• Amer Al-Badarneh Jordan University of Science and Technology, Irbid 22110, Jordan
  • Hassan Najadat Jordan University of Science and Technology, Irbid 22110, Jordan
  • Enas 'Hassan Abu Yabes' Jordan University of Science and Technology, Irbid 22110, Jordan



EMR, Security, Privacy, Role-Based Access Control, Cloud Computing


Securing and protecting electronic medical records (EMR) stored in a cloud is one of the most critical issues in e-health systems. Many approaches with different security objectives have been developed to adapt this important issue.This paper proposes a new approach for securing and protecting electronic health records against unauthenticated access with allowing different hospitals, health centres and pharmacies access the system, by implementing role-based access control approach that could be applied smoothly in cloud e-health systems.


Rui Zhang, and Ling Liu. (2010). Security Models and Requirements for Healthcare Application Clouds, IEEE, and 3rd International Conference on Cloud Computing, 268-275. doi: 10.1109/CLOUD.2010.62.

Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter (2009). Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records, in the ACM workshop on Cloud computing security, 103–114. doi: 10.1145/1655008.1655024.

Hans Löhr, Ahmad-Reza Sadeghi, Marcel Winandy (2010). Securing the E-Health Cloud, in the ACM International Health Informatics Symposium, 220-229. doi. 10.1145/1882992.1883024.

Ammar Alkassar, Biljana Cubaleska, Hans Löhr, Ahmad-Reza Sadeghi, Christian Stüble, Marce Winandy. Medi Trust (2011). Secure Client Systems for Healthcare IT to Protect Sensitive Data of Patients, The International eHealth, Telemedicine and Health ICT Forum, Luxemburg, 4, 385-389.

Jing Jin, Gail-Joon Ahn, Hongxin Hu, Michael J. Covington, Xinwen Zhang (2010). Patient-Centric Authorization Framework for Electronic Healthcare Services, 30,116-127. doi:10.1016/j.cose.2010.09.001.

Hema And Al Jayaprakash Narayanan, Mehmet Hadi Güneş (2011).Ensuring Access Control in Cloud Provisioned Healthcare Systems ,In the Consumer Communications and Networking Conference (CCNC), IEEE.doi:10.1109/CCNC.2011.5766466.

Ming Li, Shucheng Yu, KuiRen, and Wenjing Lou (2010). Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings. doi:10.1007/978-3-642-16161-2_6

Jacques Wainer, Carlos Jos´e Reis de Campos, Daniel Sigulem (2006).Security requirements for a lifelong electronic health record system based on non-standard ethical principles, Department of Health Informatics. 2, 160-165. doi: 10.2174/1874431100802010160.

Carlos Oberdan Rolim, Fernando Luiz Koch, Carlos Becker West Phall, Jorge Werner, Armando Fracalossi, Giovanni Schmitt Salvador (2010). A Cloud Computing Solution for Patient’s Data Collection in Health Care Institutions. 95-99. doi: 10.1109/eTELEMED.2010.19




How to Cite

Al-Badarneh, A., Najadat, H., & ’Hassan Abu Yabes’, E. (2017). AN ADAPTIVE ROLE-BASED ACCESS CONTROL APPROACH FOR CLOUD E-HEALTH SYSTEMS. LIFE: International Journal of Health and Life-Sciences, 2(3), 26–37.