S. Vidhya,V. Kalaivani

DOI: https://doi.org/10.1007/s12083-023-01449-1

IF: 3.488

2023-02-01

Peer-to-Peer Networking and Applications

Abstract:With the rapid progress of network information technologies, security in medical data transmission has emerged as a popular research topic. Electronic Health Data (EHR) is vulnerable to security breaches, tampering, manipulation, and data leakage. The blockchain's data integrity, decentralization, and anonymity opened up new possibilities for addressing the aforementioned issues. Therefore, this paper presents a Blockchain-based Access Control Scheme (BACS) with Multiple Party Authority (MPA), smart contract, and proxy re encryption to secure the EHR. The proposed scheme consists of six phases: the registration phase, appointment phase, data aggregation stage, storage phase, query phase, and validation phase. The medical data is encrypted by using a Lightweight Fused Cryptographic (LFC) algorithm with the signature of the patient and doctor to ensure confidentiality and integrity. The encrypted EHR is then stored on Interplanetary File Systems (IPFS), which is a decentralised file storage platform. Moreover, the developed smart contract verifies the authenticity of the users, provides a reputation score for the oracle, and creates a time seal. This enhances the security of the system from external attacks as well as internal attacks. A security analysis is conducted for the proposed method, and the performance is compared with the existing techniques based on encryption time, decryption time, and computation cost.

computer science, information systems,telecommunications

Velmurugan S.,Prakash M.,Neelakandan S.,Eric Ofori Martinson

DOI: https://doi.org/10.1155/2024/6995202

IF: 8.993

2024-03-22

International Journal of Intelligent Systems

Abstract:Electronic Health Record (EHR) systems are a valuable and effective tool for exchanging medical information about patients between hospitals and other significant healthcare sector stakeholders in order to improve patient diagnosis and treatment around the world. Nevertheless, the majority of the hospital infrastructures that are now in place lack the proper security, trusted access control, and management of privacy and confidentiality concerns that the current EHR systems are supposed to provide. Goal. For various EHR systems, this research proposes a Blockchain-enabled Hyperledger Fabric Architecture as a solution to this delicate issue. The three steps of the suggested system are the secure upload phase, the secure download phase, and authentication. Patient registration, login, and verification make up the authentication step. The administrator grants authorization to read, edit, delete, or revoke the files following user details verification. In the secure upload phase, feature extraction is carried out first, and then a hashed access policy is created from the extracted feature. Next, the hash value is stored in an IoT-based Hyperledger blockchain. The uploaded EHR files are additionally encrypted before being stored on the cloud server. In the secure download step, the physician uses a hashed access policy to send the request to the cloud and decrypts the corresponding files. The experimental findings demonstrate that the system outperformed cutting-edge techniques. The proposed Modified Key Policy Attribute-Based Encryption performs better for the remaining 10 to 25 mb file sizes. This IoT framework compares MKP-ABE with certain efficiency indicators, such as encryption, decryption period, protection level analysis and encrypted memory use, resource use on decryption, upload time, and transfer time, which are present in the KP-ABE, the ECC, RSA, and AES. Here, the IoT device suggested requires 4008 ms for data encryption and 4138 ms for the data decryption.

computer science, artificial intelligence

Aisha Banu,Sharon Priya S,Poojitha K,Kiruthiga R,Ruby Annette,Subash Chandran

DOI: https://doi.org/10.48550/arXiv.2306.17084

2023-06-26

Abstract:Electronic Health Records (EHRs) have undergone numerous technical improvements in recent years, including the incorporation of mobile devices with the cloud computing technologies to facilitate medical data exchanges between patients and the healthcare professionals. This cutting-edge architecture enables cyber physical systems housed in the cloud to provide healthcare services with minimal operational costs, high flexibility, security, and EHR accessibility. If patient health information is stored in the hospital database, there will always be a risk of intrusion, i.e., unauthorized file access and information modification by attackers. To address this concern, we propose a decentralized EHR system based on Blockchain technology. To facilitate secure EHR exchange across various patients and medical providers, we develop a reliable access control method based on smart contracts. We incorporate Cryptocurrency, specifically Ethereum, in the suggested system to protect sensitive health information from potential attackers. In our suggested approach, both physicians and patients are required to be authenticated. Patients can register, and a block with a unique hash value will be generated. Once the patient discusses the disease with the physician, the physician can check the patient's condition and offer drugs. For experimental findings, we employ the public Block chain Ganache and solidity remix-based smart contracts to protect privacy. Ethers are used as the crypto currencies.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Ibrahim Abunadi,Ramasamy Lakshmana Kumar,Ramasamy Kumar

