Jiahao Chen,Xinchun Yin,Jianting Ning

DOI: https://doi.org/10.1002/ett.4510

IF: 3.6

2022-04-10

Transactions on Emerging Telecommunications Technologies

Abstract:This paper proposes a fine‐grained and secure health data sharing system based on blockchain. Trusted consensus nodes publish public parameter and retain master secret key, also generate attribute‐based encryption key and proxy key for data requesters. The doctor generates an electronic health record (EHR) for the patient and signs it with his private key which can ensure non‐repudiation. Patient can encrypt his EHR and upload it to the IPFS. Patient can also set the smart contract. If a data requester wants to acquire EHR, he must pass the authentication of the smart contract, the patient can generate a re‐encryption key for him. Blockchain is used to store the index of EHR and the hash value of EHR to achieve tamper resistance.Electronic health record (EHR) allows patients to use an open channel (ie, Internet) to control, share and manage their health records among family members, healthcare providers and other third party data users. Thus, in such an environment, privacy, confidentiality, and data consistency are the major challenges. Although cloud‐based EHR addresses the aforementioned discussions, these are prone to various malicious attacks, trust management and non‐repudiation among servers. Recently, due to the property of immutability, blockchain technology has been introduced to be as an auspicious solution for achieving EHR sharing with privacy and security preservation. Motivated by the above debates, we present BFHS, a blockchain‐based fine‐grained secure EHR sharing mechanism. On BFHS, we encrypt the EHR using ciphertext‐policy attribute‐based encryption (CP‐ABE) and upload it to the interplanetary file system (IPFS) for storage, while the matching index is encrypted via proxy re‐encryption and kept in a medical consortium blockchain. In addition, we created a credit assessment mechanism and incorporated it into the smart contract. Smart contracts, proxy re‐encryption, a credit evaluation mechanism, and IPFS all work together to give patients with a trustworthy EHR sharing environment and a dynamic access control interface. The thorough comparison and experimental analysis show that the proposed BFHS has more comprehensive security features and is more practicable.

telecommunications

Ali Shahzad,Wenyu Chen,Momina Shaheen,Yin Zhang,Faizan Ahmad

DOI: https://doi.org/10.1371/journal.pone.0307039

IF: 3.7

2024-09-23

PLoS ONE

Abstract:In modern healthcare, providers increasingly use cloud services to store and share electronic medical records. However, traditional cloud hosting, which depends on intermediaries, poses risks to privacy and security, including inadequate control over access, data auditing, and tracking data origins. Additionally, current schemes face significant limitations such as scalability concerns, high computational overhead, practical implementation challenges, and issues with interoperability and data standardization. Unauthorized data access by cloud providers further exacerbates these concerns. Blockchain technology, known for its secure and decentralized nature, offers a solution by enabling secure data auditing in sharing systems. This research integrates blockchain into healthcare for efficient record management. We proposed a blockchain-based method for secure EHR management and integrated Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for fine-grained access control. The proposed algorithm combines blockchain and smart contracts with a cloud-based healthcare Service Management System (SMS) to ensure secure and accessible EHRs. Smart contracts automate key management, encryption, and decryption processes, enhancing data security and integrity. The blockchain ledger authenticates data transactions, while the cloud provides scalability. The SMS manages access requests, enhancing resource allocation and response times. A dual authentication system confirms patient keys before granting data access, with failed attempts leading to access revocation and incident logging. Our analyses show that this algorithm significantly improves the security and efficiency of health data exchanges. By combining blockchain's decentralized structure with the cloud's scalability, this approach significantly improves EHR security protocols in modern healthcare setting.

