A Secure and Authentication Scheme to Preserve the Privacy of Electronic Health Records in the Healthcare System

Abstract

Electronic Healthcare Records (EHRs), networks, and cloud computing have significantly revolutionized the traditional healthcare system. Secure remote user authentication is an important component of the healthcare system for authenticating an individual's identification via an unsecure communication network. The roles are distributed among the system's users, contrasting between administrator and data entry within certain rules and policies. It is possible to restrict access to key user activities (addition, deletion, and modification) based on a user's position in the healthcare system. As a result, security issues, hostile attacks, and privacy concerns are viewed as key challenges in the healthcare system. Using role-based access control and smart multi-factor authentication, this research provides a privacy-preserving solution to solve the issues in earlier approaches. The proposed scheme is based on crypto hash functions and asymmetric cryptosystems by using chameleon digital signatures. The proposed scheme carried out two exhaustive formal security proofs for the work that was provided. Using scyther, a formal security tool, we present a secure user authentication technique in the healthcare system that overcomes the familiar security problems and ensures the security of the proposed scheme and informal analysis. Our proposed scheme focuses on two main components: users and administrators. The administrator is considered to be the heart of the system. Therefore, any information that is stolen from them poses a threat to the entire system and all its parts. Compared to others, the proposed scheme more secure. By the way, our work gains many potentials to protect users account gains malicious attacks.