A Survey on Secure Cloud-Based E-Health Systems

INTRODUCTION: The e-health (electronic health) system is one of many cloud services which uses computer or electronic systems and cloud technology as its main source of operations for storing and sharing patient’s medical data between healthcare service providers and patients. The health data records are kept in a semi-trusted third-party supplier (i.e., cloud). Therefore, its security has become the main concern as the data should not be accessible to unauthorized person. OBJECTIVES: To provide a brief knowledge on the security aspects of cloud-based e-health systems for further improvement in the field of e-health system security. METHODS: This paper presents a literature survey on secure cloud-based e-health systems including ninety-four research papers related to secure cloud-based e-health systems collected from different sources till 2019. RESULTS: The security mechanisms used to secure cloud-based e-health systems are divided into three categories (i.e., crypto, non-crypto, and biometric-based). Also some health related security laws, security mechanisms, advantages and limitations of security mechanisms for all categories are presented. CONCLUSION: This paper will be helpful to do further researches in the research area of e-health system as it consists of the analysis of security mechanisms, security laws, advantages and limitations of the security mechanisms.


Introduction
In this current world of digitalization, the cloud computing technology is adapted by many institutes and individuals due to its nature of easy sharing and easy distribution of assets.Cloud computing is a type of model or service that aids omnipresent, suitable, on-demand access to the network to a common pool of computing resources such as networks, servers, storage, applications, and services and requires least management work or service provider collaboration [94].Applications, servers, networks, and storage with a useroriented platform are the resource sharing services provided by cloud computing.Two of the basic characteristics of the cloud are; storage, a system used to keep data, and the other one is data sharing, the process of transferring data from one person to another.
So basically, the cloud is a type of virtual storage system used on-demand in which its users can store their personal, financial, business data as well as share them with others.The cloud system can be classified into two types; the first one is public cloud system providing offsite solutions with various models like software as a service (SaaS), infrastructure as a service (IaaS), data as a service (DaaS) and platform as a service (PaaS).Windows Azure services platform and Google AppEngine are examples of the public cloud.The second one is a private cloud which is only meant for a particular organization and its servers are either on the organization premises or offsite.It is far more secure and has better customization than the pre-mentioned cloud system.Examples of this cloud system are Dell, IBM, Cisco, HP [1,2] respectively.Due to the features like, less complex userinterface, easy and location-independent data storage and sharing between companies or individuals globally, utilization of cloud computing has increased from a few users to the users all over the world [3].
Moreover, cloud computing requires resources like software and hardware from the user's side [1].Cloud has the ability to accommodate multiple applications for a mass of users who can use those applications for accessing and sharing the data with great flexibility, accessibility, and reliability [5].Cloud computing is applied in many fields like, business applications, data storage services, maintaining e-health records, etc.Even if the cloud is secured with techniques like Secure Socket layer (SSL) and Transport Layer Service (TLS), it is contemplated as semi-trusted.Therefore, it is necessary to achieve security in the cloud as security is the muchneeded aspect to protect any kind of data from attacks, threats or vulnerabilities.
The e-health (electronic health) system as the name suggests is a kind of health system which uses computer or electronic systems and cloud technology as its main source of operations for storing and sharing patient's medical data between healthcare service providers and patients [1].It is different from the pen-paper based traditional health system.As per considering e-health, there exist two kinds of health records; Personal Health Records (P-HR) and Electronic Health Records (E-HR) [48].P-HR provides mobile health services to the patients that are directly operated by them to upload and share the health records.Microsoft is a type of P-HR cloud provider.E-HR is mainly handled by the healthcare providers and it has a great contribution in making decisions on giving proper health services to the patient, storing and secure the sharing of patient's data like medical history, test results, allergies, medicine details and prescriptions [8].The e-health service involves an improved and well-founded approach of distribution of medical data over the networks and the usage of such information can be very beneficial for observing the patient's situation and come with an effective and better health service through actual-time health checking and location transparent distribution of health data with the purpose of studying it [9,10].The wide use of cloud and sharing of data through the cloud is increasing along with the time and the risk is also rising to that extent as the owner does not ensure direct control on data and the data is accessed by a virtual machine [12,13].
To get a secure and reliable cloud environment, the data migrated from source to destination must be exact and safe along with resolving the problems of data confidentiality, integrity, availability, network security, and access control [9,4].The objective is to minimize the risk as more as possible to keep the patient's data safe and intact and guarantee the correctness of the data while the data is being shared throughout the network.
Leaving the traditional paper-based healthcare system and adapting the digitalized version in a fast way, caused the situation even tougher to manage the data along with the time and handling such a huge and increasing amount of data is not a simple task [15].
Henceforth, the cloud-based e-health system has to meet all the security necessities along with maintaining availability of data anywhere at any time, reliability of the system and the network, authentication of the users and data backgrounds, integrity of the data and confidentiality of the data in the system while transferring the data over network [16].To achieve security, the three methods used are: one is crypto methods, it consists of symmetric encryption, asymmetric encryption, attribute-based encryption, and hybrid methods.Another one is non-crypto methods which include access control, role-based policy implementation methods for defining the roles of every single user with their right of access [1].The third one is the biometric-based methods which use biometric traits of a person for user authentication and authorization purpose.The categorization of the security mechanisms is made based on cryptography and biometrics concepts, where cryptography is the concept used for encryption and decryption of data using any encryption technique implying crypto methods and biometric technology uses a person's physical traits for authentication and authorization to system different from cryptographic techniques implying biometric-based methods.The rest security methods which do not use biometric or cryptographic method are included in the non-crypto method.
The significance of our work is to collect as much knowledge as possible on how to maintain the security requirements of the cloud-based e-health systems so that this system will be capable of storing and transferring the patient health data through a public cloud in a safe and secure manner.
Following the introduction, the section-2 shows the methodology used for this research work.Section-3 is used to point out the security requirements of the e-health system.Section-4 shows some legal perspective of protecting the e-health data on the basis of some security laws.Section-5 consists of some existing security mechanisms in e-health and categorized into crypto, noncrypto, and biometrics-based approaches.After this in section-6, the overall discussion is made on the approaches and a table is shown about the methods used for e-health cloud security and their benefits and limitations for each group.Lastly, in section-7 a conclusion is drawn from this whole work.For acronyms, one can use them from the section mentioned before the introduction section.

