Abstract:Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

Blockchain-Based Access Control Scheme for Secure Shared Personal Health Records over Decentralised Storage

Secure Decentralized Attribute-Based Sharing of Personal Health Records with Blockchain

A blockchain based secure and privacy aware medical data sharing using smart contract and encryption scheme

A robust algorithm for authenticated health data access via blockchain and cloud computing

A fine‐grained and secure health data sharing scheme based on blockchain

Blockchain-Assisted Secure Fine-Grained Searchable Encryption for a Cloud-Based Healthcare Cyber-Physical System

Flexible and secure access control for EHR sharing based on blockchain

Secure Sharing of Electronic Medical Records Based on Blockchain

Blockchain-based healthcare management system with two-side verifiability

Secure Access Control for Electronic Health Records in Blockchain-Enabled Consumer Internet of Medical Things

Collusion Resistant Multi-Authority Access Control Scheme with Privacy Protection for Personal Health Records.

A blockchain-based framework for electronic medical records sharing with fine-grained access control

Blockchain-Enabled Key Aggregate Searchable Encryption Scheme for Personal Health Record Sharing With Multi-Delegation

A Blockchain-Based Secret-Data Sharing Framework for Personal Health Records in Emergency Condition

A Framework for Securing Health Information Using Blockchain in Cloud Hosted Cyber Physical Systems

A Controllable Secure Blockchain-Based Electronic Healthcare Records Sharing Scheme

BDSS: Blockchain-based Data Sharing Scheme with Fine-grained Access Control and Permission Revocation in Medical Environment

MedSBA: a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption

Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption

Blockchain-Aided Privacy-Preserving Medical Data Sharing Scheme for E-Healthcare System