Guangfu Wu,Haiping Wang,Zi Yang,Daojing He,Sammy Chan

DOI: https://doi.org/10.1007/s10916-024-02120-9

IF: 4.92

2024-11-24

Journal of Medical Systems

Abstract:In recent years, Electronic health records (EHR) has gradually become the mainstream in the healthcare field. However, due to the fact that EHR systems are provided by different vendors, data is dispersed and stored, which leads to the phenomenon of data silos, making medical information too fragmented and bringing some challenges to current medical services. Therefore, in view of the difficulties in sharing EHR between medical institutions, the risk of privacy leakage, and the lack of EHR usage control by patients, an EHR sharing model based on consortium blockchain is proposed in this paper. Firstly, the Interplanetary File System is combined with consortium blockchain, which forms a hybrid storage scheme of EHR, this technology effectively improves data security, privacy protection, and operational efficiency. Secondly, the model combines unidirectional multi-hop conditional proxy re-encryption based on type and identity with distributed key generation technology to achieve secure EHR sharing with fine grained control. At the same time, users are required to link the operation records of EHR, so as to realize the traceability of EHR usage. A dynamic Byzantine fault-tolerant algorithm based on reputation and clustering is then proposed to solve the problems of arbitrary master node selection, high latency and low throughput of PBFT, enabling the nodes to reach consensus more efficiently. Finally, the model is analyzed in terms of security and user control, showing that the model is less energy intensive in terms of communication overhead and time consumption, and can effectively achieve secure sharing between medical data.

health care sciences & services,medical informatics

Honglei Li,Xiao Yang,Hongxin Wang,Wujia Wei,Weilian Xue

DOI: https://doi.org/10.1155/2022/2058497

2022-03-04

Abstract:The sharing of electronic healthcare records (EHRs) is important to healthcare and medical research. However, institutions are faced with difficulties in privacy protection and efficiently secure data exchange. The main objective of this study is to propose a controllable secure blockchain-based EHRs sharing scheme. For this purpose, blockchain technologies are combined with interplanetary file systems (IPFS) to provide efficient secure EHRs sharing. Firstly, the IPFS-based EHR file system (IEFS) is designed to save and share large-size EHR files among medical institutions. With the high-throughput content-addressed block storage model and appropriate redundant backup of IPFS, IEFS is tamper-resistant and free of a single point of failure. Secondly, the blockchain is used to implement the blockchain-based EHR abstract system (BEAS) to manipulate EHR abstracts access. In BEAS, the EHR file addresses generated by IEFS are encrypted and saved in EHR abstracts for privacy protection. Since EHR abstracts are encrypted by patients' public keys, the sharing of EHR files is under the control of patients. In our experiment, a prototype system is developed to validate the proposed scheme. The experimental results showed that (1) EHRs are securely shared under the control of patients and (2) EHR files are retrieved at an acceptable speed supported by IPFS technology. In this paper, solutions to some important practical issues such as incapacitated patients, encryption key forgetting/missing, and efficient interaction of doctors with EHRs sharing scheme are also seriously discussed.

Sheng Cao,Jing Wang,Xiaojiang Du,Xiaosong Zhang,Xiaolin Qin

DOI: https://doi.org/10.1109/icc40277.2020.9149326

2020-01-01

Abstract:The Electronic Health Record (EHR) has been widely used in cloud-based medical data platforms. Since the owner of the EHR is a patient and the manager is a doctor (or hospital), this separation of ownership of privacy data leads to privacy leakages of the EHR stored in the cloud environment. The tamper-proof and traceable features of the blockchain make it a promising way to solve EHR privacy protection issues. Nevertheless, the latest research findings on blockchain-based schemes for EHR privacy preservation are focused on single blockchain that corresponds to a designated medical institution, which are not compatible with the privacy anti-leakage demands since private data is transferred through multiple blockchains. In this regard, we put forward relay-chain as a service (RaaS), and propose a cross-blockchain based EHR Privacy-preserving scheme (CEPS), which uses relay-chain to achieve secure access to EHR data when patients visit different hospitals. Furthermore, our scheme ensures that patients can delete the link of EHR freely and effectively. Security analysis and performance evaluations are performed, which prove that CEPS is highly secure and efficient impressively.

