Enhancing Transaction Security for Handling Accountability in Electronic Health Records
Electronic healthcare systems have received extensive attention during the last decade due to the advancement of digital technology. Using these systems in the healthcare industry can improve the quality of healthcare services tremendously. However, a major issue that needs to be concerned, when uti...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2020-01-01
|
| Series: | Security and Communication Networks |
| Online Access: | http://dx.doi.org/10.1155/2020/8899409 |
| Summary: | Electronic healthcare systems have received extensive attention during the last decade due to the advancement of digital technology. Using these systems in the healthcare industry can improve the quality of healthcare services tremendously. However, a major issue that needs to be concerned, when utilizing this kind of system, is accountability. Employments of electronic health records, the core of the systems, without accountability can be a big risk to both patients and service personals and, consequently, to the entire society. Accountability in electronic health records is essential to creating trust among parties. Many researchers have been introduced to the accountability protocol. However, most of them still lack some essential security property that is mutual authentication. This leads to both information traceability and nonrepudiation which are necessary for resolving any conflict that may arise. In this paper, we propose accountability protocol for electronic health records; the protocol employs both asymmetric and symmetric encryptions to ensure that the electronic health records are having confidentiality, integrity, authentication, and authorization. The accountability analysis and performance analysis show that the proposed protocol is more capable and effective than others. The novel aspect of this idea lies in the inclusion of certain forms of security that are necessary to protect the patient’s electronic health records. To the best of our knowledge, the proposed protocol consumes less cost, energy, and time compared with the existing protocols. A proof of concept of our protocol is also presented in this paper by using BAN logic, an automated security protocol proof tool named Scyther, and AVISPA |
|---|---|
| ISSN: | 1939-0114 1939-0122 |