Xiaoliang Wang,Liang Bai,Qing Yang,Liu Wang,Frank Jiang

DOI: https://doi.org/10.1016/j.jisa.2019.04.010

IF: 4.96

2019-01-01

Journal of Information Security and Applications

Abstract:With the development of wireless sensor network and internet, ubiquitous eHealth care systems are booming. However, a great deal of data computing and storage processing restrict the scalability of ubiquitous eHealth. As a solution, cloud-based eHealth is coming up. However, using cloud-computing model often causes some privacy concerns. Massive medical data in eHealth system contain numerous sensitive information and electronic health records of users. Meanwhile, if data encryption is adopted to protect privacy, cloud center cannot process data. To solve this problem, a scheme based on fully homomorphism conception for privacy protection and data processing of eHealth is proposed in this paper. Our scheme not only meets the aforementioned dual requirements but also limit the arbitrary actions of patients and doctors.

Naresh Sammeta,Latha Parthiban

DOI: https://doi.org/10.34028/iajit/20/5/2

2022-01-01

The International Arab Journal of Information Technology

Abstract:Electronic Health Record (EHR) includes highly sensitive data like medical images, prescriptions, medical test result, medical history of patients, etc., These sensitive data cannot be transmitted in its original form in the network due to security issues. Hence, encryption is done prior to transmission. To increase the speed of data transfer and to overcome the storage issues, data is usually transferred through the cloud. Hence, to ensure the security and scalability of the data, a third-party encryption called re-encryption is performed at the proxy cloud. This re-encryption ensures that the data can be reliably transmitted through the network. In this research, a novel scheme called block-chain based EHR data sharing using chaotic re-encryption (BC-EDS-CR) is proposed. In the proposed scheme, re-encryption is performed using chaos theory. The proposed re-encryption scheme ensures that the cloud administrator cannot access the medical data. Metrics such as Peak Signal to Noise Ratio (PSNR), Mean Square Error (MSE), Structural Similarity Index (SSIM), entropy and correlation coefficient are used in evaluating this scheme. It was found that the proposed scheme outperforms the existing methods by achieving a PSNR of 57.66, SSIM of 0.985 and MSE of 0.058.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Raghav,Nitish Andola,S Venkatesan,Shekhar Verma

DOI: https://doi.org/10.1007/s12083-023-01521-w

IF: 3.488

2023-08-24

Peer-to-Peer Networking and Applications

Abstract:Privacy-preserving cloud data sharing requires user authentication, access control, and privacy provisioning mechanisms. In this paper, we propose two schemes, keyword-based re-encryption (KRE) scheme and oblivious transfer-based re-encryption (OTRE) scheme with hybrid blockchain secure health data sharing. KRE preserves data privacy of patient and provides keyword-based access with reduced key management overhead. OTRE is a superset of KRE that employs OT to preserve privacy of users' data and multiple data sharing. The schemes are collusion-resistant against an honest but curious cloud and malicious users. Hybrid blockchain obviates the need for a single trusted authority and allows large-scale secure data sharing. Blockchain also enables end-user authentication and verifiability of data on the cloud through smart contracts. The privacy provisioning step was responsible for the increased time in the OTRE scheme. We present a concrete construction for KRE and OTRE that satisfies indistinguishability under chosen-plaintext attacks with a random oracle model and formally proves its security. We implemented the schemes using the SageMath tool and hybrid blockchain using Go-Ethereum with Remix. The computational cost, consensus time, latency and throughput in KRE and OTRE schemes demonstrated their efficiency and suitability for healthcare data-sharing applications.

computer science, information systems,telecommunications

Jingwei Liu,Weiyang Jiang,Rong Sun,Ali Kashif Bashir,Mohammad Dahman Alshehri,Qiaozhi Hua,Keping Yu

DOI: https://doi.org/10.1109/jbhi.2022.3183397

IF: 7.7

2022-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:As an important carrier of healthcare data, Electronic Medical Records (EMRs) generated from various sensors, i.e., wearable, implantable, are extremely valuable research materials for artificial intelligence and machine learning. The efficient circulation of EMRs can improve remote medical services and promote the development of the related healthcare industry. However, in traditional centralized data sharing architectures, the balance between privacy and traceability still cannot be well handled. To address the issue that malicious users cannot be locked in the fully anonymous sharing schemes, we propose a trackable anonymous remote healthcare data storing and sharing scheme over decentralized consortium blockchain. Through an "on-chain & off-chain" model, it relieves the massive data storage pressure of medical blockchain. By introducing an improved proxy re-encryption mechanism, the proposed scheme realizes the fine-gained access control of the outsourced data, and can also prevent the collusion between semi-trusted cloud servers and data requestors who try to reveal EMRs without authorization. Compared with the existing schemes, our solution can provide a lower computational overhead in repeated EMRs sharing, resulting in a more efficient overall performance.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Yogesh M Gajmal,R. Udayakumar

