2024
DOI

https://doi.org/10.37917/ijeee.21.1.7

Abstract

This work addresses the critical need for secure and patient-controlled Electronic Health Records (EHR) migration among healthcare hospitals’ cloud servers (HHS). The relevant approaches often lack robust access control and leave data vulnerable during transfer. Our proposed scheme empowers patients to delegate EHR migration to a trusted Third-Party Hospital (TTPH); which is the Certification Authority (CA) while enforcing access control. The system leverages asymmetric encryption utilizing the Elliptic Curve Digital Signature Algorithm (ECDSA), EEC and ECDSA added robust security and lightness EHR sharing. Patient and user privacy is managed due to anonymity through cryptographic hashing for data protection and utilizes mutual authentication for secure communication. Formal security analysis using the Scyther tool and informal analysis was conducted to validate the system’s robustness. The proposed scheme achieved EHR integrity due to the verification of the communicated HHS and ensuring the integrity of the HHS digital certificate during EHR migration. Ultimately, the result achieved in the proposed work demonstrated the scheme’s high balance between data security and accuracy of communication, where the best result obtained represented 7.7/ ms as computational cost and 1248 /bits as communication cost compared with the relevant approaches.

Keywords

References

  1. A. S. Radwan, A. A. Abdel-Hamid, and Y. Hanafy, “Cloud-based service for secure electronic medical record exchange,” in 2012 22nd International Confer- ence on Computer Theory and Applications (ICCTA), pp. 94–103, IEEE, 2012.
  2. M. Yıldırım and I. Mackie, “Encouraging users to im- prove password security and memorability,” Interna- tional Journal of Information Security, vol. 18, pp. 741– 759, 2019.
  3. A. Ometov, S. Bezzateev, N. M¨akitalo, S. Andreev, T. Mikkonen, and Y. Koucheryavy, “Multi-factor au- thentication: A survey,” Cryptography, vol. 2, no. 1, p. 1, 2018.
  4. J. C. Mandel, D. A. Kreda, K. D. Mandl, I. S. Kohane, and R. B. Ramoni, “Smart on fhir: a standards-based, in- teroperable apps platform for electronic health records,” Journal of the American Medical Informatics Associa- tion, vol. 23, no. 5, pp. 899–908, 2016.
  5. L. Zhang, Y. Zhang, S. Tang, and H. Luo, “Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement,” IEEE Transactions on Industrial Electronics, vol. 65, no. 3, pp. 2795–2805, 2017.
  6. R. Ssembatya and A. V. Kayem, “Secure and efficient mobile personal health data sharing in resource con- strained environments,” in 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops, pp. 411–416, IEEE, 2015.
  7. T. Tsegaye and S. Flowerday, “A clark-wilson and ansi role-based access control model,” Information & Com- puter Security, vol. 28, no. 3, pp. 373–395, 2020.
  8. O. Ajayi, M. Abouali, and T. Saadawi, “Secure archi- tecture for inter-healthcare electronic health records ex- change,” in 2020 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS), pp. 1–6, IEEE, 2020.
  9. M. Rajakumar and S. Thavamani, “Migration of ehealth cloud to sehealth cloud,” in 2021 International Con- ference on Advancements in Electrical, Electronics, Communication, Computing and Automation (ICAECA), pp. 1–4, IEEE, 2021.
  10. S. Saleh, N. El Arnaout, L. Abdouni, Z. Jammoul, N. Hachach, and A. Dasgupta, “Sijilli: a scalable model of cloud-based electronic health records for migrating populations in low-resource settings,” Journal of Medi- cal Internet Research, vol. 22, no. 8, p. e18183, 2020.
