Honglei Li,Xiao Yang,Hongxin Wang,Wujia Wei,Weilian Xue

DOI: https://doi.org/10.1155/2022/2058497

2022-03-04

Abstract:The sharing of electronic healthcare records (EHRs) is important to healthcare and medical research. However, institutions are faced with difficulties in privacy protection and efficiently secure data exchange. The main objective of this study is to propose a controllable secure blockchain-based EHRs sharing scheme. For this purpose, blockchain technologies are combined with interplanetary file systems (IPFS) to provide efficient secure EHRs sharing. Firstly, the IPFS-based EHR file system (IEFS) is designed to save and share large-size EHR files among medical institutions. With the high-throughput content-addressed block storage model and appropriate redundant backup of IPFS, IEFS is tamper-resistant and free of a single point of failure. Secondly, the blockchain is used to implement the blockchain-based EHR abstract system (BEAS) to manipulate EHR abstracts access. In BEAS, the EHR file addresses generated by IEFS are encrypted and saved in EHR abstracts for privacy protection. Since EHR abstracts are encrypted by patients' public keys, the sharing of EHR files is under the control of patients. In our experiment, a prototype system is developed to validate the proposed scheme. The experimental results showed that (1) EHRs are securely shared under the control of patients and (2) EHR files are retrieved at an acceptable speed supported by IPFS technology. In this paper, solutions to some important practical issues such as incapacitated patients, encryption key forgetting/missing, and efficient interaction of doctors with EHRs sharing scheme are also seriously discussed.

Hassan Mansur Hussien,Sharifah Md Yasin,Nur Izura Udzir,Mohd Izuan Hafez Ninggal

DOI: https://doi.org/10.3390/s21072462

2021-04-02

Abstract:Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

Jin Sun,Lili Ren,Shangping Wang,Xiaomin Yao

DOI: https://doi.org/10.1371/journal.pone.0239946

IF: 3.7

2020-10-06

PLoS ONE

Abstract:In the medical system, the verification, preservation and synchronization of electronic medical records has always been a difficult problem, and the random dissemination of patient records will bring various risks to patient privacy. Therefore, how to achieve secure data sharing on the basis of ensuring users' personal privacy becomes the key. In recent years, blockchain has been proposed to be a promising solution to achieve data sharing with security and privacy preservation due to its advantages of immutability. So, a distributed electronic medical records searchable scheme was proposed by leveraging blockchain and smart contract technology. Firstly, we perform a hash calculation on the electronic medical data and store the corresponding value on the blockchain to ensure its integrity and authenticity. Then, we encrypt the electronic medical data and store it in the interplanetary file system which is a distributed storage protocol. These operations not only can solve centralized data store of servers of several medical institutions, but also be good at lowering stress from data store and high-frequency access to blockchain. Secondly, the encrypted keyword index information of electronic medical records was stored on the Ethereum blockchain, meanwhile a smart contract deployed in the Ethereum blockchain is used to realize keyword search instead of depending on a centralized third party. Furthermore, we use attribute-based encryption scheme to ensure that only the attributes meeting the access policy can decrypt the encrypted electronic medical records. Finally, our performance analysis and security analysis show that the scheme is secure and efficient.

