LAUSR

A patient-centered personal health records system has been actively promoted in recent years. Its purpose is to maintain long-term personal records and health improvement plans. It combines a cloud computing environment to build a personal health records system to quickly collect personal information and transfer it to the back end for storage for future access. However, in a cloud environment, the message transmission process is more open. Therefore, a lack of an authority security mechanism for the users of such an architecture will result in distrust and doubt by the users. This adversely affects the implementation and quality of long-term health plans. To protect the crucial privacy of the users from malicious attacks or theft, it is necessary to ensure that the users have different authority to access their personal health records under the cloud computing environment and manage the openness of their authority to other users. A secured identify authentication mechanism can ensure that only legitimate users can log in to the system and obtain system service resources through verification. For a personal health records system in the cloud computing environment, this study proposes a secure and reliable user authentication mechanism allowing relevant users access to the user’s PHR in the cloud based on their authority. The proposed authentication method uses a password combined with a smart card, allowing the owner and authorized users to log in to the system and access the relevant personal records. In this study, an authentication method based on bilinear pairing was used to verify the identity of users and to effectively prevent malicious intrusion and theft.