Achieving Confidentiality in Electronic Health Records using Cloud Systems

Full Text (PDF, 714KB), PP.18-25

Views: 0 Downloads: 0


Robert French-Baidoo 1,* Dominic Asamoah 2 Stephen Opoku Oppong 2

1. Takoradi Technical University, Ghana

2. Department of Computer Science, KNUST, Ghana; Faculty of Informatics, GTUC, Ghana

* Corresponding author.


Received: 26 Aug. 2017 / Revised: 12 Sep. 2017 / Accepted: 13 Oct. 2017 / Published: 8 Jan. 2018

Index Terms

Trusted Authority, Advance Encryption System 256, Secure Hashing Algorithm 256, Virtual Electronic Medical Records, Public Key Infrastructure, Public Key Generator, Random Access Memory


Currently, existing methods for enforcing access to records in an Electronic Health Record system relies on a single Trusted Server which stores health records and mediates access. Such Trusted Severs employ either a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) or Key-Policy Attribute-Based Encryption (KP-ABE) method for storing and controlling access. However, Trusted Server storage of health records is susceptible to single-point-of-threat attack and a successful attack invariably leads to compromising the integrity of records on the server. In this research work. This paper presents a methodology that defines and creates simple Access Structures and eliminates need for private keys during encryption and/or decryption of health records which is the Enhanced Ciphertext-Policy Attribute-Based Encryption (ECP-ABE). The ECP-ABE yields high cryptographic performance creates simple Access Structures, eliminates need for private keys and presents an implementation architecture that makes cloud-based EHR system secure and confidential. The ECP-ABE also performs cryptographic functions using less CPU time, minimal computer memory and produces high encryption and decryption throughput especially with increasing file sizes.

Cite This Paper

Robert French-Baidoo, Dominic Asamoah, Stephen Opoku Oppong, "Achieving Confidentiality in Electronic Health Records using Cloud Systems", International Journal of Computer Network and Information Security(IJCNIS), Vol.10, No.1, pp.18-25, 2018.D OI:10.5815/ijcnis.2018.01.03


[1]Jafari, M., Safavi-Naini. R. & Sheppard, N. P., A Rights Management Approach to Protection of Privacy in a Cloud of Electronic Health Records. Chicago, Association for computing Machinery, pp. 23-30, 2011.
[2]Brino, A., Cloud still sparks fear of breaches. [Online] Available at:, 2014.
[3]Rodzinka, M.. United States Legislation and HIPAA. In: Cross-Enterprise Access Control: Security for Electrionic Health Records: Technical, Practical and Legislation Impact. Rochester, New York: s.n., pp. 7-11, 2012.
[4]Rouse, M. & Pawliw, B., cryptography. [Online] Available at:, 2014.
[5]Szolovit, P. et al., Guardian Angel:Patient Cenetered Health Information Systems. Massachusetts Institute of Technology Laboratory for Computer Science, 1994.
[6]Narayan, S., Gagné, M. & Safavi-Naini, R., Privacy Preserving EHR System Using Attribute-based Infrastructure. Canada: University of Calgary, Alberta, Canada, 2010.
[7]Chien-Ding, L., A Cryptographic Key Management Solution For HIPAA Privacy/Security Regulations, 1994.
[8]Sahai, A. & Waters, B., Fuzzy Identity Based Encryption. pp. 469-472, 2005.
[9]Goyal, V., Pandey, O., Sahai, A. & Waters, B., Attribute Based Encryption for Fine-Grained Access Control of Encryption Data. Virginia, 2006.
[10]Ibraimi, L. et al., Ciphertext-Policy Attribute-Based Threshold Decryption with Flexible Delegation and Revocation of User Attributes (extended version)., Enschede: UT Publications, 2009.
[11]Scholl, M., Stine, K., Lin, K. & Steinberg, D., Draft Security Architecture Design Process For Health Information Exchanges. Gaithersburg, MD: National Institute of Standards and Technology, 2009.
[12]Microsoft Corporation, A Brief Introduction to Role-Based Access Control – Part 1. [Online] Available at:, 2010.
[13]Li, M., Yu, S., Ren, K. & Lou, W. Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings. Security and Privacy in Communication networks, Volume 50, 2010.
[14]Janssen, C., Attribute-Based Access Control (ABAC). [Online] Available at:, 2015.
[15]Bethencourt, J., Sahai, A. & Waters, B. Ciphertext-Policy Attribute-Based Encryption. Los Angeles: IEEE Computer Society, 2007.