Guangfu Wu,Haiping Wang,Zi Yang,Daojing He,Sammy Chan

DOI: https://doi.org/10.1007/s10916-024-02120-9

IF: 4.92

2024-11-24

Journal of Medical Systems

Abstract:In recent years, Electronic health records (EHR) has gradually become the mainstream in the healthcare field. However, due to the fact that EHR systems are provided by different vendors, data is dispersed and stored, which leads to the phenomenon of data silos, making medical information too fragmented and bringing some challenges to current medical services. Therefore, in view of the difficulties in sharing EHR between medical institutions, the risk of privacy leakage, and the lack of EHR usage control by patients, an EHR sharing model based on consortium blockchain is proposed in this paper. Firstly, the Interplanetary File System is combined with consortium blockchain, which forms a hybrid storage scheme of EHR, this technology effectively improves data security, privacy protection, and operational efficiency. Secondly, the model combines unidirectional multi-hop conditional proxy re-encryption based on type and identity with distributed key generation technology to achieve secure EHR sharing with fine grained control. At the same time, users are required to link the operation records of EHR, so as to realize the traceability of EHR usage. A dynamic Byzantine fault-tolerant algorithm based on reputation and clustering is then proposed to solve the problems of arbitrary master node selection, high latency and low throughput of PBFT, enabling the nodes to reach consensus more efficiently. Finally, the model is analyzed in terms of security and user control, showing that the model is less energy intensive in terms of communication overhead and time consumption, and can effectively achieve secure sharing between medical data.

health care sciences & services,medical informatics

Song Luo,N. Han,Tan Hu,YuHua Qian

DOI: https://doi.org/10.1155/2024/5569121

IF: 1.938

2024-02-03

International Journal of Distributed Sensor Networks

Abstract:As network technology advances and more people use devices, data storage has become a significant challenge due to the explosive growth of information and the threat of data leaks. In traditional medical institutions, most medical data is stored centrally through cloud computing technology in the institution’s data center. This centralized storage method has many security risks, and once the central server is attacked, it will lead to the loss of medical data, which will lead to the leakage of patients’ private data. At the same time, electronic medical records are the most critical data in the current medical field. In the traditional centralized healthcare service system (HSS), there are data leakage problems and tampering with electronic medical records due to human factors. At the same time, each hospital is built independently, resulting in the current centralized healthcare service system having a data silo problem, making it difficult to share medical data between institutions securely. With the increase in the number of users in the system, the electronic medical record data in the system also increases gradually, resulting in the increasing overhead of decryption calculation. Therefore, this paper proposes a blockchain-based access control scheme with multiparty authorization to ensure the security of electronic medical records. The scheme uses an SM encryption algorithm to encrypt the medical data in the system. It adds the patient’s signature to ensure the confidentiality and security of the data, and the encrypted electronic medical records (EMRs) are stored in the InterPlanetary File System (IPFS) to realize the distributed storage of EMR. In addition, role-based multiauthorization access control is implemented through smart contract-based to ensure the security of EMR. We have analyzed the security of this paper’s solution and compared its performance with the existing schemes based on other cryptographic algorithms. The experimental results show that the proposed solution significantly improves the secure sharing of EMR and provides system performance.

computer science, information systems,telecommunications

Shekha Chenthara,Khandakar Ahmed,Hua Wang,Frank Whittaker,Zhenxiang Chen

DOI: https://doi.org/10.1371/journal.pone.0243043

IF: 3.7

2020-12-09

PLoS ONE

Abstract:The privacy of Electronic Health Records (EHRs) is facing a major hurdle with outsourcing private health data in the cloud as there exists danger of leaking health information to unauthorized parties. In fact, EHRs are stored on centralized databases that increases the security risk footprint and requires trust in a single authority which cannot effectively protect data from internal attacks. This research focuses on ensuring the patient privacy and data security while sharing the sensitive data across same or different organisations as well as healthcare providers in a distributed environment. This research develops a privacy-preserving framework viz Healthchain based on Blockchain technology that maintains security, privacy, scalability and integrity of the e-health data. The Blockchain is built on Hyperledger fabric, a permissioned distributed ledger solutions by using Hyperledger composer and stores EHRs by utilizing InterPlanetary File System (IPFS) to build this healthchain framework. Moreover, the data stored in the IPFS is encrypted by using a unique cryptographic public key encryption algorithm to create a robust blockchain solution for electronic health data. The objective of the research is to provide a foundation for developing security solutions against cyber-attacks by exploiting the inherent features of the blockchain, and thus contribute to the robustness of healthcare information sharing environments. Through the results, the proposed model shows that the healthcare records are not traceable to unauthorized access as the model stores only the encrypted hash of the records that proves effectiveness in terms of data security, enhanced data privacy, improved data scalability, interoperability and data integrity while sharing and accessing medical records among stakeholders across the healthchain network.

