S. Vidhya,P. M. Siva Raja,R. P. Sumithra,P. M. Siva Raja,R. P. Sumithra

DOI: https://doi.org/10.1002/nem.2289

2024-08-11

International Journal of Network Management

Abstract:The healthcare industry has undergone a digital transformation in recent years, with the adoption of electronic health records (EHRs) becoming increasingly prevalent. While this digitization offers various advantages, concerns regarding the security and privacy of sensitive medical data have also intensified. Data breaches and cyber‐attacks targeting healthcare organizations have underscored the need for robust solutions to protect patient data. Blockchain technology has emerged as a promising solution due to its decentralized and immutable nature, which ensures secure and transparent data recording. This paper proposes a novel approach that combines blockchain with advanced encryption scheme and privacy protection technique to establish a secure and privacy protected medical data sharing environment. The proposed system consists of three phases such as initialization phase, data processing phase, and authentication phase. The hybrid Feistal‐Shannon homomorphic encryption algorithm (HFSHE) is proposed to encrypt the medical data to ensure data confidentiality, integrity, and availability. Ring signature is integrated to the system to provide additional anonymity and protect the identities of the participants involved in data transactions. In addition, the smart contract developed performs authentication checks on users, generates a time seal, and verifies the ring signature. Through this enhancement, the system becomes more resilient to both external and internal threats, enhancing overall security as well as privacy. A comprehensive security analysis is conducted to compare the proposed method's performance against existing techniques. The results demonstrate the effectiveness of the proposed approach in safeguarding sensitive medical information within the blockchain ecosystem.

computer science, information systems,telecommunications

Hassan Mansur Hussien,Sharifah Md Yasin,Nur Izura Udzir,Mohd Izuan Hafez Ninggal

DOI: https://doi.org/10.3390/s21072462

2021-04-02

Abstract:Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

Chandini, A. G.

DOI: https://doi.org/10.1007/s12652-023-04526-8

IF: 3.662

2023-02-26

Journal of Ambient Intelligence and Humanized Computing

Abstract:The last few years have witnessed exponential rise in online digital data for real-time communication, storage, and query-driven processing. It has broadened the horizon for decentralized and ad-hoc digital data used for swift decision making. Nowadays, Electronic healthcare (e-Healthcare) is one of the most demanding industries for telemedicine and Electronic Healthcare Record (EHR) communication purposes. However, ensuring data-security over uncertain channels has remained challenge. To alleviate data-security challenges and enable preserved and immutable data exchange, blockchain technology has been found potential. Despite such significances, most of the existing EHR -oriented blockchain frameworks are developed permissionless with hospital as central unit with almost all access rights. This as a result has demotivated patients due to private data breaches and fake-insurance claims. Considering this limitation developing a patient-centric secure blockchain framework was inevitable. Recently, securing EHR data is a hot research topic and the existing works used varied schemes to enhance the security and privacy of EHR with minimum cost. But the existing studies faces several critical issues like computational complexity, higher processing time, data leakage, sensitive to different attacks, scalability problem etc. The aforementioned issues in the existing studies leads the system as reduced confidentiality and data insecurity. Thus, to overcome such issues, this paper proposes a highly robust pre-transaction signature verification assisted patient-centric multi-stakeholder blockchain model. The proposed blockchain framework focused on multi-stakeholder scalability as well as interoperability aspects while guaranteeing attack-resilience. It was designed over Ethereum armored with blockchain manager (BCM) and smart contract components, where cloud-based interplanetary file system was developed to support decentralized data-storage. It employed a gateway component to perform user's signature verification to thwart away intruders. Once verifying the signature, BCM triggers user's request to the smart contract that verifies user details and allied role, right and access (RRA) policies. In sync with RRA policies for the requesting node, BCM allows user (patients and doctors) to perform data upload, view and sharing. To share the patient data, the proposed method triggers a signature request phase in which the doctor requests intended patient for signature and receiving the signature-acknowledgement it performs unabstracted data view and sharing and alleviates any probability of single-point-failure. The proposed blockchain framework provides a unified solution with improved flexibility, availability, decentralized access, identity management, user authentication, patient centric permissioned control and data security that makes it suitable for real-time purposes.

