E-health system has been used as communication system that enables to deliver medical service over the Internet. The medical information’s accessible in e-health systems are highly sensitive and distributed that demands strong authentication and authorization mechanisms for communication between the healthcare professionals, consumers and providers. Internet is an open system that provides anybody can access any information. Hence, e-health users demand safe communication and user privacy over Internet. This paper introduces two secure communication protocols based on message passing and Mobile agent for online e-health system. Certificate based Authentication and Attribute based Policy assigned Authorization framework (CAAPA) for Mobile e-health systems is proposed based on message passing technique. Token based Cross Verification (TCV) protocol is proposed for secure services in e-health System over Internet based on Mobile agent. Both protocols offer user friendly, well-built secure mechanism that gives confident to the users and healthcare professional to access the E-health system. CAAPA is efficient in terms of maintaining strong user privacy and the communication overhead is high. TCV is efficient in terms of maintaining strong user privacy and consumes less communication overhead.