Aisha Banu,Sharon Priya S,Poojitha K,Kiruthiga R,Ruby Annette,Subash Chandran

DOI: https://doi.org/10.48550/arXiv.2306.17084

2023-06-26

Abstract:Electronic Health Records (EHRs) have undergone numerous technical improvements in recent years, including the incorporation of mobile devices with the cloud computing technologies to facilitate medical data exchanges between patients and the healthcare professionals. This cutting-edge architecture enables cyber physical systems housed in the cloud to provide healthcare services with minimal operational costs, high flexibility, security, and EHR accessibility. If patient health information is stored in the hospital database, there will always be a risk of intrusion, i.e., unauthorized file access and information modification by attackers. To address this concern, we propose a decentralized EHR system based on Blockchain technology. To facilitate secure EHR exchange across various patients and medical providers, we develop a reliable access control method based on smart contracts. We incorporate Cryptocurrency, specifically Ethereum, in the suggested system to protect sensitive health information from potential attackers. In our suggested approach, both physicians and patients are required to be authenticated. Patients can register, and a block with a unique hash value will be generated. Once the patient discusses the disease with the physician, the physician can check the patient's condition and offer drugs. For experimental findings, we employ the public Block chain Ganache and solidity remix-based smart contracts to protect privacy. Ethers are used as the crypto currencies.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Shekha Chenthara,Khandakar Ahmed,Hua Wang,Frank Whittaker,Zhenxiang Chen

DOI: https://doi.org/10.1371/journal.pone.0243043

IF: 3.7

2020-12-09

PLoS ONE

Abstract:The privacy of Electronic Health Records (EHRs) is facing a major hurdle with outsourcing private health data in the cloud as there exists danger of leaking health information to unauthorized parties. In fact, EHRs are stored on centralized databases that increases the security risk footprint and requires trust in a single authority which cannot effectively protect data from internal attacks. This research focuses on ensuring the patient privacy and data security while sharing the sensitive data across same or different organisations as well as healthcare providers in a distributed environment. This research develops a privacy-preserving framework viz Healthchain based on Blockchain technology that maintains security, privacy, scalability and integrity of the e-health data. The Blockchain is built on Hyperledger fabric, a permissioned distributed ledger solutions by using Hyperledger composer and stores EHRs by utilizing InterPlanetary File System (IPFS) to build this healthchain framework. Moreover, the data stored in the IPFS is encrypted by using a unique cryptographic public key encryption algorithm to create a robust blockchain solution for electronic health data. The objective of the research is to provide a foundation for developing security solutions against cyber-attacks by exploiting the inherent features of the blockchain, and thus contribute to the robustness of healthcare information sharing environments. Through the results, the proposed model shows that the healthcare records are not traceable to unauthorized access as the model stores only the encrypted hash of the records that proves effectiveness in terms of data security, enhanced data privacy, improved data scalability, interoperability and data integrity while sharing and accessing medical records among stakeholders across the healthchain network.

multidisciplinary sciences

Song Luo,N. Han,Tan Hu,YuHua Qian

DOI: https://doi.org/10.1155/2024/5569121

IF: 1.938

2024-02-03

International Journal of Distributed Sensor Networks

Abstract:As network technology advances and more people use devices, data storage has become a significant challenge due to the explosive growth of information and the threat of data leaks. In traditional medical institutions, most medical data is stored centrally through cloud computing technology in the institution’s data center. This centralized storage method has many security risks, and once the central server is attacked, it will lead to the loss of medical data, which will lead to the leakage of patients’ private data. At the same time, electronic medical records are the most critical data in the current medical field. In the traditional centralized healthcare service system (HSS), there are data leakage problems and tampering with electronic medical records due to human factors. At the same time, each hospital is built independently, resulting in the current centralized healthcare service system having a data silo problem, making it difficult to share medical data between institutions securely. With the increase in the number of users in the system, the electronic medical record data in the system also increases gradually, resulting in the increasing overhead of decryption calculation. Therefore, this paper proposes a blockchain-based access control scheme with multiparty authorization to ensure the security of electronic medical records. The scheme uses an SM encryption algorithm to encrypt the medical data in the system. It adds the patient’s signature to ensure the confidentiality and security of the data, and the encrypted electronic medical records (EMRs) are stored in the InterPlanetary File System (IPFS) to realize the distributed storage of EMR. In addition, role-based multiauthorization access control is implemented through smart contract-based to ensure the security of EMR. We have analyzed the security of this paper’s solution and compared its performance with the existing schemes based on other cryptographic algorithms. The experimental results show that the proposed solution significantly improves the secure sharing of EMR and provides system performance.