Song Luo,N. Han,Tan Hu,YuHua Qian

DOI: https://doi.org/10.1155/2024/5569121

IF: 1.938

2024-02-03

International Journal of Distributed Sensor Networks

Abstract:As network technology advances and more people use devices, data storage has become a significant challenge due to the explosive growth of information and the threat of data leaks. In traditional medical institutions, most medical data is stored centrally through cloud computing technology in the institution’s data center. This centralized storage method has many security risks, and once the central server is attacked, it will lead to the loss of medical data, which will lead to the leakage of patients’ private data. At the same time, electronic medical records are the most critical data in the current medical field. In the traditional centralized healthcare service system (HSS), there are data leakage problems and tampering with electronic medical records due to human factors. At the same time, each hospital is built independently, resulting in the current centralized healthcare service system having a data silo problem, making it difficult to share medical data between institutions securely. With the increase in the number of users in the system, the electronic medical record data in the system also increases gradually, resulting in the increasing overhead of decryption calculation. Therefore, this paper proposes a blockchain-based access control scheme with multiparty authorization to ensure the security of electronic medical records. The scheme uses an SM encryption algorithm to encrypt the medical data in the system. It adds the patient’s signature to ensure the confidentiality and security of the data, and the encrypted electronic medical records (EMRs) are stored in the InterPlanetary File System (IPFS) to realize the distributed storage of EMR. In addition, role-based multiauthorization access control is implemented through smart contract-based to ensure the security of EMR. We have analyzed the security of this paper’s solution and compared its performance with the existing schemes based on other cryptographic algorithms. The experimental results show that the proposed solution significantly improves the secure sharing of EMR and provides system performance.

computer science, information systems,telecommunications

Shekha Chenthara,Khandakar Ahmed,Hua Wang,Frank Whittaker,Zhenxiang Chen

DOI: https://doi.org/10.1371/journal.pone.0243043

IF: 3.7

2020-12-09

PLoS ONE

Abstract:The privacy of Electronic Health Records (EHRs) is facing a major hurdle with outsourcing private health data in the cloud as there exists danger of leaking health information to unauthorized parties. In fact, EHRs are stored on centralized databases that increases the security risk footprint and requires trust in a single authority which cannot effectively protect data from internal attacks. This research focuses on ensuring the patient privacy and data security while sharing the sensitive data across same or different organisations as well as healthcare providers in a distributed environment. This research develops a privacy-preserving framework viz Healthchain based on Blockchain technology that maintains security, privacy, scalability and integrity of the e-health data. The Blockchain is built on Hyperledger fabric, a permissioned distributed ledger solutions by using Hyperledger composer and stores EHRs by utilizing InterPlanetary File System (IPFS) to build this healthchain framework. Moreover, the data stored in the IPFS is encrypted by using a unique cryptographic public key encryption algorithm to create a robust blockchain solution for electronic health data. The objective of the research is to provide a foundation for developing security solutions against cyber-attacks by exploiting the inherent features of the blockchain, and thus contribute to the robustness of healthcare information sharing environments. Through the results, the proposed model shows that the healthcare records are not traceable to unauthorized access as the model stores only the encrypted hash of the records that proves effectiveness in terms of data security, enhanced data privacy, improved data scalability, interoperability and data integrity while sharing and accessing medical records among stakeholders across the healthchain network.

multidisciplinary sciences

Xiaoguang Liu,Ziqing Wang,Chunhua Jin,Fagen Li,Gaoping Li

DOI: https://doi.org/10.1109/access.2019.2937685

IF: 3.9

2019-01-01

IEEE Access

Abstract:Electronic health record (EHR) has recorded the process of occurrence, development, and treatment of diseases. So it has high medical value. Owing to the private and sensitive nature of medical data for patients, the data sharing and privacy preservation are critical issues in EHR. Blockchain technology may be a promising solution for the problems above since it holds the features of decentralization and tamper resistance. In the paper, we propose a medical data sharing and protection scheme based on the hospital’s private blockchain to improve the electronic health system of the hospital. Firstly, the scheme can satisfy various security properties such as decentralization, openness, and tamper resistance. A reliable mechanism is created for the doctors to store medical data or access the historical data of patients while meeting privacy preservation. Furthermore, a symptoms-matching mechanism is given between patients. It allows patients who get the same symptoms to conduct mutual authentication and create a session key for their future communication about the illness. The proposed scheme is implemented by using PBC and OpenSSL libraries. Finally, the security and performance evaluation of the proposed scheme is given.