computer science, information systems,telecommunications, artificial intelligence

Jung-San Lee,Chit-Jie Chew,Jo-Yun Liu,Ying-Chin Chen,Kuo-Yu Tsai

DOI: https://doi.org/10.1016/j.jisa.2022.103117

IF: 4.96

2022-03-01

Journal of Information Security and Applications

Abstract:No doubt that medical data sharing is very crucial but important in realizing cross-hospital diagnosis and improving research development. In traditional mechanisms, there always exists a tradeoff between correctness of medical data and patient privacy. Here we are going to introduce the concept of blockchain and smart contract to build up an electronic medical record sharing mechanism: medical blockchain. Specifically, we have implemented the medical record sharing through cryptography design. Simulations have demonstrated that the correctness of medical data and privacy of patient can be guaranteed through the adoption of blockchain, while the integrity of a specific patient can be achieved via the smart contract control. Furthermore, the proposed medical blockchain can resist the potential Internet attack simulated by the formal verification. Thus, no leakage of patient identity occurs, and the tradeoff could be eliminated effectively without the modification of current hospital devices according to the simulation results.

computer science, information systems

Song Luo,N. Han,Tan Hu,YuHua Qian

DOI: https://doi.org/10.1155/2024/5569121

IF: 1.938

2024-02-03

International Journal of Distributed Sensor Networks

Abstract:As network technology advances and more people use devices, data storage has become a significant challenge due to the explosive growth of information and the threat of data leaks. In traditional medical institutions, most medical data is stored centrally through cloud computing technology in the institution’s data center. This centralized storage method has many security risks, and once the central server is attacked, it will lead to the loss of medical data, which will lead to the leakage of patients’ private data. At the same time, electronic medical records are the most critical data in the current medical field. In the traditional centralized healthcare service system (HSS), there are data leakage problems and tampering with electronic medical records due to human factors. At the same time, each hospital is built independently, resulting in the current centralized healthcare service system having a data silo problem, making it difficult to share medical data between institutions securely. With the increase in the number of users in the system, the electronic medical record data in the system also increases gradually, resulting in the increasing overhead of decryption calculation. Therefore, this paper proposes a blockchain-based access control scheme with multiparty authorization to ensure the security of electronic medical records. The scheme uses an SM encryption algorithm to encrypt the medical data in the system. It adds the patient’s signature to ensure the confidentiality and security of the data, and the encrypted electronic medical records (EMRs) are stored in the InterPlanetary File System (IPFS) to realize the distributed storage of EMR. In addition, role-based multiauthorization access control is implemented through smart contract-based to ensure the security of EMR. We have analyzed the security of this paper’s solution and compared its performance with the existing schemes based on other cryptographic algorithms. The experimental results show that the proposed solution significantly improves the secure sharing of EMR and provides system performance.

computer science, information systems,telecommunications

Ali Shahzad,Wenyu Chen,Momina Shaheen,Yin Zhang,Faizan Ahmad

DOI: https://doi.org/10.1371/journal.pone.0307039

IF: 3.7

2024-09-23

PLoS ONE

Abstract:In modern healthcare, providers increasingly use cloud services to store and share electronic medical records. However, traditional cloud hosting, which depends on intermediaries, poses risks to privacy and security, including inadequate control over access, data auditing, and tracking data origins. Additionally, current schemes face significant limitations such as scalability concerns, high computational overhead, practical implementation challenges, and issues with interoperability and data standardization. Unauthorized data access by cloud providers further exacerbates these concerns. Blockchain technology, known for its secure and decentralized nature, offers a solution by enabling secure data auditing in sharing systems. This research integrates blockchain into healthcare for efficient record management. We proposed a blockchain-based method for secure EHR management and integrated Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for fine-grained access control. The proposed algorithm combines blockchain and smart contracts with a cloud-based healthcare Service Management System (SMS) to ensure secure and accessible EHRs. Smart contracts automate key management, encryption, and decryption processes, enhancing data security and integrity. The blockchain ledger authenticates data transactions, while the cloud provides scalability. The SMS manages access requests, enhancing resource allocation and response times. A dual authentication system confirms patient keys before granting data access, with failed attempts leading to access revocation and incident logging. Our analyses show that this algorithm significantly improves the security and efficiency of health data exchanges. By combining blockchain's decentralized structure with the cloud's scalability, this approach significantly improves EHR security protocols in modern healthcare setting.

