International Journal of Computer Network and Information Security(IJCNIS)

ISSN: 2074-9090 (Print), ISSN: 2074-9104 (Online)

Published By: MECS Press

IJCNIS Vol.10, No.1, Jan. 2018

Achieving Confidentiality in Electronic Health Records using Cloud Systems

Full Text (PDF, 514KB), PP.18-25

Views:135   Downloads:14


Robert French-Baidoo, Dominic Asamoah, Stephen Opoku Oppong

Index Terms

Trusted Authority;Advance Encryption System 256;Secure Hashing Algorithm 256;Virtual Electronic Medical Records;Public Key Infrastructure;Public Key Generator;Random Access Memory


Currently, existing methods for enforcing access to records in an Electronic Health Record system relies on a single Trusted Server which stores health records and mediates access. Such Trusted Severs employ either a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) or Key-Policy Attribute-Based Encryption (KP-ABE) method for storing and controlling access. However, Trusted Server storage of health records is susceptible to single-point-of-threat attack and a successful attack invariably leads to compromising the integrity of records on the server. In this research work. This paper presents a methodology that defines and creates simple Access Structures and eliminates need for private keys during encryption and/or decryption of health records which is the Enhanced Ciphertext-Policy Attribute-Based Encryption (ECP-ABE). The ECP-ABE yields high cryptographic performance creates simple Access Structures, eliminates need for private keys and presents an implementation architecture that makes cloud-based EHR system secure and confidential. The ECP-ABE also performs cryptographic functions using less CPU time, minimal computer memory and produces high encryption and decryption throughput especially with increasing file sizes.

Cite This Paper

Robert French-Baidoo, Dominic Asamoah, Stephen Opoku Oppong,"Achieving Confidentiality in Electronic Health Records using Cloud Systems", International Journal of Computer Network and Information Security(IJCNIS), Vol.10, No.1, pp.18-25, 2018.DOI: 10.5815/ijcnis.2018.01.03


[1]Jafari, M., Safavi-Naini. R. & Sheppard, N. P., A Rights Management Approach to Protection of Privacy in a Cloud of Electronic Health Records. Chicago, Association for computing Machinery, pp. 23-30, 2011.

[2]Brino, A., Cloud still sparks fear of breaches. [Online] Available at:, 2014.

[3]Rodzinka, M.. United States Legislation and HIPAA. In: Cross-Enterprise Access Control: Security for Electrionic Health Records: Technical, Practical and Legislation Impact. Rochester, New York: s.n., pp. 7-11, 2012.

[4]Rouse, M. & Pawliw, B., cryptography. [Online] Available at:, 2014.

[5]Szolovit, P. et al., Guardian Angel:Patient Cenetered Health Information Systems. Massachusetts Institute of Technology Laboratory for Computer Science, 1994.

[6]Narayan, S., Gagné, M. & Safavi-Naini, R., Privacy Preserving EHR System Using Attribute-based Infrastructure. Canada: University of Calgary, Alberta, Canada, 2010.

[7]Chien-Ding, L., A Cryptographic Key Management Solution For HIPAA Privacy/Security Regulations, 1994.

[8]Sahai, A. & Waters, B., Fuzzy Identity Based Encryption. pp. 469-472, 2005.

[9]Goyal, V., Pandey, O., Sahai, A. & Waters, B., Attribute Based Encryption for Fine-Grained Access Control of Encryption Data. Virginia, 2006.

[10]Ibraimi, L. et al., Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes (extended version)., Enschede: UT Publications, 2009.

[11]Scholl, M., Stine, K., Lin, K. & Steinberg, D., Draft Security Architecture Design Process For Health Information Exchanges. Gaithersburg, MD: National Institute of Standards and Technology, 2009.

[12]Microsoft Corporation, A Brief Introduction to Role-Based Access Control – Part 1. [Online] Available at:, 2010.

[13]Li, M., Yu, S., Ren, K. & Lou, W. Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings. Security and Privacy in Communication networks, Volume 50, 2010.

[14]Janssen, C., Attribute-Based Access Control (ABAC). [Online] Available at:, 2015.

[15]Bethencourt, J., Sahai, A. & Waters, B. Ciphertext-Policy Attribute-Based Encryption. Los Angeles: IEEE Computer Society, 2007.