DOI: https://doi.org/10.1080/19393555.2021.1933270

2021-06-28

Information Security Journal: A Global Perspective

Abstract:The outsourcing of Electronic Health Records (EHR) on cloud infrastructures has enabled medical data sharing among several healthcare applications. The blockchain offers security by authenticating users with encryption methods. The collaboration with the cloud provides better management but poses threats to the privacy of the patient. This paper devises a novel blockchain-assisted framework for effective data sharing and retrieval using cloud platforms. Here, the data protection model is devised in EHR application for secure transmission. The entities in the cloud platform include data user, data owner, smart agreement, transactional blockchain, and Inter-Planetary File System (IPFS). Here, the data owner includes a data protection model to secure EHR in which secured EHR is transferred to IPFS before sharing with the data user. The data protection is done by preserving data privacy using Tracy-Singh product and proposed Conditional Autoregressive Value at risk (CAViaR)-based Bird swarm algorithm (CAViaR-based BSA) combination of BSA and CAViaR for generating optimal privacy-preserving coefficients. The objective function is newly devised considering privacy and utility. The proposed CAViaR-based BSA outperformed other methods with minimal responsiveness of 251.339 s, maximal genuine user detection of 32.451%, maximal privacy of 96.5%, and minimal information loss of 3.5%.

Jiayuan Zhang,Rongxin Guo,Yifan Shi,Wanting Tang

DOI: https://doi.org/10.3934/mbe.2024271

2024-06-03

Abstract:Many current electronic medical record (EMR) sharing schemes that use proxy re-encryption and blockchain do not fully consider the potential threat of malicious node impersonation attacks. This oversight could lead to data leakage as attackers masquerade as legitimate users or proxy nodes during the sharing process. To deal with this problem, we propose an EMR sharing scheme based on proxy re-encryption and blockchain to protect against impersonation attacks. First, we prevent the potential threat of impersonation attacks by generating a shared temporary key and assigning tasks to multiple proxy nodes. Second, we use a random function to ensure that the selection of encrypted proxy nodes is fair. Third, we use a combination of blockchain and the InterPlanetary File System to solve the problem of insufficient storage capacity of shared processes and ensure the storage security of EMRs. Through the security proof, our scheme guarantees anti-impersonation, anti-collusion, and anti-chosen plaintext attack capability in the sharing process of EMRs. Additionally, experiments on the blockchain platform, namely Chain33, show that our scheme significantly increases efficiency.

S. Vidhya,V. Kalaivani

DOI: https://doi.org/10.1007/s12083-023-01449-1

IF: 3.488

2023-02-01

Peer-to-Peer Networking and Applications

Abstract:With the rapid progress of network information technologies, security in medical data transmission has emerged as a popular research topic. Electronic Health Data (EHR) is vulnerable to security breaches, tampering, manipulation, and data leakage. The blockchain's data integrity, decentralization, and anonymity opened up new possibilities for addressing the aforementioned issues. Therefore, this paper presents a Blockchain-based Access Control Scheme (BACS) with Multiple Party Authority (MPA), smart contract, and proxy re encryption to secure the EHR. The proposed scheme consists of six phases: the registration phase, appointment phase, data aggregation stage, storage phase, query phase, and validation phase. The medical data is encrypted by using a Lightweight Fused Cryptographic (LFC) algorithm with the signature of the patient and doctor to ensure confidentiality and integrity. The encrypted EHR is then stored on Interplanetary File Systems (IPFS), which is a decentralised file storage platform. Moreover, the developed smart contract verifies the authenticity of the users, provides a reputation score for the oracle, and creates a time seal. This enhances the security of the system from external attacks as well as internal attacks. A security analysis is conducted for the proposed method, and the performance is compared with the existing techniques based on encryption time, decryption time, and computation cost.