Hui Wang,Yong Xie,Yining Liu,Xiong Li,Phuntsog Dorje

DOI: https://doi.org/10.1109/jiot.2023.3309322

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Electronic Health Records (EHRs) based on the Internet of Things (IoT) can provide real-time health data for quick intelligent medical services and give convenience to many data-sharing scenarios. However, EHRs also face various security threats since they are highly private. To the best of our knowledge, no recognized data-sharing work can satisfy the stringent privacy requirements of EHRs. Motivated by this, we propose a blockchain-based personalized access control EHR sharing scheme with data verifiability, which can safeguard the interests of data owners and users simultaneously. Firstly, we take ciphertext-policy attribute-based encryption to achieve personalized access control for data owners. Secondly, we design an interactive zero-knowledge proof protocol between data owners and users, which can provide authenticity verification of EHR for users and prevent EHR away from forgery. In addition, smart contracts and the interplanetary file system are used to reduce the computation and storage costs of patients. Finally, the security analysis shows that the proposed scheme meets the pre-defined security goals. The performance analysis demonstrates that the proposed scheme is efficient, and can be applied to practical electronic medical record sharing scenarios.

Jiahao Chen,Xinchun Yin,Jianting Ning

DOI: https://doi.org/10.1002/ett.4510

IF: 3.6

2022-04-10

Transactions on Emerging Telecommunications Technologies

Abstract:This paper proposes a fine‐grained and secure health data sharing system based on blockchain. Trusted consensus nodes publish public parameter and retain master secret key, also generate attribute‐based encryption key and proxy key for data requesters. The doctor generates an electronic health record (EHR) for the patient and signs it with his private key which can ensure non‐repudiation. Patient can encrypt his EHR and upload it to the IPFS. Patient can also set the smart contract. If a data requester wants to acquire EHR, he must pass the authentication of the smart contract, the patient can generate a re‐encryption key for him. Blockchain is used to store the index of EHR and the hash value of EHR to achieve tamper resistance.Electronic health record (EHR) allows patients to use an open channel (ie, Internet) to control, share and manage their health records among family members, healthcare providers and other third party data users. Thus, in such an environment, privacy, confidentiality, and data consistency are the major challenges. Although cloud‐based EHR addresses the aforementioned discussions, these are prone to various malicious attacks, trust management and non‐repudiation among servers. Recently, due to the property of immutability, blockchain technology has been introduced to be as an auspicious solution for achieving EHR sharing with privacy and security preservation. Motivated by the above debates, we present BFHS, a blockchain‐based fine‐grained secure EHR sharing mechanism. On BFHS, we encrypt the EHR using ciphertext‐policy attribute‐based encryption (CP‐ABE) and upload it to the interplanetary file system (IPFS) for storage, while the matching index is encrypted via proxy re‐encryption and kept in a medical consortium blockchain. In addition, we created a credit assessment mechanism and incorporated it into the smart contract. Smart contracts, proxy re‐encryption, a credit evaluation mechanism, and IPFS all work together to give patients with a trustworthy EHR sharing environment and a dynamic access control interface. The thorough comparison and experimental analysis show that the proposed BFHS has more comprehensive security features and is more practicable.

telecommunications

Sheng Cao,Gexiang Zhang,Pengfei Liu,Xiaosong Zhang,Ferrante Neri

DOI: https://doi.org/10.1016/j.ins.2019.02.038

IF: 8.1

2019-01-01

Information Sciences

Abstract:The wide deployment of cloud-assisted electronic health (eHealth) systems has already shown great benefits in managing electronic health records (EHRs) for both medical institutions and patients. However, it also causes critical security concerns. Since once a medical institution generates and outsources the patients’ EHRs to cloud servers, patients would not physically own their EHRs but the medical institution can access the EHRs as needed for diagnosing, it makes the EHRs integrity protection a formidable task, especially in the case that a medical malpractice occurs, where the medical institution may collude with the cloud server to tamper with the outsourced EHRs to hide the medical malpractice. Traditional cryptographic primitives for the purpose of data integrity protection cannot be directly adopted because they cannot ensure the security in the case of collusion between the cloud server and medical institution.

