Authentication and Access Control-Based Data Security in EHR: A Blockchain-Based System for Mobile Cloud Computing

B. Prema Sindhuri; Kameswara M. Rao

doi:10.48084/etasr.16290

Authors

B. Prema Sindhuri Department of CSE, K L University, India
Kameswara M. Rao Department of ECSE, K L University, India

Volume: 16 | Issue: 2 | Pages: 33502-33517 | April 2026 | https://doi.org/10.48084/etasr.16290

Received: 15 November 2025 | Revised: 21 December 2025 and 6 January 2026 | Accepted: 9 January 2026 | Online: 4 April 2026

Corresponding author: B. Prema Sindhuri

Abstract

The storage of Electronic Health Records (EHRs) in mobile cloud platforms has evolved over the past couple of decades as mobile devices and cloud computing have been linked to facilitate the exchange of medical data between patients and medical professionals. Moreover, this modern approach offers medical institutions enhanced flexibility, reduced operational costs, and improved accessibility to EHRs. This innovative method raises concerns about network security and data privacy in e-health systems. Distributing EHRs to mobile users while maintaining confidentiality standards in the mobile cloud is difficult. This manuscript presents an integrated blockchain-based security framework for EHR sharing in Mobile Cloud Computing (MCC) environments. The proposed framework operates through four phases: registration, authentication, contract agreement, and data uploading and encryption. Blockchain technology is employed as a decentralized trust layer to provide transparency, immutability, and auditable access control, whereas smart contracts are used to enforce authorization policies among healthcare participants. Additionally, this work uses a dependable access control strategy in line with smart contracts to ensure secure transmission of EHRs between patients and medical professionals. The suggested Integrated Lightweight Key Management Mechanism (ILWKM) ensures authentication with secure transactions by generating a symmetric encryption key and a session key. The session key is encrypted using a modified cubic map along with data upload parameters. The new data encryption standard, Improved Elliptic Curve Cryptography (IECC) mechanism, is suggested to encrypt the data with a high level of security during the data uploading and encryption phase. The experimental results demonstrate that the proposed framework achieves improved security and computational efficiency compared to conventional approaches, indicating its suitability for secure EHR sharing in MCC environments.

Keywords:

Electronic Health Record (EHR), blockchain, authentication, Integrated Lightweight Key Management Mechanism (ILWKM), Improved Elliptic Curve Cryptography (IECC)

Downloads

Download data is not yet available.

References

N. Domadiya and U. P. Rao, "Improving healthcare services using source anonymous scheme with privacy preserving distributed healthcare data collection and mining," Computing, vol. 103, no. 1, pp. 155–177, Jan. 2021. DOI: https://doi.org/10.1007/s00607-020-00847-0

D. C. Nguyen, P. N. Pathirana, M. Ding, and A. Seneviratne, "Blockchain for Secure EHRs Sharing of Mobile Cloud Based E-Health Systems," IEEE Access, vol. 7, pp. 66792–66806, 2019. DOI: https://doi.org/10.1109/ACCESS.2019.2917555

X. Yang, W. Li, and K. Fan, "A revocable attribute-based encryption EHR sharing scheme with multiple authorities in blockchain," Peer-to-Peer Networking and Applications, vol. 16, no. 1, pp. 107–125, Jan. 2023. DOI: https://doi.org/10.1007/s12083-022-01387-4

P. Chinnasamy and P. Deepalakshmi, "HCAC-EHR: hybrid cryptographic access control for secure EHR retrieval in healthcare cloud," Journal of Ambient Intelligence and Humanized Computing, vol. 13, no. 2, pp. 1001–1019, Feb. 2022. DOI: https://doi.org/10.1007/s12652-021-02942-2

A. Azaria, A. Ekblaw, T. Vieira, and A. Lippman, "MedRec: Using Blockchain for Medical Data Access and Permission Management," in 2016 2nd International Conference on Open and Big Data, Vienna, Austria, 2016, pp. 25–30. DOI: https://doi.org/10.1109/OBD.2016.11

V. K. Yadav, R. K. Yadav, S. Verma, and S. Venkatesan, "CP2EH: a comprehensive privacy-preserving e-health scheme over cloud," The Journal of Supercomputing, vol. 78, no. 2, pp. 2386–2416, Feb. 2022. DOI: https://doi.org/10.1007/s11227-021-03967-2

W.-X. Yuan, B. Yan, W. Li, L.-Y. Hao, and H.-M. Yang, "Blockchain-based medical health record access control scheme with efficient protection mechanism and patient control," Multimedia Tools and Applications, vol. 82, no. 11, pp. 16279–16300, May 2023. DOI: https://doi.org/10.1007/s11042-022-14023-3

G. Ali et al., "xDBAuth: Blockchain Based Cross Domain Authentication and Authorization Framework for Internet of Things," IEEE Access, vol. 8, pp. 58800–58816, 2020. DOI: https://doi.org/10.1109/ACCESS.2020.2982542