multidisciplinary sciences

S. Vidhya,V. Kalaivani

DOI: https://doi.org/10.1007/s12083-023-01449-1

IF: 3.488

2023-02-01

Peer-to-Peer Networking and Applications

Abstract:With the rapid progress of network information technologies, security in medical data transmission has emerged as a popular research topic. Electronic Health Data (EHR) is vulnerable to security breaches, tampering, manipulation, and data leakage. The blockchain's data integrity, decentralization, and anonymity opened up new possibilities for addressing the aforementioned issues. Therefore, this paper presents a Blockchain-based Access Control Scheme (BACS) with Multiple Party Authority (MPA), smart contract, and proxy re encryption to secure the EHR. The proposed scheme consists of six phases: the registration phase, appointment phase, data aggregation stage, storage phase, query phase, and validation phase. The medical data is encrypted by using a Lightweight Fused Cryptographic (LFC) algorithm with the signature of the patient and doctor to ensure confidentiality and integrity. The encrypted EHR is then stored on Interplanetary File Systems (IPFS), which is a decentralised file storage platform. Moreover, the developed smart contract verifies the authenticity of the users, provides a reputation score for the oracle, and creates a time seal. This enhances the security of the system from external attacks as well as internal attacks. A security analysis is conducted for the proposed method, and the performance is compared with the existing techniques based on encryption time, decryption time, and computation cost.

computer science, information systems,telecommunications

Ali Shahzad,Wenyu Chen,Momina Shaheen,Yin Zhang,Faizan Ahmad

DOI: https://doi.org/10.1371/journal.pone.0307039

IF: 3.7

2024-09-23

PLoS ONE

Abstract:In modern healthcare, providers increasingly use cloud services to store and share electronic medical records. However, traditional cloud hosting, which depends on intermediaries, poses risks to privacy and security, including inadequate control over access, data auditing, and tracking data origins. Additionally, current schemes face significant limitations such as scalability concerns, high computational overhead, practical implementation challenges, and issues with interoperability and data standardization. Unauthorized data access by cloud providers further exacerbates these concerns. Blockchain technology, known for its secure and decentralized nature, offers a solution by enabling secure data auditing in sharing systems. This research integrates blockchain into healthcare for efficient record management. We proposed a blockchain-based method for secure EHR management and integrated Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for fine-grained access control. The proposed algorithm combines blockchain and smart contracts with a cloud-based healthcare Service Management System (SMS) to ensure secure and accessible EHRs. Smart contracts automate key management, encryption, and decryption processes, enhancing data security and integrity. The blockchain ledger authenticates data transactions, while the cloud provides scalability. The SMS manages access requests, enhancing resource allocation and response times. A dual authentication system confirms patient keys before granting data access, with failed attempts leading to access revocation and incident logging. Our analyses show that this algorithm significantly improves the security and efficiency of health data exchanges. By combining blockchain's decentralized structure with the cloud's scalability, this approach significantly improves EHR security protocols in modern healthcare setting.