Research Methodology
A methodical survey always involves thorough and impartial coverage of explored literature.In our literature survey, we have included 85 literatures from various wellrecognized journals and conferences.Most of the literature papers are gathered from databases like IEEE Xplore, Science Direct, and Google Scholar.In order to include more information, some open-access journals are referred on the relevant subject.We gathered the papers by searching the strings: cloud-based e-health, electronic health security, e-health, e-health security, e-health security law The review consists of the papers based on maintaining the security criteria of the cloud-based e-health system, what are the security issues and the solutions resolving the issues.The literature used in this review paper is filtered using the following criteria mentioned in table (1) and the number of papers included and excluded from different search engines for the review with respect to the criteria mentioned is given in table (2).
Table (1).Selection and Exclusion criteria to include papers in the review.

Selection criteria
• Directly or indirectly associated with e-health and cloud technology.(1).No papers are found on the relevant topic in the year 2008.

Figure (1).
For different years the fractions of references included out of total references.

E-health System Security Requirements
The electronic health system is a co-operative computing system that facilitates real-time data flowing via a cloud network which is far better than the classic health system.The e-health system contains different types of sensitive information of the patient which might affect their life directly or put their life at risk.Therefore, to provide good service it is wise to secure the data and transfer it accurately through a fully trusted medium within a certain time to the owner of those data [18].The actual challenges, in this case, are to manage the security of the location where the data is stored as well as securing the network through which the huge amount of data transmits from source to destination [14].Many aspects that are to be taken into account for ehealth security can be, authentication i.e. checking the validity of the individuals and the data, data confidentiality so that the data will only be accessed by its owner, integrity ensures that the data is safe from any undesirable changes and [16].It should be taken into consideration that the e-health should be scalable, flexible to any changes and should have a user-friendly interface [18].The other important feature that could be added is availability of the system whenever and wherever it is needed to process and regulate the patient's data, reliability of the system to avoid any errors while providing services to its users and interoperability where the system should operate according to some standard communication protocols when communicating between different service providers [14].
To keep both the data and the network fully secured it gets very tricky to manage as the data is transferred to various destinations such as patients, health centres, insurance organizations, and cloud service providers [19].However, the e-health system has a mechanism to assign different access privileges to different users to access and view the E-HR.As an example, a doctor can view a lot of information about the patient whereas an insurance company can see a limited part of the patient's data.In this manner, it is challenging to handle the verification and validation of diverse users with different access rights [21].
By using cryptography, E-HR files security can be obtained by changing the meaning of original files to an unknown meaning which only can be decrypted by using cryptographic keys of the actual owner.Cryptography can be used to protect the E-HR files while it is stored and also while streaming the data [22].
Many security techniques are used for e-health systems such as secret-key or symmetric key cryptography in which encryption and decryption key are identical, for example, Advanced Encryption Standard (AES), publickey or asymmetric key method uses a couple of different keys for encryption and decryption like RSA (Rivest, Shamir, Adleman) and the attribute-based encryption (ABE) [23] and biometrics which uses the users' traits for authentication.
Although, cryptography is extremely useful in e-health security handling the crypto keys is tough as particular users are assigned with only a particular key and those must be kept secret.For any emergency cases, the system needs to keep the backup of the keys.As the data in the system are sensitive and its exposure might affect people's lives, the data must be maintained correctly also taking the emergency into considerations [20].