DOI: https://doi.org/10.3390/s21082865

IF: 3.9

2021-04-19

Sensors

Abstract:In the current epoch of smart homes and cities, personal data such as patients’ names, diseases and addresses are often violated. This is frequently associated with the safety of the electronic health records (EHRs) of patients. EHRs have numerous benefits worldwide, but at present, EHR information is subject to considerable security and privacy issues. This paper proposes a way to provide a secure solution to these issues. Previous sophisticated techniques dealing with the protection of EHRs usually make data inaccessible to patients. These techniques struggle to balance data confidentiality, patient demand and constant interaction with provider data. Blockchain technology solves the above problems since it distributes information in a transactional and decentralized manner. The usage of blockchain technology could help the health sector to balance the accessibility and privacy of EHRs. This paper proposes a blockchain security framework (BSF) to effectively and securely store and keep EHRs. It presents a safe and proficient means of acquiring medical information for doctors, patients and insurance agents while protecting the patient’s data. This work aims to examine how our proposed framework meets the security needs of doctors, patients and third parties and how the structure addresses safety and confidentiality concerns in the healthcare sector. Simulation outcomes show that this framework efficiently protects EHR data.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Divya Rani,Sachin Tripathi,Ashish Tomar

DOI: https://doi.org/10.1007/s10586-024-04358-x

2024-04-05

Cluster Computing

Abstract:Nowadays, research efforts are strongly directed toward integrating Blockchain into Smart Healthcare Systems to achieve distribution, transparency, and immutability within the system. The IoT-based Healthcare System incorporates numerous Smart Devices to gather extensive data. The Hospital Authority collects this vital information for diverse analyses via an intermediary data collector. The healthcare data is very crucial and requires secure data transmission from Smart Devices to the Hospital Authority to prevent unauthorized access. The traditional authentication scheme faces challenges such as a single point failure, heavy reliance on the Trusted Third Party, and the absence of channel communication. This can increase the computational load and system latency. The proposed solution introduces the Blockchain-based Shareable Authentication Scheme (BSAS) for Smart Healthcare. The BSAS scheme leverages a Consortium Blockchain which is implemented by using Hyperledger Fabric that supports channel communication among different hospital departments. This eliminates the burden of repetitive registration across all departments and reduces computational overhead. Moreover, a mutual authentication and key agreement scheme employing lightweight operations ensures the secure transmission of data from smart devices to the hospital authorities. The formal analysis using the ROR model and informal analysis confirm the security of the BSAS scheme. Additionally, formal simulations with the Scyther tool reveal no attacks within the bounds. The evaluation of performance using Hyperledger Caliper indicates a consistent and maximum throughput of 100 transactions per second for read operations or an increasing trend for certain operations with a rise in transaction count. The latency remains consistently minimal for read operations and is below 6.5 s for other operations. This comprehensive analysis underscores that the scheme is resilient to various attacks, has computational efficiency, and additional security enhancements, including data immutability, confidential communication through channels, and a distributed system.

computer science, information systems, theory & methods

J S Simi Mole,R S Shaji

DOI: https://doi.org/10.3389/fmed.2024.1434474

2024-09-25

Abstract:Electronic health records (EHRs) are increasingly replacing traditional paper-based medical records due to their speed, security, and ability to eliminate redundant data. However, challenges such as EHR interoperability and privacy concerns remain unresolved. Blockchain, a distributed ledger technology comprising connected, encrypted data blocks, presents a promising solution. This study explores how blockchain technology can revolutionize hospital EHR management. Our proposed solution securely transfers medical records between patients and doctors using the InterPlanetary File System (IPFS) and the Ethereum platform. Utilizing smart contracts automates data transfers, ensuring patient anonymity and reducing computational complexity while securely storing patient data on the network. Patient records are stored locally on the Ganache server, with the front end managed using HTML, CSS, ReactJS, and JavaScript, and the backend developed in Solidity. Blockchain technologies combined with Role- Based access control instead of attribute -based access control. The system's throughput increases linearly with the number of users and requests, enhancing the framework's efficiency and scalability. The minimum recorded latency is 14 ms.