computer science, information systems,telecommunications

Ali Shahzad,Wenyu Chen,Momina Shaheen,Yin Zhang,Faizan Ahmad

DOI: https://doi.org/10.1371/journal.pone.0307039

IF: 3.7

2024-09-23

PLoS ONE

Abstract:In modern healthcare, providers increasingly use cloud services to store and share electronic medical records. However, traditional cloud hosting, which depends on intermediaries, poses risks to privacy and security, including inadequate control over access, data auditing, and tracking data origins. Additionally, current schemes face significant limitations such as scalability concerns, high computational overhead, practical implementation challenges, and issues with interoperability and data standardization. Unauthorized data access by cloud providers further exacerbates these concerns. Blockchain technology, known for its secure and decentralized nature, offers a solution by enabling secure data auditing in sharing systems. This research integrates blockchain into healthcare for efficient record management. We proposed a blockchain-based method for secure EHR management and integrated Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for fine-grained access control. The proposed algorithm combines blockchain and smart contracts with a cloud-based healthcare Service Management System (SMS) to ensure secure and accessible EHRs. Smart contracts automate key management, encryption, and decryption processes, enhancing data security and integrity. The blockchain ledger authenticates data transactions, while the cloud provides scalability. The SMS manages access requests, enhancing resource allocation and response times. A dual authentication system confirms patient keys before granting data access, with failed attempts leading to access revocation and incident logging. Our analyses show that this algorithm significantly improves the security and efficiency of health data exchanges. By combining blockchain's decentralized structure with the cloud's scalability, this approach significantly improves EHR security protocols in modern healthcare setting.

Bruno Rodrigues,Ivone Amorim,Ivan Costa,Alexandra Mendes

2023-07-04

Abstract:The exponential growth in the digitisation of services implies the handling and storage of large volumes of data. Businesses and services see data sharing and crossing as an opportunity to improve and produce new business opportunities. The health sector is one area where this proves to be true, enabling better and more innovative treatments. Notwithstanding, this raises concerns regarding personal data being treated and processed. In this paper, we present a patient-centric platform for the secure sharing of health records by shifting the control over the data to the patient, therefore, providing a step further towards data sovereignty. Data sharing is performed only with the consent of the patient, allowing it to revoke access at any given time. Furthermore, we also provide a break-glass approach, resorting to Proxy Re-encryption (PRE) and the concept of a centralised trusted entity that possesses instant access to patients' medical records. Lastly, an analysis is made to assess the performance of the platform's key operations, and the impact that a PRE scheme has on those operations.

Cryptography and Security

K Vivekrabinson,K Ragavan,P Jothi Thilaga,J Bharath Singh,Vivekrabinson, K

DOI: https://doi.org/10.1007/s10916-024-02053-3

IF: 4.92

2024-03-26

Journal of Medical Systems

Abstract:In today's data-driven world, the exponential growth of digital information poses significant challenges in data management. In recent years, the adoption of cloud-based Electronic Health Records (EHR) sharing schemes has yielded numerous advantages like improved accessibility, availability, and enhanced interoperability. However, the centralized nature of cloud storage presents challenges in terms of information storage, privacy protection, and security. Despite several approaches that have been presented to ensure secure deduplication of similar EHRs, the validation of data integrity without a third-party auditor (TPA) remains a persistent task. Because involving a TPA raises concerns about the confidentiality and privacy of crucial healthcare information. To tackle this challenge, a novel cloud storage auditing technique is proposed that incorporates cross-patient block-level deduplication while upholding strong privacy protection, ensuring that EHR is not compromised. Here, we introduced blockchain technology to achieve integrity verification, thus eliminating the need for a TPA by providing a decentralized and transparent mechanism. Additionally, an index for all EHRs has been generated to facilitate block-level duplicate checks and employ a novel strategy to prevent adversaries from acquiring original information saved in the cloud storage. The security of the proposed approach is established against factorization attacks and decrypt exponent attacks. The performance evaluation demonstrates the superior efficiency of the proposed scheme in terms of file authenticator generation, challenge creation, and proof verification to other existing client-side deduplication approaches.

health care sciences & services,medical informatics

Preethi.S

DOI: https://doi.org/10.36713/epra5789

2020-12-09

Abstract:Remote health monitoring and older health care has become a popular application with the advance of wearable medical devices. Privacy protection and intrusion avoidance for cloudlet- based medical data sharing data collected from patients through wearable devices ( such as heartbeat, blood pressure, etc.) must be passed to cloud-run applications to implement various services such as expert advice, emergency assistance, etc. The cloud storage system provides distributed clients with convenient file storage and sharing services. To solve integrity, we present identity based data outsourcing , outsourcing and original auditing concerns about outsourced documents, the program is equipped with an ideal feature that factilitates existing recommendations to protect outsourcing data.

