Page 69 - IJEEE-2023-Vol19-ISSUE-1
P. 69
Fareed & Yassin | 65
the same hash. Any text is signed using an SHA-256, and the A. Initialization Phase
output is 256 bits long.
Step 1. In the initialization phase, the 2AD creates a table
C. CK threat model: containing all public keys for the 3DD*.
Step 2. Key Initialization
With the Canetti-Krawczyk model (CK), we can formally • & = a large prime number, public to all
develop and analyze the proposed scheme. The proposed • ' = a large prime factor of & - 1, public to all
system should have many essential security properties [12]. • * = an integer with order ' ,-.78- &, in [1,… , & -
In this paper, we used the following features: 1], public to all
• Scalability. • h01h = a one-way hash function
• Privacy preservation. • 23 = a keyed one-way hash function = 234(,) =
• Mutual authentication
• Attack resistance. h01h(4, ,)
• Communication security. • (E, D) = the algorithms which are used for encryption and
• Secure ABAC.
decryption of a private key cipher. Alice sends a message
IV. THE PROPOSAL SCHEME to Bob.
The EHR is controlled by health centers instead of B. Registration Phase
the patients, making it difficult to obtain medical advice from The 3DD* achieves registration in the system through the
following steps:
different health centers. Thus, patients need to concentrate Step1. The 3DD* registers its information in the system (e.g.
Healthcare center name (3DD,.# ), Address (KA* ), Phone
on getting their health information and medical records back No. (FH*), Email (;L*).
Step2. 3DD* Initializes the database to save the patient's
in order. The development of distributed global database EHR.
Step3. Public and private keys are generated
technology (DGDB) has made it easier for people to obtain (F1,--# , F<,--# ) for the signing/encrypting (signcryption)
data from the 3DD* as shown below:
information within medical records. The technology offers • 9:!""! = ;# ; where ;# is a private key of 3<<$,
patients access to extensive, consistent reports, with free chosen randomly from 1 to ' - 1.
• 97!""! = =# = =*%&" mod p; it represents the public
access to EHRs from treatment websites or mobile
key of 3<<$.
applications. We will report how we built a security Step 4. Finally, 3DD* sends (F<,--#,3DD,.#) to the 2AD.
framework for EHRs with multiple authorities to meet the C. Distributed Global Database (MNMO) Phase
need for DGDB in shared EHRs. This method protects In this phase, we give details regarding the patient's
need to visit a healthcare center that is different from their
patients' privacy and ensures that EHRs remain unchanged. primary center; the patient's EHR is included. The following
steps describe the primary tasks of this phase:
This section proposes a secure ABAC authentication Step 1. ;3E+# is stored in the 3DD#.
Step 2. F* needs to visit a specific healthcare center that is
scheme in a healthcare system consisting of two components; not his primary healthcare center.
Step 3. There is a 3DD0 that is near F*.
healthcare center (3DD*) and key distribution center (2AD). Step 4. F* needs to visit the nearby 3DD0.
Table I contains the necessary symbols used in this paper. Step 5. 3DD0 requires the ;3E+# from the 3DD#.
Step 6. 3DD0 calculates E ,--$ = (3DD#12) and sends it to
Additionally, our work depends on the initialization phase, 2AD to receive the public key for 3DD#.
Step 7. 2AD receives E ,--$ to retrieve the F<,--$ and
registration phase, and the ABAC phase. The initialization calculate 3F<,--$ = h,-h(F<,--$).
phase employs 2AD to generate and exchange private and Step 8. 2AD sends (F<,--$, 3F<,--$ ) to 3DD0.
Step 9. 3DD0 receives ( F<,--$, 3F<,--$ ) and calculate
public keys, which use signing/verifying and 33F<,--$ = h,-h(F<,--$).
Step10. 3DD0 compares (33F<,--$, 3F<,--$) if true, then
encrypting/decrypting among the main components of the computes P = G;HD+4%&&$ (query+#) then go to Step 12.
Step11. Otherwise terminate this phase.
EHRs message. The registration phase registers a new 3DD*, Step12. 3DD0 sends P to 3DD# to receive ;3E+# .
which generates the primary keys for the 3DD*. The ABAC
phase is responsible for exchanging, authenticating, and
verifying the EHR of the system's components. These main
phases are explained in detail below.
TABLE I
NOTATIONS.
Notation Descriptions
3DD Healthcare centers
ABAC Distributed Global Database
;3E+# The patient's electronic health record
F*
2AD patient
Key Distribution Center
F<,--# The public key of the health center
F1,--# The private key of the health center
G;HD(. ) Signcryption function
IG;HD(. ) Usigncryption function
? Exclusive-Or
|| Concatenation