Jin Sun,Lili Ren,Shangping Wang,Xiaomin Yao

DOI: https://doi.org/10.1371/journal.pone.0239946

IF: 3.7

2020-10-06

PLoS ONE

Abstract:In the medical system, the verification, preservation and synchronization of electronic medical records has always been a difficult problem, and the random dissemination of patient records will bring various risks to patient privacy. Therefore, how to achieve secure data sharing on the basis of ensuring users' personal privacy becomes the key. In recent years, blockchain has been proposed to be a promising solution to achieve data sharing with security and privacy preservation due to its advantages of immutability. So, a distributed electronic medical records searchable scheme was proposed by leveraging blockchain and smart contract technology. Firstly, we perform a hash calculation on the electronic medical data and store the corresponding value on the blockchain to ensure its integrity and authenticity. Then, we encrypt the electronic medical data and store it in the interplanetary file system which is a distributed storage protocol. These operations not only can solve centralized data store of servers of several medical institutions, but also be good at lowering stress from data store and high-frequency access to blockchain. Secondly, the encrypted keyword index information of electronic medical records was stored on the Ethereum blockchain, meanwhile a smart contract deployed in the Ethereum blockchain is used to realize keyword search instead of depending on a centralized third party. Furthermore, we use attribute-based encryption scheme to ensure that only the attributes meeting the access policy can decrypt the encrypted electronic medical records. Finally, our performance analysis and security analysis show that the scheme is secure and efficient.

Yujie Hong,Liang Yang,Wei Liang,Anke Xie

DOI: https://doi.org/10.1109/tce.2023.3346459

2024-01-01

IEEE Transactions on Consumer Electronics

Abstract:The popularization of electronic health records (EHRs) effectively improves the efficiency of diagnosis and treatment of diseases, however, it also lays a hidden danger for the leakage of patients’ privacy, so it needs a stricter and more flexible access control mechanism. In addition, the medical ministry (MM) usually investigates illegal medical activities after they have already taken place and caused harm, resulting in a serious lag in regulation. To solve these problems, we propose a blockchain-based system that enables patient-leading fine-grained access control against EHRs. In contrast to the currently existing systems, this scheme uses blank EHRs as the medium, combining attribute-based encryption and blockchain to enable MM to engage in the regulation of medical activities before they taking place. In order to reduce the storage cost of the whole system, we apply the chameleon hash function to the process of calculating file storage addresses in the inter-planetary file system. Moreover, the introduction of single sign-on can improve the security and efficiency of patients’ vital signs transmission in telemedicine scenario, and the introduction of proxy re-encryption can improve the efficiency of authorization of EHRs. Theoretical analysis and experiments show that the scheme satisfies both the security and feasibility requirements.

Zhen Pang,Yuan Yao,Qiuyan Li,Xiaoqin Zhang,Jing Zhang

DOI: https://doi.org/10.1109/ACCESS.2022.3186682

IF: 3.9

2022-01-01

IEEE Access

Abstract:With the popularity of IoT devices and cloud technology in the medical industry. Sharing EHRs (Electronic Health Records) among medical institutions improves the accuracy of medical diagnosis and promotes the development of public medical. However, it is difficult to share EHRs among hospitals, and patients typically don't know about the usage of their health records. In this paper, we propose a patient-controlled EHRs sharing scheme based on cloud computing collaborating blockchain technology. The medical abstract and the access strategy are stored in the blockchain to avoid being tampered with. To achieve the fine-grained access control, we propose the attribute-based encryption scheme and multi-keyword encryption scheme to encrypt EHRs. Moreover, we proposed a node-state-checkable Practical Byzantine Fault Tolerance consensus algorithm (sc-PBFT) to prevent the Byzantine nodes from sneaking into the consortium blockchain. First, we check the state of the elected master node to avoid the master node having any malicious records. Then, using pre-prepared, prepare, and commit processes to complete the consensus request submitted by the client. At last, the proposed consensus algorithm evaluates the state of the master node according to the completion of the three-stage process to reduce the impact of the malicious node on the whole consortium blockchain. By doing this, the malicious node will be marked and isolated into the isolation area. The experimental results show that the proposed sc-PBFT algorithm has better handling capability and lower consensus latency. Compared with the PBFT algorithm in the case of Byzantine nodes, sc-PBFT not only improves the robustness of the consortium blockchain network but also improves the handling capability.