Legal Perspective Relevant to Cloud-Based E-health
As this paper presents brief knowledge of the security mechanisms used for the cloud-based e-health system, some security laws related to the topic are mentioned in table (3).It was introduced by the United States Congress as federal law and used in the US healthcare industry.HIPAA suggested some privacy and security requisites for developing a better e-health system, such as a patient's understanding of the operations performed on his health data, patient allowing access on his data, data confidentiality, data integrity, non-repudiation, auditing, consent exception.[89] Federal Privacy Act of 1998

Australia, 1998
It states the principal measures relating to information privacy.But this act lacks in addressing issues such as information ownership, access, and control, data breach warning.
Later with a modification data breach warning was made mandatory in this act.[89] Personally Controlled Electronic Health Records Act 2012

Australia, 2012
This act was legislated to operate in combination with the Heath Identifiers Act 2010 to address the issues faced in the Federal Privacy Act 1998, by creating an electronic information warehouse of health records arranged by reference to distinct health identifiers assigned to the Australian citizens.The is no specific category for 'sensitive data' in the law so it is considered under 'special categories of data' under article 8 which includes data associated with health or sex life.• Satisfactory, relevant and not too much concerning the purposes due to which they are gathered and/or further processed.• Precise and updated when needed.
• Kept in the format permitting the data subject identification until they serve the purpose for which they were assembled.[90] Article The DC must make sure that the reason for data processing is legal, not processed for non-specified purposes, the data is thorough and precise and not kept longer than required.[91] Article The data subject has the right to know about the processed data, the logic behind processing, and should be eligible to require recitification, blocking or removal to imprecise and incomplete nature of data.[91] Article 18 (Directive 95/46/EC) European Parliament, 24 Oct 1995 The DC needs to inform the administrative authority about the processing of an individual's data before performing it.[91] Section VIII (Directive 95/46/EC) European Parliament, 24 Oct 1995 The DC and DP should make sure that by planning and executing systematic measures they can maintain satisfactory data security concerning confidentiality, integrity, and accessibility.[92] Article 44 (French Project of Law for a Digital Society) France This article of French law aims at improving the Internet access service for the disabled. [

France
There is a possibility for the collection of the consent of the patient and the aforesaid third after a primary analysis of disease concerning the forward probability of disorders of cerebral This highlights the right to privacy and accommodates an active electronic communication service provider to consider suitable measures for the protection of the security of its services.[92] Article 8 (European Charter of Fundamental Rights)

Europe
An individual has the right to protect their data.These data must be processed legally on the basis of the person's consent or on the basis of law.
[ The DP is answerable to an investigation by DC.

Existing Security Mechanisms used in e-health
As per the requirements of the security of E-HRs, it is necessary to discuss the existing security techniques that are used in achieving e-health cloud security.The three types of techniques used are; crypto techniques, noncrypto techniques, and biometric-based techniques.

