Implementing One Time Password based security mechanism for securing personal health records in cloud

Abstract

Personal Health Record (PHR) is an emerging patient-centric model of health information exchange, which is often outsourced to be stored at a third party, such as cloud providers. Researches had been taken up in enhancing the security of the out sourced PHRs by implementing the Attribute Based Encryption (ABE) to assure the patients control over their PHRs. Yet, most of the attribute based encryption introduces complexity in access control, key management, privacy exposure and scalability of the System. However, the authentication module of the PHR system had been researched less when compared to the security module of the system. In this paper, we propose a "One Time Password" user authentication module along with Advanced Encryption Standard (AES) for encrypting the owners personal Health Record before uploading it onto the semi trusted cloud server.