Hassan Mansur Hussien,Sharifah Md Yasin,Nur Izura Udzir,Mohd Izuan Hafez Ninggal

DOI: https://doi.org/10.3390/s21072462

2021-04-02

Abstract:Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie-Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

Kirtirajsinh Zala,Hiren Kumar Thakkar,Rajendrasinh Jadeja,Neel H Dholakia,Ketan Kotecha,Deepak Kumar Jain,Madhu Shukla

DOI: https://doi.org/10.1155/2022/3804553

2022-08-18

Abstract:Traditional healthcare services have changed into modern ones in which doctors can diagnose patients from a distance. All stakeholders, including patients, ward boy, life insurance agents, physicians, and others, have easy access to patients' medical records due to cloud computing. The cloud's services are very cost-effective and scalable, and provide various mobile access options for a patient's electronic health records (EHRs). EHR privacy and security are critical concerns despite the many benefits of the cloud. Patient health information is extremely sensitive and important, and sending it over an unencrypted wireless media raises a number of security hazards. This study suggests an innovative and secure access system for cloud-based electronic healthcare services storing patient health records in a third-party cloud service provider. The research considers the remote healthcare requirements for maintaining patient information integrity, confidentiality, and security. There will be fewer attacks on e-healthcare records now that stakeholders will have a safe interface and data on the cloud will not be accessible to them. End-to-end encryption is ensured by using multiple keys generated by the key conclusion function (KCF), and access to cloud services is granted based on a person's identity and the relationship between the parties involved, which protects their personal information that is the methodology used in the proposed scheme. The proposed scheme is best suited for cloud-based e-healthcare services because of its simplicity and robustness. Using different Amazon EC2 hosting options, we examine how well our cloud-based web application service works when the number of requests linearly increases. The performance of our web application service that runs in the cloud is based on how many requests it can handle per second while keeping its response time constant. The proposed secure access scheme for cloud-based web applications was compared to the Ethereum blockchain platform, which uses internet of things (IoT) devices in terms of execution time, throughput, and latency.

Haiping Huang,Peng Zhu,Fu Xiao,Xiang Sun,Qinglong Huang

DOI: https://doi.org/10.1016/j.cose.2020.102010

Abstract:How to alleviate the contradiction between the patient's privacy and the research or commercial demands of health data has become the challenging problem of intelligent medical system with the exponential increase of medical data. In this paper, a blockchain-based privacy-preserving scheme is proposed, which realizes secure sharing of medical data between several entities involved patients, research institutions and semi-trusted cloud servers. And meanwhile, it achieves the data availability and consistency between patients and research institutions, where zero-knowledge proof is employed to verify whether the patient's medical data meets the specific requirements proposed by research institutions without revealing patients' privacy, and then the proxy re-encryption technology is adopted to ensure that research institutions can decrypt the intermediary ciphertext. In addition, this proposal can execute distributed consensus based on PBFT algorithm for transactions between patients and research institutions according to the prearranged terms. Theoretical analysis shows the proposed scheme can satisfy security and privacy requirements such as confidentiality, integrity and availability, as well as performance evaluation demonstrates it is feasible and efficient in contrast with other typical schemes.

Rakib Ul Haque,A.S.M. Touhidul Hasan,Apubra Daria,Abdur Rasool,Hui Chen,Qingshan Jiang,Yuqing Zhang

