Enhancing Security for Cloud-Based Electronic Health Records through Context-Aware Access Controls

A secure, scalable, and effective framework for managing Electronic Health Records (EHRs) in cloud settings is the goal of this project. It will prioritize patient privacy, fine-grained access control, and defense against both internal and external threats. The suggested system presents a hybrid cryptographic architecture that combines lightweight symmetric Fernet encryption with Ciphertext-Policy Attribute-Based Encryption (CPABE), in contrast to traditional methods that only use public-key encryption or static access models. In addition to lowering computational overhead, this makes encryption and decryption quick. Even with 500 users and 50 transactions per second, the encryption and decryption times are as low as 200 ms for a 1 MB EHR upload and 150 ms for registration. The study’s main contributions are as follows:

• In order to solve the issues of stale keys and collusion, the framework scientifically adds a Trusted Third Party (TTP) module for dynamic role-based access, key freshness, and access revocation. In order to implement temporal constraints during real-time access requests, the system additionally incorporates time-bound access controls. Furthermore, tamper-evident access records are guaranteed via an audit log method supported by secure hash functions, which improves accountability.

• In accordance with privacy-first healthcare laws, the system gives patients the ability to decide who can access their medical records and when. The platform enhances usability for patients and healthcare professionals by utilizing secure token-based authentication (with a one-hour expiration) and offering a dynamic and role-specific user interface with React.js.

User management is at the center of the system to be in charge for role assign, user registration & login safely. In signup process a user posts a POST request with his name, email address, password, and role. The plaintext passwords are never stored because they are always stored in a secure, one way salted hash. This is another layer of protection in the case of a database breach. The following roles are predefined by the system:

• Patient: The data owner was given a blank policy access.

• Doctor: The person who requested the data had no policy applied to them.

The system checks to make sure the email is unique before saving user data to the users collection in cloud. Users authenticate with their password and email address to log in. By comparing the entered password with the hashed password that is saved, the system confirms credentials. A JSON Web Token with the following attributes is issued following successful authentication:

• It expires in one hour.

• Signature: Using the SHA 256 algorithm and a secret key.

• Contents: Contains the role and email address of the user.

User registration involves secure hashing and role assignment, hashes the password p with salt s and iteration i, 1HP=PBKDF2_HMAC_SHA256(P,S,i)HP = PBKDF2\_HMAC\_SH{\rm{A}}256(P,S,i) where P is the plaintext password, S is the salt, i is the number of iterations, HP is the final hashed password.

Represents a stored user object with hashed credentials, 2U={name, email, HP, role, policy}U = \{ name, email, HP, role, policy\} where name is user’s name, email is unique user identifier, HP is final hashed password, role is assigned user role and policy refers to access control policy set for user.

User token generation encoding user information, 3User Token=SHA256({email,role,exp},K)User Token{\rm{ }} = SHA256(\{ email,role,exp\} ,K) where email is user’s email, role is user’s assigned role, exp is expiration timestamp, K is secret key and these are represented in Algorithms 1 and 2.

The deployment of a Trusted Third Party allows both cryptographic and user initialization processes to be centrally managed. The TTP sets up the system by making a strong RSA key pair (typically 2048 or 3072 bits for secure usage) and initializing the system with its private key. Serialized in PEM format, generated private as well as public keys are saved into the system parameters collection for potential future applications such as key distribution or signing. User management span across several endpoints including user registration without hashing passwords, user creation with hashing passwords, update, and delete is handled by the TTP. The TTP also holds meetings to create policies, already uploading EHRs, granting access and revoking access of patients by the hands of the TTP. The TTP is also able to wipe encryption keys and make the EHR worthless until they are re-encrypted.

Although RSA keys are the basis of such asymmetric crypto pair based on the fulfilment of public key as an exponent, now they are used only for initialization of key pair, and raw abilities of patients and physicians are added with an administrative layer using TTP function. Suppose the private key associated is K_priv and the public key is K_pub.

