Healthcare Service Providers (HSP) are increasingly adopting cloud technologies to outsource their Electronic Health Systems (EHS) which manage their Electronic Health Records (EHR), and adopting Internet of Things (IoT) technologies to improve the availability and convenience of their services to patients. The rise of these Cloud Based Electronic Health Systems (CBEHS) introduces additional security requirements since they store sensitive data, utilize an untrusted infrastructure, and operate in a heterogeneous environment. There have been several schemes proposed to meet these requirements. These schemes focus on achieving lightweight authentication, confidentiality, authorization and access control, patient anonymity, automated gathering of diagnostic data and system scalability. We analyse several previously proposed schemes and identify their strengths and weaknesses. We then propose an improved scheme which builds on the strengths of previous schemes and achieves improved security, features, and scalability. Our scheme also introduces a novel patient-centric cryptographically enforced authorization mechanism, which specifically addresses the requirements of CBEHSs. We analyse the security of our scheme both qualitatively and using the formal verification tool ProVerif. We also analyse our scheme's performance and analyse its features in contrast with previously proposed schemes.
| Date of Award | Nov 2016 |
|---|
| Original language | American English |
|---|
| Supervisor | ERNESTO Damiani (Supervisor) |
|---|
- Electronic Health Record
- Security
- Cloud
- Telemedicine
- Anonymity
- Authentication
- Authorisation
- Access Control.
A Security Scheme for Cloud Based Electronic Health System
Almarzooqi, A. (Author). Nov 2016
Student thesis: Master's Thesis