Ali Shahzad,Wenyu Chen,Momina Shaheen,Yin Zhang,Faizan Ahmad

DOI: https://doi.org/10.1371/journal.pone.0307039

IF: 3.7

2024-09-23

PLoS ONE

Abstract:In modern healthcare, providers increasingly use cloud services to store and share electronic medical records. However, traditional cloud hosting, which depends on intermediaries, poses risks to privacy and security, including inadequate control over access, data auditing, and tracking data origins. Additionally, current schemes face significant limitations such as scalability concerns, high computational overhead, practical implementation challenges, and issues with interoperability and data standardization. Unauthorized data access by cloud providers further exacerbates these concerns. Blockchain technology, known for its secure and decentralized nature, offers a solution by enabling secure data auditing in sharing systems. This research integrates blockchain into healthcare for efficient record management. We proposed a blockchain-based method for secure EHR management and integrated Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for fine-grained access control. The proposed algorithm combines blockchain and smart contracts with a cloud-based healthcare Service Management System (SMS) to ensure secure and accessible EHRs. Smart contracts automate key management, encryption, and decryption processes, enhancing data security and integrity. The blockchain ledger authenticates data transactions, while the cloud provides scalability. The SMS manages access requests, enhancing resource allocation and response times. A dual authentication system confirms patient keys before granting data access, with failed attempts leading to access revocation and incident logging. Our analyses show that this algorithm significantly improves the security and efficiency of health data exchanges. By combining blockchain's decentralized structure with the cloud's scalability, this approach significantly improves EHR security protocols in modern healthcare setting.

Chandini, A. G.

DOI: https://doi.org/10.1007/s12652-023-04526-8

IF: 3.662

2023-02-26

Journal of Ambient Intelligence and Humanized Computing

Abstract:The last few years have witnessed exponential rise in online digital data for real-time communication, storage, and query-driven processing. It has broadened the horizon for decentralized and ad-hoc digital data used for swift decision making. Nowadays, Electronic healthcare (e-Healthcare) is one of the most demanding industries for telemedicine and Electronic Healthcare Record (EHR) communication purposes. However, ensuring data-security over uncertain channels has remained challenge. To alleviate data-security challenges and enable preserved and immutable data exchange, blockchain technology has been found potential. Despite such significances, most of the existing EHR -oriented blockchain frameworks are developed permissionless with hospital as central unit with almost all access rights. This as a result has demotivated patients due to private data breaches and fake-insurance claims. Considering this limitation developing a patient-centric secure blockchain framework was inevitable. Recently, securing EHR data is a hot research topic and the existing works used varied schemes to enhance the security and privacy of EHR with minimum cost. But the existing studies faces several critical issues like computational complexity, higher processing time, data leakage, sensitive to different attacks, scalability problem etc. The aforementioned issues in the existing studies leads the system as reduced confidentiality and data insecurity. Thus, to overcome such issues, this paper proposes a highly robust pre-transaction signature verification assisted patient-centric multi-stakeholder blockchain model. The proposed blockchain framework focused on multi-stakeholder scalability as well as interoperability aspects while guaranteeing attack-resilience. It was designed over Ethereum armored with blockchain manager (BCM) and smart contract components, where cloud-based interplanetary file system was developed to support decentralized data-storage. It employed a gateway component to perform user's signature verification to thwart away intruders. Once verifying the signature, BCM triggers user's request to the smart contract that verifies user details and allied role, right and access (RRA) policies. In sync with RRA policies for the requesting node, BCM allows user (patients and doctors) to perform data upload, view and sharing. To share the patient data, the proposed method triggers a signature request phase in which the doctor requests intended patient for signature and receiving the signature-acknowledgement it performs unabstracted data view and sharing and alleviates any probability of single-point-failure. The proposed blockchain framework provides a unified solution with improved flexibility, availability, decentralized access, identity management, user authentication, patient centric permissioned control and data security that makes it suitable for real-time purposes.

computer science, information systems,telecommunications, artificial intelligence

