Top

Cluster Computing

Published in:

09-06-2023

Attribute-based access control scheme for secure storage and sharing of EHRs using blockchain and IPFS

Authors: Jasleen Kaur, Rinkle Rani, Nidhi Kalra

Published in: Cluster Computing | Issue 1/2024

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Medical records are one of the crucial documents and a significant asset for anyone seeking treatment. Electronic health records (EHRs) have made a dynamic shift by making them easier to manage, facilitate and share among various stakeholders such as doctors, lab technicians, and insurance agents. EHRs are vulnerable to hacker, cybercriminal attacks, and data breaches. Once compromised, health records cannot be retrieved. As a result, patients must have control over who gets their EHRs, when they get them, and where they get them. To address the aforementioned issue, this paper proposes a blockchain-based secure record-keeping and trustworthy sharing system. In order to do this, a distributed off-chain storage architecture for large-scale medical data storage is developed, which overcomes the drawbacks of on-chain data storage and enhances scalability. The distributed storage, i.e., InterPlanetary File System, is a content-addressable storage that ensures the integrity of the content such that a slight modification in the stored EHR records results in a change in the obtained hash value. Furthermore, a Ciphertext Policy Attribute-Based Encryption (CP-ABE) algorithm integrated with blockchain technology is designed for fine-grained access control, allowing only authorized users to access specific EHR data based on their attributes. The combination of CP-ABE with blockchain technology provides a tamper-proof and verifiable audit trail of all data access and updations made to EHRs. This enhances accountability and ensures that the patients or owners can track and verify all actions taken on the data. To implement the proposed system, the Remix-Ethereum IDE is used. Smart contracts (SCs) are designed with access permissions so patients have complete control over their records. The scalability and immutability of the system is ensured by storing the hash of the encrypted EHRs on the blockchain and the actual encrypted records on IPFS. The security analysis of the proposed system is carried out by evaluating its resistance to various attacks. Additionally, potential security flaws in the proposed SCs are investigated using the Oyente tool. Different test cases are presented to demonstrate the functionality and cost analysis of the proposed system.

previous article Task scheduling in the internet of things: challenges, solutions, and future trends

next article Redundancy elimination in IoT oriented big data: a survey, schemes, open challenges and future applications

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Henry, J., Pylypchuk, Y., Searcy, T., Patel, V.: Adoption of electronic health record systems among U.S. non-federal acute care hospitals: 2008–2015. ONC Data Brief 35, 1–9 (2016)

National trends in hospital and physician adoption of electronic health records: (2021). https://www.healthit.gov/data/quickstats/national-trends-hospital-and-physician-adoption-electronic-health-records

Saha, A., Amin, R., Kunal, S., Vollala, S., Dwivedi, S.K.: Review on blockchain technology based medical healthcare system with privacy issues. Secur. Priv. 2(5), e83 (2019). https://doi.org/10.1002/spy2.83CrossRef

Healthcare-data-breach-report. HIPAA Journal. (2020). https://www.hipaajournal.com/july-2020-healthcare-data-breach-report/

Kaur, J., Rani, R., Kalra, N.: A blockchain-based framework for privacy preservation of electronic health records (EHRS). Trans. Emerg. Telecommun. Technol. (2022). https://doi.org/10.1002/ett.4507CrossRef

Xhafa, F., Feng, J., Zhang, Y., Chen, X., Li, J.: Privacy-aware attribute-based PHR sharing with user accountability in cloud computing. J. Supercomput. 71(5), 1607–1619 (2015). https://doi.org/10.1007/s11227-014-1253-3CrossRef

Rodrigues, J.J., de la Torre, I., Fernández, G., López-Coronado, M., et al.: Analysis of the security and privacy requirements of cloud-based electronic health records systems. J. Med. Internet Res. 15(8), e2494 (2013). https://doi.org/10.2196/jmir.2494CrossRef

Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) Advances in Cryptology-EUROCRYPT 2005. EUROCRYPT 2005. Lecture Notes in Computer Science, vol. 3494, pp. 457–473. Springer, Berlin (2005). https://doi.org/10.1007/11426639_27CrossRef

Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on Computer and communications security, Alexandria Virginia, pp. 89–98. (2006). https://doi.org/10.1145/1180405.1180418

10.