TTP initializes the system with RSA keys it supports secure encryption, signing and key sharing, 4(Kpriv,Kpub)=RSA Generate (2048)\left( {{K_{priv}},{K_{pub}}} \right) = {\rm{ }}RSA Generate{\rm{ (2048)}}

Convert keys into PEM format for storage, make keys usable in secure APIs and file based systems, 5PEMpriv=Serialize(Kpriv)PE{M_{priv}} = Serialize\left( {{K_{priv}}} \right) 6PEMpub=Serialize(Kpub)PE{M_{pub}} = Serialize\left( {{K_{pub}}} \right) where K_priv is generated RSA private key, K_pub is corresponding public key, Serialize(.) converts the keys into PEM format for usage in cryptographic operations as shown in Algorithm 3.

To strike a compromise between computational complexity and efficiency, symmetric Fernet encryption is being used instead of ABE. Once access is granted, the actual EHR information is encrypted using Fernet, a symmetric key encryption, even if ABE is used for initial key distribution and fine-grained access control enforcement. This hybrid strategy maintains robust security while cutting down on overhead. ABE-protected channels are used to safely send the symmetric key used for Fernet to approved users.

The second procedure is to encrypt and store EHRs to protect the information in such a way to ensure integrity and confidentiality as depicted in Algorithms 4, 5, 6 and 7. Patients use weak (plaintext data) and email address when uploading their EHR record including their medical history. The system stops before continuing and asks if the user really is a ’patient’ before proceeding. To build a symmetric key for each EHR, a Fernet key is used to generate a such symmetric key of 256 bits for AES-128 in CBC mode with PKCS7 padding. The EHR data gets encrypted by the Fernet cipher and output in a Base64 encoded Ciphertext. In cloud EHR collection, we store the encrypted EHR, encryption key, patient email and a timestamp together into one document.

EHR are securely encrypted and stored using symmetric cryptography, 7Ks=Fernet Generate(){K_s} = {\rm{ }}Fernet Generate{\rm{ }}() 8C=Encrypt(D)C = {\rm{ }}Encrypt{\rm{ }}(D) where C is the ciphertext result of encrypting data D with.9EHRdocument={ email,C,Ks,t }EHR{\rm{ }}document{\rm{ }} = \left\{ {email,C,{K_s},t} \right\} where EHR document stores email, encrypted content, key and timestamp securely in a database and t is the timestamp of upload.

Access control, the third operation, enables patients to define and apply fine-grained policies on their Electronic Health Records is shown in Algorithm 8. Patients provide these policies by inputting their email and a JSON object. The system then updates the patient’s access policies field in the users accordingly. When a doctor makes an EHR access request with his/her email and the patient’s email, the system checks the patient’s policy. The creation of access policy definition is shown in the Algorithm 9. If the doctor’s email is not found in the allowed doctors array, access is denied. Otherwise, the encrypted EHR is fetched, decrypted with the saved key, and sent to the doctor. Policies are saved as dynamic JSON objects to allow future additions, such as time-based access, while access checks run with O(n) complexity (where n is the number of approved doctors), optimized by MongoDB indexing.10Access={ 1if De∈Pa0otherwiseAccess{\rm{ }} = \left\{ {\matrix{ 1 \hfill & {{\rm{if }}{D_e} \in {P_a}} \hfill \cr 0 \hfill & {{\rm{otherwise}}} \hfill \cr } } \right. where D_e is the doctor email, P_a is the patient’s allowed doctors list.

Retrieves original EHR data if access is granted, 11D=Decrypt(C)D = {\rm{ }}Decrypt{\rm{ }}(C) where is the symmetric key, and C is the ciphertext.

Access Revocation Module by enabling access is depicted in Algorithm 10, revocation techniques provide secure, long-term data management. Patients are able to withdraw a physician’s access by deleting the physician’s email address from the list of allowed physicians in the access policy. The TTP revoke access method provides for the TTP to withdraw access in a similar manner. To avoid decryption until a new key can be created and the EHR re-encrypted, the TTP employs a mechanism to refresh an EHR key of encryption within the collection of EHRs. This leverage cloud update operations and are atomic and instantaneous.

