Page 74 - 2023-Vol19-Issue2
P. 74
Received: 20 February 2023 | Revised: 14 April 2023 | Accepted: 14 April 2023
DOI: 10.37917/ijeee.19.2.9 Vol. 19 | Issue 2 | December 2023
Open Access
Iraqi Journal for Electrical and Electronic Engineering
Original Article
A Privacy-Preserving Scheme for Managing Secure Data
in Healthcare System
Naba M. Hamed*1, Ali A Yassin2
1College of Computer Science and Information Technology, University of Basrah, Basrah, 61004, Iraq
2Department of Computer science, Education College for Pure Sciences, University of Basrah, Basrah, 61004, Iraq
Correspondance
*Naba M.Hamed
Department of Computer science,
College of Computer Science and Information Technology,
University of Basrah, Basrah, Iraq.
Email: nabawq12@gmail.com
Abstract
In the world of modern technology and the huge spread of its use, it has been combined with healthcare systems and the
establishment of electronic health records (EHR) to follow up on patients. This merging of technology with healthcare
has allowed for more accurate EHRs that follow a patient to different healthcare facilities. Timely exchange of electronic
health information (EHR) between providers is critical for aiding medical research and providing fast patient treatment.
As a result, security issues and privacy problems are viewed as significant difficulties in the healthcare system. Several
remote user authentication methods have been suggested. In this research, we present a feasible patient EHR migration
solution for each patient. finally, each patient may securely delegate their current hospital’s information system to a
hospital certification authority in order to receive migration proof that can be used to transfer their EHR to a different
hospital. In addition, the proposed scheme is based on crypto-hash functions and asymmetric cryptosystems by using
homomorphic cryptography. The proposed scheme carried out two exhaustive formal security proofs for the work that
was provided. Using Scyther, a formal security tool, we present a secure user authentication technique in the proposed
healthcare scheme that ensures security and informal analysis.
Keywords
Electronic Health Records, Scyther, Migration Data, Asymmetric encryption, Homomorphic Cryptography.
I. INTRODUCTION study fields have evolved to improve human life.
The internet has become an indispensable part of everyday An Electronic Health Record (EHR) is a personal medical
life. Thanks to the fast progress of internet technology, we can record incorporated into health information systems [3]. Many
now deliver any service from anywhere and at any time [1]. countries create health information systems to help administer
Remote user authentication is becoming an increasingly sig- each patient’s activities and health monitoring. Consider the
nificant component of gaining access to valuable services or following scenario: A patient (let’s call her Alice) plans to
resources in the healthcare system, cloud applications, multi- see a doctor at a new hospital. If she visits a new hospital,
server configurations, and mobile devices. Remote user au- she may be required to disclose her personal medical infor-
thentication is an essential component of any security strategy. mation again. Furthermore, if her doctor needs her medical
In the absence of authentication, audit trails are opaque, and treatment history from other institutions, she must decide how
authorization grants identity-based privileges [2]. If we can- to securely communicate this information to her doctor. These
not distinguish between authorized and unauthorized parties, issues are very pressing. Our proposed approach guarantees
secrecy and privacy will be violated. In recent years, various that data access and data transfer are simple and secure. Each
This is an open-access article under the terms of the Creative Commons Attribution License,
which permits use, distribution, and reproduction in any medium, provided the original work is properly cited.
©2023 The Authors.
Published by Iraqi Journal for Electrical and Electronic Engineering | College of Engineering, University of Basrah.
https://doi.org/10.37917/ijeee.19.2.9 |https://www.ijeee.edu.iq 70
