Advertisement

Journal of Medical Systems

, 42:152 | Cite as

Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain

Systems-Level Quality Improvement
  • 89 Downloads
Part of the following topical collections:
  1. Blockchain-based Medical Data Management System: Security and Privacy Challenges and Opportunities

Abstract

To achieve confidentiality, authentication, integrity of medical data, and support fine-grained access control, we propose a secure electronic health record (EHR) system based on attribute-based cryptosystem and blockchain technology. In our system, we use attribute-based encryption (ABE) and identity-based encryption (IBE) to encrypt medical data, and use identity-based signature (IBS) to implement digital signatures. To achieve different functions of ABE, IBE and IBS in one cryptosystem, we introduce a new cryptographic primitive, called combined attribute-based/identity-based encryption and signature (C-AB/IB-ES). This greatly facilitates the management of the system, and does not need to introduce different cryptographic systems for different security requirements. In addition, we use blockchain techniques to ensure the integrity and traceability of medical data. Finally, we give a demonstrating application for medical insurance scene.

Keywords

EHR Attribute-based cryptosystem Blockchain Cloud storage 

Notes

Funding

This study was funded by the National Natural Science Foundation of China (No.61602287, No.61672330, No.61572294), and the Primary Research & Development Plan of Shandong Province (No. 2018GGX101037).

Compliance with Ethical Standards

Conflict of interests

Authors declares that they have no conflict of interest.