computer science, information systems,telecommunications

Guangfu Wu,Haiping Wang,Zi Yang,Daojing He,Sammy Chan

DOI: https://doi.org/10.1007/s10916-024-02120-9

IF: 4.92

2024-11-24

Journal of Medical Systems

Abstract:In recent years, Electronic health records (EHR) has gradually become the mainstream in the healthcare field. However, due to the fact that EHR systems are provided by different vendors, data is dispersed and stored, which leads to the phenomenon of data silos, making medical information too fragmented and bringing some challenges to current medical services. Therefore, in view of the difficulties in sharing EHR between medical institutions, the risk of privacy leakage, and the lack of EHR usage control by patients, an EHR sharing model based on consortium blockchain is proposed in this paper. Firstly, the Interplanetary File System is combined with consortium blockchain, which forms a hybrid storage scheme of EHR, this technology effectively improves data security, privacy protection, and operational efficiency. Secondly, the model combines unidirectional multi-hop conditional proxy re-encryption based on type and identity with distributed key generation technology to achieve secure EHR sharing with fine grained control. At the same time, users are required to link the operation records of EHR, so as to realize the traceability of EHR usage. A dynamic Byzantine fault-tolerant algorithm based on reputation and clustering is then proposed to solve the problems of arbitrary master node selection, high latency and low throughput of PBFT, enabling the nodes to reach consensus more efficiently. Finally, the model is analyzed in terms of security and user control, showing that the model is less energy intensive in terms of communication overhead and time consumption, and can effectively achieve secure sharing between medical data.

health care sciences & services,medical informatics

Jin Sun,Lili Ren,Shangping Wang,Xiaomin Yao

DOI: https://doi.org/10.1371/journal.pone.0239946

IF: 3.7

2020-10-06

PLoS ONE

Abstract:In the medical system, the verification, preservation and synchronization of electronic medical records has always been a difficult problem, and the random dissemination of patient records will bring various risks to patient privacy. Therefore, how to achieve secure data sharing on the basis of ensuring users' personal privacy becomes the key. In recent years, blockchain has been proposed to be a promising solution to achieve data sharing with security and privacy preservation due to its advantages of immutability. So, a distributed electronic medical records searchable scheme was proposed by leveraging blockchain and smart contract technology. Firstly, we perform a hash calculation on the electronic medical data and store the corresponding value on the blockchain to ensure its integrity and authenticity. Then, we encrypt the electronic medical data and store it in the interplanetary file system which is a distributed storage protocol. These operations not only can solve centralized data store of servers of several medical institutions, but also be good at lowering stress from data store and high-frequency access to blockchain. Secondly, the encrypted keyword index information of electronic medical records was stored on the Ethereum blockchain, meanwhile a smart contract deployed in the Ethereum blockchain is used to realize keyword search instead of depending on a centralized third party. Furthermore, we use attribute-based encryption scheme to ensure that only the attributes meeting the access policy can decrypt the encrypted electronic medical records. Finally, our performance analysis and security analysis show that the scheme is secure and efficient.

Weizhe Chen,Shunzhi Zhu,Jianmin Li,Jiaxin Wu,Chin-Ling Chen,Yong-Yuan Deng

DOI: https://doi.org/10.3390/s21227765

IF: 3.9

2021-11-22

Sensors

Abstract:With the popularity of the internet 5G network, the network constructions of hospitals have also rapidly developed. Operations management in the healthcare system is becoming paperless, for example, via a shared electronic medical record (EMR) system. A shared electronic medical record system plays an important role in reducing diagnosis costs and improving diagnostic accuracy. In the traditional electronic medical record system, centralized database storage is typically used. Once there is a problem with the data storage, it could cause data privacy disclosure and security risks. Blockchain is tamper-proof and data traceable. It can ensure the security and correctness of data. Proxy re-encryption technology can ensure the safe sharing and transmission of relatively sensitive data. Based on the above situation, we propose an electronic medical record system based on consortium blockchain and proxy re-encryption to solve the problem of EMR security sharing. Electronic equipment in this process is connected to the blockchain network, and the security of data access is ensured through the automatic execution of blockchain chaincodes; the attribute-based access control method ensures fine-grained access to the data and improves the system security. Compared with the existing electronic medical records based on cloud storage, the system not only realizes the sharing of electronic medical records, but it also has advantages in privacy protection, access control, data security, etc.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Tian Lim Tan,Iftekhar Salam,Madhusudan Singh