Crypto Techniques
Cryptography is defined as a technique of altering a meaningful data to a pointless format by using a key and recovering the original format also by using a key.Several techniques use many ways to encrypt and decrypt the data for instance; asymmetric, symmetric and attribute-based encryption.It facilitates data confidentiality, user and data authentication, user authorization and non-repudiation [24].Although each of these methods has their different attributes and uses many techniques to achieve data security, those techniques and their usage in the research area of e-health are expressed below.
First of all, the symmetric key or secret-key encryption uses the identical secret key for both encryption and decryption of the data.There are some specific perquisites like policy enforcement, assigning role and access privileges to each user and management of keys where the particularly authorized persons are provided with the keys and access rights, all of these should be met while using the secret-key encryption algorithm [16].In e-health, the most popular secret-key algorithm is the Advanced Encryption Standard (AES) [1,27] algorithm for e-health [28].In [29], authors proposed an idea of using a selective encryption process utilizing the AES technique in which different keys are used to partially encrypt the file and each user according to their role is provided with different keys by the file owner.The authors of [30] have also suggested using a selective AES which is the improved version and better than original AES in terms of security as well as speed.Here, the suggestion says that before the encryption using AES the data is compressed and the key size is set by the user's choice which varies within (128,192,256).David et al. recommended the usage AES with big data in e-health application by using a customized AES in DaaS, one of the cloud services, which makes it faster and more effective ever when used with big data [31].Using secretkey key encryption is much effective for protection of the e-health data, however, to satisfy the requirements for the e-health role-based decryption there will be a need for customization to have selective encryption or the use of a mechanism to control the access with it [1].
Next, the asymmetric key encryption or public-key encryption algorithms use a couple of keys where the key known as a public key is utilized for encryption and the other key is utilized for decryption known as the private key.The most popular among this encryption technique used in e-health are RSA and Elliptic Curve Cryptography (ECC) [20].One of the security techniques using RSA includes dividing users into varying modules like admin, patient, doctor, and hospital and then to achieve finegrained file encryption, particular data related to each user of that module are encrypted using RSA [32].According to [33], using RSA in the medical database the encrypted files are stored in a multilevel database along with the private key.In this concept, as per the user's level in the database, each user has access to his profile where he can get the private key and decrypt the files.Dhanabagyam et al. mentioned that another asymmetric encryption algorithm, ECC has a computational improvement than other linear algorithms because of which ECC was taken into consideration for securing the e-health system [34].In [35], the authors used ECC techniques for the concerned system and compared its performance with RSA and the study implied that ECC has faster performance because it uses a smaller size key than RSA and maintains an appropriately good security level.So in [36], ECC was used with an integration unit that is dedicated to the encryption and decryption of data.That integration unit consists of a chip to identify the users and a smart card reader, USB (Universal Serial Bus) controller and wireless transmitter where the USB is linked to a wireless device by using a USB protocol that transfers utilizing the wireless transmitter, architecture is shown in figure (2).Liu et al.
[50] used an identity-based encryption system (IBE) for the access control of P-HR, the use of this mechanism is able to reduce key management complexity and also able to resist external attack, equation attack, reverse attack in the cloud computing background.In [77], the authors described an advanced IBE and advanced Identity-based proxy re-encryption (IBPRE) schemes to be used in e-health systems, proved their security, analyzed their performance which resulted that the IBE is IND-sID-CPA (indistinguishability under identity-based chosen-plaintext attack) secure, IBPRE is IND-ID-CCA2 (indistinguishability under identity-based chosenciphertext attack 2) secure.They also expressed that the IBPRE scheme is better in performing re-encryption which leads to the protection of e-health data and costeffective for cloud-based e-health users.
The third type of crypto technique is the attribute-based encryption (ABE) in which the data gets encrypted based on a particular attribute that must be matched the users for the decryption of files.ABE is an addition to the public key cryptography that have two methods; one is ciphertext policy ABE (CP-ABE) where every ciphertext is bounded with the strategy that deciphers it and another one is key policy ABE (KP-ABE)in which the association between the key and the ciphertext is reversed [37,38].Due to these reasons, ABE is used in e-health systems so that it can provide fine-grained access control and rolebased decryption of publicly shared files which implies that even though a person has access to a particular data only the authorized user who fulfils the required set of traits for constructing the key will be capable of decrypting and reading the files.These characteristics make it appropriate for e-health requirements [39].In addition to this, the authors of [41] used CP-ABE as the encryption mechanism and solved the problem of reconstruction of keys due to any policy change by relating a proxy re-encryption method with one time pad pin (OTP), so that it can be more secure and will be accessed by only the authorized personnel.In [38], the authors have created a software library that has both CP-ABE and KP-ABE and built a policy generator that is used for generating ABE policies utilizing which the encryption key can be created and data can be encrypted.