References

  1. 1.
    Akinyele, J.A., Pagano, M.W., Green, M.D., Lehmann, C.U., Peterson, Z.N.J., and Rubin, A.D.: Securing electronic medical records using attribute-based encryption on mobile devices. In: SPSM’11, Proceedings of the 1st ACM Workshop Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2011, October 17, 2011. Chicago, pp. 75–86, 2011Google Scholar
  2. 2.
    Alemȧn, J.L.F., Seṅor, I.C., Lozoya, P.O., and Toval, A., Security and privacy in electronic health records: A systematic literature review. J. Biomed. Inform. 46(3):541–562, 2013.CrossRefGoogle Scholar
  3. 3.
    Alshehri, S., Radziszowski, S.P., and Raj, R.K.: Secure access for healthcare data in the cloud using ciphertext-policy attribute-based encryption. In: Workshops Proceedings of the IEEE 28th International Conference on Data Engineering, ICDE 2012, Arlington, VA, USA, April 1-5, 2012, pp. 143–146, 2012Google Scholar
  4. 4.
    Boneh, D., and Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004, Proceedings, pp. 223–238, 2004Google Scholar
  5. 5.
    Boneh, D., and Franklin, M.K.: Identity-based encryption from the weil pairing. In: Advances in Cryptology - CRYPTO 2001, 21st Annual International Cryptology Conference, Santa Barbara, California, USA, August 19-23, 2001, Proceedings, pp. 213–229, 2001Google Scholar
  6. 6.
    Boyen, X.: Multipurpose identity-based signcryption (A swiss army knife for identity-based cryptography). In: Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings, pp. 383–399, 2003Google Scholar
  7. 7.
    Boyen, X.: Identity-based signcryption. In: Practical Signcryption, pp. 195–216, 2010Google Scholar
  8. 8.
    Chen, C., Chen, J., Lim, H.W., Zhang, Z., and Feng, D.: Combined public-key schemes: The case of ABE and ABS. In: Provable Security - 6th International Conference, ProvSec 2012, Chengdu, China, September 26-28, 2012. Proceedings, pp. 53–69, 2012Google Scholar
  9. 9.
    Dong, C, Wang, Y., Aldweesh, A., McCorry, P., and van Moorsel, A.: Betrayal, distrust, and rationality: Smart counter-collusion contracts for verifiable cloud computing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pp. 211–227, 2017Google Scholar
  10. 10.
    Gentry, C., and Silverberg, A.: Hierarchical id-based cryptography. In: Advances in Cryptology - ASIACRYPT 2002, 8th International Conference on the Theory and Application of Cryptology and Information Security, Queenstown, New Zealand, December 1-5, 2002, Proceedings, pp. 548–566, 2002Google Scholar
  11. 11.
    Goroll, A.H., Simon, S.R., Tripathi, M., Ascenzo, C., and Bates, D.W., Case report: Community-wide implementation of health information technology: The massachusetts ehealth collaborative experience. JAMIA 16 (1):132–139, 2009.PubMedGoogle Scholar
  12. 12.
    Goyal, V., Pandey, O., Sahai, A., and Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30 - November 3, 2006, pp. 89–98, 2006Google Scholar
  13. 13.
    Hȧyrinen, K., Saranto, K., and Nykȧnen, P., Definition, structure, content, use and impacts of electronic health records: A review of the research literature. I. J. Med. Inf. 77(5):291–304, 2008.CrossRefGoogle Scholar
  14. 14.
    Hohenberger, S., and Waters, B.: Online/offline attribute-based encryption. In: Public-Key Cryptography - PKC 2014 - 17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26-28, 2014. Proceedings, pp. 293–310, 2014Google Scholar
  15. 15.
    Huang, H., Chen, X., Qianhong, W., Huang, X., and Shen, J., Bitcoin-based fair payments for outsourcing computations of fog devices. Fut. Gen. Comp. Syst. 78:850–858, 2018.CrossRefGoogle Scholar
  16. 16.
    Krist, A.H., Peele, E., Woolf, S.H., Rothemich, S.F., Loomis, J.F., Longo, D.R., and Kuzel, A.J., Designing a patient-centered personal health record to promote preventive care. BMC Med Inf. .Decis. Making 11: 73, 2011.CrossRefGoogle Scholar
  17. 17.
    Lewko, A.B., and Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Theory of Cryptography, 7th Theory of Cryptography Conference, TCC 2010, Zurich, Switzerland, February 9-11, 2010. Proceedings, pp. 455–479, 2010Google Scholar
  18. 18.
    Lewko, A.B., and Waters, B.: New proof methods for attribute-based encryption Achieving full security through selective techniques. In: Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2012. Proceedings, pp. 180–198, 2012Google Scholar
  19. 19.
    Li, M., Yu, S., Ren, K., and Lou, W.: Securing personal health records in cloud computing Patient-centric and fine-grained data access control in multi-owner settings. In: Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Singapore, September 7-9, 2010. Proceedings, pp. 89–106, 2010Google Scholar
  20. 20.
    Li, M., Yu, S., Zheng, Y., Ren, K., and Lou, W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1):131–143, 2013.CrossRefGoogle Scholar
  21. 21.
    Li, X., Ibrahim, M.H., Kumari, S., Sangaiah, A.K., Gupta, V., and Choo, K.-K. R., Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput. Netw. 129:429–443, 2017.CrossRefGoogle Scholar
  22. 22.
    Li, X., Niu, J., Kumari, S., Wu, F., and Choo, K.-K. R., A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Fut. Gen. Comp. Syst. 83:607–618, 2018.CrossRefGoogle Scholar
  23. 23.
    Li, X., Niu, J., Liao, J., and Liang, W., Cryptanalysis of a dynamic identity-based remote user authentication scheme with verifiable password update. Int. J. Commun. Syst. 28(2):374–382, 2015.CrossRefGoogle Scholar
  24. 24.
    McCorry, P., Shahandashti, S.F., and Hao, F.: A smart contract for boardroom voting with maximum voter privacy. In: Financial Cryptography and Data Security - 21st International Conference, FC 2017, Sliema, Malta, April 3-7, 2017, Revised Selected Papers, pp. 357–375, 2017Google Scholar
  25. 25.
    Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, 2008Google Scholar
  26. 26.
    Paterson, K.G., and Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Information Security and Privacy, 11th Australasian Conference, ACISP 2006, Melbourne, Australia, July 3-5, 2006, Proceedings, pp. 207–222, 2006Google Scholar
  27. 27.
    Bo, Q., Deng, H., Wu, Q., Domingo-Ferrer, J., Naccache, D., and Zhou, Y., Flexible attribute-based encryption applicable to secure e-healthcare records. Int. J. Inf. Sec. 14(6):499–511, 2015.CrossRefGoogle Scholar
  28. 28.
    Sahai, A., and Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, pp. 457–473, 2005Google Scholar
  29. 29.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Advances in Cryptology, Proceedings of CRYPTO ’84, Santa Barbara, California, USA, August 19-22, 1984, Proceedings, pp. 47–53, 1984Google Scholar
  30. 30.
    Underwood, S., Blockchain beyond bitcoin. Commun. ACM 59(11):15–17, 2016.CrossRefGoogle Scholar
  31. 31.
    Wang, H., He, D., Shen, J., Zheng, Z., Yang, X., and Au, M.H., Fuzzy matching and direct revocation: a new CP-ABE scheme from multilinear maps. Soft Comput. 22(7):2267–2274, 2018.CrossRefGoogle Scholar
  32. 32.
    Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., and Zhao, M., Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput. 21(24):7325–7335, 2017.CrossRefGoogle Scholar
  33. 33.
    Wang, H., Zheng, Z., Wu, L., and He, D., New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems. J. High Speed Netw. 22(2):153–167, 2016.CrossRefGoogle Scholar
  34. 34.
    Wang, H., Zheng, Z., Wu, L., and Li, P., New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Clust. Comput. 20(3):2385–2392, 2017.CrossRefGoogle Scholar
  35. 35.
    Wang, Z., Zhang, H., Song, X., and Zhang, H., Consensus problems for discrete-time agents with communication delay. Int. J. Control Autom. Syst. 15(4):1515–1523, 2017.CrossRefGoogle Scholar
  36. 36.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, pp. 114–127, 2005Google Scholar
  37. 37.
    Waters, B: Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings, pp. 619–636, 2009Google Scholar
  38. 38.
    Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings, pp. 53–70 , 2011Google Scholar
  39. 39.
    Yan, H., Li, X., and Li, J.: Secure personal health record system with attribute-based encryption in cloud computing. In: 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, Guangdong, China, November 8-10, 2014, pp. 329–332, 2014Google Scholar
  40. 40.
    Yue, X., Wang, H., Jin, D., Li, M., and Jiang, W., Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 40(10):218,1–218,8 , 2016.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.School of Information Science and EngineeringShandong Normal UniversityJinanChina

Personalised recommendations