  11. M. De Vincenzi, G. Costantino, I. Matteucci, F. Fenzl, C. Plappert, R. Rieke, and D. Zelle, “A systematic review on security attacks and countermeasures in automotive ethernet,” ACM Computing Surveys, vol. 56, no. 6, pp. 1– 38, 2024.
  12. R. Sivan and Z. A. Zukarnain, “Security and privacy in cloud-based e-health system,” Symmetry, vol. 13, no. 5, p. 742, 2021.
  13. F. Tang, S. Ma, Y. Xiang, and C. Lin, “An efficient authentication scheme for blockchain-based electronic health records,” IEEE access, vol. 7, pp. 41678–41689, 2019. 82 | Yaseen & Patel & Aldarwish & Yassin
  14. H. Shahriar, H. M. Haddad, and M. Farhadi, Assess- ing HIPAA compliance of open source electronic health record applications, pp. 995–1011. IGI Global, 2022.
  15. M. Jayabalan and T. O’Daniel, “A study on authenti- cation factors in electronic health records,” Journal of Applied Technology and Innovation, vol. 3, no. 1, 2019.
  16. N. M. Hamed and A. A. Yassin, “A secure and authen- tication scheme to preserve the privacy of electronic health records in the healthcare system,” in 2022 Iraqi International Conference on Communication and Infor- mation Technologies (IICCIT), pp. 32–37, IEEE, 2022.
  17. T. Sudhakar, V. Natarajan, M. Gopinath, and J. Saranyadevi, “An enhanced authentication protocol for multi-server environment using password and smart card,” Wireless Personal Communications, vol. 115, pp. 2779–2803, 2020.
  18. M. M. Pai, R. Ganiga, R. M. Pai, and R. K. Sinha, “Stan- dard electronic health record (ehr) framework for indian healthcare system,” Health Services and Outcomes Re- search Methodology, vol. 21, no. 3, pp. 339–362, 2021.
  19. S. Shukla and S. J. Patel, “A novel ecc-based provably secure and privacy-preserving multi-factor authentica- tion protocol for cloud computing,” Computing, vol. 104, no. 5, pp. 1173–1202, 2022.
  20. Y. Chen and J. Chen, “A secure three-factor-based au- thentication with key agreement protocol for e-health clouds,” The Journal of Supercomputing, vol. 77, pp. 3359–3380, 2021.
  21. I. A. Obiri, Q. Xia, H. Xia, E. Affum, S. Abla, and J. Gao, “Personal health records sharing scheme based on attribute based signcryption with data integrity ver- ifiable,” Journal of Computer Security, vol. 30, no. 2, pp. 291–324, 2022.
  22. F. Lalem, A. Laouid, M. Kara, M. Al-Khalidi, and A. Eleyan, “A novel digital signature scheme for ad- vanced asymmetric encryption techniques,” Applied Sci- ences, vol. 13, no. 8, p. 5172, 2023.
  23. C. J. Cremers, “The scyther tool: Verification, falsifica- tion, and analysis of security protocols: Tool paper,” in International conference on computer aided verification, pp. 414–418, Springer, 2008.
  24. S. Meier, B. Schmidt, C. Cremers, and D. Basin, “The tamarin prover for the symbolic analysis of security pro- tocols,” in Computer Aided Verification: 25th Interna- tional Conference, CAV 2013, Saint Petersburg, Rus- sia, July 13-19, 2013. Proceedings 25, pp. 696–701, Springer, 2013.
  25. Y. Salami, V. Khajehvand, and E. Zeinali, “E3c: a tool for evaluating communication and computation costs in authentication and key exchange protocol,” arXiv preprint arXiv:2212.03308, 2022.
  26. M. Kompara, S. H. Islam, and M. H¨olbl, “A robust and efficient mutual authentication and key agreement scheme with untraceability for wbans,” Computer net- works, vol. 148, pp. 196–213, 2019.
  27. Z. Sann, T. Soe, and K. Nwe, “Comparison of public key cryptography in different security level,” Interna- tional Journal of Recent Development in Engineering and Technology, vol. 8, no. 12, 2019.
  28. A. A. Imem, “Comparison and evaluation of digital signature schemes employed in ndn network,” arXiv preprint arXiv:1508.00184, 2015.