EAI Endorsed Transactions on Pervasive Health and Technology
Online First In [40], the authors have utilized multi-authority ABE (MAABE) where ABE is implemented with the division of users into domains, each domain having similar privileges that lead to reduce the difficulty with the key management.In [70], the authors used a fine-grained and enhanced MA-ABE (eMA-ABE) for the secure data sharing of P-HRs.this model ensures data confidentiality and user revocation on demand.Lastly, from the previously mentioned algorithms, the combination of different types can be used in a hybrid environment.These types of hybrid systems get benefitted by more than one encryption technique, e.g.proxy reencryption with asymmetric key encryption method.One type of fusion cryptography includes RSA and AES; RSA is used for creating a digital signature that provides user authentication and AES used for data encryption which ensures data integrity as well as security [43].In [60], Percarina et al. presented an architecture known as SAPPHIRE to maintain the privacy of users by providing anonymity and enhancing the policy administration for the primary data owner.It is a hybrid of RSA and AES.
For providing a secure environment for storage of E-HRs authors of [69] proposed a hybrid technique composed of a symmetric block cipher algorithm, Blowfish to encrypt the data and RSA to encrypt the keys.This mechanism uses an enhanced version of RSA (eRSA) which has better speed than the original RSA.This hybrid method provides better security than any single encryption method.
Another usage of the hybrid system includes using ABE combined with image steganography to insert an encrypted prescription and transmit from the physician to the druggist [27].Another hybrid technique has AES and ABE used together in e-health, where AES is used for encrypting the files and uploading it to the e-health cloud and ABE i.e.KP-ABE is used for providing the users access privileges related to their attributes [42].In [63], the authors proposed a hybrid model using the combination of AES and MA-ABE to provide enhanced security, privacy and access control services to the existing e-health system.It also enhances the scalability of the system and protects the system from attacks like Man-in-the-Middle (MITM) attack, eavesdropping, and Denial-of-service (DOS) attack.The security mechanism used in [64], is ABE with a binary search tree method.Using the effectiveness of CP-ABE this technique ensures that the privacy and security of E-HRs are properly maintained even during data sharing and fuzzy keyword searches.In [51], the proposed framework uses a combined mechanism of IBE and ABE which provides security through data privacy, fine-grained access control, and prevention of inappropriate access of E-HR by the users with numerous roles.In [52], the combination of IBE and ABE decreases the overhead occurs due to management as well as the encryption-decryption time.This mechanism uses AES to encrypt the data files and ABE to encrypt the AES key.By using IBE, ABE and threshold signing the proposed model in [53] provide access control and auditability of the authorized users.
The authors of [57] provided an improvement of an existing secure index search (SIS) algorithm to increase the proficiency of information control and flow in an E-HR cloud using a key management scheme.Both in [71], [72] the authors proposed models for mobile health application using ABE and IBE schemes, those are, IBBE and CP-ABPRE (cipher-text policy attribute-based proxy re-encryption).The patient's data can be shared between patients and medicals securely and patients can discover other persons suffering from similar health conditions using a private data -matching method and ensure to keep the privacy and integrity of data intact.Patients' can choose their doctors, encrypt and upload data and the authorized doctors decrypt it.CP-ABPRE provides finegrained access control.Doctors have to generate only the re-encryption key and the re-encryption is accomplished by a proxy.In [61], the authors proposed a mobile solution for e-health using IBE to protect the credentials of the client, homo-morphic encryption (HE) of medical archives and proxy re-encryption (PE) for protecting the privacy of each entity in e-health.In [65], the authors suggested a hybrid system of MA-ABE and KP-ABE i.e., Hybrid Secure and Scalable Electronic Health Record Sharing (HSS-EHRS) system, which is further divided into two security domains, known as, Public domain (PuD), where the professionals of healthcare can access the E-HRs whereas Personal domain (PsD) is for the persons who are related to the patient.MA-ABE is used for multiple attribute authorities in PuD who can provide secret keys to the PuD users and KP-ABE is specifically used for encryption and management of the secret keys for PsD.
Among other type of hybrid system, one is an hybrid mechanism proposed the authors of [48], to deal with the problem of link-ability, where it is the situation when the trusted cloud provider (CP) tries to access and look into the patient's health records hampering the privacy of patient's data and able to track a patient and identify him, CP is able to do so as he has the responsibility of indexing the medical images and logging the uploads made by healthcare provider hospital and consumer hospital.So this approach considers a trusted third-party as the medium for secure communication and the correct policy is applied to the data by policy encryption point (PEP), and then transferred to the watermarking and encryption point (WEP) where it marks the image, then encrypt and handovers the image to the randomization point (RP).RP is responsible for computing random image index and cache time which makes it difficult for CP to know about the correct order of data received from the provider hospital.When the consumer hospital wants the data it enquires the third-party for the medical image index, then the PEP ensures the access rights of the consumer party to that data, sends indexes and an access ticket for data at the CP.To get access to the right medical image the consumer hospital executes oblivious transfer protocol.In data pseudo-anonymity service.This service consists of PEP and a local cache that randomizes the order of transfer of the record to CP.Overall, the use of the hybrid system is quite advantageous as it gets profits from the features of more than one set of rules where those features can be extended security, fast computing with a lesser amount of overhead, use of digital signature, provision of access rights [1].