Jin Sun,Lili Ren,Shangping Wang,Xiaomin Yao

DOI: https://doi.org/10.1371/journal.pone.0239946

IF: 3.7

2020-10-06

PLoS ONE

Abstract:In the medical system, the verification, preservation and synchronization of electronic medical records has always been a difficult problem, and the random dissemination of patient records will bring various risks to patient privacy. Therefore, how to achieve secure data sharing on the basis of ensuring users' personal privacy becomes the key. In recent years, blockchain has been proposed to be a promising solution to achieve data sharing with security and privacy preservation due to its advantages of immutability. So, a distributed electronic medical records searchable scheme was proposed by leveraging blockchain and smart contract technology. Firstly, we perform a hash calculation on the electronic medical data and store the corresponding value on the blockchain to ensure its integrity and authenticity. Then, we encrypt the electronic medical data and store it in the interplanetary file system which is a distributed storage protocol. These operations not only can solve centralized data store of servers of several medical institutions, but also be good at lowering stress from data store and high-frequency access to blockchain. Secondly, the encrypted keyword index information of electronic medical records was stored on the Ethereum blockchain, meanwhile a smart contract deployed in the Ethereum blockchain is used to realize keyword search instead of depending on a centralized third party. Furthermore, we use attribute-based encryption scheme to ensure that only the attributes meeting the access policy can decrypt the encrypted electronic medical records. Finally, our performance analysis and security analysis show that the scheme is secure and efficient.

Jiahao Chen,Xinchun Yin,Jianting Ning

DOI: https://doi.org/10.1002/ett.4510

IF: 3.6

2022-04-10

Transactions on Emerging Telecommunications Technologies

Abstract:This paper proposes a fine‐grained and secure health data sharing system based on blockchain. Trusted consensus nodes publish public parameter and retain master secret key, also generate attribute‐based encryption key and proxy key for data requesters. The doctor generates an electronic health record (EHR) for the patient and signs it with his private key which can ensure non‐repudiation. Patient can encrypt his EHR and upload it to the IPFS. Patient can also set the smart contract. If a data requester wants to acquire EHR, he must pass the authentication of the smart contract, the patient can generate a re‐encryption key for him. Blockchain is used to store the index of EHR and the hash value of EHR to achieve tamper resistance.Electronic health record (EHR) allows patients to use an open channel (ie, Internet) to control, share and manage their health records among family members, healthcare providers and other third party data users. Thus, in such an environment, privacy, confidentiality, and data consistency are the major challenges. Although cloud‐based EHR addresses the aforementioned discussions, these are prone to various malicious attacks, trust management and non‐repudiation among servers. Recently, due to the property of immutability, blockchain technology has been introduced to be as an auspicious solution for achieving EHR sharing with privacy and security preservation. Motivated by the above debates, we present BFHS, a blockchain‐based fine‐grained secure EHR sharing mechanism. On BFHS, we encrypt the EHR using ciphertext‐policy attribute‐based encryption (CP‐ABE) and upload it to the interplanetary file system (IPFS) for storage, while the matching index is encrypted via proxy re‐encryption and kept in a medical consortium blockchain. In addition, we created a credit assessment mechanism and incorporated it into the smart contract. Smart contracts, proxy re‐encryption, a credit evaluation mechanism, and IPFS all work together to give patients with a trustworthy EHR sharing environment and a dynamic access control interface. The thorough comparison and experimental analysis show that the proposed BFHS has more comprehensive security features and is more practicable.

