A MAJOR PROJECT

On
Publicly Verifiable Shared Dynamic Electronic Health Record
Databases
BACHELOR OF TECHNOLOGY
IN
COMPUTER SCIENCE AND ENGINEERING
BY
EEDHULA CHARAN - 20VE1A05K7
PEEYUSHA DIDUGU - 20VE1A05N9
SUDAM KOUNDINYA - 20VE1A05P1
Y.OJASVI MANI CHANDANA - 20VE1A05P9
ACADEMIC BATCH: 2020-2024

Under the Guidance of

<<GUIDE NAME>> DESIGNATION
TITLE OF THE
PROJECT
CONTENTS
• Problem Statement
• Modules
• Sample Code
• Testing
• Results
• Conclusion
• References
 Problem Statement:
In the realm of healthcare informatics, the management of Electronic Health Record (EHR)
databases in a secure, shared, and dynamic environment poses a significant challenge.
Existing cloud-based solutions lack robustness in ensuring both privacy and accessibility
while maintaining data integrity and verifiability. The need for a system that enables secure
sharing of EHR data among authorized entities while allowing public verification of data
integrity in real-time remains a critical concern. This project aims to develop an innovative
framework leveraging Cloud Computing technologies to establish a publicly verifiable
shared dynamic EHR database system. The solution will focus on ensuring data privacy,
integrity, accessibility, and transparency, addressing the pressing need for a secure and
auditable EHR infrastructure within the cloud environment.
SAMPLE CODE
PatientUploadAction.java

package com.upload;

import com.database.connection.DBConnection;

import com.database.connection.Queries;

import com.oreilly.servlet.MultipartRequest;

import com.sun.org.apache.xml.internal.security.utils.Base64;

import java.io.BufferedReader;

i
SAMPLE CODE
import java.io.File;

import java.io.FileReader;

import java.io.IOException;

import java.io.PrintWriter;

import java.sql.Connection;

import java.sql.PreparedStatement;

import java.sql.ResultSet;
SAMPLE CODE
import javax.crypto.KeyGenerator;

import javax.crypto.SecretKey;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServlet;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import javax.servlet.annotation.MultipartConfig;
SAMPLE CODE
import javax.servlet.http.HttpSession;

import javax.servlet.http.Part;

@MultipartConfig(maxFileSize=16*1024*1024)

public class PatientUploadAction extends HttpServlet {

protected void processRequest(HttpServletRequest request, HttpServletResponse response)

throws ServletException, IOException {

response.setContentType("text/html;charset=UTF-8");
SAMPLE CODE
try{

HttpSession session=request.getSession();

String id=(String)session.getAttribute("id");

final String filepath="E://";

//secret key generation

KeyGenerator keyGen = KeyGenerator.getInstance("AES");

keyGen.init(128);
SAMPLE CODE
SecretKey secretKey = keyGen.generateKey();

System.out.println("secret key:" + secretKey);

//converting secretkey to String

byte[] be = secretKey.getEncoded();//encoding secretkey

String skey = Base64.encode(be);

MultipartRequest r=new MultipartRequest(request,filepath);

SAMPLE CODE
String pname=r.getParameter("pname");

String email=r.getParameter("email");

String mobile=r.getParameter("mobile");

String address=r.getParameter("address");

String dob=r.getParameter("dob");

String hspname=r.getParameter("hspname");
SAMPLE CODE
String bgroup=r.getParameter("bgroup");

String dsymptom=r.getParameter("dsymptom");

String patientage=r.getParameter("page");

String filname=r.getParameter("fname");

File p=r.getFile("file");

BufferedReader br=new BufferedReader(new FileReader(p));

StringBuffer sb=new StringBuffer();

String temp=null;
SAMPLE CODE
while((temp=br.readLine())!=null){

sb.append(temp);

String data=sb.toString();

Connection con=DBConnection.getConnection();

