Traditional healthcare services have transitioned into modern healthcare services where doctors remotely diagnose the patients. Cloud computing plays a significant role in this change by providing easy access to patients’ medical records to all stakeholders, such as doctors, nurses, patients, life insurance agents, etc. Cloud services are scalable, cost-effective, and offer a broad range of mobile access to patients’ electronic health record (EHR). Despite the cloud’s enormous benefits like real-time data access, patients’ EHR security and privacy are major concerns. Since the information about patients’ health is highly sensitive and crucial, sharing it over the unsecured wireless medium brings many security challenges such as eavesdropping, modifications, etc. Considering the security needs of remote healthcare, this paper proposes a robust and lightweight, secure access scheme for cloud-based E-healthcare services. The proposed scheme addresses the potential threats to E-healthcare by providing a secure interface to stakeholders and prohibiting unauthorized users from accessing information stored in the cloud. The scheme makes use of multiple keys formed through the key derivation function (KDF) to ensure end-to-end ciphering of information for preventing misuse. The rights to access the cloud services are provided based on the identity and the association between stakeholders, thus ensuring privacy. Due to its simplicity and robustness, the proposed scheme is the best fit for protecting data security and privacy in cloud-based E-healthcare services.

传统医疗服务已转变为现代医疗服务，医生远程诊断患者。云计算在这一变革中发挥着重要作用，让所有利益相关者（例如医生、护士、患者、人寿保险代理人等）轻松访问患者的医疗记录。云服务具有可扩展性、成本效益高，并提供广泛的服务移动访问患者的电子健康记录 (EHR)。尽管云具有实时数据访问等巨大优势，但患者的 EHR 安全和隐私仍然是主要问题。由于患者健康信息高度敏感且至关重要，通过不安全的无线介质共享会带来许多安全挑战，例如窃听、修改等。考虑到远程医疗的安全需求，本文提出了一种健壮且轻量级的安全访问方法基于云的电子医疗服务方案。拟议的方案通过为利益相关者提供安全接口并禁止未经授权的用户访问存储在云中的信息来解决电子医疗保健的潜在威胁。该方案利用通过密钥派生函数（KDF）形成的多个密钥来确保信息的端到端加密，以防止滥用。基于身份和利益相关者之间的关联来提供访问云服务的权限，从而确保隐私。由于其简单性和鲁棒性，所提出的方案最适合保护基于云的电子医疗服务中的数据安全和隐私。