telecommunications

Aisha Banu,Sharon Priya S,Poojitha K,Kiruthiga R,Ruby Annette,Subash Chandran

DOI: https://doi.org/10.48550/arXiv.2306.17084

2023-06-26

Abstract:Electronic Health Records (EHRs) have undergone numerous technical improvements in recent years, including the incorporation of mobile devices with the cloud computing technologies to facilitate medical data exchanges between patients and the healthcare professionals. This cutting-edge architecture enables cyber physical systems housed in the cloud to provide healthcare services with minimal operational costs, high flexibility, security, and EHR accessibility. If patient health information is stored in the hospital database, there will always be a risk of intrusion, i.e., unauthorized file access and information modification by attackers. To address this concern, we propose a decentralized EHR system based on Blockchain technology. To facilitate secure EHR exchange across various patients and medical providers, we develop a reliable access control method based on smart contracts. We incorporate Cryptocurrency, specifically Ethereum, in the suggested system to protect sensitive health information from potential attackers. In our suggested approach, both physicians and patients are required to be authenticated. Patients can register, and a block with a unique hash value will be generated. Once the patient discusses the disease with the physician, the physician can check the patient's condition and offer drugs. For experimental findings, we employ the public Block chain Ganache and solidity remix-based smart contracts to protect privacy. Ethers are used as the crypto currencies.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Yingwen Chen,Linghang Meng,Huan Zhou,Guangtao Xue

DOI: https://doi.org/10.1155/2021/6685762

2021-06-29

Wireless Communications and Mobile Computing

Abstract:The rapid development of wearable sensors and the 5G network empowers traditional medical treatment with the ability to collect patients’ information remotely for monitoring and diagnosing purposes. Meanwhile, the health-related mobile apps and devices also generate a large amount of medical data, which is critical for promoting disease research and diagnosis. However, medical data is too sensitive to share, which is also a common issue for IoT (Internet of Things) data. The traditional centralized cloud-based medical data sharing schemes have to rely on a single trusted third party. Therefore, the schemes suffer from single-point failure and lack of privacy protection and access control for the data. Blockchain is an emerging technique to provide an approach for managing data in a decentralized manner. Especially, the blockchain-based smart contract technique enables the programmability for participants to access the data. All the interactions are authenticated and recorded by the other participants of the blockchain network, which is tamper resistant. In this paper, we leverage the K-anonymity and searchable encryption techniques and propose a blockchain-based privacy-preserving scheme for medical data sharing among medical institutions and data users. To be specific, the consortium blockchain, Hyperledger Fabric, is adopted to allow data users to search for encrypted medical data records. The smart contract, i.e., the chaincode, implements the attribute-based access control mechanisms to guarantee that the data can only be accessed by the user with proper attributes. The K-anonymity and searchable encryption ensure that the medical data is shared without privacy leaking, i.e., figuring out an individual patient from queries. We implement a prototype system using the chaincode of Hyperledger Fabric. From the functional perspective, security analysis shows that the proposed scheme satisfies security goals and precedes others. From the performance perspective, we conduct experiments by simulating different numbers of medical institutions. The experimental results demonstrate that the scalability and performance of our scheme are practical.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chengzhe Lai,Zhe Ma,Rui Guo,Dong Zheng

DOI: https://doi.org/10.1007/s12083-022-01303-w

2022-03-08

Abstract:In order to solve the problem of medical data sharing difficulties among medical institutions, we propose a secure medical data sharing scheme based on traceable ring signature and blockchain. Firstly, a certificateless traceable ring signature algorithm based on distributed key generation is proposed to provide data integrity with privacy preservation. Secondly, the smart contract combined with access control and Self-Controlling Object (SCO) can realize the decryption outsourcing and data sharing. In addition, the proposed scheme uses the InterPlanetary File System (IPFS) to store the oceans of medical privacy data, and encrypts the hash index to store, which improves the efficiency of data sharing. Finally, integrated with the blockchain, we can select the proxy node and upload the SCO package to the blockchain node for data sharing by using consensus mechanism. The security analysis shows that the scheme can realize the electronic health record (EHR) source tracking while achieving secure data sharing and privacy protection. In the performance evaluation, we compare the functionality with other schemes and conclude that our scheme is well-functional. Also, the time-consuming simulation of the algorithms in our scheme using the PBC library reflects a high practicality. The results show that the proposed scheme is secure in terms of medical data sharing and privacy protection, and feasible for data source tracking.