Shengmin Xu,Jianting Ning,Xiaoguo Li,Jiaming Yuan,Xinyi Huang,Robert H. Deng

DOI: https://doi.org/10.1109/tsc.2024.3356595

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Blockchain as an open and immutable ledger is being posited as the next frontier in healthcare that will help solve the industry's interoperability challenges. However, immutability in processing personal data is no longer legal since the General Data Protection Regulation (GDPR) requires the “right to be forgotten” as a critical data subject right. To observe such data regulation, it is desirable to build a healthcare blockchain with data redaction in a controlled way. Moreover, electronic health records (EHRs) usually are sensitive and the conventional blockchain lacks systematic and formal security analysis of data confidentiality, especially in the multi-user setting. Furthermore, EHRs are typically helpful in medical research for predicting epidemic diseases and valuable in insurance agencies making business plans. Hence, in healthcare blockchain systems, data confidentiality and flexible key distribution have become the most challenging issues that should be urgently resolved. In this article, we propose a privacy-preserving and redactable healthcare blockchain system (PRHBS). Our solution offers fine-grained block-level data reduction and secure data sharing with flexible key distribution mechanisms. We give the formal definition and security models of PRHBS, and propose a generic construction based on trapdoor-based chameleon-hash function, attribute-based encryption, and puncturable encryption. We present formal security analysis and give an instantiation based on our proposed generic construction. The comprehensive comparison and experimental simulation demonstrate that our implementation exhibits comparable performance, while surpassing the most relevant solutions in terms of functionality.

computer science, information systems, software engineering

Aisha Banu,Sharon Priya S,Poojitha K,Kiruthiga R,Ruby Annette,Subash Chandran

DOI: https://doi.org/10.48550/arXiv.2306.17084

2023-06-26

Abstract:Electronic Health Records (EHRs) have undergone numerous technical improvements in recent years, including the incorporation of mobile devices with the cloud computing technologies to facilitate medical data exchanges between patients and the healthcare professionals. This cutting-edge architecture enables cyber physical systems housed in the cloud to provide healthcare services with minimal operational costs, high flexibility, security, and EHR accessibility. If patient health information is stored in the hospital database, there will always be a risk of intrusion, i.e., unauthorized file access and information modification by attackers. To address this concern, we propose a decentralized EHR system based on Blockchain technology. To facilitate secure EHR exchange across various patients and medical providers, we develop a reliable access control method based on smart contracts. We incorporate Cryptocurrency, specifically Ethereum, in the suggested system to protect sensitive health information from potential attackers. In our suggested approach, both physicians and patients are required to be authenticated. Patients can register, and a block with a unique hash value will be generated. Once the patient discusses the disease with the physician, the physician can check the patient's condition and offer drugs. For experimental findings, we employ the public Block chain Ganache and solidity remix-based smart contracts to protect privacy. Ethers are used as the crypto currencies.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Chaoyang Li,Mianxiong Dong,Jian Li,Gang Xu,Xiubo Chen,Kaoru Ota

DOI: https://doi.org/10.1109/jiot.2020.3038721

IF: 10.6

2021-05-01

IEEE Internet of Things Journal

Abstract:Electronic medical records (EMRs) are the most critical data in human health management. As in traditional centralized healthcare service systems (HSSs), user privacy security, EMRs data leakage, tampering, and island are some significant problems. However, blockchain is a promising technology to protect the privacy and realize cross-institutional data sharing for solving these problems. In this article, a novel peer-to-peer EMRs data management and trading system called healthchain has been proposed based on consortium blockchain technology. Through this distributed system, the patient can access their EMRs in different institutions freely, and the EMRs can be traded among different users conveniently. Then, to balance EMRs data supply and demand, we establish a Stackelberg pricing model to evaluate EMRs data providers and consumers' interactions. The optimal unit price and data amounts can be found by applying the backward induction method, and the maximizing benefits of the participants can be obtained by achieving the Nash equilibrium in the proposed game. Moreover, security analysis shows the healthchain can provide secure EMRs management and trading, and the simulation results show that the proposed pricing model can help the healthchain achieve social welfare maximization.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xinyin Xiang,Jin Cao,Weiguo Fan