Non-Crypto Techniques
As already explained, cryptography has a great impact on the security of the e-health system.However, there also exist some methods other than cryptographic methods which can also provide security.But, these are not commonly used as it gives partial security to e-health cloud which is less than the security provided by crypto methods.Thus these systems are used with crypto approaches in a hybrid system, some those are pointed out below.
One of these approaches is a prototype of authentication and access control manager (AAM) where the users use tokens to access their records warehoused in the cloud, then the server identifies the users and determines their access privileges through AAM server.This model relies on the cloud in case of complex computations [21].In another approach, several facilities are provided to the users like accessing, sharing and management of files by putting a central authority (CA) where the individuals are divided into security classes like; patients, doctors, nurses, family, and insurance companies.In order to achieve user access rights and user authentication, the security classes here give different access privileges to each user and this model is responsible for encryption key distribution [44].The authors of [45] used a combination for an extensible mark-up language (XML) and attribute-based access control (ABAC), which is extensible access control markup language (XACML), to get advantages like role-based access control (RBAC) and policy implementation along with e-health data representation by XML.In [46], Shuo et al. proposed a two-level access control mechanism which includes role-based access control in the first layer with an enhanced RBAC in the second layer, due to the weak features of RBAC.The second tier is time-centred which stores the patient's meeting time, unique for each person; so, the RBAC determines who can see the requested service whereas the extended RBAC regulates the value for each one.A cloud-based privacy-aware rolebased access control model was proposed by the authors of [54], which can be utilized for controlling and tracking the data and the authorized accesses to the healthcare system resources.Another noticeable work is by the authors of [47] who presented a fresh technique as certificate-based encryption with keyword search (CBEKS).This technique is performed by using an asymmetric encryption technique.To set the correct access rights, the data receiver has to send a keyword that describes the desired data file and then a certificate, which expresses the access rights, provided to that receiver.In [84], dynamic searchable encryption with keyword range search and multi-keyword search (DSEKRSMS) using a privacy-preserving equality test (PET) was used to give a searchable and privacy-preserving approach for data sharing in cloud-based e-health systems.
A combined blockchain model of the fully private blockchain (FPB) and consortium blockchain (CB) was proposed to upgrade the time taken for data validation.Here, FPB is used as the classical database for the healthcare institute and CB is used for storing the medical data from all participating medicals.It provides tamperresistant and reliable storage [68].In [56], the Watermarking approach used can mitigate insider threats to the e-health system.Chenthara et al. [78] considered a patient-oriented e-health system model i.e. personally controlled E-HR system using blockchain technology where blockchain can be used for verifying the ownership of the patient's data, giving access permissions and ensuring the data integrity.In [81], to satisfy the criteria of distribution architecture a protocol named pseudonymbased encryption and different authorities (PBEDA) was proposed along with multi-tier blockchain technology in an e-health system.In [82], blockchain is used to protect the outsourced E-HRs from the illegal alteration as every operation on the outsourcing E-HRs is summed up to a transaction.Nguyen et al. [85] proposed an approach using blockchain and peer-to-peer inter-planetary file system (IPFS) storage which provides an efficient access control scheme for secure and decentralized data storage and sharing, shown in figure (3).
To secure the e-health information system (E-HIS) the authors of [49] proposed a framework which consists of the entities, to generate and manage the e-health information are; patients (1P): the healthcare receivers, provider (2P): the health service providers, payer (3P): the insurance companies, national database (ND): cloud used to store data and certificate authority (CrA): a third-party who certifies the 3P's legitimacy in the E-HIS framework.
The authors of [55] proposed a dynamic access control mechanism implemented with the e-health cloud known as risk aware task-based control which ensures that the access is granted based on the AIC (Availability, Integrity, Confidentiality) principle.Lohr et al. [19] proposed an approach provides client platform security using trusted virtual domains (TVD).In [58], the authors used a secret sharing scheme to maintain privacy and high security in the e-health cloud.In [67], a secure and simple framework was proposed in which the e-health data is portioned into multiple segments, each of those segments are enciphered by a secret key method and then stored in a permuted manner by anther CP.The order of data and decryption process is known to the user.This approach can adapt any type of security measure implemented by CP and along with that the framework still manages the secrecy and security of data.