computer science, information systems,telecommunications

Tian Lim Tan,Iftekhar Salam,Madhusudan Singh

DOI: https://doi.org/10.1371/journal.pone.0266916

IF: 3.7

2022-04-14

PLoS ONE

Abstract:The lack of data outsourcing in healthcare management systems slows down the intercommunication and information sharing between different entities. A standard solution is outsourcing the electronic health record (EHR) to a cloud service provider (CSP). The outsourcing of the EHR should be performed securely without compromising the CSP functionalities. Searchable encryption would be a viable approach to ensure the confidentiality of the data without compromising searchability and accessibility. However, most existing searchable encryption solutions use centralised architecture. These systems have trust issues as not all the CSPs are fully trusted or honest. To address these problems, we explore blockchain technology with smart contract applications to construct a decentralised system with auditable yet immutable data storage and access. First, we propose a blockchain-based searchable encryption scheme for EHR storage and updates in a decentralised fashion. The proposed scheme supports confidentiality of the outsourced EHR, keyword search functionalities, verifiability of the user and the server, storage immutability, and dynamic updates of EHRs. Next, we implement a prototype using JavaScript and Solidity on the Ethereum platform to demonstrate the practicality of the proposed solution. Finally, we compare the performance and security of the proposed scheme against existing solutions. The result indicates that the proposed scheme is practical while providing the desired security features and functional requirements.

Mingyue Wang,Yu Guo,Chen Zhang,Cong Wang,Hejiao Huang,Xiaohua Jia

DOI: https://doi.org/10.1109/tsc.2021.3114719

IF: 11.019

2021-01-01

IEEE Transactions on Services Computing

Abstract:Electronic Health Record (EHR) and its privacy have attracted widespread attention with the development of the healthcare industry in recent years. As locking medical data in a single healthcare center causes information isolation, healthcare centers are motivated to build medical data sharing systems. However, existing systems highly rely on the trusted centralized servers, which are vulnerable to distributed denial of service (DDoS) attacks and the single point of failure. Moreover, it is a non-trivial matter to authorize multiple users to search and access EHR in a privacy-preserving manner. In this article, we propose MedShare, a decentralized framework for secure EHR sharing. Our design utilizes the smart contract technique of blockchain to establish a trusted platform for healthcare centers to share their encrypted EHR. Considering that fine-grained access control is essential in practical EHR sharing service, we devise a constant-size attribute-based encryption (ABE) scheme, where the access policy is embedded in search result on the blockchain. Besides, we propose an efficient scheme that enables authorized MedShare users to perform multi-keyword boolean search operations over encrypted EHR. We formally analyze the security strengths and implement the system prototype on Ethereum. Evaluation results demonstrate that MedShare is efficient for EHR sharing.

computer science, information systems, software engineering

Bala Gayathri D,D Sangeetha

DOI: https://doi.org/10.3233/THC-240921

2024-08-08

Abstract:Background: In the modern medical industry, sensors and other medical electronic equipment such as ECG, thermometers, etc. that measure vitals like blood pressure, body temperature, heartbeat, and blood cells are used to record patient data. The information gathered helps to create a patient profile, which in turn helps doctors treat patients appropriately and helps users gain insights into their health. But, the information collected is regionally specific and not worldwide. Thus, this may create problems in transparency, integrity, and much more. The medical details of patients collected are stored in a simple database which appears to be a centralized application that is prone to be modified or hacked by intruders and also suffers from fault tolerance. Objective: This paper aims to solve this problem using Blockchain and Data Possession methodologies. Methods: Blockchain helps to store multiple copies of data in a decentralized fashion. Thus, a secured model could be implemented using blockchain in which the patient's data can be securely sent to any medical professional, thus promoting transparency, security, and integrity. Results: Provable Data Possession helps the users to verify that their information is intact and has not been tampered. It can be achieved using cryptography which encrypts the information of the patients stored. Conclusion: This paper will be beneficial for the medical department and the public such that it will be beneficial in terms of transparency, scalability, and security.

