In the world of modern technology and the huge spread of its use, it has been combined with healthcare systems and the establishment of electronic health records (EHR) to follow up on patients. This merging of technology with healthcare has allowed for more accurate EHRs that follow a patient to different healthcare facilities. Timely exchange of electronic health information (EHR) between providers is critical for aiding medical research and providing fast patient treatment. As a result, security issues and privacy problems are viewed as significant difficulties in the healthcare system. Several remote user authentication methods have been suggested. In this research, we present a feasible patient EHR migration solution for each patient. finally, each patient may securely delegate their current hospital’s information system to a hospital certification authority in order to receive migration proof that can be used to transfer their EHR to a different hospital. In addition, the proposed scheme is based on crypto-hash functions and asymmetric cryptosystems by using homomorphic cryptography. The proposed scheme carried out two exhaustive formal security proofs for the work that was provided. Using Scyther, a formal security tool, we present a secure user authentication technique in the proposed healthcare scheme that ensures security and informal analysis.
In the era of modern trends such as cloud computing, social media applications, emails, mobile applications, and URLs that lead to increased risks for defrauding authorized users, and then the attackers try to gain illegal access to accounts of users through a malicious attack. The phishing attack is one of the dangerous attacks caused to access of authorized account illegally way. The finances, business, banking, and other sensitive in states are faces by this type of attacks due to the important information they have. In this paper, we propose a secure verification scheme that can overcome the above-mentioned issues. Additionally, the proposed scheme can resist famous cyberattacks such as impersonate attacks, MITM attacks. Moreover, the proposed scheme has security features like strong verification, forward secrecy, user’s identity anomaly. The security analysis and the experimental results proved the strongest of the proposed scheme compared with other related works. Finally, our proposed scheme balanced between the performance and the security merits.
Recently, the incorporation of state-of-the-art technology such as Electronic Healthcare Records (EHRs), networks, and cloud computing has transformed the traditional healthcare system. However, security problems have arisen as a result of the integration of technology. Secure remote user authentication is a core part of the healthcare system to validate the user's identification via an unsecure communication network. Since then, several remote user authentication schemes have been presented, each with its own set of pros and limitations. As a result, security, malicious attacks and privacy concerns are considered one of the main challenges related to the healthcare system. In this paper, we propose a safe user authentication scheme for patients in the healthcare system that overcomes these flaws and confirms the security of the proposed work using scyther, a formal security tool. In the healthcare environment, our work provides an effective means to construct an environment capable of setting, registering, storing, searching, analyzing, authentication, and verifying electronic healthcare information in order to protect the information of patients. Furthermore, our suggested scheme uses symmetric encryption based on the crypto- hash function for accessing the anomaly of the patient's identity and One-Time Password (OTP). Towards the end of the study, the performance analysis results indicate a delicate balance of security and performance that is frequently lacking in previous works.
This work addresses the critical need for secure and patient-controlled Electronic Health Records (EHR) migration among healthcare hospitals’ cloud servers (HHS). The relevant approaches often lack robust access control and leave data vulnerable during transfer. Our proposed scheme empowers patients to delegate EHR migration to a trusted Third-Party Hospital (TTPH); which is the Certification Authority (CA) while enforcing access control. The system leverages asymmetric encryption utilizing the Elliptic Curve Digital Signature Algorithm (ECDSA), EEC and ECDSA added robust security and lightness EHR sharing. Patient and user privacy is managed due to anonymity through cryptographic hashing for data protection and utilizes mutual authentication for secure communication. Formal security analysis using the Scyther tool and informal analysis was conducted to validate the system’s robustness. The proposed scheme achieved EHR integrity due to the verification of the communicated HHS and ensuring the integrity of the HHS digital certificate during EHR migration. Ultimately, the result achieved in the proposed work demonstrated the scheme’s high balance between data security and accuracy of communication, where the best result obtained represented 7.7/ ms as computational cost and 1248 /bits as communication cost compared with the relevant approaches.