UPM Institutional Repository

Blockchain-based access control scheme for secure shared personal health records over decentralised storage


Citation

Hussien, Hassan Mansur and Md Yasin, Sharifah and Udzir, Nur Izura and Ninggal, Mohd Izuan Hafez (2021) Blockchain-based access control scheme for secure shared personal health records over decentralised storage. Sensors, 21 (7). art. no. 2462. pp. 1-36. ISSN 1424-8220

Abstract

Blockchain technology provides a tremendous opportunity to transform current personal health record (PHR) systems into a decentralised network infrastructure. However, such technology possesses some drawbacks, such as issues in privacy and storage capacity. Given its transparency and decentralised features, medical data are visible to everyone on the network and are inappropriate for certain medical applications. By contrast, storing vast medical data, such as patient medical history, laboratory tests, X-rays, and MRIs, significantly affect the repository storage of blockchain. This study bridges the gap between PHRs and blockchain technology by offloading the vast medical data into the InterPlanetary File System (IPFS) storage and establishing an enforced cryptographic authorisation and access control scheme for outsourced encrypted medical data. The access control scheme is constructed on the basis of the new lightweight cryptographic concept named smart contract-based attribute-based searchable encryption (SC-ABSE). This newly cryptographic primitive is developed by extending ciphertext-policy attribute-based encryption (CP-ABE) and searchable symmetric encryption (SSE) and by leveraging the technology of smart contracts to achieve the following: (1) efficient and secure fine-grained access control of outsourced encrypted data, (2) confidentiality of data by eliminating trusted private key generators, and (3) multikeyword searchable mechanism. Based on decisional bilinear Diffie–Hellman hardness assumptions (DBDH) and discrete logarithm (DL) problems, the rigorous security indistinguishability analysis indicates that SC-ABSE is secure against the chosen-keyword attack (CKA) and keyword secrecy (KS) in the standard model. In addition, user collusion attacks are prevented, and the tamper-proof resistance of data is ensured. Furthermore, security validation is verified by simulating a formal verification scenario using Automated Validation of Internet Security Protocols and Applications (AVISPA), thereby unveiling that SC-ABSE is resistant to man-in-the-middle (MIM) and replay attacks. The experimental analysis utilised real-world datasets to demonstrate the efficiency and utility of SC-ABSE in terms of computation overhead, storage cost and communication overhead. The proposed scheme is also designed and developed to evaluate throughput and latency transactions using a standard benchmark tool known as Caliper. Lastly, simulation results show that SC-ABSE has high throughput and low latency, with an ultimate increase in network life compared with traditional healthcare systems.


Download File

Full text not available from this repository.
Official URL or Download Paper: https://www.mdpi.com/1424-8220/21/7/2462

Additional Metadata

Item Type: Article
Divisions: Faculty of Computer Science and Information Technology
Institute for Mathematical Research
DOI Number: https://doi.org/10.3390/s21072462
Publisher: Multidisciplinary Digital Publishing Institute
Keywords: Blockchain; Decentralised storage; Data privacy; Attribute-based encryption; Searchable encryption; Access control; Chosen-keyword attack; Standard adversary model
Depositing User: Ms. Nuraida Ibrahim
Date Deposited: 31 Jan 2023 03:09
Last Modified: 31 Jan 2023 03:09
Altmetrics: http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.3390/s21072462
URI: http://psasir.upm.edu.my/id/eprint/96254
Statistic Details: View Download Statistic

Actions (login required)

View Item View Item