Skip to main content
SpringerLink
Log in

Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain

  • Systems-Level Quality Improvement
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

To achieve confidentiality, authentication, integrity of medical data, and support fine-grained access control, we propose a secure electronic health record (EHR) system based on attribute-based cryptosystem and blockchain technology. In our system, we use attribute-based encryption (ABE) and identity-based encryption (IBE) to encrypt medical data, and use identity-based signature (IBS) to implement digital signatures. To achieve different functions of ABE, IBE and IBS in one cryptosystem, we introduce a new cryptographic primitive, called combined attribute-based/identity-based encryption and signature (C-AB/IB-ES). This greatly facilitates the management of the system, and does not need to introduce different cryptographic systems for different security requirements. In addition, we use blockchain techniques to ensure the integrity and traceability of medical data. Finally, we give a demonstrating application for medical insurance scene.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Akinyele, J.A., Pagano, M.W., Green, M.D., Lehmann, C.U., Peterson, Z.N.J., and Rubin, A.D.: Securing electronic medical records using attribute-based encryption on mobile devices. In: SPSM’11, Proceedings of the 1st ACM Workshop Security and Privacy in Smartphones and Mobile Devices, Co-located with CCS 2011, October 17, 2011. Chicago, pp. 75–86, 2011

  2. Alemȧn, J.L.F., Seṅor, I.C., Lozoya, P.O., and Toval, A., Security and privacy in electronic health records: A systematic literature review. J. Biomed. Inform. 46(3):541–562, 2013.

    Article  Google Scholar 

  3. Alshehri, S., Radziszowski, S.P., and Raj, R.K.: Secure access for healthcare data in the cloud using ciphertext-policy attribute-based encryption. In: Workshops Proceedings of the IEEE 28th International Conference on Data Engineering, ICDE 2012, Arlington, VA, USA, April 1-5, 2012, pp. 143–146, 2012

  4. Boneh, D., and Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, May 2-6, 2004, Proceedings, pp. 223–238, 2004

  5. Boneh, D., and Franklin, M.K.: Identity-based encryption from the weil pairing. In: Advances in Cryptology - CRYPTO 2001, 21st Annual International Cryptology Conference, Santa Barbara, California, USA, August 19-23, 2001, Proceedings, pp. 213–229, 2001

  6. Boyen, X.: Multipurpose identity-based signcryption (A swiss army knife for identity-based cryptography). In: Advances in Cryptology - CRYPTO 2003, 23rd Annual International Cryptology Conference, Santa Barbara, California, USA, August 17-21, 2003, Proceedings, pp. 383–399, 2003

  7. Boyen, X.: Identity-based signcryption. In: Practical Signcryption, pp. 195–216, 2010

  8. Chen, C., Chen, J., Lim, H.W., Zhang, Z., and Feng, D.: Combined public-key schemes: The case of ABE and ABS. In: Provable Security - 6th International Conference, ProvSec 2012, Chengdu, China, September 26-28, 2012. Proceedings, pp. 53–69, 2012

  9. Dong, C, Wang, Y., Aldweesh, A., McCorry, P., and van Moorsel, A.: Betrayal, distrust, and rationality: Smart counter-collusion contracts for verifiable cloud computing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, pp. 211–227, 2017

  10. Gentry, C., and Silverberg, A.: Hierarchical id-based cryptography. In: Advances in Cryptology - ASIACRYPT 2002, 8th International Conference on the Theory and Application of Cryptology and Information Security, Queenstown, New Zealand, December 1-5, 2002, Proceedings, pp. 548–566, 2002

  11. Goroll, A.H., Simon, S.R., Tripathi, M., Ascenzo, C., and Bates, D.W., Case report: Community-wide implementation of health information technology: The massachusetts ehealth collaborative experience. JAMIA 16 (1):132–139, 2009.

    PubMed  Google Scholar 

  12. Goyal, V., Pandey, O., Sahai, A., and Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, Alexandria, VA, USA, Ioctober 30 - November 3, 2006, pp. 89–98, 2006

  13. Hȧyrinen, K., Saranto, K., and Nykȧnen, P., Definition, structure, content, use and impacts of electronic health records: A review of the research literature. I. J. Med. Inf. 77(5):291–304, 2008.

    Article  Google Scholar 

  14. Hohenberger, S., and Waters, B.: Online/offline attribute-based encryption. In: Public-Key Cryptography - PKC 2014 - 17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, March 26-28, 2014. Proceedings, pp. 293–310, 2014

  15. Huang, H., Chen, X., Qianhong, W., Huang, X., and Shen, J., Bitcoin-based fair payments for outsourcing computations of fog devices. Fut. Gen. Comp. Syst. 78:850–858, 2018.

    Article  Google Scholar 

  16. Krist, A.H., Peele, E., Woolf, S.H., Rothemich, S.F., Loomis, J.F., Longo, D.R., and Kuzel, A.J., Designing a patient-centered personal health record to promote preventive care. BMC Med Inf. .Decis. Making 11: 73, 2011.

