Abstract
The development of Electronic Information Technology has made the Electronic Medical Record a commonly used approach to recording and categorizing medical patient data in databases of different hospitals and medical entities so that controlling the shared data is not possible for patients at all. The importance of medical data as possessions of people and the system leads us to be concerned about its security, privacy, and accessibility. How to store and controlling access to medical information is of the most important challenges in the electronic health area. The present paper provides a new, secure, and efficient scheme based on blockchain technology and attribute-based encryption entitled “MedSBA” to record and store medical data, indicating that our proposed scheme protects user privacy and allows fine-grain access control of medical patient data based on General Data Protection Regulation (GDPR). Private blockchains are used in MedSBA to improve the right to revoke instant access which is of the attribute-based encryption challenges. The security and functionality of our proposed scheme are proved within a formal model and based on BAN logic, respectively; simulating the MedSBA scheme in the OPNET software as well as examining its computational complexity and storage indicates the efficiency of the present scheme.
Similar content being viewed by others
References
Aitzhan NZ, Svetinovic D (2016) Security and privacy in decentralized energy trading through multi-signatures, blockchain and anonymous messaging streams. IEEE Trans Depend Secur Comput 15(5):840–852
Azaria A, Ekblaw A, Vieira T, Lippman A (2016) Medrec: using blockchain for medical data access and permission management. In: 2016 2nd international conference on open and big data (OBD). IEEE, New York, pp 25–30
Banerjee M, Lee J, Choo KKR (2018) A blockchain future for internet of things security: a position paper. Digit Commun Netw 4(3):149–160
Bayat M, Barmshoory M, Pournaghi SM, Rahimi M, Farjami Y, Aref MR (2019a) A new and efficient authentication scheme for vehicular ad hoc networks. J Intell Transp Syst. https://doi.org/10.1080/15472450.2019.1625042
Bayat M, Pournaghi M, Rahimi M, Barmshoory M (2019b) Nera: a new and efficient RSU based authentication scheme for VANETs. Wireless Netw. https://doi.org/10.1007/s11276-019-02039-x
Berrut JP, Trefethen LN (2004) Barycentric lagrange interpolation. SIAM Rev 46(3):501–517
Bethencourt J, Sahai A, Waters B (2007) Ciphertext-policy attribute-based encryption. In: 2007 IEEE symposium on security and privacy (SP’07). IEEE, New York, pp 321–334
Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Annual international cryptology conference. Springer, New York, pp 213–229
Boneh D, Franklin M (2003) Identity-based encryption from the Weil pairing. SIAM J Comput 32(3):586–615
Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc Lond Math Phys Sci 426(1871):233–271
Cachin C (2016) Architecture of the hyper ledger blockchain fabric. In: Workshop on distributed cryptocurrencies and consensus ledgers, vol 310, p 4
Cao C, Zuo Y, Zhang F (2018) Research on comprehensive performance simulation of communication IP network based on OPNET. In: 2018 international conference on intelligent transportation big data and smart city (ICITBS). IEEE, New York, pp 195–197
Cartwright Smith L, Gray E, Thorpe JH (2016) Health information ownership: legal theories and policy implications. Vanderbilt J Entertain Technol Law 19:207
Castro M, Liskov B et al (1999) Practical byzantine fault tolerance. OSDI 99:173–186
Dagher GG, Mohler J, Milojkovic M, Marella PB (2018) Ancile: privacy preserving framework for access control and interoperability of electronic health records using blockchain technology. Sustain Cities Soc 39:283–297
Deng H, Wu Q, Qin B, Domingo-Ferrer J, Zhang L, Liu J, Shi W (2014) Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf Sci 275:370–384
Dubovitskaya A, Xu Z, Ryu S, Schumacher M, Wang F (2017) Secure and trustable electronic medical records sharing using blockchain. In: AMIA annual symposium proceedings, American Medical Informatics Association, p 650
Fernndez-Alemn JL, Seor IC, Lozoya PO, Toval A (2013) Security and privacy in electronic health records: a systematic literature review. J Biomed Inform 46(3):541–562
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on computer and communications security. ACM, New York, pp 89–98
Hamza R, Yan Z, Muhammad K, Bellavista P, Titouna F (2019) A privacy preserving cryptosystem for IoT ehealthcare. Inf Sci 28:17–28
Hankerson D, Menezes A, Vanstone S (2004) Guide to elliptic curve cryptography. Springer, New York
Huang Q, Yang Y, Shen M (2017) Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing. Future Gener Comput Syst 72:239–249
