1. User Credentials Information

• User ID: A unique identifier for every registered user.

• Email: The login email address used for authentication.

• Password: Stored securely using AES-256 encryption with salted hashing.

• Role: Defines user category (Doctor / Patient / Admin).

• Purpose: Stores all login and authentication-related data for secure system access.

2. Doctor Information

• Doctor ID: A unique identifier for each doctor.

• Name: Full name of the doctor.

• Specialization: Area of expertise (e.g., Orthopedic, Neurology).

• Experience: Years of professional medical practice.

• Availability: Weekly time slots available for consultation.

• User ID (FK): References the UserCredentials table to authenticate login.

• Purpose: Stores doctor-specific profile and scheduling details linked with login credentials.

3. Patient Information

• Patient ID: Unique identifier for each patient.

• Name: Full name of the patient.

• Date of Birth: Used for therapy customization.

• Contact: Phone number or communication preference.

• Assigned Doctor ID (FK): References the supervising doctor.

• Reminder Preference: Frequency of exercise reminders.

• User ID (FK): Links to the UserCredentials table for authentication.

• Purpose: Maintains personal, medical, and communication details of patients.

4. Exercise Details

• Exercise ID: Unique identifier for each exercise.

• Name: Title of the exercise.

• Description: Brief explanation of purpose and method.

• Target Body Part: Body area focused on during exercise.

• Difficulty Level: Categorized as Easy / Moderate / Hard.

• AI Model Reference: Edge AI posture detection model associated with exercise.

• Purpose: Defines the exercise catalog and AI references used during sessions.

5. Session Data

• Session ID: Unique session identifier.

• Patient ID (FK): Patient performing the session.

• Doctor ID (FK): Doctor overseeing the session.

• Exercise ID (FK): Exercise performed during the session.

• Date & Time: When the session occurred.

• Duration: Session length in minutes.

• Accuracy Score: Posture accuracy calculated by AI.

• Feedback Notes: Observations from doctor or AI.

• Video Link: Optional URL to recorded session video.

• Purpose: Records each exercise session with complete AI analytics and supervision metadata.

6. Notification Details

• Notification ID: Unique identifier for each alert or reminder.

• Patient ID (FK): Patient receiving the notification.

• Message: Notification content.

• Type: Delivery mode (Mobile, Email, SMS).

• Status: Sent / Pending / Failed.

• Scheduled Time: When notification is to be triggered.

• Purpose: Stores automated reminder information for exercises, appointments, or missed sessions.

7. Reports Information

• Report ID: Unique identifier for each progress report.

• Patient ID (FK): Patient to whom the report belongs.

• Doctor ID (FK): Doctor who validated the report.

• Generated Date: Date report was created.

• Summary Text: Overview of progress summary.

• Accuracy Trend: Aggregated posture accuracy from sessions.

• Adherence Score: Percentage of exercises completed as prescribed.

• Report Link: Link to downloadable PDF or dashboard visualization.

• Purpose: Generates analytical data for weekly or monthly performance reports for doctors and patients.

8. Data Storage

• Storage ID: Unique identifier for each backup record.

• Backup Date: Timestamp of performed backup.

• File Path: Path to stored data in Azure Blob Storage.

• Encryption Status: Indicates if backup is encrypted.

• Backup Type: Full / Incremental.

• Responsible Admin: Name or ID of the administrator performing backup.

• Purpose: Manages all system backups, versioning, and restoration logs for data integrity.

Access Restrictions

• Implement Role-Based Access Control (RBAC) for Doctors, Patients, and Admins.

• Multi-Factor Authentication (MFA) for Doctors and Admins.

• Session Timeout: Automatic logout after 10 minutes of inactivity.

• Authorization Tokens: Renewed per session with limited lifetime.

Encryption

• At Rest: AES-256 encryption for passwords, medical data, and contact information.

• In Transit: TLS 1.3 encryption for all communication channels.

Backup & Recovery

• Full Backups: Daily to Azure Blob Storage.

• Incremental Backups: Every 6 hours.

• Version Control: Each backup stored with metadata for restore operations.

Audit & Monitoring

• Track login attempts, role changes, and data modifications for 90 days.

• Alerts triggered for unauthorized access or suspicious activity.

The ER Diagram below represents all entities, relationships, and cardinalities according to functional requirements.

Functional Requirement	Mapped Entity	Purpose / Description
Create / Update / Delete accounts	UserCredentials, Doctor, Patient	Handles account management and role definition.
Authenticate users securely	UserCredentials	Passwords encrypted and authenticated via AES-256 and salted hash.
Send exercise reminders	Notification	Stores schedule, content, and delivery status.
Capture sessions via device camera	Session, Data Storage	Records session metadata and device linkages.
Store patient exercise history	Session	Tracks duration, feedback, and accuracy.
View weekly progress dashboard	Report, Session	Summarizes accuracy and adherence over time.
Alert for missed sessions	Notification	Triggers alerts for delayed or skipped exercises.
Generate visual progress reports	Report	Aggregates session and AI metrics.
Maintain secure login and MFA	UserCredentials	Enforces secure access for users.
Maintain historical exercise data	Session	Enables historical trend visualization.
Personalized exercise plans	Exercise	Doctor-defined therapy plans.
Manage backup and recovery	DataStorage	Logs all backup and restore activity.
Share reports with caregivers	Report	Generates downloadable or shared reports.