Jayapriya Jayabalan,N. Jeyanthi

DOI: https://doi.org/10.1016/j.jpdc.2022.03.009

IF: 4.542

2022-06-01

Journal of Parallel and Distributed Computing

Abstract:Traditional healthcare systems in the present scenario follow centralized client-server architecture to store and process patient-health related information. Data stored in each of the healthcare institution remain in silos which cannot be easily shared with other institutions due to technical and infrastructural constraints. Hospitals do not have an effective and secure data sharing mechanism leading to monetary and resource loss in the case of a person visiting different hospitals. Blockchain, a disruptive technology with secure and reliable decentralized framework, and can be used to circumvent problems in traditional healthcare architecture for secure storage, sharing and retrieval of Electronic Health Records (EHR). A blockchain-based framework integrated with InterPlanetary File System (IPFS) for EHR in healthcare management has been proposed in this paper. This proposed framework will enable healthcare institutions to maintain fail-safe and tamper-proof healthcare ledgers in a decentralized manner. Hospitals and doctors act as lightweight nodes, whereas patient nodes can be full or lightweight nodes. The model proposes two-factor authentication and multi-factor authentication for preventing fake node attacks. Patient-centric access model allows the patients to act as digital stewards for their health data, allowing access to doctors and hospitals on demand and revoking it after stipulated time. Symmetric key encryption (AES-128) is used for encrypting data before storing into IPFS. Asymmetric encryption (RSA-4096) is used for generating digital envelopes to pass on symmetric key to authorized entities. Digital signatures (RSA-1024) make sure that the transactions are valid and from authorized nodes. Hashing of the encrypted data is done using SHA-256 algorithm. Multiple layers of security implemented in this model makes sure that adversaries cannot obtain data stored in IPFS; even if they retrieve the data, it will not be meaningful since it is encrypted. The proposed framework for off-chain storage of health data using IPFS saves blockchain structure from scalability issues. Further the proposal for blockchain integration with IPFS helps preserve privacy in the healthcare system, making it highly secure, scalable and robust.

computer science, theory & methods

Shengmin Xu,Jianting Ning,Xiaoguo Li,Jiaming Yuan,Xinyi Huang,Robert H. Deng

DOI: https://doi.org/10.1109/tsc.2024.3356595

IF: 11.019

2024-01-01

IEEE Transactions on Services Computing

Abstract:Blockchain as an open and immutable ledger is being posited as the next frontier in healthcare that will help solve the industry's interoperability challenges. However, immutability in processing personal data is no longer legal since the General Data Protection Regulation (GDPR) requires the “right to be forgotten” as a critical data subject right. To observe such data regulation, it is desirable to build a healthcare blockchain with data redaction in a controlled way. Moreover, electronic health records (EHRs) usually are sensitive and the conventional blockchain lacks systematic and formal security analysis of data confidentiality, especially in the multi-user setting. Furthermore, EHRs are typically helpful in medical research for predicting epidemic diseases and valuable in insurance agencies making business plans. Hence, in healthcare blockchain systems, data confidentiality and flexible key distribution have become the most challenging issues that should be urgently resolved. In this article, we propose a privacy-preserving and redactable healthcare blockchain system (PRHBS). Our solution offers fine-grained block-level data reduction and secure data sharing with flexible key distribution mechanisms. We give the formal definition and security models of PRHBS, and propose a generic construction based on trapdoor-based chameleon-hash function, attribute-based encryption, and puncturable encryption. We present formal security analysis and give an instantiation based on our proposed generic construction. The comprehensive comparison and experimental simulation demonstrate that our implementation exhibits comparable performance, while surpassing the most relevant solutions in terms of functionality.

computer science, information systems, software engineering

Jiawei Zhang,Yanbo Yang,Ximeng Liu,Jianfeng Ma

DOI: https://doi.org/10.1109/tii.2022.3145851

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:With the assistance of the Internet of Things, the fast developing Healthcare Internet of Things (H-IoT) has promoted the healthcare ecosystem into the era of Health 5.0 and enables many promising medical applications, such as remote healthcare that is crucial in pandemic (e.g., coronavirus disease 2019). Healthcare participants can make accurate diagnosis, treatment, and research based on the shared personal health records (PHRs) sensed from remote H-IoT devices. However, current H-IoT systems fall short of a secure and trustworthy PHR sharing service in remote healthcare, which is able to prevent user privacy leakage and PHR integrity violation together with high efficiency in key distribution alongside efficient data retrieval and fine-grained access control. In response, we present a blockchain-based hierarchical data sharing framework (BHDSF) to provide fine-grained access control and efficient retrieval over encrypted PHRs with low consumed hierarchical key distribution and key leakage resistance. Compared with the existing solutions, the BHDSF takes both untrusted cloud and malicious auditor into consideration simultaneously and achieves trustworthy PHR integrity auditing and metadata verification by leveraging the blockchain technique. Besides, the BHDSF enables efficiently aggregative authentication for the trustworthiness of source records from H-IoT devices, which is lacked in most of the existing data sharing frameworks. Finally, we demonstrate the feasibility of the BHDSF by conducting extensive empirical tests over a real-world dataset.