M. Shen et al., "Blockchain-Assisted Secure Device Authentication for Cross-Domain Industrial IoT," IEEE Journal on Selected Areas in Communications, vol. 38, no. 5, pp. 942–954, May 2020. DOI: https://doi.org/10.1109/JSAC.2020.2980916

R. Goyat et al., "Blockchain-Based Data Storage With Privacy and Authentication in Internet of Things," IEEE Internet of Things Journal, vol. 9, no. 16, pp. 14203–14215, Aug. 2022. DOI: https://doi.org/10.1109/JIOT.2020.3019074

P. Huang, L. Guo, M. Li, and Y. Fang, "Practical Privacy-Preserving ECG-Based Authentication for IoT-Based Healthcare," IEEE Internet of Things Journal, vol. 6, no. 5, pp. 9200–9210, Oct. 2019. DOI: https://doi.org/10.1109/JIOT.2019.2929087

H. Guo, W. Li, M. Nejad, and C.-C. Shen, "Access Control for Electronic Health Records with Hybrid Blockchain-Edge Architecture," in 2019 IEEE International Conference on Blockchain, Atlanta, GA, USA, 2019, pp. 44–51. DOI: https://doi.org/10.1109/Blockchain.2019.00015

M. Ma, G. Shi, and F. Li, "Privacy-Oriented Blockchain-Based Distributed Key Management Architecture for Hierarchical Access Control in the IoT Scenario," IEEE Access, vol. 7, pp. 34045–34059, 2019. DOI: https://doi.org/10.1109/ACCESS.2019.2904042

U. Khalid, M. Asim, T. Baker, P. C. K. Hung, M. A. Tariq, and L. Rafferty, "A decentralized lightweight blockchain-based authentication mechanism for IoT systems," Cluster Computing, vol. 23, no. 3, pp. 2067–2087, Sept. 2020. DOI: https://doi.org/10.1007/s10586-020-03058-6

A. Yazdinejad, R. M. Parizi, A. Dehghantanha, Q. Zhang, and K.-K. R. Choo, "An Energy-Efficient SDN Controller Architecture for IoT Networks With Blockchain-Based Security," IEEE Transactions on Services Computing, vol. 13, no. 4, pp. 625–638, July 2020. DOI: https://doi.org/10.1109/TSC.2020.2966970

Z. Tian, B. Yan, Q. Guo, J. Huang, and Q. Du, "Feasibility of Identity Authentication for IoT Based on Blockchain," Procedia Computer Science, vol. 174, pp. 328–332, Jan. 2020. DOI: https://doi.org/10.1016/j.procs.2020.06.094

W. Jiang, H. Li, G. Xu, M. Wen, G. Dong, and X. Lin, "PTAS: Privacy-preserving Thin-client Authentication Scheme in blockchain-based PKI," Future Generation Computer Systems, vol. 96, pp. 185–195, July 2019. DOI: https://doi.org/10.1016/j.future.2019.01.026

W. J. Gordon and C. Catalini, "Blockchain Technology for Healthcare: Facilitating the Transition to Patient-Driven Interoperability," Computational and Structural Biotechnology Journal, vol. 16, pp. 224–230, Jan. 2018. DOI: https://doi.org/10.1016/j.csbj.2018.06.003

M. Min et al., "Learning-Based Privacy-Aware Offloading for Healthcare IoT With Energy Harvesting," IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4307–4316, June 2019. DOI: https://doi.org/10.1109/JIOT.2018.2875926

S. Wang, Y. Zhang, and Y. Zhang, "A Blockchain-Based Framework for Data Sharing With Fine-Grained Access Control in Decentralized Storage Systems," IEEE Access, vol. 6, pp. 38437–38450, 2018. DOI: https://doi.org/10.1109/ACCESS.2018.2851611

V. Komuravelly and M. Ramchander, "Security and Privacy of Electronic Health Records Sharing using Hyperledger Fabric," International Research Journal of Modernization in Engineering Technology and Science, vol. 4, no. 8, pp. 2410–2413, Aug. 2022.

O. A. Khashan, R. Ahmad, and N. M. Khafajah, "An automated lightweight encryption scheme for secure and energy-efficient communication in wireless sensor networks," Ad Hoc Networks, vol. 115, Apr. 2021, Art. no. 102448. DOI: https://doi.org/10.1016/j.adhoc.2021.102448

D. V. K. Vengala, D. Kavitha, and A. P. S. Kumar, "Three factor authentication system with modified ECC based secured data transfer: untrusted cloud environment," Complex & Intelligent Systems, vol. 9, no. 3, pp. 2915–2928, June 2023. DOI: https://doi.org/10.1007/s40747-021-00305-0

A. Janosi, W. Steinbrunn, M. Pfisterer, and R. Detrano, "Heart Disease." UCI Machine Learning Repository, 1989.

B. P. Sindhuri and M. K. Rao, "Blockchain model for authentication and access control-based data privacy in EHR system under mobile cloud platform," International Journal of Wireless and Mobile Computing, vol. 29, no. 1, pp. 56–67, Jan. 2025. DOI: https://doi.org/10.1504/IJWMC.2025.147647