Key points are not available for this paper at this time.
Cloud computing provides best-in-class facilities to the healthcare system, a resource-limited environment with low mobility, delay in transmission and non-intelligent disease awareness services through embedded sensors. Despite the many advantages of cloud computing for the e-healthcare system, various privacy, efficacy, and security issues still exist. Researchers have tried to present multiple security protocols in the literature to improve the privacy, security, and efficiency of electronic healthcare records and patient-sensitive information. However, these protocols are vulnerable to several flaws, including impersonation, stolen-verifier and insider attacks, anonymity, privacy and session key hijacking issues, and poor performance. These vulnerabilities, problems, and ineffectuality pose significant risks to the integrity, confidentiality, and authorization of the e-healthcare system. Therefore, this article presents a security framework for the e-healthcare system to provide secure authentication of all the participating entities, mitigate impersonation, stolen-verifier and insider attacks, address anonymity, privacy, and session key hijacking issues, and offer effective services. The proposed protocol is designed to ensure its applicability in the resource-constrained environment of the healthcare system. It was developed using the Elliptic Curve Cryptography (ECC) and MD5 operations, which are known for their practicality and efficiency. The correctness and robustness of the proposed protocol have been confirmed through well-known security analysis techniques – the Gang-Needham-Yaloon (GNY) logic analysis and ProVerif simulation. The efficacy of the proposed scheme is demonstrated by evaluating storage, computation, and communication costs. Compared to other authentication approaches, the results illustrate the clear superiority of existing work.
Abdulrahman Alzahrani (Mon,) studied this question.