DOI: https://doi.org/10.1016/j.jnca.2023.103696

IF: 7.574

2023-08-01

Journal of Network and Computer Applications

Abstract:Patients often visit several hospitals to obtain medication, generating a significant volume of data. Moreover, hospitals use different data analytic techniques to improve healthcare services, leading to patient data privacy. However, no integrated architecture has a trustworthy data repository and secure communication protocols to store and share the data with various parties (e.g., hospitals and data analysts) for different healthcare services. This study proposes an innovative three-tier secure and distributed privacy-preserving healthcare architecture that addresses the aforementioned challenges. The first tier introduces a trustworthy data repository called custodian, where the data owner stores encrypted data and offer real-time privacy-preserving health monitoring service. The second tier provides Elliptic Curve Cryptography-based authentication for secure data exchange between the data owner and the hospital. The third tier utilizes smart contracts and local differential privacy ( L D P ) for secure machine learning model training. All transactions are recorded on the blockchain and managed by a smart contract. Security analysis shows that the proposed framework ensures privacy, security, and data integrity. Performance analysis is done based on score metrics, scalability metrics, and formal analysis. A transaction takes 0.00121 s in the first tier, and in the second tier, it takes 0.1267 s. The third tier uses ɛ − L D P with a privacy budget of ɛ = 3 on Random Forest and achieves 97%, 83%, and 74% accuracy on breast cancer, heart disease, and diabetic datasets. This accuracy is higher than the previous state-of-the-art methods. Moreover, the proposed healthcare framework ensures privacy, security and outperforms the previous state-of-the-art methods.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Sourav Kunal,Parth Gandhi,Digvijaysinh Rathod,Ruhul Amin,Sachin Sharma

DOI: https://doi.org/10.4103/jehp.jehp_984_23

2024-03-28

Abstract:Background: Ensuring the security and privacy of patient data is a critical concern in the healthcare industry. The growing utilization of electronic data transmission and storage in medical records has amplified apprehensions about data security. However, due to varying stakeholder interests, not all data can be freely shared, necessitating the development of secure protocols. Materials and methods: This study presents a highly secure protocol that integrates blockchain technology, patient biometric information, and robust cryptographic algorithms (elliptic curve cryptography (ECC) and advanced encryption algorithm (AEC)) to facilitate data encryption and decryption. The protocol encompasses secure login, secure key sharing, and data sharing mechanisms among miners, offering comprehensive security measures. To validate the effectiveness of the proposed protocol, both informal and formal security analyses are conducted. The security protocol description language in Scyther is utilized to evaluate the protocol's resilience against attacks. Results: The culmination of this research is a secure protocol that leverages blockchain technology and ECC for the secure storage and sharing of medical records. The protocol covers all stages, including system setup, user registration, login mechanisms, key exchange between users and blockchain, communication between blockchains, and interaction with other miners, with a steadfast emphasis on security. Furthermore, the protocol's communication and computation costs are assessed, with a comparison to existing blockchain-based schemes. Informal proofs establish the protocol's security against common attacks faced by medical institutions. Formal simulation of the protocol using the Scyther tool provides definitive evidence of its resistance to attacks. Conclusions: As a result, this protocol presents a viable real-time implementation solution for safeguarding patient data within the healthcare domain, representing a significant contribution to data security.

Mehedi Masud,Gurjot Singh Gaba,Karanjeet Choudhary,Roobaea Alroobaea,M Shamim Hossain

DOI: https://doi.org/10.1007/s12083-021-01162-x

Abstract:Traditional healthcare services have transitioned into modern healthcare services where doctors remotely diagnose the patients. Cloud computing plays a significant role in this change by providing easy access to patients' medical records to all stakeholders, such as doctors, nurses, patients, life insurance agents, etc. Cloud services are scalable, cost-effective, and offer a broad range of mobile access to patients' electronic health record (EHR). Despite the cloud's enormous benefits like real-time data access, patients' EHR security and privacy are major concerns. Since the information about patients' health is highly sensitive and crucial, sharing it over the unsecured wireless medium brings many security challenges such as eavesdropping, modifications, etc. Considering the security needs of remote healthcare, this paper proposes a robust and lightweight, secure access scheme for cloud-based E-healthcare services. The proposed scheme addresses the potential threats to E-healthcare by providing a secure interface to stakeholders and prohibiting unauthorized users from accessing information stored in the cloud. The scheme makes use of multiple keys formed through the key derivation function (KDF) to ensure end-to-end ciphering of information for preventing misuse. The rights to access the cloud services are provided based on the identity and the association between stakeholders, thus ensuring privacy. Due to its simplicity and robustness, the proposed scheme is the best fit for protecting data security and privacy in cloud-based E-healthcare services.

