Abstract
In today's data-driven world, the exponential growth of digital information poses significant challenges in data management. In recent years, the adoption of cloud-based Electronic Health Records (EHR) sharing schemes has yielded numerous advantages like improved accessibility, availability, and enhanced interoperability. However, the centralized nature of cloud storage presents challenges in terms of information storage, privacy protection, and security. Despite several approaches that have been presented to ensure secure deduplication of similar EHRs, the validation of data integrity without a third-party auditor (TPA) remains a persistent task. Because involving a TPA raises concerns about the confidentiality and privacy of crucial healthcare information. To tackle this challenge, a novel cloud storage auditing technique is proposed that incorporates cross-patient block-level deduplication while upholding strong privacy protection, ensuring that EHR is not compromised. Here, we introduced blockchain technology to achieve integrity verification, thus eliminating the need for a TPA by providing a decentralized and transparent mechanism. Additionally, an index for all EHRs has been generated to facilitate block-level duplicate checks and employ a novel strategy to prevent adversaries from acquiring original information saved in the cloud storage. The security of the proposed approach is established against factorization attacks and decrypt exponent attacks. The performance evaluation demonstrates the superior efficiency of the proposed scheme in terms of file authenticator generation, challenge creation, and proof verification to other existing client-side deduplication approaches.
Similar content being viewed by others
Availability of data and materials
Not applicable.
References
Karhade, A.; Schwab, J.; Del, G.; Kawamoto, K. SMART on FHIR in spineto: integrating clinical prediction models into electronic health records for precision medicine at the point of care. The Spine J. 2021, 21, 1649-1651.
Hossain, A.; Quaresma, R.; Rahman, H. Investigating factors influencing the physicians’ adoption of electronic health record (EHR) in healthcare system of Bangladesh: An empirical study. Inter. J. of Info. Mgmt. 2019, 44, 76-87.
Cao, S.; Zhang, G.; Liu, P.; Zhang, X.; Neri, F. Cloud-assisted secure eHealth systems for tamper-proofing EHR via blockchain. Infor. Sci. 2019, 485, 427-440.
Amandeep, K.; Sandeep K. Energy efficient cloud-assisted IoT-enabled architectural paradigm for drought prediction. Sustainable Comp.: Infor. and Sys. 2021, 30, Article No: 100496.
Tehsin, K.; Adeel, A.; Saif, U.R.M.; Abid, K.; Muazzam, A. Privacy preservation of electronic health records with adversarial attacks identification in hybrid cloud. Comp. Stand. & Interf. 2021, 78, Article No: 103522.
David, B.; Safa, O.; Nikolas, S.; Dylan, P.; Yaser, J. A Survey on Blockchain for Information Systems Management and Security. Infor. Proc. & Manag. 2021, 58, Article No: 102397.
Vivekrabinson, K.; Vijayakumar, D.; Rajesh Kumar, S.; Dhamotharan, R. Medical Data Sharing Using Blockchain with Secure Patient/Doctor Interaction. Inter. J. of Sys. of Sys. Eng. 2023, 1–14.
Studdert, D.; Mello, M.; Gawande, A.; Gandhi, T.; Kachalia, A.; Yoon, C.; Puopolo, A.; Brennan, T. Claims, errors, and compensation payments in medical malpractice litigation. New Engl. J. Med. 2006, 354, 2024–2033.
Ding, W.; Yan, Z.; Deng, R. H. Privacy-Preserving Data Processing with Flexible Access Control. IEEE Trans. on Depen. and Sec. Comp. 2020, 17, 363–376.
Li, J.; Yan, H.; Zhang, Y. Certificateless public integrity checking of group shared data on cloud storage. IEEE Trans. Serv. Comput. 2021, 14, 71–81.
Miao, Y.; Ma, J.; Liu, X.; Li, X.; Jiang, Q.; Zhang, J. Attribute-based keyword search over hierarchical data in cloud computing. IEEE Trans. Serv. Comput. 2020, 13, 985–998.
Zhang, Y.; Xu, C.; Cheng, N.; Li, H.; Yang, H.; Shen, X. Chronos+: An accurate blockchain-based time-stamping scheme for cloud storage. IEEE Trans. Serv. Comput. 2020, 13 216–229.
Storer, W.; Greenan, K.; Long, D.; Miller, E. Secure data deduplication. In Proceedings of the 4th ACM International Workshop on Storage Security and Survivability, Alexandria, VA, USA, 2008, pp. 1–10.
