Medical Health Record Protection Using Ciphertext-Policy Attribute-Based Encryption and Elliptic Curve Digital Signature Algorithm

Novi Aryani Fitri, M. Udin Harun Al Rasyid, Amang Sudarsono


Information on medical record is very sensitive data due to the number of confidential information about a patient's condition. Therefore, a secure and reliable storage mechanism is needed so that the data remains original without any changes during it was stored in the data center. The user must go through an authentication process to ensure that not an attacker and verify to ensure the authenticity and accuracy of the data received. In this research, we proposed a solution to secure medical data using the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) and Elliptic Curve Digital Signature Algorithm (ECDSA) methods. Our system can secure data centers from illegal access because the uploaded data has patient control over access rights based on attributes that have been embedded during the data encryption process. Encrypted data was added to the digital signature to pass the authentication process before being sent to the data center. The results of our experiments serve efficient system security and secure with low overhead. We compare the proposed system performance with the same CP-ABE method but don’t add user revocation to this system and for our computing times are shorter than the previous time for 0.06 seconds and 0.1 seconds to verify the signature. The total time in the system that we propose requires 0.6 seconds.


Medical record data security; CP-ABE; Digital Signature; ECDSA; Access Policy

Full Text:



B Eswara Reddy, Gandikota Ramu, A Secure Framework for Ensuring EHR's Integrity Using Fine-Grained Auditing and CP-ABE, In Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), IEEE 2nd International Conference on (pp. 85-89). IEEE. 2016

Yinghui Zhang, Dong Zheng, and Robert H. Deng, Security and Privacy in Smart Health : Efficient Policy-Hiding Attribute-Based Access Control, IEEE Internet of Things Journal. vol. 3, no. 1, pp. 1–15, 2018.

Entao Luo, Md Zakirul Alam Bhuiyan, Guojun Wang, Md Arafatur Rahman, Jie Wu, and Mohammed Atiquzzaman, PrivacyProtector : Privacy-Protected Patient Data Collection in IoT-Based Healthcare Systems, IEEE Communications Magazine, 56(2), February, pp. 163–168, 2018.

Kwangsoo Seol, Young-Gab Kim, Euijong Lee, Young-Duk Seo, and Doo-Kwon Baik, Privacy-Preserving Attribute-Based Access Control Model for XML-Based Electronic Health Record System, IEEE Access vol. 6, pp. 9114-9128. 2018.

Ho Hui Chung, Peter Shaojui Wang, Te-Wei Ho, Hsu-Chun Hsiao, and Feipei Lai, A Secure Authorization System in PHR based on CP-ABE, E-Health and Bioengineering Conference (EHB), pp. 1-4. IEEE. 2015.

Ahmed Lounis, Abdelkrim. Hadjidj el al. “Secure and Scalable Cloud-based Architecture for e-Health Wireless Sensor Networks. International Conference on Computer Communications and Networks (ICCCN), pp. 1-7,IEEE, 2012 21st.

Novi Aryani Fitri, Udin Harun Al Rasyi, and Amang Sudarsono, Secure Attribute-Based Encryption With Access Control to Data Medical Records. 2018 International Electronics Symposium on Knowledge Creation and Intelligent Computing (IES-KCIC), pp. 105-111. 2018.

Muhammad Arif Mughal, Xiong Luo, Ata Ullah Subhan Ullah, and Zahid Mahmood, A Lightweight Digital Signature Based Security Scheme for Human-Centered Internet of Things, IEEE Access, pp. 31630 - 31643. 2018.

B. Sindhu and Dr. R. M. Noorullah, Secure Elliptic Curve Digital Signature Algorithm for Internet of Things, Global Journal of Computer Science and Technology, vol. 1, no. 3, 2016.

Munsyi, Amang Sudarsono, and Udin Harun Al Rasyi. Secure Data Sensor In Environmental Monitoring Sistem Using Attribute-Based Encryption With Revocation. International Journal on Advanced Science, Engineering and Information Technology, vol. 7(2), pp. 609-624. 2017

Jie Zhang, Nian Xue , and Xin Huang. A Secure System For Pervasive Social Network-based Healthcare. IEEE Access, 4,pp. 9239-9250. 2016

Wei Li, Bonnie M. Liu, Dongxi Liu, Ren Ping Liu, Peishun Wang, Shoushan Luo, and Wei Ni, Unified Fine-grained Access Control for Personal Health Records in Cloud Computing. IEEE journal of biomedical and health informatics, pp. 1 - 1 2018

Young Sil Lee, Esko Alasaarela, and HoonJae Lee, “Secure key management scheme based on ECC algorithm for patient's medical information in healthcare sistem, The International Conference on Information Networking 2014 (ICOIN2014), February, pp. 453-457. 2014.

Al Imem Ali, “Comparison and Evaluation of Digital Signature Schemes Employes in NDN Network, Internattional Journal of Embedded systems and Application (IJESA), Vol.5, No.2 2015

J. Bethencourt, A. Sahai, and B. Waters, Ciphertext-Policy AttributeBased Encryption, IEEE Symposium on Security and Privacy, pp. 321-334, 2007

Bhanu Panjwani, Scalable and parameterized hardware implementation of Elliptic Curve Digital Signature Algorithm over Prime Fields, Advances in Computing, Communications and Informatics (ICACCI), 2017 International Conference, pp. 211-218. IEEE, 2017.

Don Johnson, Alfred Menezes, and Scott Vanstone, The Elliptic Curve Digital Signature Algorithm ( ECDSA ), International journal of information security, 1(1), pp. 36-63. 2001.

Muhammad Haikal Azaim, Dodi Wisaksono Sudiharto, and Erwid Musthofa Jadied, Design and Implementation of Encrypted SMS on Android Smartphone Combining ECDSA - ECDH and AES, Multimedia and Broadcasting (APMediaCast), 2016 Asia Pacific Conference, pp. 18-23. IEEE, 2016.

Ravi Kishore Kodali, Implementation of ECDSA in WSN, International Conference on Control Communication and Computing (ICCC). pp. 310-314. IEEE. 2013

Abdessalem Abidi, Belgacem Bouallegue, and Fatma Kahri, Implementation of elliptic curve digital signature algorithm (ECDSA), Global Summit Computer & Information Technology (GSCIT), pp. 1-6. IEEE , 2014.

Cameron F. Kerry, Digital Signature Standard (DSS), Federal Information Processing Standards Publication (FIPSP), Ed. 3, 2013.

Prof. Sangeeta Nagpure, and Sonal Kurkure. Vulnerability Assessment and Penetration Testing of Web Application. International Conference on Computing, Communication, Control and Automation (ICCUBEA). Pp.1-6. IEEE. 2017

Petar Cisar, Sanja Maravic Cisar, and Igor Furstner, Security Assessment with Kali Linux, Bánki Közlemények, 1(1), pp. 49-52, 2018

DOI: 10.24003/emitter.v7i1.356


  • There are currently no refbacks.

Copyright (c) 2019 EMITTER International Journal of Engineering Technology

EMITTER Journal Editorial Office


Politeknik Elektronika Negeri Surabaya

Jl. Raya ITS - Kampus PENS Sukolilo Surabaya 60111, INDONESIA   Telp : +62 31 594 7280   Fax : +62 31 594 6114