Hybrid Cryptographic Access Control for Cloud-Based EHR Systems

摘要

Cloud-based electronic health record (EHR) systems are next-generation big data systems for facilitating efficient and scalable storage and fostering collaborative care, clinical research, and development. Mobility and the use of multiple mobile devices in collaborative healthcare increases the need for robust privacy preservation. Thus, large-scale EHR systems require secure access to privacy-sensitive data, data storage, and management. The authors provide a comprehensive solution with a cryptographic role-based technique to distribute session keys to establish communications and information retrieval using the Kerberos protocol; location- and biometrics-based authentication to authorize users; and a wavelet-based steganographic technique to embed EHR data securely using electrocardiography (ECG) signals as the host in a trusted cloud storage. A comprehensive security analysis demonstrates that the model is scalable, secure, and reliable for accessing and managing EHR data.