Page 66 - IJEEE-2023-Vol19-ISSUE-1
P. 66
Received: 29 August 2022 Revised: 22 September 2022 Accepted: 25 September 2022
DOI: 10.37917/ijeee.19.1.8
Vol. 19| Issue 1| June 2023
Ð Open Access
Iraqi Journal for Electrical and Electronic Engineering
Original Article
Secure Electronic Healthcare Record based on
Distributed Global Database and Schnorr
Signcryption
Mohammad Fareed *1, 2, Ali A Yassin 1
1Department of Computer Science, Education College for Pure Science, University of Basrah Basrah 61004, Iraq
2Communication Media and Commission
Correspondence
*Mohammad Fareed
Department of Computer Science
Education College for Pure Science,
University of Basrah, Basrah, 61004, Iraq.
Email: pedupg.m.fareed@uobasrah.edu.iq
Abstract
Preserving privacy and security plays a key role in allowing each component in the healthcare system to access control and
gain privileges for services and resources. Over recent years, there have been several role-based access control and
authentication schemes, but we noticed some drawbacks in target schemes such as failing to resist well-known attacks, leaking
privacy-related information, and operational cost. To defeat the weakness, this paper proposes a secure electronic healthcare
record scheme based on Schnorr Signcryption, crypto hash function, and Distributed Global Database (DGDB) for the
healthcare system. Based on security theories and the Canetti-Krawczyk model (CK), we notice that the proposed scheme has
suitable matrices such as scalability, privacy preservation, and mutual authentication. Furthermore, findings from comparisons
with comparable schemes reveal that the suggested approach provides greater privacy and security characteristics than the
other schemes and has enough efficiency in computational and communicational aspects.
KEYWORDS: Authentication, Schnorr Signcryption, Healthcare system, DGDB, CK model.
I. INTRODUCTION and retrieving data of EHR among authorized and trusted
parties. For example, the accuracy of diagnosing a patient's
Healthcare data are critical and sensitive in our lives. Health case by a specialized doctor depends on the retrieved EHR.
records of patients were stored on paper in the past, making In addition, some of the methods used in data sharing
them more susceptible to damage and difficult to retrieve through decentralization, in terms of data encryption or
information. Subsequently, electronic storage of healthcare accuracy, are not considered sufficient to maintain patients'
data was necessary to reduce the hurdles between various privacy. Therefore, developing a secure data sharing and
healthcare providers in terms of data exchange and distribution mechanism has become necessary through
protection. With the rapid increase in information technology Distributed Global Database (DGDB).
and the Internet used in the current era, it has become This paper proposes a secure scheme based on DGDB for
necessary to transform healthcare records from traditional to securely exchanging health data while preserving its privacy
electronic to adapt to modern life. The advanced age of against recognized malicious attacks by using decentralized
electronic health records (EHR) leads to access to vast data data storage. The contributions of this research can be
inside EHR. Such an increase in EHR requires matchless summarized as follows:
data protection in healthcare. However, the health data must 1- We propose a DGDB-based authentication scheme. The
be stored securely and shared only with authorized parties.
In some systems, centralization saves all data on the same proposed mechanism provides a powerful distributed
server. This mechanism is not secure because the server data storage between health care centers and secures data
keeps the data and faces security risks and malicious attacks. exchange by encrypting transmitted data used by the Key
On the other side, we see the decentralized method to save Distribution Center(KDC).
data in shared servers because it is more secure, safe to 2- Officially, we confirm the system's security using the
exchange and upgrade data, and suitable for massive data. security analysis tool Scyther Tool.
Here, we will focus on patients' privacy, secure exchange,
This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and
reproduction in any medium, provided the original work is properly cited.
© 2023 The Authors. Published by Iraqi Journal for Electrical and Electronic Engineering by College of Engineering, University of Basrah.
https://doi.org/10.37917/ijeee.19.1.8 https://www.ijeee.edu.iq 62