Hassan Mansur Hussien,Sharifah Md Yasin,Nur Izura Udzir,Mohd Izuan Hafez Ninggal

DOI: https://doi.org/10.3390/s21072462

2021-04-02

Abstract:Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

Anu Raj,Shiva Prakash

DOI: https://doi.org/10.1007/s11277-024-11312-y

IF: 2.017

2024-06-26

Wireless Personal Communications

Abstract:Nowadays, the adoption of the Internet of Things (IoT) framework in various healthcare industries has increased rapidly in recent years. The IoT devices generate vast amounts of sensitive data, such as personal health information. It is mandatory to protect medical records from unauthorized access and use. However, the finite resources nature of these devices can make it hard to implement robust security measures, such as encryption and authentication. A blockchain is a propitious approach for the secure management of medical records in an immutable way. This problem can be resolved with ciphertext-policy attribute-based encryption (CP-ABE), which permits granular access control in IoT. The local gateways that are directly interfaced with the Ethereum blockchain-based smart contract platform are utilized to create and implement a distributed and dependable user authentication and an access control mechanism for IoMT. In this paper, a DBC-based CP-ABE approach offers a secure and decentralized solution for secure communication and data protection and provides a more secure and trustworthy system. The system works on the concept of an Elliptical Curve Cryptography-based CP-ABE method to reduce complexity and provide data security in remote patient monitoring. On the other hand, blockchain-based smart contracts offer a dynamic, optimal, and self-adjusted access control in smart healthcare systems. It lowers the overhead of conducting resource-intensive authentication procedures and blockchain communications at IoT devices. The result provides the efficiency of the proposed work in computation as well as processing time and its resistance to various security intrusions over existing schemes.

telecommunications

Hui Wang,Yong Xie,Yining Liu,Xiong Li,Phuntsog Dorje

DOI: https://doi.org/10.1109/jiot.2023.3309322

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Electronic Health Records (EHRs) based on the Internet of Things (IoT) can provide real-time health data for quick intelligent medical services and give convenience to many data-sharing scenarios. However, EHRs also face various security threats since they are highly private. To the best of our knowledge, no recognized data-sharing work can satisfy the stringent privacy requirements of EHRs. Motivated by this, we propose a blockchain-based personalized access control EHR sharing scheme with data verifiability, which can safeguard the interests of data owners and users simultaneously. Firstly, we take ciphertext-policy attribute-based encryption to achieve personalized access control for data owners. Secondly, we design an interactive zero-knowledge proof protocol between data owners and users, which can provide authenticity verification of EHR for users and prevent EHR away from forgery. In addition, smart contracts and the interplanetary file system are used to reduce the computation and storage costs of patients. Finally, the security analysis shows that the proposed scheme meets the pre-defined security goals. The performance analysis demonstrates that the proposed scheme is efficient, and can be applied to practical electronic medical record sharing scenarios.

Hao Guo,Wanxin Li,Mark Nejad,Chien-Chung Shen

DOI: https://doi.org/10.1109/TNSM.2022.3186006

2023-05-31

Abstract:This paper presents a hybrid blockchain-edge architecture for managing Electronic Health Records (EHRs) with attribute-based cryptographic mechanisms. The architecture introduces a novel attribute-based signature aggregation (ABSA) scheme and multi-authority attribute-based encryption (MA-ABE) integrated with Paillier homomorphic encryption (HE) to protect patients' anonymity and safeguard their EHRs. All the EHR activities and access control events are recorded permanently as blockchain transactions. We develop the ABSA module on Hyperledger Ursa cryptography library, MA-ABE module on OpenABE toolset, and blockchain network on Hyperledger Fabric. We measure the execution time of ABSA's signing and verification functions, MA-ABE with different access policies and homomorphic encryption schemes, and compare the results with other existing blockchain-based EHR systems. We validate the access activities and authentication events recorded in blockchain transactions and evaluate the transaction throughput and latency using Hyperledger Caliper. The results show that the performance meets real-world scenarios' requirements while safeguarding EHR and is robust against unauthorized retrievals.