Xiaohui Yang,Kun Zhang,Kai Jia,Peiyin Zhao

DOI: https://doi.org/10.1007/s12083-024-01669-z

IF: 3.488

2024-03-07

Peer-to-Peer Networking and Applications

Abstract:Sharing electronic medical record (EMR) is essential to dig out the value of medical data. Current data-sharing schemes usually rely on trusted third-party institutions. Patients lack control and tracking capabilities for sensitive individual medical data, and access control strategies lack personalization and autonomy, resulting in patients' reluctance to share EMR. Given the above problems, this paper proposes a blockchain-based patient-centered medical account chain to address the issues of existing EMR sharing schemes. The account chain establishes a personal smart contract account for the patient to allow patients to control and track sensitive medical data. This smart contract consists of two components: identity management and data management. Using the identity management contract, the patient can authorize and revoke access to their data. Data management contracts only allow authorized doctors to access and update the EMR. We use a hybrid encryption system, combining symmetric and asymmetric methods, to secure EMR, which often includes large files like medical images. This approach effectively tackles data privacy and security challenges, while improving encryption and decryption efficiency. The encrypted EMR is stored in the InterPlanetary File System (IPFS) cluster. Within the smart contract account, only the hash value from IPFS and the symmetric key encrypted with the patient's public key are retained. This approach minimizes storage costs on the blockchain while ensuring data coherence and integrity. During the sharing process, the proxy re-encryption algorithm reduces computational overhead on the patient's side while mitigating the risks associated with frequent exposure of the patient's private key. Through experiments and theoretical analysis on the Ethereum platform, the efficiency and superiority of the medical account chain in terms of functions, storage and computing costs are verified, and it is more suitable for modern medical scenarios.

computer science, information systems,telecommunications

Mohit Kumar,Hritu Raj,Nisha Chaurasia,Sukhpal Singh Gill

DOI: https://doi.org/10.1016/j.iotcps.2023.05.006

2023-06-28

Abstract:A cyber-physical system is considered to be a collection of strongly coupled communication systems and devices that poses numerous security trials in various industrial applications including healthcare. The security and privacy of patient data is still a big concern because healthcare data is sensitive and valuable, and it is most targeted over the internet. Moreover, from the industrial perspective, the cyber-physical system plays a crucial role in the exchange of data remotely using sensor nodes in distributed environments. In the healthcare industry, Blockchain technology offers a promising solution to resolve most securities-related issues due to its decentralized, immutability, and transparency properties. In this paper, a blockchain-inspired secure and reliable data exchange architecture is proposed in the cyber-physical healthcare industry 4.0. The proposed system uses the BigchainDB, Tendermint, Inter-Planetary-File-System (IPFS), MongoDB, and AES encryption algorithms to improve Healthcare 4.0. Furthermore, blockchain-enabled secure healthcare architecture for accessing and managing the records between Doctors and Patients is introduced. The development of a blockchain-based Electronic Healthcare Record (EHR) exchange system is purely patient-centric, which means the entire control of data is in the owner's hand which is backed by blockchain for security and privacy. Our experimental results reveal that the proposed architecture is robust to handle more security attacks and can recover the data if 2/3 of nodes are failed. The proposed model is patient-centric, and control of data is in the patient's hand to enhance security and privacy, even system administrators can't access data without user permission.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Xu Cheng,Fulong Chen,Dong Xie,Hui Sun,Cheng Huang

DOI: https://doi.org/10.1007/s10916-019-1468-1

IF: 4.92

2020-01-08

Journal of Medical Systems

Abstract:With the rapid development of technologies such as artificial intelligence, blockchain, cloud computing, and big data, Medical Cyber Physical Systems (MCPS) are increasingly demanding data security, while cloud storage solves the storage problem of complex medical data. However, it is difficult to realize data security sharing. The decentralization feature of blockchain is helpful to solve the problem that the secure authentication process is highly dependent on the trusted third party and implement data security transmission. In this paper, the blockchain technology is used to describe the security requirements in authentication process, and a network model of MCPS based on blockchain is proposed. Through analysis of medical data storage architecture, it can ensure that data can't be tampered and untrackable. In the security authentication phase, bilinear mapping and intractable problems can be used to solve the security threat in the authentication process of medical data providers and users. It can avoid the credibility problem of the trusted third party, and also can realize the ?thyc=10?>two-way authentication between the hospital and blockchain node. Then, BAN logic is used to analyze security protocols, and formal analysis and comparison of security protocols are also made. The results show that the MCPS based on blockchain not only realizes medical treatment data sharing, but also meet the various security requirements in the security authentication phase. In addition, the storage and computing overhead costs is ideal. Therefore, the proposed scheme is more suitable for secure sharing of medical big data.