Removes the doctor from allowed access list, 12Pa=Pa\{ De }{P_a} = {P_a}\backslash \left\{ {{D_e}} \right\} where P_a is set of allowed doctor emails in patient’s access policy, D_e is doctor’s email to be removed.

The fifth stage, notifications and auditability, provides patients with greater notification and transparency choices. Each electronic health record access is logged, including critical data such as the date and time of access, patient and physician email addresses, and whether the access was “granted” or “denied.” Logs are stored in access logs collection and are available to be received by email by the patient or physician, or they can all be accessible simultaneously. A notification is created and stored in the collection of notifications whenever a doctor requests access to an EHR. Once they have gone through their alerts, patients can indicate that they have seen them and retrieve them. The future-proof ability of the flexible cloud schema for notifications and logs allows new data to be included.

Each access request generates a log: 13Log entry=(D,P,Tnow,Status)Log entry{\rm{ }} = \left( {D,P,{T_{now}},{\rm{ }}Status} \right)

Where Status ∈ {\granted”, \denied”}. It is depicted in Algorithm 11.

We propose a context-aware time-based access control system that lets patients choose not only who can access their records but also when, thus improving the security of cloud-based access to EHRs. This time limit is built into the policy of accessing cloud, and upon a request for access, the system checks that permission has been granted by the doctor and that the current time on the server falls within the allowed period. Access will automatically be granted even if other privilege is held if the request is made outside the time window allocated. This system enhances patient data privacy, imposes real-time, fine-grained access controls, and complies with the principles of a zero-trust security model.

Suppose D is the requesting doctor, P is the targeted patient whose EHR is requested, C is a set of contextual information, P_A: Policies for patient-defined access, T at the moment: List of allowed physicians, current time of access, permitted doctors. Then, in case of granting access, decision function A(D, P, C) = 1, and in case of rejection, it returns 0: 14A(D,P,C)={ 1if D∈PA.permitted doctors and Is Valid(C)0otherwise{\rm{A}}(D,P,C) = \left\{ {\matrix{ 1 \hfill & {{\rm{if }}D \in {{\rm{P}}_{\rm{A}}}.{\rm{ }}permitted doctors and Is Valid{\rm{ }}(C)} \hfill \cr 0 \hfill & {{\rm{otherwise}}} \hfill \cr } } \right.

To validate additional contextual constraints like time-bound access 15IsValid(C)={ 1if C.time∈PA.time window0otherwiseIsValid(C) = \left\{ {\matrix{ 1 \hfill & {{\rm{if }}C.time{\rm{ }} \in {P_{A.}}{\rm{ }}time window} \hfill \cr 0 \hfill & {{\rm{otherwise}}} \hfill \cr } } \right.

If access is allowed, decryption proceeds: 16D=Decrypt(C,Ks)D = Decrypt\left( {C,{K_s}} \right) where, EHRenc : Encrypted EHR, K : encryption key, Decrypt : decryption{\rm{EH}}{{\rm{R}}_{{\rm{enc }}}}{\rm{ : Encrypted EHR, }}K{\rm{ : encryption key, Decrypt : decryption}}

The EHR’s security feature uses a variety of cryptographic techniques to ensure safe data processing and transfer. AES-128 + HMAC-SHA256 is used to symmetrically encrypt EHR data. In CBC mode, HMAC-SHA256 is used for integrity and AES-128 for confidentiality. This ensures that tampering can be identified and that health records cannot be accessed by unauthorized users while being transmitted and stored. RSA (2048-bit) is used in system initialization key pair generation to protect the exchange of digital signatures or keys against key exposure and Man-in-the-Middle (MITM) attacks. Because of its asymmetry, only the intended recipient with the private key can access sensitive data.