Karafiloski E, Mishev A (2017) Blockchain solutions for big data challenges: a literature review. In: IEEE EUROCON 2017—17th international conference on smart technologies. IEEE, New York, pp 763–768
Kaur H, Alam MA, Jameel R, Mourya AK, Chang V (2018) A proposed solution and future direction for blockchain-based heterogeneous medicare data in cloud environment. J Med Syst 42(8):156
Kosba A, Miller A, Shi E, Wen Z, Papamanthou C (2016) Hawk: the blockchain model of cryptography and privacy preserving smart contracts. In: 2016 IEEE symposium on security and privacy (SP). IEEE, New York, pp 839–858
Kshetri N (2017) Blockchain roles in strengthening cybersecurity and protecting privacy. Telecommun Policy 41(10):1027–1038
Lamport L, Shostak R, Pease M (1982) The byzantine generals problem. ACM Trans Program Lang Syst (TOPLAS) 4(3):382–401
Nakamoto S (2019) Bitcoin: A peer-to-peer electronic cash system. Technical report, Manubot
Peterson K, Deeduvanu R, Kanjamala P, Boles K (2016) A blockchain-based approach to health information exchange networks. Proc NIST Workshop Blockchain Healthc 1:1–10
Pournaghi SM, Zahednejad B, Bayat M, Farjami Y (2018) NECPPA: a novel and efficient conditional privacy preserving authentication scheme for vanet. Comput Netw 134:78–92
Riad K, Hamza R, Yan H (2019) Sensitive and energetic iot access control for managing cloud electronic health records. IEEE Access 7:86384–86393
Sahai A, Waters B (2005) Fuzzy identity-based encryption. In: Annual international conference on the theory and applications of cryptographic techniques. Springer, New York, pp 457–473
Salah K, Calyam P, Buhari M (2008) Assessing readiness of IP networks to support desktop video conferencing using OPNET. J Netw Comput Appl 31(4):921–943
Schwartz D, Youngs N, Britto A et al (2014) The ripple protocol consensus algorithm. Ripple Labs Inc White Pap 5:8
Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Workshop on the theory and application of cryptographic techniques. Springer, New York, pp 47–53
Sukhwani H, Martnez JM, Chang X, Trivedi KS, Rindos A (2017) Performance modeling of PBFT consensus process for permissioned blockchain network (hyperledger fabric). In: 2017 IEEE 36th symposium on reliable distributed systems (SRDS). IEEE, New York, pp 253–255
Szabo N (1996) Smart contracts: building blocks for digital markets. EXTROPY J Transhumanist Thought (6) 18:2
Tassa T, Dyn N (2009) Multipartite secret sharing by bivariate interpolation. J Cryptol 22(2):227–258
Vahedi E, Bayat M, Pakravan MR, Aref MR (2017) A secure ECC based privacy preserving data aggregation scheme for smart grids. Comput Netw 129:28–36
Wang S, Zhou J, Liu JK, Yu J, Chen J, Xie W (2016) An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans Inf Forensics Secur 11(6):1265–1277
Wu HT, Tsai CW (2018) Toward blockchains for health care systems: applying the bilinear pairing technology to ensure privacy protection and accuracy in data sharing. IEEE Consum Electron Mag 7(4):65–71
Xia Q, Sifah E, Smahi A, Amofa S, Zhang X (2017a) BBDS: blockchain-based data sharing for electronic medical records in cloud environments. Information 8(2):44
Xia Q, Sifah EB, Asamoah KO, Gao J, Du X, Guizani M (2017b) Medshare: trust-less medical data sharing among cloud service providers via blockchain. IEEE Access 5:14757–14767
Yang Y, Ma M (2015) Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for e-health clouds. IEEE Trans Inf Forensics Secur 11(4):746–759
Yue X, Wang H, Jin D, Li M, Jiang W (2016) Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. J Med Syst 40(10):218
Zhang A, Lin X (2018) Towards secure and privacy preserving data sharing in e-health systems via consortium blockchain. J Med Syst 42(8):140
Zhang J, Xue N, Huang X (2016) A secure system for pervasive social network-based healthcare. IEEE Access 4:9239–9250
Zheng Y (2011) Privacy-preserving personal health record system using attribute-based encryption. PhD thesis, Worcester Polytechnic Institute
Zhong H, Zhu W, Xu Y, Cui J (2018) Multi authority attribute based encryption access control scheme with policy hidden for cloud storage. Soft Comput 22(1):243–251
Zhu C, Yang OW, Aweya J, Ouellette M, Montuno DY (2002) A comparison of active queue management algorithms using the OPNET modeler. IEEE Commun Mag 40(6):158–167
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Pournaghi, S.M., Bayat, M. & Farjami, Y. MedSBA: a novel and secure scheme to share medical data based on blockchain technology and attribute-based encryption. J Ambient Intell Human Comput 11, 4613–4641 (2020). https://doi.org/10.1007/s12652-020-01710-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-020-01710-y