DOI: https://doi.org/10.1371/journal.pone.0266916

IF: 3.7

2022-04-14

PLoS ONE

Abstract:The lack of data outsourcing in healthcare management systems slows down the intercommunication and information sharing between different entities. A standard solution is outsourcing the electronic health record (EHR) to a cloud service provider (CSP). The outsourcing of the EHR should be performed securely without compromising the CSP functionalities. Searchable encryption would be a viable approach to ensure the confidentiality of the data without compromising searchability and accessibility. However, most existing searchable encryption solutions use centralised architecture. These systems have trust issues as not all the CSPs are fully trusted or honest. To address these problems, we explore blockchain technology with smart contract applications to construct a decentralised system with auditable yet immutable data storage and access. First, we propose a blockchain-based searchable encryption scheme for EHR storage and updates in a decentralised fashion. The proposed scheme supports confidentiality of the outsourced EHR, keyword search functionalities, verifiability of the user and the server, storage immutability, and dynamic updates of EHRs. Next, we implement a prototype using JavaScript and Solidity on the Ethereum platform to demonstrate the practicality of the proposed solution. Finally, we compare the performance and security of the proposed scheme against existing solutions. The result indicates that the proposed scheme is practical while providing the desired security features and functional requirements.

MyeongHyun Kim,SungJin Yu,JoonYoung Lee,YoHan Park,YoungHo Park

DOI: https://doi.org/10.3390/s20102913

IF: 3.9

2020-05-21

Sensors

Abstract:In the traditional electronic health record (EHR) management system, each medical service center manages their own health records, respectively, which are difficult to share on the different medical platforms. Recently, blockchain technology is one of the popular alternatives to enable medical service centers based on different platforms to share EHRs. However, it is hard to store whole EHR data in blockchain because of the size and the price of blockchain. To resolve this problem, cloud computing is considered as a promising solution. Cloud computing offers advantageous properties such as storage availability and scalability. Unfortunately, the EHR system with cloud computing can be vulnerable to various attacks because the sensitive data is sent over a public channel. We propose the secure protocol for cloud-assisted EHR system using blockchain. In the proposed scheme, blockchain technology is used to provide data integrity and access control using log transactions and the cloud server stores and manages the patient’s EHRs to provide secure storage resources. We use an elliptic curve cryptosystems (ECC) to provide secure health data sharing with cloud computing. We demonstrate that the proposed EHR system can prevent various attacks by using informal security analysis and automated validation of internet security protocols and applications (AVISPA) simulation. Furthermore, we prove that the proposed EHR system provides secure mutual authentication using BAN logic analysis. We then compare the computation overhead, communication overhead, and security properties with existing schemes. Consequently, the proposed EHR system is suitable for the practical healthcare system considering security and efficiency.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Shengmin Xu,Jianting Ning,Xiaoguo Li,Jiaming Yuan,Xinyi Huang,Robert H. Deng

DOI: https://doi.org/10.1109/tsc.2024.3356595

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Blockchain as an open and immutable ledger is being posited as the next frontier in healthcare that will help solve the industry's interoperability challenges. However, immutability in processing personal data is no longer legal since the General Data Protection Regulation (GDPR) requires the “right to be forgotten” as a critical data subject right. To observe such data regulation, it is desirable to build a healthcare blockchain with data redaction in a controlled way. Moreover, electronic health records (EHRs) usually are sensitive and the conventional blockchain lacks systematic and formal security analysis of data confidentiality, especially in the multi-user setting. Furthermore, EHRs are typically helpful in medical research for predicting epidemic diseases and valuable in insurance agencies making business plans. Hence, in healthcare blockchain systems, data confidentiality and flexible key distribution have become the most challenging issues that should be urgently resolved. In this article, we propose a privacy-preserving and redactable healthcare blockchain system (PRHBS). Our solution offers fine-grained block-level data reduction and secure data sharing with flexible key distribution mechanisms. We give the formal definition and security models of PRHBS, and propose a generic construction based on trapdoor-based chameleon-hash function, attribute-based encryption, and puncturable encryption. We present formal security analysis and give an instantiation based on our proposed generic construction. The comprehensive comparison and experimental simulation demonstrate that our implementation exhibits comparable performance, while surpassing the most relevant solutions in terms of functionality.