Aisha Banu,Sharon Priya S,Poojitha K,Kiruthiga R,Ruby Annette,Subash Chandran

DOI: https://doi.org/10.48550/arXiv.2306.17084

2023-06-26

Abstract:Electronic Health Records (EHRs) have undergone numerous technical improvements in recent years, including the incorporation of mobile devices with the cloud computing technologies to facilitate medical data exchanges between patients and the healthcare professionals. This cutting-edge architecture enables cyber physical systems housed in the cloud to provide healthcare services with minimal operational costs, high flexibility, security, and EHR accessibility. If patient health information is stored in the hospital database, there will always be a risk of intrusion, i.e., unauthorized file access and information modification by attackers. To address this concern, we propose a decentralized EHR system based on Blockchain technology. To facilitate secure EHR exchange across various patients and medical providers, we develop a reliable access control method based on smart contracts. We incorporate Cryptocurrency, specifically Ethereum, in the suggested system to protect sensitive health information from potential attackers. In our suggested approach, both physicians and patients are required to be authenticated. Patients can register, and a block with a unique hash value will be generated. Once the patient discusses the disease with the physician, the physician can check the patient's condition and offer drugs. For experimental findings, we employ the public Block chain Ganache and solidity remix-based smart contracts to protect privacy. Ethers are used as the crypto currencies.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Jung-San Lee,Chit-Jie Chew,Jo-Yun Liu,Ying-Chin Chen,Kuo-Yu Tsai

DOI: https://doi.org/10.1016/j.jisa.2022.103117

IF: 4.96

2022-03-01

Journal of Information Security and Applications

Abstract:No doubt that medical data sharing is very crucial but important in realizing cross-hospital diagnosis and improving research development. In traditional mechanisms, there always exists a tradeoff between correctness of medical data and patient privacy. Here we are going to introduce the concept of blockchain and smart contract to build up an electronic medical record sharing mechanism: medical blockchain. Specifically, we have implemented the medical record sharing through cryptography design. Simulations have demonstrated that the correctness of medical data and privacy of patient can be guaranteed through the adoption of blockchain, while the integrity of a specific patient can be achieved via the smart contract control. Furthermore, the proposed medical blockchain can resist the potential Internet attack simulated by the formal verification. Thus, no leakage of patient identity occurs, and the tradeoff could be eliminated effectively without the modification of current hospital devices according to the simulation results.

computer science, information systems

Ibrahim Abunadi,Ramasamy Lakshmana Kumar,Ramasamy Kumar

DOI: https://doi.org/10.3390/s21082865

IF: 3.9

2021-04-19

Sensors

Abstract:In the current epoch of smart homes and cities, personal data such as patients’ names, diseases and addresses are often violated. This is frequently associated with the safety of the electronic health records (EHRs) of patients. EHRs have numerous benefits worldwide, but at present, EHR information is subject to considerable security and privacy issues. This paper proposes a way to provide a secure solution to these issues. Previous sophisticated techniques dealing with the protection of EHRs usually make data inaccessible to patients. These techniques struggle to balance data confidentiality, patient demand and constant interaction with provider data. Blockchain technology solves the above problems since it distributes information in a transactional and decentralized manner. The usage of blockchain technology could help the health sector to balance the accessibility and privacy of EHRs. This paper proposes a blockchain security framework (BSF) to effectively and securely store and keep EHRs. It presents a safe and proficient means of acquiring medical information for doctors, patients and insurance agents while protecting the patient’s data. This work aims to examine how our proposed framework meets the security needs of doctors, patients and third parties and how the structure addresses safety and confidentiality concerns in the healthcare sector. Simulation outcomes show that this framework efficiently protects EHR data.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Haiping Huang,Peng Zhu,Fu Xiao,Xiang Sun,Qinglong Huang

