Page 75 - 2023-Vol19-Issue2
P. 75
71 | Hamed & Yassin
user must be granted the proper access rights [4]. One of tified in previous studies. In practice, the Scyther security
the most straightforward and practical security solutions is proof was utilized to show the strong security and resistance
password-based authentication. Password-based authentica- of our strategy against hostile attacks. The suggested tech-
tion mechanisms are used in the healthcare system, e-business, nique strikes a good compromise between security complexity
database management systems, and smart card applications. and performance, and it may be used in healthcare systems.
Our method presents a feasible and verifiable patient EHR
fair exchange for health information systems. Patients must The remainder of the article is structured as follows. Sec-
not only delegate the transfer of their personal EHR from tion 2 reviews the related work. Section 3 focuses on the
their current hospital health information system to the hospi- proposed scheme. Section 4 This section evaluates security
tal system of their choice but also retain their privacy [4]. Our analysis of the proposed scheme in terms of formal and in-
system ensures safe data storage and the secure transmission formal security analysis. Section 5 presents the performance
of permitted information to a specified place. We propose a results. Finally, section 6 presents the conclusions.
high-level, realistic, and demonstrable patient EHR fair ex-
change model with key agreements for health information II. RELATED WORK
systems. A patient can not only delegate the current hospital’s
health information systems to migrate their personal EHR to A. Centralized Identity Management for Entity Authentica-
the chosen hospital system but also maintain their privacy [5]. tion
In India, EHR guidelines advocate for the safe sharing As part of a centralized identity management system, a cen-
of health information with minimal disclosure of personal tralized identity distribution point (IDP) will be responsible
identification. The majority of identity-related breaches are for issuing an identity (email ID, phone number, government
triggered by the leak of sensitive information associated with identification code, patient identification code), as well as
identifiers, as well as the vast data collection and tracking for maintaining the trust factor associated with those iden-
permitted by service providers [6]. The General Data Pro- tities. Credential-based authentication is a well-established
tection Regulation encourages entity-controlled identifiers initial line of defense in any identification scheme. As the pri-
and limited information collection to preserve privacy. Many vacy and security of patient data records are critical in EHRs,
countries have laws in place to protect patients’ privacy, such credential-based protection is a relatively simple and adapt-
as the Health Insurance Portability and Accountability Act able first-hand solution that is able to identity theft, spoofing
(HIPAA)in the United States. Confidentiality in telecare ser- attacks, data loss, and other types of privacy violations. It
vices has become a key problem, especially how to ensure is possible to add an extra layer of protection to the current
patient data security and privacy while transmitting over a credentials-based authentication by including secondary fac-
public channel [7] [8]. User authentication is the first step in tors such as OTP, captchas, patterns, or biometrics in addition
ensuring that only authorized users have access to protected to the credentials-based authentication [11]. Many studies on
data. Although password-based user authentication is the most two-factor authentication [12] and three-factor authentication
convenient approach, it is prone to numerous attacks and may [13] have been conducted for the purpose of validating medi-
pose a threat to data security. Multifactor authentication is a cal records [12]. Although it adds an extra layer of protection,
recommended strategy in which any user is granted access to multifactor authentication is vulnerable to attacks such as
specified data after verifying two or more pieces of evidence identity theft, replay attacks, phishing attacks, and denial of
[9] [10] perform poorly or have serious security flaws in the service attacks, among others. The authentication of entities
context of tele-health services. Our system stores data and can be achieved by binding centralized identifiers to crypto-
securely transfers approved information to defined places. In graphically generated keys, signatures, and certificates with
this paper, we offer a safe technique for authenticating EHR the help of public key infrastructure (PKI).
patients and the Healthcare Center Server using real mem-
ber IDs and verification codes. To provide robust security B. Decentralized identity management for entity authenti-
while maintaining good performance. The proposed work cation
employs, based on multi-factor authentication, a lightweight
crypto-hash function for the generation of One-Time Pass- The whole concept of decentralization is founded on the basic
words (OTP) and symmetric key encryption (CTR mode) and assumption that a transaction for the transfer of a commodity
an asymmetric key of homomorphic encryption Damgoard, or asset between two parties is accepted by the participating
Geisler and Kroigaard (DGK) to offer strong security per- nodes through the use of a consensus mechanism. This trans-
formance. The primary goal of this research is to provide a action is recorded in an immutable distributed ledger as part
robust authentication mechanism to address difficulties iden- of the transaction log. Blockchain is a practical distributed
ledger technology, and it was this protocol that introduced
the concept of decentralization into the settlement of finan-
cial transactions. Later, the framework was generalized in