computer science, information systems, software engineering

Honglei Li,Xiao Yang,Hongxin Wang,Wujia Wei,Weilian Xue

DOI: https://doi.org/10.1155/2022/2058497

2022-03-04

Abstract:The sharing of electronic healthcare records (EHRs) is important to healthcare and medical research. However, institutions are faced with difficulties in privacy protection and efficiently secure data exchange. The main objective of this study is to propose a controllable secure blockchain-based EHRs sharing scheme. For this purpose, blockchain technologies are combined with interplanetary file systems (IPFS) to provide efficient secure EHRs sharing. Firstly, the IPFS-based EHR file system (IEFS) is designed to save and share large-size EHR files among medical institutions. With the high-throughput content-addressed block storage model and appropriate redundant backup of IPFS, IEFS is tamper-resistant and free of a single point of failure. Secondly, the blockchain is used to implement the blockchain-based EHR abstract system (BEAS) to manipulate EHR abstracts access. In BEAS, the EHR file addresses generated by IEFS are encrypted and saved in EHR abstracts for privacy protection. Since EHR abstracts are encrypted by patients' public keys, the sharing of EHR files is under the control of patients. In our experiment, a prototype system is developed to validate the proposed scheme. The experimental results showed that (1) EHRs are securely shared under the control of patients and (2) EHR files are retrieved at an acceptable speed supported by IPFS technology. In this paper, solutions to some important practical issues such as incapacitated patients, encryption key forgetting/missing, and efficient interaction of doctors with EHRs sharing scheme are also seriously discussed.

K Vivekrabinson,K Ragavan,P Jothi Thilaga,J Bharath Singh,Vivekrabinson, K

DOI: https://doi.org/10.1007/s10916-024-02053-3

IF: 4.92

2024-03-26

Journal of Medical Systems

Abstract:In today's data-driven world, the exponential growth of digital information poses significant challenges in data management. In recent years, the adoption of cloud-based Electronic Health Records (EHR) sharing schemes has yielded numerous advantages like improved accessibility, availability, and enhanced interoperability. However, the centralized nature of cloud storage presents challenges in terms of information storage, privacy protection, and security. Despite several approaches that have been presented to ensure secure deduplication of similar EHRs, the validation of data integrity without a third-party auditor (TPA) remains a persistent task. Because involving a TPA raises concerns about the confidentiality and privacy of crucial healthcare information. To tackle this challenge, a novel cloud storage auditing technique is proposed that incorporates cross-patient block-level deduplication while upholding strong privacy protection, ensuring that EHR is not compromised. Here, we introduced blockchain technology to achieve integrity verification, thus eliminating the need for a TPA by providing a decentralized and transparent mechanism. Additionally, an index for all EHRs has been generated to facilitate block-level duplicate checks and employ a novel strategy to prevent adversaries from acquiring original information saved in the cloud storage. The security of the proposed approach is established against factorization attacks and decrypt exponent attacks. The performance evaluation demonstrates the superior efficiency of the proposed scheme in terms of file authenticator generation, challenge creation, and proof verification to other existing client-side deduplication approaches.

health care sciences & services,medical informatics

Jun Li,Xinman Luo,Hong Lei

DOI: https://doi.org/10.3390/electronics13122425

IF: 2.9

2024-06-21

Electronics

Abstract:The rapid growth of electronic health (eHealth) systems has led to serious security and privacy challenges, highlighting the critical importance of protecting sensitive healthcare data. Although researchers have employed blockchain to tackle data management and sharing within eHealth systems, substantial privacy concerns persist as a primary challenge. In this paper, we introduce TrustHealth, a secure data sharing system that leverages trusted execution environment (TEE) and blockchain technology. TrustHealth leverages blockchain to design smart contracts to offer robust hashing protection for patients' healthcare data. We provide a secure execution environment for SQLCipher, isolating all sensitive operations of healthcare data from the untrusted environment to ensure the confidentiality and integrity of the data. Additionally, we design a TEE-empowered session key generation protocol that enables secure authentication and key sharing for both parties involved in data sharing. Finally, we implement TrustHealth using Hyperledger Fabric and ARM TrustZone. Through security and performance evaluation, TrustHealth is shown to securely process massive encrypted data flows at a rate of 5000 records per second, affirming the feasibility of our proposed scheme. We believe that TrustHealth offers valuable guidelines for the design and implementation of similar systems, providing a valuable contribution to ensuring the privacy and security of eHealth systems.