Mubarakali, A.: Healthcare services monitoring in cloud using secure and robust healthcare-based blockchain (SRHB) approach. Mobile Netw. Appl. 25(4), 1330–1337 (2020). https://doi.org/10.1007/s11036-020-01551-1MathSciNetCrossRef

11.

Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013). https://doi.org/10.1109/TPDS.2012.97CrossRef

12.

Hong, H., Liu, X., Sun, Z.: A fine-grained attribute based data retrieval with proxy re-encryption scheme for data outsourcing systems. Mob. Netw. Appl. (2018). https://doi.org/10.1007/s11036-018-1102-3CrossRef

13.

Makani, S., Pittala, R., Alsayed, E., Aloqaily, M., Jararweh, Y.: A survey of blockchain applications in sustainable and smart cities. Clust. Comput. (2022). https://doi.org/10.1007/s10586-022-03625-zCrossRef

14.

Buterin, V.: A next-generation smart contract and decentralized application platform. https://ethereum.org/en/whitepaper/ (2014). Accessed 2 Aug 2021

15.

She, W., et al.: New blockchain technology for medical big data security sharing. J. Chin. Comput. Syst 40(7), 1449–1454 (2019). (http://xwxt.sict.ac.cn/EN/abstract/abstract5022.shtml)

16.

Simplyvital health: https://www.f6s.com/simply vitalhealth (2020). Accessed 15 Sept 2021

17.

Koepsell, D.: The future of genomic data encryption. https://encrypgen.com/ (2020). Accessed 15 Sept 2021

18.

Vora, J. et al.: Bheem: A blockchain-based framework for securing electronic health records. In Proceedings of the 2018 IEEE Globecom Workshops (GC Wkshps) 1–6. (2018). https://doi.org/10.1109/GLOCOMW.2018.8644088

19.

Shahnaz, A., Qamar, U., Khalid, A.: Using blockchain for electronic health records. IEEE Access 7, 147782–147795 (2019). https://doi.org/10.1109/ACCESS.2019.2946373CrossRef

20.

Thwin, T.T., Vasupongayya, S.: Blockchain-based access control model to preserve privacy for personal health record systems. Secur. Commun. Netw. (2019). https://doi.org/10.1155/2019/8315614CrossRef

21.

Saravanan, N., Umamakeswari, A.: HAP-CP-ABE based encryption technique with hashed access policy based authentication scheme for privacy preserving of phr. Microprocess. Microsyst. 80, 103540 (2021). https://doi.org/10.1016/j.micpro.2020.103540CrossRef

22.

Ali, A., et al.: A novel secure blockchain framework for accessing electronic health records using multiple certificate authority. Appl. Sci. 11(21), 9999 (2021). https://doi.org/10.3390/app11219999CrossRef

23.

Li, F., Liu, K., Zhang, L., Huang, S., Wu, Q.: Ehrchain: a blockchain-based EHR system using attribute-based and homomorphic cryptosystem. IEEE Trans. Serv. Comput. 15(5), 2755–2765 (2022). https://doi.org/10.1109/TSC.2021.3078119CrossRef

24.

Sharma, P., Jindal, R., Borah, M.D.: Blockchain-based cloud storage system with CP-ABE-based access control and revocation process. J. Supercomput. (2022). https://doi.org/10.1007/s11227-021-04179-4CrossRefPubMedPubMedCentral

25.