EAI Endorsed Transactions on Pervasive Health and Technology
Online First In [66], the authors offered a framework to deliver security to IoT healthcare wearable devices along with Integrated Circuit Metric (ICMetric).Here, the sensor of the wearable uses MEMS (Micro-Electro-Mechanical Systems) bias and creates device ICMetric.This model provides security services like privacy, confidentiality, availability, the authenticity of the user's device, data integrity, secure access control, protection from attacks like device-capture attack, brute force attack, dictionary attacks, and rainbow table attacks.
In [87], an architecture is presented using Mandatory Access Control Security Model (MACSM) and Access Control List Security Model (ACLSM).It is estimated to provide high reliability, efficiency and dependability to protect the patient's information.
Patra et al. proposed a security architecture for the ehealth system to avoid the problems related to the central web-based system i.e, link failure and low or no fault tolerance.So, they presented a decentralized e-health system named iMedikD which facilitates both local and centralized access [88].

Figure (3). Multi-tier blockchain framework [85].
To preserve privacy in public e-health cloud, Zhang and Liu in [59] introduced a reference model that depends on group signatures to guarantee the unlink-ability of health data to a particular doctor.The authors also proposed that the health record indexes of patients must not reveal their information and should facilitate an effective search.Wang et al. [79] proposed a secure scheme for data sharing by maintaining the anonymity and confidentiality of data while sharing it through public clouds using a bilinear pairing mechanism that provides speed and efficiency along with low expansion rate.Shen et al. [83] proposed an e-health monitoring system using geo-distributed clouds (GDC) and a traffic shaping algorithm (TSA) which together helps in minimizing the service delay and preserving the privacy of health data.

Biometric-based Techniques
Nowadays biometric is adapted by most institutions as it provides a unique identity for each person.Biometric mechanisms provide facilities like user identification and user authentication [73].One of the approaches for the security of e-health using biometric utilizes Minutiae map algorithm authentication of the user concerning his fingerprint biometrics, as it is shown to be the more secure one and needs less time for feature extraction of fingerprint than Gabor feature, orientation maps, and orientation co-linearity algorithms.For the storage services, the approach proposed splits the files of the user and then stores them in two cloud storage, Cloud Me and Dropbox.For encryption of the files, the RC4 algorithm is used.Some of the prevention techniques for Cross-site request forgery (CSRF) and Cross-site scripting (XSS) attacks considered are the use of web-application firewalls, protection of cookie details and checking of the validation of user input [74].The proposed biometricbased architecture of paper [74] is shown in figure (4).The biometric methodology used by the authors of [75] provides security to the e-health data, easy and secure data access and sharing, either by using a given unique identification number or thumb impression of the patient.In [76], the authors provided a framework for security of health monitoring application using biosensor data of the patient where it provides secured access to the data and self-protects the data, for all the times while the data is stored and shared through the cloud.Ibrahim et al. [80] proposed a robust and secure multi-factor remote user protocol that can assure secure communication between patient and doctor even through a public-insecure channel.To protect the user identity the mechanism uses a combination of passwords, smart devices, and biometric authentication.

Discussion
Several security mechanisms used for cloud-based ehealth system security are already explored in this paper; in this section, we are going to mention some advantages and limitations of the mechanisms mentioned above and those limitations can be taken into consideration for future researches.To keep the e-health data free from unwanted exposure as it could disturb the patient's life directly, some features to be taken into consideration are real-time data access, availability of data, and transfer of data from source to endpoint in an unaffected and correct manner.The cryptographic cloud serves well according to these criteria.But there are some of the problems which are pointed out on crypto techniques used in e-health.At first, the symmetric encryption is secure and fast and is very much capable of giving proper security.But the problem with this encryption method is that it does not provide role-based access privileges, because of which an extra method for controlling the data access of users or two-step encryption causing overhead, can be used with it.A solution to this problem can be either to customize this technique to meet the e-health requirement or increase its computation speed.The public-key encryption has the same difficulty as secret-key encryption.However, it is able to be utilized as a digital signature solution as well as for sharing keys among multi-users.Even if the ABE system has the facility of giving role-based privileges, the main problem arises once a user is withdrawn from the ehealth system due to which the whole access policies in the system must be modified.Non-crypto methods do not use cryptographic methods and are faster.Biometric methods are good in user authentication and authorization using physical traits.
Overall, crypto methods are slower than non-crypto methods even if earlier one is more secure than later.It is more preferred to use non-crypto methods than crypto methods if used individually.As a solution to this problem, a hybrid system using any of crypto, non-crypto, and biometric-based approach can be used for providing a desirable security system.
According to our opinion with respect to the papers referenced, the ideal methods for securing the cloud-based e-health system could be, an advanced AES having different types of users with multiple access privileges and low overhead, ABE with an efficient user revocation method, RSA with proper access control and modified application of Biometric compatible with mobile devices, hybrid of any non-crypto methods and biometric-based method, blockchain-oriented methods.
After all the findings for cloud-based e-health system security we would like to recommend to consider the papers ([68], [78], [81], [82], [85]) on blockchain-based mechanism as it is more trending in recent days, the papers ( [74], [75], [76], [80]) on biometric-based mechanism for mobile devices.If anyone considering cryptographic methods for securing cloud-based e-health system then they should consider the papers ( [27], [30], [31] Along with all these, the advantages and limitations of some security mechanisms are shown in the table (4.a), table (4.b) and table (4.c) for crypto, non-crypto and biometric-based security mechanisms respectively.Some of the open problems in e-health security which can be taken into account while developing a security system are user revocation with updating access policy of the ehealth system, efficient key distribution, and management in emergencies.Further researches for the e-health cloud can be done in these fields in the future.
This study is different from other review papers related to the secure cloud-based e-health system because we have considered all possible relevant literature.The security mechanisms are divided into 3 categories by considering a new part as biometric-based along with the previously known cryptographic and non-cryptographic mechanisms.considered as existing open problems on the techniques in the tables and can be used for future studies for providing an improved security facility than the previous version of the technique.Along with these, some mechanisms are recommended such as Blockchain, Biometrics-based mechanisms, ABE, AES, RSA and a list of reference papers to be helpful for other researchers in developing security standards for the e-health system used in the cloud.