engineering, electrical & electronic,physics, applied,computer science, information systems

Peng Li,Dehua Zhou,Haobin Ma,Junzuo Lai

DOI: https://doi.org/10.1016/j.sysarc.2023.103033

IF: 5.836

2023-11-27

Journal of Systems Architecture

Abstract:With the rapid development of the healthcare industry, many Electronic Health Records (EHRs) have emerged in different healthcare centers. However, lots of personal medical data are stored directly in plaintext at a single healthcare center, which makes it suffer from the single point of failure and brings many security and privacy issues such as privacy information leakage or tampering. The combination of blockchain and attributed-based cryptography can effectively solve the above problems. Therefore, in order to enable flexible fine-grained access control and efficient data retrieval while achieving privacy protection, we employ the ciphertext-policy attributed-based encryption (CP-ABE) and ciphertext-policy attribute-based searchable encryption (CP-ABSE) to propose a hidden policy attribute-based access control scheme. In addition, we combine consortium blockchain and smart contract to provide secure and reliable search and outsourcing decryption. Finally, through the security analysis and experimental results, we demonstrate that our scheme is secure and efficient.

computer science, software engineering, hardware & architecture

Ahmed Raza Rajput,Qianmu Li,Milad Taleby Ahvanooey

DOI: https://doi.org/10.3390/healthcare9020206

2021-02-14

Abstract:Blockchain technology is the most trusted all-in-one cryptosystem that provides a framework for securing transactions over networks due to its irreversibility and immutability characteristics. Blockchain network, as a decentralized infrastructure, has drawn the attention of various startups, administrators, and developers. This system preserves transactions from tampering and provides a tracking tool for tracing past network operations. A personal health record (PHR) system permits patients to control and share data concerning their health conditions by particular peoples. In the case of an emergency, the patient is unable to approve the emergency staff access to the PHR. Furthermore, a history record management system of the patient's PHR is required, which exhibits hugely private personal data (e.g., modification date, name of user, last health condition, etc.). In this paper, we suggest a healthcare management framework that employs blockchain technology to provide a tamper protection application by considering safe policies. These policies involve identifying extensible access control, auditing, and tamper resistance in an emergency scenario. Our experiments demonstrated that the proposed framework affords superior performance compared to the state-of-the-art healthcare systems concerning accessibility, privacy, emergency access control, and data auditing.

Lanxiang Chen,Wai-Kong Lee,Chin-Chen Chang,Kim-Kwang Raymond Choo,Nan Zhang

DOI: https://doi.org/10.1016/j.future.2019.01.018

IF: 7.307

2019-06-01

Future Generation Computer Systems

Abstract:Data leakage in electronic health records (EHRs) could result in the compromise of patient privacy (e.g. medical conditions). Generally most data in EHRs remain unchanged once they are uploaded to the system; thus, blockchain can be potentially used to facilitate the sharing of such data. Different participating medical organizations and individuals (e.g. medical practitioners, hospitals, medical labs and insurance companies) can then access EHRs stored on the blockchain with a higher level of confidence. In this paper, a blockchain based searchable encryption scheme for EHRs is proposed. The index for EHRs is constructed through complex logic expressions and stored in the blockchain, so that a data user can utilize the expressions to search the index. As only the index is migrated to the blockchain to facilitate propagation, the data owners have full control over who can see their EHRs data. The use of blockchain technology ensures the integrity, anti-tampering, and traceability of EHRs’ index. Finally, the performance of the proposed scheme is evaluated from two aspects, namely in terms of the overhead for extracting the document IDs from EHRs and the overhead associated with conducting transactions on smart contract in Ethereum.