While Json Web Token (HS256) with HMAC-SHA256 protects user authentication via token signing, making forgery impossible and session hijacking unlawful through 1-hour token expiration, PBKDF2-HMAC-SHA256 salts and hashes passwords in multiple iterations, offering defense against brute-force attacks and safeguarding credentials in the event of a database compromise. Together, data encryption, secure authentication, and safe user credential storage guard against unauthorized access, eavesdropping, data manipulation, and credential theft.

On the other hand, the system is vulnerable to attacks that reveal weaknesses in its security measures. One of these vulnerabilities is the Token signature’s hard-coded secret key. An intruder with database privileges could view both the decrypted records and their decryption keys, making the encryption ineffective. This is because the database contains both encryption keys and encrypted EHR data. The system would be vulnerable to MITM attacks if HTTPS were not used to transfer the data. This would allow hackers to intercept medical records or authentication tokens.

Furthermore, if the authentication attempts are not rate-limited, the system may be breached by brute-force attacks on the user credentials. Additionally, the stolen token will remain usable until its natural expiration time if token revocation is not performed, which could result in token theft attack consequences. With enhanced key management security, secure transfer protocols like HTTPS, and token revocation to improve overall security, vulnerability scanning can detect attacks like NoSQL injection or brute-force attacks on the key even though the system lacks attack mimicry findings and conversation. The threat model takes into account both external and internal threats. Through documented audit trails, role-based access restrictions linked to patient-defined rules, and real-time access event notifications, the system internally prevents malevolent insiders from gaining illegal access. Externally, it uses HTTPS and Fernet-based encoding of EHR data to avoid manipulation and eavesdropping. Impersonation attacks are prevented via tokenbased authentication with temporary JWTs, and collusion by formerly authorized users is avoided by TTP-managed key rotation & policy revocation. HMACs and the TTP’s verifiable audit logs ensure data integrity, allowing for independent verification and compliance with regulations. Security restrictions are realistically enforceable, scalable, and in line with the needs of the actual healthcare system thanks to this architecture.

Table 2 contrasts operations across various schemes or protocols as [11, 17–19], and “OurWork.” Each column explains the computational costs for setup, key generation, encryption time, and decryption time in terms of particular procedures and features. Here E₁, E₂ – These represent encryption operations, I, J represents context-sensitive parameters, TCG means Time for Ciphertext Generation, TCTP means Time for Ciphertext Transmission & Processing, I_s refers to the attribute set, M refers to multiplicative operation cost, TG refers to Token Generation, G refers to base group, GT refers to size of the target group.

Table 2.

Operation	[8]	[9]	[10]	[11]	Our Work
Setup	8.|G| + 2.|GT|	8.|G| + 3.|GT|	8.|G| + 2.|GT|	8.|G| + 1.|GT|	8.|G| + 2.|GT|
Key generation	7[G – 1] + [G – 1]	(|S| + 3)E2	(5|IS| + 4)E1 + (2|IS| + 1)M	(6|C|)TG*	98.|G| + 2.|GT|
Encryption time	(7m + 3) E14+2E24E_1^4 + 2E_2^4	(10I)TCG + TCTP	(5|IS| + 1)E1 + E2 + (2|IS|)M	(10J)TG® + TCT®	6.|G| + 2.|GT|
Decryption time	(4|γ|+1)ρ+|γ|E74(4|\gamma | + 1)\rho + |\gamma |E_7^4	(|I| + |S| + 2)P + 2|I|E1 + |I|SDee	(|I| + |S| + 2)P + 2|I|E1 + |I|SDee ≤	(TP) + 2 × tTG + 2 × QTP)	11.|G| + 2.|GT|

Setup: The initialization complexity affects the schemes. The (4 + 4)|G| + 2|GT| operations for scheme [11] demonstrate the balanced use of group and target group operations. Scheme [17] at (6 + 2)|G| + 3|GT| is a little heavier, but it shows some overhead in the target group. Scheme [18] functions at (5 + 3)|G| + 2|GT|, which is slightly more biased toward group operations despite being similar. Scheme [19] is the lightest at (3+5)|G| + 1|GT| and greatly reduces the cost to the target group. With a similar initial construction, “Our Work” is a perfect duplicate of [11] at (4 + 4)|G| + 2|GT|.

