Preserving confidentiality and privacy of the patient’s EHR using the OrBAC and AES in cloud environment*

被引:2
作者
Babrahem A.S. [1 ]
Monowar M.M. [1 ]
机构
[1] Department of Information Technology, Faculty of Computing and Information Technology, King AbdulAziz University, Jeddah
来源
International Journal of Computers and Applications | 2021年 / 43卷 / 01期
关键词
AES; cloud computing; confidentiality; EHR; OrBAC; privacy;
D O I
10.1080/1206212X.2018.1505025
中图分类号
学科分类号
摘要
Recently, the use of cloud computing has been spread in various fields. One of the striking areas is the healthcare domain where the patient’s data are outsourced to the cloud storage as Electronic Health Record (EHR). Cloud computing provides the EHR with valuable benefits, but at the same time it brings some security concerns regarding the privacy and confidentiality of the patient data. In this paper, we propose a cloud based EHR system exploiting the AES cryptography with the organization-based access control. In our system, the AES encryption is performed twice to provide two layers of security and confidentiality to the EHR data which is referred to as primary and temporary encryption. The proposed system ensures the privacy of the patient along with the confidentiality of medical information in both normal and emergency situations. The security concerns of our system are analyzed based on the basic security requirements for the cloud based EHR systems. The proposed system is implemented and its performance is evaluated through experiments to prove its effectiveness for its use in resource-constrained devices. © 2018 Informa UK Limited, trading as Taylor & Francis Group.
引用
收藏
页码:50 / 61
页数:11
相关论文
共 19 条
[1]  
Arun K.K., Gnanadeepa S., John H., Et al., Survey on security and privacy preserving public auditing for content storage in cloud environment, Proceedings of the international conference on electrical, electronics, signals, communication and optimization (EESCO)
[2]  
Maghrabi L., The threats of data security over the cloud as perceived by experts and university students, Proceedings of the world symposium of computer applications & research (WSCAR)
[3]  
Aiswarya D., Sangeetha V., Harnessing healthcare data security in cloud, Proceedings of the international conference on recent trends in information technology (ICRTIT)
[4]  
Elmogazy H., Bamasak O., Towards healthcare data security in cloud computing, Proceedings of the 8th international conference for internet technology and secured transactions (ICITST)
[5]  
Zhang R., Liu L., Security models and requirements for healthcare application clouds, Proceedings of the IEEE 3rd international conference on cloud computing (CLOUD)
[6]  
Lynda K., Saliha O.-K., Nadjia B., Data security and privacy in e-health cloud: comparative study, Proceedings on the international conference on intelligent information processing, security and advanced communication
[7]  
Patil M., A review on enhancing healthcare system using cloud computing, Int J Comput Appl, 2, pp. 8-11, (2014)
[8]  
Mohandas A., Sabitha S., Privacy preserving content disclosure for enabling sharing of electronic health records in cloud computing, Proceedings on the 7th ACM India computing conference
[9]  
Preethi M., Balakrishnan R., Cloud enabled patient-centric EHR management system, Proceedings on the international conference on advanced communication control and computing technologies (ICACCCT)
[10]  
Chen Y.Y., Lu J.C., Jan J.K., A secure EHR system based on hybrid clouds, J Med Syst, 36, 5, pp. 3375-3384, (2012)
12