Alaa Haddad,Mohamed Hadi Habaebi,Elfatih A. A. Elsheikh,Rafiqul Islam,Suriza Ahmad Zabidi,Fakher Eldin M. Suliman,Md. Rafiqul Islam

DOI: https://doi.org/10.1371/journal.pone.0301371

IF: 3.7

2024-04-02

PLoS ONE

Abstract:To secure sensitive medical records in the healthcare clouds, this paper proposes an End-to-End Encryption (E2EE) to enhance a patient-centric blockchain-based system for electronic health record (EHR) management. The suggested system with a focus on the patient enables individuals to oversee their medical records within various involved parties by authorizing or withdrawing permission for access to their records. Utilizing the inter-planetary file system (IPFS) for record storage is chosen due to its decentralized nature and its ability to guarantee the unchangeability of records. Then an E2EE enhancement maintains the medical data integrity using dual level-Hybrid encryption: symmetric Advanced Encryption Standard (AES) and asymmetric Elliptic Curve Cryptography (ECC) cryptographic techniques. The proposed system is implemented using the Ethereum blockchain system for EHR data sharing and integration utilizing a web-based interface for the patient and all users to initiate the EHR sharing transactions over the IPFS cloud. The proposed system performance is evaluated in a working system prototype. For different file sizes between 512 KB to 100 MB, the performance metrics used to evaluate the proposed system were the time consumed for generating key, encryption, and decryption. The results demonstrate the proposed system's superiority over other cutting-edge systems and its practical ability to share secure health data in cloud environments.

multidisciplinary sciences

Hancheng Gao,Haiping Huang,Lingyan Xue,Fu Xiao,Qi Li

DOI: https://doi.org/10.1109/jiot.2023.3279893

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:The integration of Internet of Things (IoT) with cloud-edge computing in cyber-physical systems has revolutionized the way healthcare enterprises manage electronic health records (EHRs). With more healthcare enterprises outsourcing encrypted EHRs to the cloud, searchable encryption is utilized to retrieve encrypted data, especially attribute-based searchable encryption (ABSE) can achieve fine-grained access control. However, ABSE usually requires a lot of computation, which imposes a serious burden on resource-limited devices. Moreover, ensuring fairness in data access is crucial in the healthcare domain, where both data users and owners may have conflicting interests. In order to overcome these problems, this paper proposes a searchable encryption scheme with fine-grained access control for cloud-based EHRs sharing assisted by blockchain. It transfers computing tasks to edge servers and enables users to control who has access to their EHRs. The adoption of blockchain and smart contracts guarantees data integrity and transaction fairness. Moreover, a consensus algorithm is designed for the higher efficiency of the proposed scheme. Finally, security analysis proves the proposed scheme resists adaptive chosen keyword attacks (CKA). Performance analysis further confirms it has more functionalities and is efficient for smart healthcare.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chaoyang Li,Mianxiong Dong,Jian Li,Gang Xu,Xiubo Chen,Kaoru Ota

DOI: https://doi.org/10.1109/jiot.2020.3038721

IF: 10.6

2021-05-01

IEEE Internet of Things Journal

Abstract:Electronic medical records (EMRs) are the most critical data in human health management. As in traditional centralized healthcare service systems (HSSs), user privacy security, EMRs data leakage, tampering, and island are some significant problems. However, blockchain is a promising technology to protect the privacy and realize cross-institutional data sharing for solving these problems. In this article, a novel peer-to-peer EMRs data management and trading system called healthchain has been proposed based on consortium blockchain technology. Through this distributed system, the patient can access their EMRs in different institutions freely, and the EMRs can be traded among different users conveniently. Then, to balance EMRs data supply and demand, we establish a Stackelberg pricing model to evaluate EMRs data providers and consumers' interactions. The optimal unit price and data amounts can be found by applying the backward induction method, and the maximizing benefits of the participants can be obtained by achieving the Nash equilibrium in the proposed game. Moreover, security analysis shows the healthchain can provide secure EMRs management and trading, and the simulation results show that the proposed pricing model can help the healthchain achieve social welfare maximization.

computer science, information systems,telecommunications,engineering, electrical & electronic