Key generation: The generation of keys varies more. Scheme [11] makes use of 7[G – 1] + [G – 1] and concentrates on operations within a modified group structure. Scheme [17] moves on to (|S| + 3) E₂, emphasizing reliance on a parameter |S| and a particular operation E₂. Scheme [18] is more complicated with (5|I_S|+4)E1+(2|I_S|+1)M and several operations related to a set |I_S|. Scheme [19] makes use of (4 + 2|C|)TG*, emphasizing reliance on a parameter |C| and a specialized operation TG*. In contrast to “Our Work,” (94 + 4)|G| + 2|GT| has a substantially larger coefficient for |G|, which might indicate a more computer-oriented key generation procedure for increased security.

Encryption time: Encryption time is an expensive information security measure. (7m+3)E14+2E242(7m + 3)E_1^4 + 2E_2^4\;2 is applied by Scheme [11], which scales with m parameter and accepts exponentiation operations. For context-dependent cost representation, Scheme [17] applies (5 + 5I)TCG + TCTP, which is parameter I-related and accepts operation TCG and TCTP. (5|I_S| + 1)E1 + E2 + (2|I_S|M), which scales again with |IS| and accepts different operation types, is applied by Scheme [18]. Aside from a parameter J and an additional operation TG, scheme [19] is a copy of the form of [17] with (5+5J)TG+TCT. Reducing to (2 + 4)|G|+ 2|GT|, “Our Work” appears to be less parameter-dependent and might even be quicker for bigger group sizes.

Decryption time: This metric represents how efficiently schemes restore data. Scheme [11] combines pairing and exponentiation operations and takes advantage of (4|γ|+1)ρ+|γ|E74(4|\gamma | + 1)\rho + |\gamma |E_7^4, scalable in a parameter |γ|. Scheme [17]’s and [18]’s cost of (|I| + |S| + 2)P + 2|I|E1 + |1|S_Dec is identical, meaning that both decryption processes driven by parameters |I| and |S| are identical. With parameters x and t, Scheme [19] takes on the compact notation < (TP) + 2xtTG + 2xQTP), implying either an iterative or conditional process. Unlike the parameter-specified schemes, “Our Work” once more employs a group-oriented scheme at (7 + 4)|G|+ 2|GT|, which is easy to read but can be expensive for large groups. Each system utilizes distinct aspects of the cryptographic process, such as computing complexity dependencies and parameter trade-offs. With increased higher key generation overhead, “Our Work” seems to be focused on preserving group operating consistency between phases. The proposed method uses a hybrid encryption technique in contrast to [11, 17–19], which only use public-key or ABE approaches with little scalability and revocation control. Unlike most previous studies, our system incorporates TTP supervision further, making it resistant to insider exploitation.

The cryptographic costs associated with several security systems, including those suggested in previous studies and the one presented in this study, are compared in Figure 2. The setup, key generation, encryption, and decryption expenses for the four current schemes—[11, 17–19] —as well as the proposed hybrid approach are graphically depicted in the figure. It emphasizes how the proposed approach achieves improved security capabilities while maintaining competitive cryptographic performance, especially during the encryption and decryption stages. By striking a balance between efficiency and cryptographic resilience, this visual comparison demonstrates how well-suited the suggested method is for actual EHR systems.

Figure 2.

Comparison of cryptographic cost across schemes

A comparison of encryption timings for several techniques for files ranging in size from 1MB to 256MB is displayed in Table 3. [11, 17, 18, 19], and “Our Work” are the various encryption techniques that each bar represents. In [11], encryption time increases exponentially with file size, from 59 E14+2E24E_1^4 + 2E_2^4 for 1MB to 11203 E14+2E24E_1^4 + 2E_2^4 for 256MB. Compute cost and file size also have a linear relationship. Similarly, in [17], the encryption time is expressed as (5 + 5I_i) TCG + TCTP, increasing as the file size and complexity increase. Exponentiation and multiplication exhibit exponential increases in [18], with values ranging from 21E₁ + E₂ + 8M for 1MB to 1281E₁ + E₂ + 512M for 256MB.