DOI: https://doi.org/10.1016/j.cose.2020.102010

Abstract:How to alleviate the contradiction between the patient's privacy and the research or commercial demands of health data has become the challenging problem of intelligent medical system with the exponential increase of medical data. In this paper, a blockchain-based privacy-preserving scheme is proposed, which realizes secure sharing of medical data between several entities involved patients, research institutions and semi-trusted cloud servers. And meanwhile, it achieves the data availability and consistency between patients and research institutions, where zero-knowledge proof is employed to verify whether the patient's medical data meets the specific requirements proposed by research institutions without revealing patients' privacy, and then the proxy re-encryption technology is adopted to ensure that research institutions can decrypt the intermediary ciphertext. In addition, this proposal can execute distributed consensus based on PBFT algorithm for transactions between patients and research institutions according to the prearranged terms. Theoretical analysis shows the proposed scheme can satisfy security and privacy requirements such as confidentiality, integrity and availability, as well as performance evaluation demonstrates it is feasible and efficient in contrast with other typical schemes.

Leyou Zhang,Tianshuai Zhang,Qing Wu,Yi Mu,Fatemeh Rezaeibagha

DOI: https://doi.org/10.1109/jiot.2021.3137240

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Personal health records (PHRs) are located in a patient-centered electronic health system in which users can store and share medical information. However, PHRs have recently been plagued by security issues, such as the leakage of personal health information, illegal access to patient data, and data tampering. Recent security developments, such as introducing an access control policy with attribute-based encryption (ABE) or utilizing blockchain, have only been partially successful in solving these issues. Ongoing challenges to PHR sharing include single points of failure, node cheating attacks, and fair keyword search issues. In this article, we tackle these challenges by introducing a distributed PHR-sharing scheme based on blockchain and ciphertext policy ABE (CP-ABE), which allows for fast and efficient encryption and decryption. Blockchain maintains the integrity and the tracing source of the data while also recording all operations on the data in the form of transactions. In addition, the blockchain nodes act as attribute authorities to construct the CP-ABE cryptosystem. The tracing of malicious blockchain nodes is realized by tracing cryptography algorithms. Furthermore, the fair retrieval of ciphertext is achieved by employing smart contracts. To overcome the limited storage capacity of blockchain, we adopt both the on-chain and off-chain storage modes in our new system. Security analysis indicates that our new scheme remains intact when threatened by an indistinguishable chosen plaintext attack (IND-CPA) and an indistinguishable chosen keywords attack (IND-CKA). As such, we conclude that our proposed approach is feasible and efficient.

computer science, information systems,telecommunications,engineering, electrical & electronic

Ahmed Raza Rajput,Qianmu Li,Milad Taleby Ahvanooey

DOI: https://doi.org/10.3390/healthcare9020206

2021-02-14

Abstract:Blockchain technology is the most trusted all-in-one cryptosystem that provides a framework for securing transactions over networks due to its irreversibility and immutability characteristics. Blockchain network, as a decentralized infrastructure, has drawn the attention of various startups, administrators, and developers. This system preserves transactions from tampering and provides a tracking tool for tracing past network operations. A personal health record (PHR) system permits patients to control and share data concerning their health conditions by particular peoples. In the case of an emergency, the patient is unable to approve the emergency staff access to the PHR. Furthermore, a history record management system of the patient's PHR is required, which exhibits hugely private personal data (e.g., modification date, name of user, last health condition, etc.). In this paper, we suggest a healthcare management framework that employs blockchain technology to provide a tamper protection application by considering safe policies. These policies involve identifying extensible access control, auditing, and tamper resistance in an emergency scenario. Our experiments demonstrated that the proposed framework affords superior performance compared to the state-of-the-art healthcare systems concerning accessibility, privacy, emergency access control, and data auditing.