Cryptography and Security

Jiahao Chen,Xinchun Yin,Jianting Ning

DOI: https://doi.org/10.1002/ett.4510

IF: 3.6

2022-04-10

Transactions on Emerging Telecommunications Technologies

Abstract:This paper proposes a fine‐grained and secure health data sharing system based on blockchain. Trusted consensus nodes publish public parameter and retain master secret key, also generate attribute‐based encryption key and proxy key for data requesters. The doctor generates an electronic health record (EHR) for the patient and signs it with his private key which can ensure non‐repudiation. Patient can encrypt his EHR and upload it to the IPFS. Patient can also set the smart contract. If a data requester wants to acquire EHR, he must pass the authentication of the smart contract, the patient can generate a re‐encryption key for him. Blockchain is used to store the index of EHR and the hash value of EHR to achieve tamper resistance.Electronic health record (EHR) allows patients to use an open channel (ie, Internet) to control, share and manage their health records among family members, healthcare providers and other third party data users. Thus, in such an environment, privacy, confidentiality, and data consistency are the major challenges. Although cloud‐based EHR addresses the aforementioned discussions, these are prone to various malicious attacks, trust management and non‐repudiation among servers. Recently, due to the property of immutability, blockchain technology has been introduced to be as an auspicious solution for achieving EHR sharing with privacy and security preservation. Motivated by the above debates, we present BFHS, a blockchain‐based fine‐grained secure EHR sharing mechanism. On BFHS, we encrypt the EHR using ciphertext‐policy attribute‐based encryption (CP‐ABE) and upload it to the interplanetary file system (IPFS) for storage, while the matching index is encrypted via proxy re‐encryption and kept in a medical consortium blockchain. In addition, we created a credit assessment mechanism and incorporated it into the smart contract. Smart contracts, proxy re‐encryption, a credit evaluation mechanism, and IPFS all work together to give patients with a trustworthy EHR sharing environment and a dynamic access control interface. The thorough comparison and experimental analysis show that the proposed BFHS has more comprehensive security features and is more practicable.

telecommunications

Amit Kumar Jakhar,Mrityunjay Singh,Rohit Sharma,Wattana Viriyasitavat,Gaurav Dhiman,Shubham Goel

DOI: https://doi.org/10.1007/s11042-024-18827-3

IF: 2.577

2024-03-20

Multimedia Tools and Applications

Abstract:Healthcare data is crucial and sensitive, as it contains absolute information about a patient's medical history, treatments, and actions; this information gets shared among the stakeholders on a routine basis. Patients' information is vital and should be kept accurate, up-to-date, and secret; it should be available only to authorized users. Most of the existing systems are centralized and may breach data privacy. This study mainly focuses on protecting the privacy and security of sensitive healthcare data while sharing with multiple stakeholders. This work presents a privacy-preserving and access-control blockchain-based framework that uses consensus-driven decentralized data management on top of peer-to-peer distributed computing platforms to ensure the privacy, security, accessibility, and integrity of healthcare data. Blockchain technology helps to protect transactions from manipulation due to its features of irreversibility and immutability. Additionally, we thoroughly examine the security requirements afforded by blockchain-enabled systems by incorporating stakeholders like patients, doctors, chemists, and pathology labs as system entities; they can only share information through a proper channel. The proposed framework has been implemented and evaluated using Hyperledger Fabric. We observe that the proposed framework reveals promising benefits in security, regulation compliance, reliability, flexibility, and accuracy.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Dara Tith,Joong-Sun Lee,Hiroyuki Suzuki,W M A B Wijesundara,Naoko Taira,Takashi Obi,Nagaaki Ohyama

DOI: https://doi.org/10.4258/hir.2020.26.1.3

Abstract:Objectives: Electronic Health Record (EHR) systems are increasingly used as an effective method to share patients' records among different hospitals. However, it is still a challenge to access scattered patient data through multiple EHRs. Our goal is to build a system to access patient records easily among EHRs without relying on a centralized supervisory system. Methods: We apply consortium blockchain to compose a distributed system using Hyperledger Fabric incorporating existent EHRs. Peer nodes hold the same ledger on which the address of a patient record in an EHR is written. Individual patients are identified by unique certificates issued by a local certificate authorities that collaborate with each other in a channel of the network. To protect a patient's privacy, we use a proxy re-encryption scheme when the data are transferred. We designed and implemented various chaincodes to handle business logic agreed by member organizations of the network. Results: We developed a prototype system to implement our concept and tested its performance including chaincode logic. The results demonstrated that our system can be used by doctors to find patient's records and verify patient's consent on access to the data. Patients also can seamlessly receive their past records from other hospitals. The access log is stored transparently and immutably in the ledger that is used for auditing purpose. Conclusions: Our system is feasible and flexible with scalability and availability in adapting to existing EHRs for strengthening security and privacy in managing patient records. Our research is expected to provide an effective method to integrate dispersed patient records among medical institutions.

