Abstract
The opportunity to access on-demand, unbounded computation and storage resources has increasingly motivated users to move their health records from local data centers to the cloud environment. This change can reduce the costs associated with the management of data sharing, communication overhead and improve Quality of Service (QoS). Processing, storing, hosting and archiving data related to e-Health systems without physical access and control can exacerbate authentication and access control issues in this new environment. Therefore, convincing users to move sensitive medical records to the cloud environment requires implementing secure and strong authentication and access control methods to protect the data. This paper proposes a new information access method that preserves both authentication and access control in cloud-based e-Health systems. Our method is based on a zero-knowledge protocol combined with two-stage keyed access control. In each access request, based on the maximum rights of user, the minimum access is extracted. To establish secure connections between different entities in the system, a two-step combination of public key encryption and DUKPT is used. We analyze our scheme with respect to data confidentiality and resistance to common attacks on the network. Experimental results show that the proposed method tolerates a high number of concurrent authentication requests with a reasonable response time.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