health care sciences & services,medical informatics

Jiyu Tao,Li Ling

DOI: https://doi.org/10.1109/access.2021.3107591

IF: 3.9

2021-01-01

IEEE Access

Abstract:Medical files can help people prevent diseases, increase cure rates, promote medical development and help solve major public health crises. However, medical files are strongly private. It is an urgent problem needed to be solved that how to share medical files with privacy and data security. The existing models based on the centralized certificate authority is a feasible method, but it is possible to experience a single point failure. Besides there is a mismatch between the models and real-life scenario since they are only suitable for single patient. Therefore, this paper proposes a practical medical file sharing scheme based on blockchain and decentralized attribute-based encryption. The blockchain is used to record application and grant of authorizations. Smart contracts provide an interactive platform for all users in the system. By utilizing decentralized attribute-based encryption, fine-grained access control of medical files is carried out to ensure privacy and security as well as avoiding single point failure. Attribute-based algorithm that support multi-person democratic decision making and dynamic personnel changes are designed to make the model much closer to the real scene. Finally, through security, performance and comparing analysis with other solutions, the scheme in this paper can meet the needs of real-life scenarios in terms of security and practicability, and provides a new practical model for medical file sharing.

Amit Kumar Jakhar,Mrityunjay Singh,Rohit Sharma,Wattana Viriyasitavat,Gaurav Dhiman,Shubham Goel

DOI: https://doi.org/10.1007/s11042-024-18827-3

IF: 2.577

2024-03-20

Multimedia Tools and Applications

Abstract:Healthcare data is crucial and sensitive, as it contains absolute information about a patient's medical history, treatments, and actions; this information gets shared among the stakeholders on a routine basis. Patients' information is vital and should be kept accurate, up-to-date, and secret; it should be available only to authorized users. Most of the existing systems are centralized and may breach data privacy. This study mainly focuses on protecting the privacy and security of sensitive healthcare data while sharing with multiple stakeholders. This work presents a privacy-preserving and access-control blockchain-based framework that uses consensus-driven decentralized data management on top of peer-to-peer distributed computing platforms to ensure the privacy, security, accessibility, and integrity of healthcare data. Blockchain technology helps to protect transactions from manipulation due to its features of irreversibility and immutability. Additionally, we thoroughly examine the security requirements afforded by blockchain-enabled systems by incorporating stakeholders like patients, doctors, chemists, and pathology labs as system entities; they can only share information through a proper channel. The proposed framework has been implemented and evaluated using Hyperledger Fabric. We observe that the proposed framework reveals promising benefits in security, regulation compliance, reliability, flexibility, and accuracy.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Akanksha Saini,Qingyi Zhu,Navneet Singh,Yong Xiang,Longxiang Gao,Yushu Zhang

DOI: https://doi.org/10.1109/jiot.2020.3032997

IF: 10.6

2021-04-01

IEEE Internet of Things Journal

Abstract:In current healthcare systems, electronic medical records (EMRs) are always located in different hospitals and controlled by a centralized cloud provider. However, it leads to single point of failure as patients being the real owner lose track of their private and sensitive EMRs. Hence, this article aims to build an access control framework based on smart contract, which is built on the top of distributed ledger (blockchain), to secure the sharing of EMRs among different entities involved in the smart healthcare system. For this, we propose four forms of smart contracts for user verification, access authorization, misbehavior detection, and access revocation, respectively. In this framework, considering the block size of ledger and huge amount of patient data, the EMRs are stored in cloud after being encrypted through the cryptographic functions of elliptic curve cryptography (ECC) and Edwards-curve digital signature algorithm (EdDSA), while their corresponding hashes are packed into blockchain. The performance evaluation based on a private Ethereum system is used to verify the efficiency of proposed access control framework in the real-time smart healthcare system.

computer science, information systems,telecommunications,engineering, electrical & electronic