Table 3.

File Size	[8]	[9]	[10]	[11]	Our Work
1MB	59E14+2E2459E_1^4 + 2E_2^4	(5 + 5I1)TCG + TCTP	21E1 + E2 + 8M	10TG+TCT	(512 + 4)|G| + 2|GT|
10MB	451E14+2E24451E_1^4 + 2E_2^4	(5 + 5I2)TCG + TCTP	61E1 + E2 + 24M	25TG+TCT	(5120 + 4)|G| + 2|GT|
16MB	703E14+2E24703E_1^4 + 2E_2^4	(5 + 5I3)TCG + TCTP	91E1 + E2 + 36M	35 TG+TCT	(8192 + 4)|G| + 2|GT|
32MB	1403E14+2E241403E_1^4 + 2E_2^4	(5 + 5I4)TCG + TCTP	181E1 +E2 + 72M	65 TG+TCT	(16384 + 4)|G| + 2|GT|
56MB	2453E14+2E242453E_1^4 + 2E_2^4	(5 + 5I5)TCG + TCTP	301E1 +E2 +120M	105TG+TCT	(28672 + 4)|G| + 2|GT|
128MB	5603E14+2E245603E_1^4 + 2E_2^4	(5 + 5I6)TCG + TCTP	641E1 + E2 +256M	230TG+TCT	(65536 + 4)|G| + 2|GT|
256MB	11203E14+2E2411203E_1^4 + 2E_2^4	(5 + 5I7)TCG + TCTP	1281E1 + E2 + 512M	455TG+TCT	(131072 + 4)|G| + 2|GT|

From 10T_G+T_CT for 1MB to 455TG+TCT for 256MB, the encryption time in [19] is expressed as T_G+T_CT and increases exponentially with file size. The “Our Work” system encryption scheme starts at (512 + 4)|G| + 2|GT| for 1MB and goes up to (131072 + 4)|G| + 2|GT| for 256MB, but it has the same general direction but a different computational representation. Compared to previous techniques where computing costs can increase with bigger file sizes, the “Our Work” system scaling offers a better tradeoff between computation complexity and encryption complexity.

Figure 3 compares the encryption times of different techniques for files with sizes be-tween 1MB and 256MB. The y-axis shows the encryption time in arbitrary units, and the x-axis shows the file size. [7] Our Work is the most computationally expensive of the four systems due to its extraordinarily high encryption time, which increases expo-20nentially with the size of the information. While “[18, 19]” continually display reduced encryption times, indicating improved efficiency, “[11]” exhibits a dramatic jump in encryption time. Given that it might require more intricate cryptographic operations than the other systems, the sharp peak in [7] our work illustrates a compromise between security and performance.

Figure 3.

Encryption time comparison across schemes

In the context of a cryptographic operation, Table 4 below displays the computation time needed for file upload as a function of different file sizes, ranging from 1 MB to 256 MB. File size and related computation time are expressed algebraically in terms of variables |G|, |GT|, and E in each table entry. While |G| and |GT| might refer to time or operation complexity in a cryptographic set G, and a target set GT and E can refer to time for an encryption or exponentiation process, these terms most usually refer to fundamental operations or components in the specified cryptographic algorithm.

The computation time for small files, such as 1MB, is 6.|G| + 1.|GT| + 16E, meaning that there are 6 operations of type |G|, 1 operation of type |GT|, and 16 operations of type E involved. The number of |G| and |GT| operations remains constant as the file size increases, but the number of E operations changes linearly with the file size. A 10 MB file, for example, requires 6.|G| + 1.|GT| + 160E, where E operations have multiplied to 160, which is ten times the file size.

The Figure 4 is a plot of computation time in milliseconds vs. file size in MB for uploading the files. File size on the x-axis from 1MB to 256MB, and corresponding computation time on the y-axis. Rising trend is indicated by the solid line connecting the plotted points. With increasing file size, computation time also increases, showing a linear or near-linear relationship between the two variables. The points along the data track smoothly along the line, demonstrating consistent scaling in performance.