    Article  Google Scholar 

  17. Lewko, A.B., and Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Theory of Cryptography, 7th Theory of Cryptography Conference, TCC 2010, Zurich, Switzerland, February 9-11, 2010. Proceedings, pp. 455–479, 2010

  18. Lewko, A.B., and Waters, B.: New proof methods for attribute-based encryption Achieving full security through selective techniques. In: Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2012. Proceedings, pp. 180–198, 2012

  19. Li, M., Yu, S., Ren, K., and Lou, W.: Securing personal health records in cloud computing Patient-centric and fine-grained data access control in multi-owner settings. In: Security and Privacy in Communication Networks - 6th Iternational ICST Conference, SecureComm 2010, Singapore, September 7-9, 2010. Proceedings, pp. 89–106, 2010

  20. Li, M., Yu, S., Zheng, Y., Ren, K., and Lou, W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1):131–143, 2013.

    Article  Google Scholar 

  21. Li, X., Ibrahim, M.H., Kumari, S., Sangaiah, A.K., Gupta, V., and Choo, K.-K. R., Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks. Comput. Netw. 129:429–443, 2017.

    Article  Google Scholar 

  22. Li, X., Niu, J., Kumari, S., Wu, F., and Choo, K.-K. R., A robust biometrics based three-factor authentication scheme for global mobility networks in smart city. Fut. Gen. Comp. Syst. 83:607–618, 2018.

    Article  Google Scholar 

  23. Li, X., Niu, J., Liao, J., and Liang, W., Cryptanalysis of a dynamic identity-based remote user authentication scheme with verifiable password update. Int. J. Commun. Syst. 28(2):374–382, 2015.

    Article  CAS  Google Scholar 

  24. McCorry, P., Shahandashti, S.F., and Hao, F.: A smart contract for boardroom voting with maximum voter privacy. In: Financial Cryptography and Data Security - 21st International Conference, FC 2017, Sliema, Malta, April 3-7, 2017, Revised Selected Papers, pp. 357–375, 2017

  25. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system, 2008

  26. Paterson, K.G., and Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Information Security and Privacy, 11th Australasian Conference, ACISP 2006, Melbourne, Australia, July 3-5, 2006, Proceedings, pp. 207–222, 2006

  27. Bo, Q., Deng, H., Wu, Q., Domingo-Ferrer, J., Naccache, D., and Zhou, Y., Flexible attribute-based encryption applicable to secure e-healthcare records. Int. J. Inf. Sec. 14(6):499–511, 2015.

    Article  Google Scholar 

  28. Sahai, A., and Waters, B.: Fuzzy identity-based encryption. In: Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, pp. 457–473, 2005

  29. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Advances in Cryptology, Proceedings of CRYPTO ’84, Santa Barbara, California, USA, August 19-22, 1984, Proceedings, pp. 47–53, 1984

  30. Underwood, S., Blockchain beyond bitcoin. Commun. ACM 59(11):15–17, 2016.

    Article  Google Scholar 

  31. Wang, H., He, D., Shen, J., Zheng, Z., Yang, X., and Au, M.H., Fuzzy matching and direct revocation: a new CP-ABE scheme from multilinear maps. Soft Comput. 22(7):2267–2274, 2018.

    Article  Google Scholar 

  32. Wang, H., He, D., Shen, J., Zheng, Z., Zhao, C., and Zhao, M., Verifiable outsourced ciphertext-policy attribute-based encryption in cloud computing. Soft Comput. 21(24):7325–7335, 2017.

    Article  Google Scholar 

  33. Wang, H., Zheng, Z., Wu, L., and He, D., New large-universe multi-authority ciphertext-policy ABE scheme and its application in cloud storage systems. J. High Speed Netw. 22(2):153–167, 2016.

    Article  CAS  Google Scholar 

  34. Wang, H., Zheng, Z., Wu, L., and Li, P., New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Clust. Comput. 20(3):2385–2392, 2017.

    Article  Google Scholar 

  35. Wang, Z., Zhang, H., Song, X., and Zhang, H., Consensus problems for discrete-time agents with communication delay. Int. J. Control Autom. Syst. 15(4):1515–1523, 2017.

    Article  Google Scholar 

  36. Waters, B.: Efficient identity-based encryption without random oracles. In: Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings, pp. 114–127, 2005

  37. Waters, B: Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings, pp. 619–636, 2009

  38. Waters, B.: Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Public Key Cryptography - PKC 2011 - 14th International Conference on Practice and Theory in Public Key Cryptography, Taormina, Italy, March 6-9, 2011. Proceedings, pp. 53–70 , 2011

  39. Yan, H., Li, X., and Li, J.: Secure personal health record system with attribute-based encryption in cloud computing. In: 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, Guangdong, China, November 8-10, 2014, pp. 329–332, 2014

  40. Yue, X., Wang, H., Jin, D., Li, M., and Jiang, W., Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 40(10):218,1–218,8 , 2016.

    Article  Google Scholar 

Download references

Funding

This study was funded by the National Natural Science Foundation of China (No.61602287, No.61672330, No.61572294), and the Primary Research & Development Plan of Shandong Province (No. 2018GGX101037).

Author information

Authors and Affiliations

  1. School of Information Science and Engineering, Shandong Normal University, Jinan, China

    Hao Wang & Yujiao Song

Authors
  1. Hao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yujiao Song
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hao Wang.

Ethics declarations

Conflict of interests

Authors declares that they have no conflict of interest.

Additional information

Ethical Approval

This article does not contain any studies with human participants or animals performed by any of the authors.

This article is part of the Topical Collection on Blockchain-based Medical Data Management System: Security and Privacy Challenges and Opportunities

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, H., Song, Y. Secure Cloud-Based EHR System Using Attribute-Based Cryptosystem and Blockchain. J Med Syst 42, 152 (2018). https://doi.org/10.1007/s10916-018-0994-6

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-018-0994-6

Keywords

Search

Navigation