Douceur, J.R.;Adya, A.; Bolosky, W.J.; Simon P.; Theimer, M. Reclaiming space from duplicate files in a serverless distributed file system. In Proceedings of the 22nd International Conference on Distributed Computing Systems, Vienna, Austria, 2002, pp. 617–624.
The pros and cons of file-level vs. block-level data deduplication technology. Available Online: https://www.techtarget.com/searchdatabackup/tip/The-pros-and-cons-of-file-level-vs-block-level-data-deduplication-technology (Accessed on 02 10 2023).
Chen, R.; Mu, Y.; Yang, G.; Guo, F. BL-MLE: Block-level message-locked encryption for secure large file deduplication. IEEE Trans. on Infor. Foren. and Sec. 2015, 10, 2643–2652.
Ava, H.; Victor, R.P.; Hsia-Ching, C. An empirical study for blockchain-based information sharing systems in electronic health records: A mediation perspective. Comp. in Human Behavior. 2023, 138, Article No: 107471.
Mohd, J.; Abid H.; Singh R.P.; Shahbaz K.; Rajiv S. Blockchain technology applications for Industry 4.0: A literature-based review. Blockchain: Research and App. 2021, 2, Article No: 100027.
Lin, Y.; Li, J.; Kimura, S.; Yang, Y.; Ji Y.; Cao, Y. Consortium Blockchain-Based Public Integrity Verification in Cloud Storage for IoT. IEEE Internet of Things J. 2022, 9, 3978-3987.
Ateniese, G.; Burns, R.; Curtmola, R.; Herring, J.; Kissner, L.; Peterson, Z.; Song, D. Provable data possession at untrusted stores. 14th ACM conference on Computer and communications security, Alexandria, Virginia, USA, 2007, pp. 598–609.
Dharavath, R.; Rahul, M.; Pradeep K.A.; Damodar, R.E.; Sanjay, M.; Lianyong, Q. Blockchain based efficient tamper-proof EHR storage for decentralized cloud-assisted storage. Alexandria Eng. J. 2023, 68, 205-226.
Li, S.; Xu, C.; Zhang, Y.; Yang, A.; Wen, X.; Chen, K. Blockchain based efficient public integrity auditing for cloud storage against malicious auditors. International Conference on Information Security and Cryptology, Guangzhou, China, 2021, pp. 202–220.
Xu, Y.; Zhang, C.; Wang, G.; Qin, Z.; Zeng, Q. A blockchain-enabled deduplicatable data auditing mechanism for network storage services. IEEE Trans. Emerg. Topics Comput. 2020, 9, 1421–1432.
Gaofan, L.; Haijiang W.; Jian W.; Lei Z.; Jie, H. A blockchain-based fine-grained data sharing scheme for e-healthcare system. J. of Sys. Archi. 2022, 132, Article No: 102731
Bellare, M.; Keelveedhi, S.; Ristenpart, T. Message-locked encryption and secure deduplication. Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, 2013, pp. 296–312.
Miao, M.; Wang, J.; Li, H.; Chen, X. Secure multi-server-aided data deduplication in cloud computing. Pervasive Mobile Comput. 2015, 24 129–137.
Halevi, S.; Harnik, D.; Pinkas, B.; Shulman-Peleg, A. Proofs of ownership in remote storage systems. 18th ACM conference on Computer and communications security, New York, NY, USA, 2011, pp. 491–500
Zheng, Y.; Yuan, X.; Wang, X.; Jiang, J.; Wang, C.; Gui, X. Toward encrypted cloud media center with secure deduplication. IEEE Trans. Multimedia. 2017, 19, 251-265.
Kanagamani, V.; Karuppiah, M. Zero knowledge based data deduplication using in-line Block Matching protocol for secure cloud storage. Turkish J. of Elect. Eng. and Comp. Sci. 2021, 29, 2067–2083.
Jackowski, A.; Ślusarczyk, Ł.; Lichota, K.; Wełnicki, M.; Wijata, R.; Kielar, M.; Kopeć, T.; Dubnicki, C.; Iwanicki, K. ObjDedup: High-Throughput Object Storage Layer for Backup Systems With Block-Level Deduplication. IEEE Trans. on Parallel and Distributed Sys. 2023, 34, 2180–2197.
Zhang, Q.; Sui, D.; Cui, J.; Gu, C.; Zhong, H. Efficient Integrity Auditing Mechanism With Secure Deduplication for Blockchain Storage. IEEE Trans. on Comp. 2023, 72, 2365-2376.