Figure 4.

File upload computation time for different file sizes

We can see from the graph that smaller files are less costly to compute but more costly ones to process with a larger file size. It might be due to greater handling of data, encryption, or network overhead when the file size increases. However, for very large file sizes, there could be a slight deviation from the optimal linearity due to additional system overheads. This characteristic also indicates the need for optimizing file processing algorithms, especially for large-scale file uploads.

The computation time for various file sizes is displayed in Table 5, which also demonstrates a positive trend of rising processing requirements with file sizes. The computation time formula consists of three important components: 1.|GT|, 3.|G|, and a size-dependent term. While the first two terms would be constant or system processing cost factors, the third term would depend on the size of the file and would take up a large amount of the total computation time. A nonlinear growth is indicated by the additional time, which is 9.6E for small quantities like 1MB and increases to 96E, 154E, and 307E for large sizes like 10MB, 16MB, and 32MB, respectively. For larger files, like 56MB, 128MB, and 256MB, the processing time increases steadily, reaching 538E, 1299E, and 2458E, respectively. Complex processes or system limitations at higher data levels may be the cause of the observed positive increase in processing time at an accelerating rate. The dramatic rise in file sizes suggests that efficient data processing and management are crucial, particularly when performing large-scale computations.

The relationship between the computation time (in milliseconds) and the file size (in megabytes) for file downloads is shown in Figure 5. The file size (which ranges from 1MB to 256MB) and the corresponding computation time (y-axis) are plotted. When the actual measurement points are plotted, a trend line that shows a consistent increase in computation time with file size is revealed. The data points show a pattern that is almost linear, indicating that the size of the file directly affects the computation time. The graph’s near-linearity indicates that the file download performance trend is predictable and scalable. This implies that efficient download methods are necessary, particularly to maximize the transfer of massive volumes of data.

Figure 5.

File download computation time for different file sizes

Table 6 summarizes the communication, processing, and storage times of four parties in a cloud-based environment: the patient, the doctor, the cloud, and the trusted third party (TTP). Cryptographic group operations are probably indicated by the fact that the time complexity of operations involving |G| and |GT| differs for every entity. The doctor stores and communicates using (256 + 2).|G| + |GT|, but it takes longer to calculate at (768 + 3).|G| + |GT|, indicating that doctors have additional processing duties. Patients have more time to talk at (384+2).|G| + |GT| and computation time at (512+2).|G|+|GT|, but with less storage at (128 + 1).|G| + |GT|, suggesting that data transfer, not long-term storage, is their main function. The Trusted Third Party (TTP) has the highest computational time (1024 + 4) in all categories, suggesting that it uses a lot of crypto operations (|G| + 2.|GT|). Its lengthy transmission and storage times demonstrate that it is a central verification authority. However, at 2048 + 5, the Cloud’s computational demands are at their highest. |G| + 2.|GT|, perhaps as a consequence of encrypting or decrypting several access requests. Its high transmission and storage times, despite being shorter than TTP’s, demonstrate the cloud’s function in handling massive data processing. These variances demonstrate how multiple bodies support the system’s overall efficacy and security.

The cost of decryption for several entities, such as the patient, doctor, cloud, TTP, and an initial scheme named “Our Scheme,” is displayed in Figure 6. To facilitate communication, computation, and storage, the cost is divided into abstract units. The TTP also incurs significant costs in all three areas. Nevertheless, since “Our Scheme” exhibits notably lower decryption costs overall, there is a practical and efficient method to access encrypted data.

Figure 6.

Decryption time comparison across scheme

The system currently assumes a semi-trusted cloud architecture, despite offering strong encryption and role-based access. Furthermore, even if Fernet encryption improves performance, latency may be introduced in high-scale applications due to key management overhead. If not replicated across clusters, the requirement for a centralized TTP could potentially become a bottleneck.