Faheem Ullah,Jingsha He,Nafei Zhu,Ahsan Wajahat,Ahsan Nazir,Sirajuddin Qureshi,Muhammad Salman Pathan,Soumyabrata Dev

DOI: https://doi.org/10.1016/j.heliyon.2024.e34407

IF: 3.776

2024-08-10

Heliyon

Abstract:In the realm of modern healthcare, Electronic Health Records EHR serve as invaluable assets, yet they also pose significant security challenges. The absence of EHR access auditing mechanisms, which includes the EHR audit trails, results in accountability gaps and magnifies security vulnerabilities. This situation effectively paves the way for unauthorized data alterations to occur without detection or consequences. Inadequate EHR compliance auditing procedures, particularly in verifying and validating access control policies, expose healthcare organizations to risks such as data breaches, and unauthorized data usage. These vulnerabilities result from unchecked unauthorized access activities. Additionally, the absence of EHR audit logs complicates investigations, weakens proactive security measures, and raises concerns to put healthcare institutions at risk. This study addresses the pressing need for robust EHR auditing systems designed to scrutinize access to EHR data, encompassing who accesses it, when, and for what purpose. Our research delves into the complex field of EHR auditing, which includes establishing an immutable audit trail to enhance data security through blockchain technology. We also integrate Purpose-Based Access Control (PBAC) alongside smart contracts to strengthen compliance auditing by validating access legitimacy and reducing unauthorized entries. Our contributions encompass the creation of audit trail of EHR access, compliance auditing via PBAC policy verification, the generation of audit logs, and the derivation of data-driven insights, fortifying EHR access security.

Oliver Simonoski,Dijana Capeska Bogatinoska

DOI: https://doi.org/10.5121/ijci.2024.130505

2024-10-08

Abstract:In an era driven by information exchange, transparency and security hold crucial importance, particularly within the healthcare industry, where data integrity and confidentiality are paramount. This paper investigates the integration of blockchain technology in healthcare, focusing on its potential to revolutionize Electronic Health Records (EHR) management and data sharing. By leveraging Ethereum-based blockchain implementations and smart contracts, we propose a novel system that empowers patients to securely store and manage their medical data. Our research addresses critical challenges in implementing blockchain in healthcare, including scalability, user privacy, and regulatory compliance. We propose a solution that combines digital signatures, Role-Based Access Control, and a multi-layered architecture to enhance security and ensure controlled access. The system's key functions, including user registration, data append, and data retrieval, are facilitated through smart contracts, providing a secure and efficient mechanism for managing health information. To validate our approach, we developed a decentralized application (dApp) that demonstrates the practical implementation of our blockchain-based healthcare solution. The dApp incorporates user-friendly interfaces for patients, doctors, and administrators, showcasing the system's potential to streamline healthcare processes while maintaining data security and integrity. Additionally, we conducted a survey to gain insights into the perceived benefits and challenges of blockchain adoption in healthcare. The results indicate strong interest among healthcare professionals and IT experts, while also highlighting concerns about integration costs and technological complexity. Our findings...

Software Engineering,Cryptography and Security

Shunrong Jiang,Haiqin Wu,Liangmin Wang

DOI: https://doi.org/10.1109/globecom38437.2019.9013220

2019-01-01

Abstract:The large-scale deployment of eHealth systems has brought deep impact on human society. However, the centralized Electronic health records (EHRs) outsourcing system faces some critical security and privacy issues, which have raised wide concerns in both academia and industry. Moreover, the patients lose control of their health data. There is a need to construct a decentralized and secure EHRs with more flexible control by patients themselves instead of the third party. Fortunately, we observe that the characteristics of blockchain technology such as decentralization, immutability, and auditability perfectly match these aforementioned requirements. Specifically, to satisfy our application requirements, we build a consortium blockchain (PESchain) which is maintained by a set of medical institutions. The EHRs of patients are encrypted and stored in the medical institutions by local cloud while the corresponding hash values are stored on PESchain. Moreover, to enable privacy-preserving EHRs sharing, we construct a stealth authorization scheme to achieve access authorization delivery on the blockchain. Besides, we pack the transactions according to different types to guarantee efficient block deletion. The security analysis and performance evaluation show that PESchain is secure and practical for EHRs sharing.

