In the world of modern technology and the huge spread of its use, it has been combined with healthcare systems and the establishment of electronic health records (EHR) to follow up on patients. This merging of technology with healthcare has allowed for more accurate EHRs that follow a patient to different healthcare facilities. Timely exchange of electronic health information (EHR) between providers is critical for aiding medical research and providing fast patient treatment. As a result, security issues and privacy problems are viewed as significant difficulties in the healthcare system. Several remote user authentication methods have been suggested. In this research, we present a feasible patient EHR migration solution for each patient. finally, each patient may securely delegate their current hospital’s information system to a hospital certification authority in order to receive migration proof that can be used to transfer their EHR to a different hospital. In addition, the proposed scheme is based on crypto-hash functions and asymmetric cryptosystems by using homomorphic cryptography. The proposed scheme carried out two exhaustive formal security proofs for the work that was provided. Using Scyther, a formal security tool, we present a secure user authentication technique in the proposed healthcare scheme that ensures security and informal analysis.
This work addresses the critical need for secure and patient-controlled Electronic Health Records (EHR) migration among healthcare hospitals’ cloud servers (HHS). The relevant approaches often lack robust access control and leave data vulnerable during transfer. Our proposed scheme empowers patients to delegate EHR migration to a trusted Third-Party Hospital (TTPH); which is the Certification Authority (CA) while enforcing access control. The system leverages asymmetric encryption utilizing the Elliptic Curve Digital Signature Algorithm (ECDSA), EEC and ECDSA added robust security and lightness EHR sharing. Patient and user privacy is managed due to anonymity through cryptographic hashing for data protection and utilizes mutual authentication for secure communication. Formal security analysis using the Scyther tool and informal analysis was conducted to validate the system’s robustness. The proposed scheme achieved EHR integrity due to the verification of the communicated HHS and ensuring the integrity of the HHS digital certificate during EHR migration. Ultimately, the result achieved in the proposed work demonstrated the scheme’s high balance between data security and accuracy of communication, where the best result obtained represented 7.7/ ms as computational cost and 1248 /bits as communication cost compared with the relevant approaches.