Conclusion
In this research paper, six papers are related to e-health cloud security laws.However, in this paper, there is only one research paper which includes both security mechanism and security laws.
Our future research scope includes implementation of a hybrid model using blockchain, biometrics-based security mechanism and if needed using any of the cryptographic security mechanisms and involving security laws in the model for making the security of the cloud-based e-health system better.
Figures of basic public e-health cloud systems and private e-health cloud systems are shown in figure (a) and (b)

Figure
Figure (a).Public e-health cloud system.
personal data need to be, • Processed impartially and legitimately.A Survey on Secure Cloud-Based E-Health Systems EAI Endorsed Transactions on Pervasive Health and Technology Online First 95/46/EC) 24 Oct 1995 • Collected for particular, clear and legitimate motives.
. According to NIST, AES is considered the fast and secure symmetric A Survey on Secure Cloud-Based E-Health Systems EAI Endorsed Transactions on Pervasive Health and Technology Online First
[62], Haas et al. proposed a public cloud solution to prevent link-ability in which before sending a record to public CP it is made anonymous using a component called A Survey on Secure Cloud-Based E-Health Systems EAI Endorsed Transactions on Pervasive Health and Technology Online First

A
Survey on Secure Cloud-Based E-Health Systems EAI Endorsed Transactions on Pervasive Health and Technology Online First
In this paper, 94 relevant research papers are surveyed for the safekeeping of cloud-based e-health systems from various sources till 2019.The various security techniques are summarized that are used in cloud-based e-health systems to achieve security when storing and sharing the e-health record on the cloud.These techniques are crypto methods, non-crypto methods, and biometric methods.Some hybrid systems with the features of more than one technique are also considered.A brief review of the advantages and limitations are provided for some of the security techniques used.The limitations can be EAI Endorsed Transactions on Pervasive Health and Technology Online First System and data security are enhanced Not resolved the problem of making the system fail-safe Data pushing technique, required for false download elimination, is not incorporated A Survey on Secure Cloud-Based E-Health Systems EAI Endorsed Transactions on Pervasive Health and Technology Online First
This article deals with data integrity and data confidentiality where the data controller (DC) i.e hospital will be held responsible,• To the data subjects for implementing proper technical and organizational precautions ensuring a level of security relevant to the risks associated with the data handling and essence of data.• For confirming that the sub-providers allotted by the cloudbased e-health service do not process personal data without the controller's directions.• For the selection of data processors (DP) providing enough guarantee with respect to organizational and technical security steps associated with data processing.
It is not always the situation that a single organization having the data controller role and single-handedly authorized to define the processing of data.

Table ( 4
.a).The advantages and limitations of the crypto security mechanisms.Table (4.b).The advantages and limitations of the non-crypto security mechanisms.
maintain the anonymity of the client, unable to maintain non-repudiation of emergency cases [68] Blockchain Provides a tamper-proof and reliable Need for updating the proposed EAI Endorsed Transactions on Pervasive Health and Technology Table (4.c).The advantages and limitations of the biometric-based security mechanisms.