Honglei Li,Xiao Yang,Hongxin Wang,Wujia Wei,Weilian Xue

DOI: https://doi.org/10.1155/2022/2058497

2022-03-04

Abstract:The sharing of electronic healthcare records (EHRs) is important to healthcare and medical research. However, institutions are faced with difficulties in privacy protection and efficiently secure data exchange. The main objective of this study is to propose a controllable secure blockchain-based EHRs sharing scheme. For this purpose, blockchain technologies are combined with interplanetary file systems (IPFS) to provide efficient secure EHRs sharing. Firstly, the IPFS-based EHR file system (IEFS) is designed to save and share large-size EHR files among medical institutions. With the high-throughput content-addressed block storage model and appropriate redundant backup of IPFS, IEFS is tamper-resistant and free of a single point of failure. Secondly, the blockchain is used to implement the blockchain-based EHR abstract system (BEAS) to manipulate EHR abstracts access. In BEAS, the EHR file addresses generated by IEFS are encrypted and saved in EHR abstracts for privacy protection. Since EHR abstracts are encrypted by patients' public keys, the sharing of EHR files is under the control of patients. In our experiment, a prototype system is developed to validate the proposed scheme. The experimental results showed that (1) EHRs are securely shared under the control of patients and (2) EHR files are retrieved at an acceptable speed supported by IPFS technology. In this paper, solutions to some important practical issues such as incapacitated patients, encryption key forgetting/missing, and efficient interaction of doctors with EHRs sharing scheme are also seriously discussed.

Kazi Tamzid Akhter Md Hasib,Ixion Chowdhury,Saadman Sakib,Mohammad Monirujjaman Khan,Nawal Alsufyani,Abdulmajeed Alsufyani,Sami Bourouis

DOI: https://doi.org/10.1155/2022/2366632

IF: 1.968

2022-02-04

Security and Communication Networks

Abstract:Bangladesh should have owned a decentralized medical record server. We face a lot of issues, such as doctor’s appointments, report organization in one spot, and report follow-ups. People now bring a large number of papers to the doctor’s chamber. They carry prescriptions, reports, and X-ray files, among other things. It complicates everyone’s life as a result. All of the reports must be reviewed by doctors on a regular basis. It is difficult to read old reports on a regular basis, and patients do not receive the correct medications or treatment. Doctors also find it extremely difficult to comprehend handwritten prescriptions. Data security, authenticity, time management, and other areas of data administration are dramatically improved when blockchain (smart contract) technology is linked with standard database management solutions. Blockchain is a groundbreaking, decentralized technology that protects data from unauthorized access. After smart contracts are implemented, the management will be satisfied with the patients. As a result, maintaining data privacy and accountability in the system is tough. It signifies that the information is only accessible to those who have been authenticated. This study focuses on limiting third-party engagement in medical health data and improving data security. Throughout the process, this will improve accessibility and time efficiency. People will feel safer during the payment procedure, which is the most significant benefit. A smart contract and a peer-to-peer encrypted technology were used. The hacker will not be able to gain access to this system since this document uses an immutable ledger. They will not be able to change any of the data if they gain access to the system. If the items are found to be defective, the transaction will be halted. Transaction security will be a viable option for recasting these problems using cryptographic methodologies. We developed a website where patients and doctors will both benefit because of the use of blockchain technology to ensure the security of medical data. We have different profiles for doctors and patients. In the patient profile, they can create their own account by using a unique address, name, and age. This unique address will be created from the genesis block. The unique address is completely private to the owner, who will remain fully secure in our network. After creating an account, the patient can view the doctors’ list and they can upload their medical reports such as prescriptions and X-rays. All the records uploaded by the patient will be stored on our local server (Ganache). The records are stored as hashed strings of the data. Those files will also have a unique address, and it will be shown in the patient profile. After granting access, the doctors will be able to view their records in the respective doctor’s profile. For accessing the options such as uploading, viewing, or editing the data, Ethereum currency (a fee) will have to be paid in order to complete the request. On the other hand, doctors can enter their profile using their name and unique address. After logging in, they can view their name, unique address, and the list of patients that have granted access to the doctor to view their files. On our website, the front end is handled by JavaScript, ReactJS, HTML, and CSS. The backend is handled by Solidity. Storage is handled by Ganache as the local host. Finally, this paper will show how to ensure that the procedure is as safe as feasible. We are also maintaining transparency and efficiency here.

computer science, information systems,telecommunications