Abstract
Electronic medical records, one of the sensitive data, are stored in public or private cloud service providers. Cloud systems provide security with firewall and intrusion detection systems, and these systems ensure privacy with access control and end-to-end encryption. However, while sending data to the cloud system, attackers can capture the data with the help of Man in the Middle attacks and vulnerabilities of the storage systems. In the middleware architecture proposed in this study, access control protocol, key distributor and end-to-end hybrid encryption which are based on user roles were innovatively used to overcome security issues in data transmission. In this system, writing and updating requests are encrypted asymmetrically, and reading requests were encrypted symmetrically. This solution distinguishes the proposed method from previous studies. According to this solution the operating performance of the system is increased. In addition, the attacker cannot see the actual data in a cyber-attacks because the sensitive data is distributed to the users with their private keys. This result shows that the access, write and update of electronic medical records are performed with the principles of security and privacy.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: The International Arab Journal of Information Technology
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