PreparedStatement pst=con.prepareStatement("insert into patient

values(null,?,?,?,?,?,?,?,?,?,?,?,?,'waiting','waiting')");
SAMPLE CODE
pst.setString(1,pname);

pst.setString(2,email);

pst.setString(3,mobile);

pst.setString(4,address);

pst.setString(5,dob);

pst.setString(6,hspname);

pst.setString(7,bgroup);

pst.setString(8,dsymptom);
SAMPLE CODE
pst.setString(9,patientage);

pst.setString(10,filname);

pst.setString(11,data);

pst.setString(12,id);

int i=pst.executeUpdate();

if(i>0){

response.sendRedirect("UpladData.jsp?msg=success");
SAMPLE CODE
}else{

response.sendRedirect("UpladData.jsp?msg=failed");

}catch(Exception e){

System.out.println(e);

}
 TESTING AND ANALYSIS
Software Testing is a method to assess the functionality of the software program. The process checks
whether the actual software matches the expected requirements and ensures the software is bug-
free. The purpose of software testing is to identify the errors, faults, or missing requirements in
contrast to actual requirements. It mainly aims at measuring the specification, functionality, and
performance of a software program or application.
Software testing can be divided into two steps:
Verification: It refers to the set of tasks that ensure that the software correctly implements a
specific function. It means “Are we building the product right?”.
Validation: It refers to a different set of tasks that ensure that the software that has been built is
traceable to customer requirements. It means “Are we building the right product?”.
Test Case and Expected
Results(TCER)
Req_id Tkt_id Req_descrption Expected Output Actual Output Req_tckt_status

1001 3451 Client registration Client registration Client registration Passed

successful successful

1002 7832 Client login Client login successful Client login failed Failed

1003 2345 Manager login Manager login Manager login Passed

successful successful
Test Case and Expected
Results(TCER)
Req_id Tkt_id Req_descrption Expected Output Actual Output Req_tckt_status

1004 4576 Client login Client login Client login Passed

successful successful

1005 6788 Cloud Login Cloud login Cloud login Passed

successful successful

1006 6745 TPA login TPA login TPA login Passed

successful successful
Results
Results
Results
Results
Results
Results
Results
Results
Results
Results
 CONCLUSION
The concept of verifiable database is a great tool for verifiable EHR storage. However, proof reuse and
the technique of proof updating by the server to improve system efficiency fails to achieve data
integrity checking. In this work, we propose a novel updatable VDB scheme based on the functional c
ommitment that supports privacy-preserving integrity auditing and group member operations,
including join and revocation. Two security requirements of EHR are implemented: the server
response correctness and the data storage integrity. Our VDB scheme achieves the desired security
goals without incurring too much Computational increase. And our VDB scheme provides the
minimum communication cost for the terminal with limited performance. To design a functional
commitment scheme that applies to our program, two algorithms are added to make the FC scheme
updatable.
 FUTURE SCOPE
1. Patient access will be enhanced
2. Unified standards will be established
3. Cloud technology for EHR will flourish
4. Documentation will speed up and simplify
5. Patient engagement will increase
6. Centralised database on cards
7. More precised medicines or treatments will be practised
 BIBLIOGRAPHY
[1] Wei L, Wu C, Zhou S. efficient verifier-local revocation group signature schemes with backward
unlinkability. Chinese Journal of Electronics, 2009, e90-a(2):379-384.

[2] Dan B, Shacham H. Group signatures with verifier-local revocation. Acm Conference on Computer &
Communications Security. 2004.

[3] Chaum, David, and T. P. Pedersen. Wallet Databases with Observers. International Cryptology
Conference on Advances in Cryptology 1992.

[4] B. Dan, X. Boyen, E. J. Goh, “Hierarchical identity based encryption with constant size ciphertext”,
International Conference on Theory and Applications of Cryptographic Techniques. Springer-Verlag, pp.
440- 456, 2005.

[5] A. Kate, G. M. Zaverucha, I. Goldberg, “Constant-Size Commitments to Polynomials and Their

Applications”, Advances in Cryptology - ASIACRYPT 2010 -, International Conference on the Theory and
Application of Cryptology and Information Security, Singapore, December 5-9, 2010. Proceedings. DBLP,
pp. 177-194, 2010.

[6] Official Website of The Office of the National Coordinator for Health Information Technology (ONC).
(2004). Available: https://www.healthit.gov/
THANK YOU