DOI: https://doi.org/10.1016/j.jnca.2022.103512

IF: 7.574

2022-01-01

Journal of Network and Computer Applications

Abstract:The Internet of things technology has accelerated the development of e-health solutions and allows patients to obtain a more satisfying medical service experience. Each electronic health system(EHS) usually allows its subsystems to manage and access patient data to achieve its unique objective. Due to the limited computing power and storage capacity of the terminal, it is difficult to protect large amounts of patients’ medical record data in EHS. Medical data are a meaningful medical history resource, and are very important for the treatment and rehabilitation of patients. The privacy and integrity protection of medical data is a on-negotiable requirement for rational application in traditional medical systems. To achieve secure resource sharing and efficient service provision between users and medical service providers, we present a blockchain-based decentralized authentication and access control protocol for EHS that addresses broader medical data privacy and security needs. A practical Byzantine fault-tolerant(PBFT) negotiation mechanism based on multi-weighted subjective logic is adopted to improve the negotiation process. Finally, using BAN logic, we prove the reliability of the systems-security protections, which demonstrates that our proposal can withstand known security attacks.

Peng Li,Dehua Zhou,Haobin Ma,Junzuo Lai

DOI: https://doi.org/10.1016/j.sysarc.2023.103033

IF: 5.836

2023-11-27

Journal of Systems Architecture

Abstract:With the rapid development of the healthcare industry, many Electronic Health Records (EHRs) have emerged in different healthcare centers. However, lots of personal medical data are stored directly in plaintext at a single healthcare center, which makes it suffer from the single point of failure and brings many security and privacy issues such as privacy information leakage or tampering. The combination of blockchain and attributed-based cryptography can effectively solve the above problems. Therefore, in order to enable flexible fine-grained access control and efficient data retrieval while achieving privacy protection, we employ the ciphertext-policy attributed-based encryption (CP-ABE) and ciphertext-policy attribute-based searchable encryption (CP-ABSE) to propose a hidden policy attribute-based access control scheme. In addition, we combine consortium blockchain and smart contract to provide secure and reliable search and outsourcing decryption. Finally, through the security analysis and experimental results, we demonstrate that our scheme is secure and efficient.

computer science, software engineering, hardware & architecture

Hassan Mansur Hussien,Sharifah Md Yasin,Nur Izura Udzir,Mohd Izuan Hafez Ninggal

DOI: https://doi.org/10.3390/s21072462

2021-04-02

Abstract:Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

Xiaodong Yang,Ting Li,Rui Liu,Meiding Wang

DOI: https://doi.org/10.1109/icmcce48743.2019.00188

2019-01-01

Abstract:Electronic Health Record (EHR) not only contains great value, but also implies a large amount of personal privacy. Aiming at the security problems such as data forgery and tampering in EHR data sharing process, this paper proposes a blockchain-based EHR data searchable scheme to realize the calculation and application of EHR data in the decentralized network environment. This paper stores the EHR data ciphertext on the cloud, and stores the keyword index of the EHR data on the blockchain. The data visitor's search result on the blockchain is only the blind value of the data identifier, and is generated after blinding. The token for downloading ciphertext data in the cloud not only improves storage efficiency of the system, but also ensures the integrity, immutability and traceability of the EHR data index. Based on the attribute encryption mechanism, the fine-grained access control of cloud data is realized, and the attribute signature technology is used to verify the authenticity of the EHR data source. Finally, experiments show that the encryption and search time of this scheme is constant, regardless of the number of attributes.

Jingwei Liu,Xiaolu Li,Lin Ye,Hongli Zhang,Xiaojiang Du,Mohsen Guizani

DOI: https://doi.org/10.1109/GLOCOM.2018.8647713

2018-01-01

Abstract:Electronic medical record (EMR) is a crucial form of healthcare data, currently drawing a lot of attention. Sharing health data is considered to be a critical approach to improve the quality of healthcare service and reduce medical costs. However, EMRs are fragmented across decentralized hospitals, which hinders data sharing and puts patients' privacy at risks. To address these issues, we propose a blockchain based privacypreserving data sharing for EMRs, called BPDS. In BPDS, the original EMRs are stored securely in the cloud and the indexes are reserved in a tamper-proof consortium blockchain. By this means, the risk of the medical data leakage could be greatly reduced, and at the same time, the indexes in blockchain ensure that the EMRs can not be modified arbitrarily. Secure data sharing can be accomplished automatically according to the predefined access permissions of patients through the smart contracts of blockchain. Besides, the joint-design of the CPABE-based access control mechanism and the content extraction signature scheme provides strong privacy preservation in data sharing. Security analysis shows that BPDS is a secure and effective way to realize data sharing for EMRs.