Tian, G.; Hu, Y.; Wei, J.; Liu, Z.; Huang, X.; Chen, X.; Susillo, W. Blockchain-based secure deduplication and shared auditing in decentralized storage. IEEE Trans. Dependable Secure Comput. 2022, 19, 3941–3954.
Zhao, H.; Yao, X.; Zheng, X.; Qiu, T.; Ning, H. User stateless privacy preserving TPA auditing scheme for cloud storage. J. Netw. Comput.Appl. 2019, 129, 62–70.
Androulaki, E.; Barger, A.; Bortnikov, V.; Cachin, C.; et al. Hyperledger fabric: a distributed operating system for permissioned blockchains. In Proceedings of the Thirteenth EuroSys Conference, Machinery, New York, USA, 2018, pp. 1–15
Wang, H.; Qin, H.; Zhao, M.; Wei, X.; Shen, H.; Susilo, W. Blockchain based fair payment smart contract for public cloud storage auditing. Inf. Sci. 2020, 519, 348–362.
Li, J.; Wu, J.; Jiang, G.; Srikanthan, T. Blockchain-based public auditing for Big Data in cloud storage. Inf. Process. Manage. 2020, 57, 102382.
Song, M.; Hua, Z.; Zheng, Y.; Huang H.; Jia, X. Blockchain-Based Deduplication and Integrity Auditing over Encrypted Cloud Storage. IEEE Trans. on Depen. and Sec. Comp. 2023, 1–18.
Xu, Y.; Ren, J.; Zhang, Y.; Zhang, C.; Shen, B.; Zhang, Y. Blockchain empowered arbitrable data auditing scheme for network storage as a service. IEEE Trans. Serv. Comput. 2019, 13, 289–300.
Yuan, H.; Chen, X.; Wang, J.; Yuan, J.; Yan, H.; Susilo, W. Blockchain based public auditing and secure deduplication with fair arbitration. Inf. Sci. 2020, 541, 409–425.
Liu, B.; Yu, X.L.; Chen, S.; Xu, X.; Zhu, L. Blockchain based data integrity service framework for IoT data. IEEE International Conference on Web Services (ICWS), Honolulu, HI, USA, 2017, pp. 468–475.
Francati, D.; Ateniese, D.; Faye, A.; Milazzo, A.; Perillo, A.; Schiatti, L.; Giordano, G. Audita: A blockchain-based auditing framework for off-chain storage. ACM Asia Conference on Computer and Communications Security, 2019, pp. 5–10.
Gordon, W. J.; Catalini, C. Blockchain technology for healthcare: Facilitating the transition to patient-driven interoperability. Comput. Struct. Biotechnol. J. 2018, 16, 224-230.
Boonstra, A.; Versluis, A.; Vos, J. F. J. Implementing electronic health records in hospitals: A systematic literature review. BMC Health Ser. Res. 2014, 14, 1-24.
Gunter, T. D.; Terry, N. P. The emergence of national electronic health record architectures in the United States and Australia: Models costs and questions. J. Med. Internet Res. 2005, 7, 1-13.
Szabo, N. Formalizing and securing relationships on public networks. First Monday. 1997, 2, pp. 1-21.
Castro, M.; Liskov, B. Practical Byzantine fault tolerance. in Proceedings of the Third Symposium on Operating Systems Design and Implementation, New Orleans, Louisiana, USA, 1999, pp. 173–186.
Blomer, J.; May, A. A generalized Wiener attack on RSA. International Workshop on Theory and Practice in Public Key Cryptography, Singapore, 2004.
Funding
The authors received no specific funding for this study.
Author information
Authors and Affiliations
Contributions
Conceptualization, Kanagamani.; methodology, Kanagamani. and P.; implementation, Kanagamani; validation, K. and Jebaraj.; investigation, Kanagamani.; resources, K. and Jebaraj.; writing—original draft preparation, Kanagamani. and P.; project administration, P.; All authors have reviewed the manuscript.
Corresponding author
Ethics declarations
Ethical approval
Not applicable.
Competing interests
The authors declare no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Vivekrabinson, K., Ragavan, K., Jothi Thilaga, P. et al. Secure Cloud-Based Electronic Health Records: Cross-Patient Block-Level Deduplication with Blockchain Auditing. J Med Syst 48, 33 (2024). https://doi.org/10.1007/s10916-024-02053-3
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10916-024-02053-3