Page 77 - 2023-Vol19-Issue2
P. 77
73 | Hamed & Yassin
• Step1. Compute a public key, (PU(CHSk) = (N, g, h, u)). 3) User Side
In the healthcare system, there is important part represented
• Step2. Compute a private key, (Pr(CHSk) = (p, q, vp, vq)). by users like employees, doctors, administrator. The user (Ui)
sends his request to (CHSk) for registering and getting his
• Step3. Send the tuple (ID(CHSk), IDHCA, PU(CHSk), Pr(CHSk))electronic healthcare record (EHRUi ) that consists of sensitive
to CHSk and declare the public key PU(CHSk) to other information such as (IDUi , PWUi , AddressUi , EmailUi , . . . etc.).
healthcare institutions CHS1, CHS2,. . . CHSn (see Fig- However, CHSk prepares anomaly parameters IDAUi = H(IDUi ),
ure 1). PWAUi = H(PWUi ) and forwards user’s request (IDAUi , PWAUi )
to HCA. The following steps performed by HCA to generate
2) Patient Side main keys.
A patient (Wi) sends request to (CHSk) for registering and • Step1. Generate Shared key (SKUi ) and certificate (CertUi ).
getting his electronic healthcare record EHR owner(EHR(Wi)) • Step2. Send the tuple (SKUi , IDAUi , PWAUi ,CertUi ) to Ui
that consists of sensitive information such as (ID(Wi), PW(Wi), via CHSk.
Address(Wi), Email(Wi), . . . etc.). However, CHSk first pre-
pares hash function that is H, where H : Zn* ? {0, 1}1. CHSk • Step3. CHSk upgrades the main information of EHREi <
prepares anomaly parameters IDAWi = H(IDWi ), PWAWi = SKUi , IDAUi , PWAUi ,CertUi , . . . > for using it in the next
H(PWWi ). Then, CHSk forwards patient’s request based on phases (see Fig. 2).
his anomaly parameters to the HCA to help Wi obtaining
the permission parameters from HCA that implementing the
following steps:
• Step1. Generate Shared key (SK(Wi)) and certificate
(Cert(Wi)).
• Step2. Send the tuple (SK(Wi), ID(AWi), PW(AWi),Cert(Wi))
to Wi via CHSk.
• Step3. CHSk upgrades the main information of EHR(Wi) Fig. 2. Registration phase of user phase.
such as ID(AWi), PW(AWi) and keeps the shared key for
using it in the next phases.
Finally, the EHR(Wi) is active to use in the healthcare B. Login and Authentication Phase
system and applied key operations (update, insert, delete) on In this phase, the patient and employee want to login the
it (see Fig. 1). healthcare system , receiving report from his doctor or sending
quires to his doctor for accessing EHRWi existed CHSk.
Fig. 1. Registration phase of cloud health server side and
patient side. 1) Patient Side (The owner of EHR)
The patient (Wi) desires to access the system in order to view
his electronic health record (EHRWi ), gets a report from his
doctor, or sends some queries to his doctors. There are main
steps to allow Wi from accessing the system as follows:
• Step1. The Wi enters his IDWi , PWWi and then generates
an integer random number ri ? Zn*. Finally, he calcu-
lates an anonymity of identity and one-time password
ID'AWi = H(IDWi ), PWA'Wi = H(H(PWWi ) ? ri)), respec-
tively.
• Step2. Wi encrypts EWi = EncSKWi (ri) using symmetric
key and EHWi = HEncSKWi (PWA'Wi ) = gPWA'Wi hri modN ,
which is based on homomorphic encryption.