Mingyue Wang,Yu Guo,Chen Zhang,Cong Wang,Hejiao Huang,Xiaohua Jia

DOI: https://doi.org/10.1109/tsc.2021.3114719

IF: 11.019

2021-01-01

IEEE Transactions on Services Computing

Abstract:Electronic Health Record (EHR) and its privacy have attracted widespread attention with the development of the healthcare industry in recent years. As locking medical data in a single healthcare center causes information isolation, healthcare centers are motivated to build medical data sharing systems. However, existing systems highly rely on the trusted centralized servers, which are vulnerable to distributed denial of service (DDoS) attacks and the single point of failure. Moreover, it is a non-trivial matter to authorize multiple users to search and access EHR in a privacy-preserving manner. In this article, we propose MedShare, a decentralized framework for secure EHR sharing. Our design utilizes the smart contract technique of blockchain to establish a trusted platform for healthcare centers to share their encrypted EHR. Considering that fine-grained access control is essential in practical EHR sharing service, we devise a constant-size attribute-based encryption (ABE) scheme, where the access policy is embedded in search result on the blockchain. Besides, we propose an efficient scheme that enables authorized MedShare users to perform multi-keyword boolean search operations over encrypted EHR. We formally analyze the security strengths and implement the system prototype on Ethereum. Evaluation results demonstrate that MedShare is efficient for EHR sharing.

computer science, information systems, software engineering

Shiyu Li,Yuan Zhang,Chunxiang Xu,Nan Cheng,Zhi Liu,Yicong Du,Xuemin Shen

DOI: https://doi.org/10.1109/tmc.2022.3199048

IF: 6.075

2022-01-01

IEEE Transactions on Mobile Computing

Abstract:In this paper, we propose a servers-aided password-based subsequent-key-locked encryption mechanism to ensure the confidentiality of outsourced electronic health records (EHRs). The encryption mechanism achieves conditional forward transparency: a doctor can only access a patient's EHRs related to the current diagnosis with the patient's delegation. It also achieves portability: to delegate a doctor for accessing a specific part of EHRs, the patient only needs to send one key (at most 256 bits) in addition to the delegation information to the doctor; the patient does not need to maintain any secret in a local device. Then, we propose a blockchain-based secure EHR provenance mechanism, where a data structure of EHR provenance record is designed to precisely reflect the EHRs' provenance information; a smart contract on a public blockchain is deployed to secure both EHRs and the corresponding provenance records. Finally, we develop a cloud-based eHealth system, dubbed HealthFort, based on the two mechanisms. Security analysis and comprehensive performance evaluation are conducted to demonstrate that HealthFort is secure and efficient.

computer science, information systems,telecommunications

J S Simi Mole,R S Shaji

DOI: https://doi.org/10.3389/fmed.2024.1434474

2024-09-25

Abstract:Electronic health records (EHRs) are increasingly replacing traditional paper-based medical records due to their speed, security, and ability to eliminate redundant data. However, challenges such as EHR interoperability and privacy concerns remain unresolved. Blockchain, a distributed ledger technology comprising connected, encrypted data blocks, presents a promising solution. This study explores how blockchain technology can revolutionize hospital EHR management. Our proposed solution securely transfers medical records between patients and doctors using the InterPlanetary File System (IPFS) and the Ethereum platform. Utilizing smart contracts automates data transfers, ensuring patient anonymity and reducing computational complexity while securely storing patient data on the network. Patient records are stored locally on the Ganache server, with the front end managed using HTML, CSS, ReactJS, and JavaScript, and the backend developed in Solidity. Blockchain technologies combined with Role- Based access control instead of attribute -based access control. The system's throughput increases linearly with the number of users and requests, enhancing the framework's efficiency and scalability. The minimum recorded latency is 14 ms.