Song Luo,N. Han,Tan Hu,YuHua Qian

DOI: https://doi.org/10.1155/2024/5569121

IF: 1.938

2024-02-03

International Journal of Distributed Sensor Networks

Abstract:As network technology advances and more people use devices, data storage has become a significant challenge due to the explosive growth of information and the threat of data leaks. In traditional medical institutions, most medical data is stored centrally through cloud computing technology in the institution’s data center. This centralized storage method has many security risks, and once the central server is attacked, it will lead to the loss of medical data, which will lead to the leakage of patients’ private data. At the same time, electronic medical records are the most critical data in the current medical field. In the traditional centralized healthcare service system (HSS), there are data leakage problems and tampering with electronic medical records due to human factors. At the same time, each hospital is built independently, resulting in the current centralized healthcare service system having a data silo problem, making it difficult to share medical data between institutions securely. With the increase in the number of users in the system, the electronic medical record data in the system also increases gradually, resulting in the increasing overhead of decryption calculation. Therefore, this paper proposes a blockchain-based access control scheme with multiparty authorization to ensure the security of electronic medical records. The scheme uses an SM encryption algorithm to encrypt the medical data in the system. It adds the patient’s signature to ensure the confidentiality and security of the data, and the encrypted electronic medical records (EMRs) are stored in the InterPlanetary File System (IPFS) to realize the distributed storage of EMR. In addition, role-based multiauthorization access control is implemented through smart contract-based to ensure the security of EMR. We have analyzed the security of this paper’s solution and compared its performance with the existing schemes based on other cryptographic algorithms. The experimental results show that the proposed solution significantly improves the secure sharing of EMR and provides system performance.

computer science, information systems,telecommunications

Guangquan Xu,Chen Qi,Wenyu Dong,Lixiao Gong,Shaoying Liu,Si Chen,Jian Liu,Xi Zheng

DOI: https://doi.org/10.1109/jbhi.2022.3203577

IF: 7.7

2023-02-01

IEEE Journal of Biomedical and Health Informatics

Abstract:With the increasing penetration of the Internet of things (IoT) into people's lives, the limitations of traditional medical systems are emerging. First, the typical way of handling sensitive information can easily lead to privacy disclosure. Second, the medical system is relatively isolated. It is difficult for one medical system to share data with another, and the scope of users' activities is limited within the system boundary. To solve these two problems, we propose a new privacy-preserving medical data-sharing scheme by introducing the authorization mechanism and attribute-based encryption (ABE) based on blockchain, which breaks system boundaries and realizes data sharing among several medical institutions. ABE is used to realize scalable access control. In addition, doctors can share their knowledge to diagnose users by introducing many-to-many matching, which means that patients' health data can be represented by multiple keywords and doctors' expertise can be represented by multiple interests. We provide the correctness and security analysis of our scheme and implement a prototype tool on Ethereum. The experimental results show that our scheme solves the contradiction between the privacy preservation of medical data and the necessity of data sharing.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Reetu Gupta,Priyesh Kanungo,Nirmal Dagdee,Golla Madhu,Kshira Sagar Sahoo,N Z Jhanjhi,Mehedi Masud,Nabil Sharaf Almalki,Mohammed A AlZain

DOI: https://doi.org/10.3390/s23052617

2023-02-27

Abstract:With continuous advancements in Internet technology and the increased use of cryptographic techniques, the cloud has become the obvious choice for data sharing. Generally, the data are outsourced to cloud storage servers in encrypted form. Access control methods can be used on encrypted outsourced data to facilitate and regulate access. Multi-authority attribute-based encryption is a propitious technique to control who can access encrypted data in inter-domain applications such as sharing data between organizations, sharing data in healthcare, etc. The data owner may require the flexibility to share the data with known and unknown users. The known or closed-domain users may be internal employees of the organization, and unknown or open-domain users may be outside agencies, third-party users, etc. In the case of closed-domain users, the data owner becomes the key issuing authority, and in the case of open-domain users, various established attribute authorities perform the task of key issuance. Privacy preservation is also a crucial requirement in cloud-based data-sharing systems. This work proposes the SP-MAACS scheme, a secure and privacy-preserving multi-authority access control system for cloud-based healthcare data sharing. Both open and closed domain users are considered, and policy privacy is ensured by only disclosing the names of policy attributes. The values of the attributes are kept hidden. Characteristic comparison with similar existing schemes shows that our scheme simultaneously provides features such as multi-authority setting, expressive and flexible access policy structure, privacy preservation, and scalability. The performance analysis carried out by us shows that the decryption cost is reasonable enough. Furthermore, the scheme is demonstrated to be adaptively secure under the standard model.