Electronic health records (EHRs) replaced the old paper-based systems to make patient data more accurate, reliable, and more accessible. Yet, the EHRs system requires high transmission cost, energy, and waste of time for both doctors and patients. Furthermore, EHRs security presents a serious issue threatening the patient’s privacy. Most of the third-party hosting systems have some issues related to the users’ privacy and data security. Hence, it is necessary to restrict the access control policies and develop efficient mechanisms for cloud-based EHRs data. In this paper, a sensitive and energetic access control (SE-AC) mechanism is proposed for managing the cloud-hosted EHRs and providing a fine-grained access control even in critical situations. The proposed mechanism ensures the confidentiality of the patient’s data, where only authorized individuals to have permission to be able to edit or review certain of the patient’s data. Each EHR data is encrypted by the managing authority before submitting to the cloud storage. The requesting user can get dynamically changing permissions based on authentication and context attributes. In addition, seven major aspects have been quantified to assess the operation of any access control that could be deployed in the Internet-of-Thing (IoT). The security analysis indicates that the SE-AC mechanism is secure and will prevent any unauthorized access. The results show exceptional compatibility and performance with different setups and configuration.

In this work, we propose a secure version of ElGamal public key cryptosystem, and prove that it is semantically secure assuming the hardness of what we call the two-dimensional decisional Diffie-Hellman (2DDDH) problem, this cryptosystem is distinguished by the speed of encryption and decryption processes and by its resistance to active adversaries. Since the 2DDDH problem is harder than the decisional Diffie-Hellman (DDH) problem (as it will be seen), one may conclude that our model reinforces the exchange security compared to the existed cryptosystems falling within the same context, also we discuss the difficult problems that guarantee its security.

Electronic health records (EHRs) replaced the old paper-based systems to make patient data more accurate, reliable, and more accessible. Yet, the EHRs system requires high transmission cost, energy, and waste of time for both doctors and patients. Furthermore, EHRs security presents a serious issue threatening the patient's privacy. Most of the third-party hosting systems have some issues related to the users' privacy and data security. Hence, it is necessary to restrict the access control policies and develop efficient mechanisms for cloud-based EHRs data. In this paper, a sensitive and energetic access control (SE-AC) mechanism is proposed for managing the cloud-hosted EHRs and providing a fine-grained access control even in critical situations. The proposed mechanism ensures the confidentiality of the patient's data, where only authorized individuals to have permission to be able to edit or review certain of the patient's data. Each EHR data is encrypted by the managing authority before submitting to the cloud storage. The requesting user can get dynamically changing permissions based on authentication and context attributes. In addition, seven major aspects have been quantified to assess the operation of any access control that could be deployed in the Internet-of-Thing (IoT). The security analysis indicates that the SE-AC mechanism is secure and will prevent any unauthorized access. The results show exceptional compatibility and performance with different setups and configuration.

In this work, we propose a secure version of ElGamal public key cryptosystem, and prove that it is semantically secure assuming the hardness of what we call the two-dimensional decisional Diffie-Hellman (2DDDH) problem, this cryptosystem is distinguished by the speed of encryption and decryption processes and by its resistance to active adversaries. Since the 2DDDH problem is harder than the decisional Diffie-Hellman (DDH) problem (as it will be seen), one may conclude that our model reinforces the exchange security compared to the existed cryptosystems falling within the same context, also we discuss the difficult problems that guarantee its security.