scholarly journals Blockchain-Based Access Control Scheme for Secure Shared Personal Health Records over Decentralised Storage

Sensors ◽  
2021 ◽  
Vol 21 (7) ◽  
pp. 2462
Author(s):  
Hassan Mansur Hussien ◽  
Sharifah Md Yasin ◽  
Nur Izura Udzir ◽  
Mohd Izuan Hafez Ninggal
Keyword(s):  
Access Control ◽  
Personal Health Record ◽  
Medical Data ◽  
Personal Health ◽  
Communication Overhead ◽  
X Rays ◽  
Blockchain Technology ◽  
Cryptographic Primitive ◽  
Control Scheme ◽  
Searchable Symmetric Encryption

Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie–Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.

scholarly journals Blockchain-Based Access Control Model to Preserve Privacy for Personal Health Record Systems

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Thein Than Thwin ◽  
Sangsuree Vasupongayya
Keyword(s):  
Access Control ◽  
Personal Health Record ◽  
Security Analysis ◽  
Personal Health ◽  
Health Record ◽  
Privacy Concern ◽  
Record System ◽  
Fine Grained ◽  
Blockchain Technology ◽  
Proposed Model

Personal health record system (PHR system) stores health-related information of an individual. PHR system allows the data owner to manage and share his/her data with selected individuals. The originality or tamper resistance feature is crucial for PHR system because of the irreversible consequence of incorrect information. Blockchain technology becomes a potential solution due to its immutability and irreversibility properties. Unfortunately, some technical impediments such as limited storage, privacy concern, consent irrevocability, inefficient performance, and energy consumption exist. This work aims to handle these blockchain drawbacks and propose a blockchain-based PHR model. The proposed model is built using the blockchain technology to support a tamper resistance feature. Proxy reencryption and other cryptographic techniques are employed to preserve privacy. Features of the proposed model include fine-grained and flexible access control, revocability of consent, auditability, and tamper resistance. A detailed security analysis shows that the proposed model is provably secure for privacy and tamper resistance. The performance analysis shows that the proposed model achieves a better overall performance compared with the existing approach in the literature. Thus the proposed model is more suitable for the PHR system usage.

scholarly journals A Blockchain-Based Secret-Data Sharing Framework for Personal Health Records in Emergency Condition

Healthcare ◽  
2021 ◽  
Vol 9 (2) ◽  
pp. 206 ◽  
Author(s):  
Ahmed Raza Rajput ◽  
Qianmu Li ◽  
Milad Taleby Ahvanooey
Keyword(s):  
Access Control ◽  
Personal Health Record ◽  
Personal Data ◽  
Health Condition ◽  
Healthcare Management ◽  
Superior Performance ◽  
Personal Health ◽  
Record Management ◽  
Secret Data ◽  
Blockchain Technology

Blockchain technology is the most trusted all-in-one cryptosystem that provides a framework for securing transactions over networks due to its irreversibility and immutability characteristics. Blockchain network, as a decentralized infrastructure, has drawn the attention of various startups, administrators, and developers. This system preserves transactions from tampering and provides a tracking tool for tracing past network operations. A personal health record (PHR) system permits patients to control and share data concerning their health conditions by particular peoples. In the case of an emergency, the patient is unable to approve the emergency staff access to the PHR. Furthermore, a history record management system of the patient’s PHR is required, which exhibits hugely private personal data (e.g., modification date, name of user, last health condition, etc.). In this paper, we suggest a healthcare management framework that employs blockchain technology to provide a tamper protection application by considering safe policies. These policies involve identifying extensible access control, auditing, and tamper resistance in an emergency scenario. Our experiments demonstrated that the proposed framework affords superior performance compared to the state-of-the-art healthcare systems concerning accessibility, privacy, emergency access control, and data auditing.

Sign in / Sign up

Export Citation Format

Share Document