Ali, A., et al.: An industrial IoT-based blockchain-enabled secure searchable encryption approach for healthcare systems using neural network. Sensors 22(2), 572 (2022). https://doi.org/10.3390/s22020572ADSMathSciNetCrossRefPubMedPubMedCentral

26.

Ali, A., et al.: Security, privacy, and reliability in digital healthcare systems using blockchain. Electronics 10(16), 20–34 (2021). https://doi.org/10.3390/electronics10162034CrossRef

27.

Prathima, S., Priya, C.: Improved CP-ABE based crypto technique to secure EHRS with access policy-based authentication schemes. J. Pharm. Negat. Results 13, 2365–2379 (2022)

28.

Almaiah, M.A., Hajjej, F., Ali, A., Pasha, M.F., Almomani, O.: A novel hybrid trustworthy decentralized authentication and data preservation model for digital healthcare IoT based CPS. Sensors 22(4), 1448 (2022). https://doi.org/10.3390/s22041448ADSCrossRefPubMedPubMedCentral

29.

Almaiah, M.A., Ali, A., Hajjej, F., Pasha, M.F., Alohali, M.A.: A lightweight hybrid deep learning privacy-preserving model for FC-based industrial internet of medical things. Sensors 22(6), 2112 (2022). https://doi.org/10.3390/s22062112ADSCrossRefPubMedPubMedCentral

30.

Buterin, V.: What is ethereum? Ethereum official webpage. http://www.ethdocs.org/en/latest/introduction/what-is-ethereum.html (2020). Accessed 2 Aug 2021

31.

Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. https://git.dhimmel.com/bitcoin-whitepaper/ (2020). Accessed 15 Sept 2020

32.

Zheng, Q., Li, Y., Chen, P., Dong, X.: An innovative IPFS-based storage model for blockchain. In: Proceedings of 2018 IEEE/WIC/ACM international conference on web intelligence (WI) pp. 704–708 (2018). Santiago, Chile. https://doi.org/10.1109/WI.2018.000-8

33.

Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of 2007 IEEE symposium on security and privacy (SP ’07), pp. 321–334, (2007). Berkeley, CA, USA. https://doi.org/10.1109/SP.2007.11

34.

Akinyele, J.A., et al.: Charm: a framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3(2), 111–128 (2013). https://doi.org/10.1007/s13389-013-0057-3CrossRef

35.

Remix ide: https://remix-project.org/ Accessed 2 Aug 2021

36.

Solidity. https://docs.soliditylang.org/en/v0.7.4/. Accessed 15 Oct 2020

37.

Dika, A., Nowostawski, M.: Security vulnerabilities in ethereum smart contracts. In: 2018 IEEE international conference on Internet of Things (iThings) and IEEE green computing and communications (GreenCom) and IEEE cyber, physical and social computing (CPSCom) and IEEE Smart Data (SmartData), pp. 955–962 (2018). Halifax, NS, Canada. https://doi.org/10.1109/Cybermatics_2018.2018.00182

38.

Luu, L., Chu, D.-H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 254–269 (2016). Vienna, Austria. https://doi.org/10.1145/2976749.2978309

Title: Attribute-based access control scheme for secure storage and sharing of EHRs using blockchain and IPFS
Authors: Jasleen Kaur
Rinkle Rani
Nidhi Kalra
Publication date: 09-06-2023
Publisher: Springer US
Published in: Cluster Computing / Issue 1/2024
Print ISSN: 1386-7857
Electronic ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-023-04038-2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2024

File block multi-replica management technology in cloud storage

Harris Hawks optimization based hybrid deep learning model for efficient network slicing in 5G network

When blockchain meets IoT: a comparison of the performance of communication protocols in a decentralized identity solution for IoT using blockchain

An efficient document information retrieval using hybrid global search optimization algorithm with density based clustering technique

Robust Federated Learning for execution time-based device model identification under label-flipping attack

Energy-aware QoS-based dynamic virtual machine consolidation approach based on RL and ANN

Premium Partner