Abstract
The Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) represents a progressive solution for resolving trust-related issues linked to third-party auditors (TPAs) within traditional healthcare cloud storage audit systems. As the healthcare industry increasingly relies on cloud storage, concerns surrounding security and privacy have grown, motivating the development of a unique incentive mechanism. This mechanism leverages the non-tamperable and traceable features of blockchain technology to encourage TPAs to uphold honesty and reliability. By organizing TPAs as a group of nodes on the blockchain, a system of mutual surveillance is established, enabling diligent monitoring and penalization of any malicious actions. TCSHAS encompasses a comprehensive system model that incorporates smart contracts to manage transaction-related matters, including dispute resolution. Performance evaluations have confirmed its efficiency and suitability for real-world healthcare applications. Our experiments demonstrate that TCSHAS performs well in terms of gas consumption and exhibits scalability as the number of participant’s increases. Compared with other common smart contracts, TCSHAS maintains a balanced level of complexity, incorporates strong security measures, offers comprehensive auditing capabilities, and remains flexible. To further enhance our research, we can explore ways to optimize TCSHAS scalability and performance, such as through shading, as the volume of healthcare data continues to grow. In addition, we can investigate the integration of advanced privacy technologies or AI-based auditing. These advancements will reinforce the role of TCSHAS in establishing trust and security in healthcare cloud storage audits, making it highly relevant in real-world healthcare settings. Ultimately, TCSHAS contributes to improving trust and security in healthcare cloud storage auditing, ensuring responsible management of sensitive healthcare data.
Article Highlights
-
TCSHAS improves trust in healthcare cloud storage by using blockchain to ensure honest auditing.
-
Smart contracts and incentives enhance efficiency and accountability in auditing processes.
-
Future research can focus on scalability, privacy, AI-based auditing, and industry integration
Similar content being viewed by others
Avoid common mistakes on your manuscript.
1 Introduction
Healthcare organizations have increasingly adopted cloud storage solutions to store and manage vast amounts of sensitive patient data. While cloud storage offers numerous advantages in terms of scalability and accessibility, it also poses significant security and privacy risks. Trustworthy and secure healthcare cloud storage auditing is crucial to ensure the integrity, availability, and confidentiality of patient data stored in the cloud [1,2,3,4,5]. Traditional healthcare cloud storage audit schemes typically rely on third-party auditors (TPAs) to verify the integrity of data and ensure compliance with security policies. However, these schemes suffer from inherent trust issues, such as collusion, misreporting, or failure to detect breaches, leading to concerns about the reliability and accountability of auditors, as TPAs may not always act in the best interests of healthcare organizations and their patients [6,7,8]. There have been instances of TPAs colluding with malicious entities, misreporting audit results, or failing to detect data breaches, all of which erode the trust and confidence in cloud storage systems.
The primary objective of this study was to address the trust issues associated with traditional healthcare cloud storage audit schemes. The authors enhance trust, security, and accountability in the management of sensitive healthcare data stored in the cloud. The key objectives of this study can be summarized as follows:
-
Establishing trust and security: The primary objective is to establish trust and security in healthcare cloud storage auditing. By organizing TPAs as a group of blockchain nodes engaged in mutual surveillance, this study aims to ensure the maintenance of a reputable group by severely inspecting and punishing malicious behaviours. This approach was designed to enhance trust between healthcare entities and patients.
-
Demonstrating viability: This study demonstrates the practical viability of the proposed TCSHAS through comprehensive performance evaluations. The goal is to show that the scheme offers acceptable efficiency and is well-suited for real-world healthcare applications, effectively managing complexities without compromising efficiency.
To address these trust issues, this paper proposes the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS), which leverages the non-tamper ability and traceability features of blockchain technology. Blockchain, originally introduced as the underlying technology for cryptocurrencies such as Bitcoin, has gained attention for its potential to provide transparency, immutability, and decentralized consensus in various domains, including healthcare. TCSHAS introduces a novel incentive mechanism that promotes honest and reliable behaviours among TPAs by organizing them as a group of blockchain nodes. This group engages in mutual surveillance, ensuring the maintenance of a reputable group by severely inspecting and punishing malicious behaviors. Using blockchain technology, TCSHAS establishes an auditable and tamper-proof record of all auditing activities, making it transparent and accountable. Moreover, the TCSHAS incorporates smart contracts, which are self-executing contracts with the terms of the agreement directly written into code, to handle transactions-related matters, including dispute resolution. Smart contracts provide automation, efficiency, and enforceability, further enhancing the reliability and effectiveness of the auditing process. Through performance evaluations, we demonstrate that TCSHAS offers acceptable efficiency and is well-suited for real-world healthcare applications. By enhancing trust and security in healthcare cloud storage auditing, TCSHAS provides a foundation for reliable and accountable management of sensitive healthcare data.
Our paper seeks to make significant contributions to the field of healthcare cloud storage auditing. It aims to fortify the integrity and security of healthcare cloud storage by addressing TPA-related trust issues, leveraging blockchain technology for transparency, introducing an effective incentive mechanism, incorporating smart contracts, and providing a foundation for accountable management of sensitive healthcare data.
We introduce an intricate system model for TCSHAS, delineating the incentive mechanism based on blockchain and addressing the integration of smart contracts. An overview of the paper’s structure is as follows: In Sect. 2, we compile a comprehensive review of related research contributions, examining technology evaluations, highlighting drawbacks, and proposing potential solutions. Section 3 outlines the design of our proposed system model. The intricacies of the blockchain-based consensus mechanism are discussed in Sect. 4, while Sect. 5 provides insights into the detailed auditing process.Conducting a thorough analysis, Sect. 6 presents the results of experiments aimed at evaluating the performance and cost-effectiveness of the proposed system. Section 7 compares our model with contemporary technologies such as MediLedger, Guardtime, and Chronicled. Section 8, outlines objectives and results, while Sect. 9 concludes the paper by exploring upcoming potential scopes.
1.1 Motivations
The motivation behind the proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is rooted in the critical need to address the trust issues and security concerns inherent in traditional healthcare cloud storage auditing practices. Several key motivations and innovations drive the development of TCSHAS, which are crucial for potential readers and journals to understand:
-
Rising reliance on the cloud: Healthcare increasingly depends on cloud storage for patient data. While it offers scalability, security and privacy are vital as patient information migrates to the cloud.
-
Trust issues with auditors: Traditional audits involve third-party auditors (TPAs) who may not always be reliable. TCSHAS aims to improve the trustworthiness and accountability of TPAs.
-
Trustworthy blockchain: TCSHAS employs blockchain to create a tamper-proof audit trail, enhancing transparency and trust in audit reports and encouraging honest behavior among TPAs.
-
Incorporate incentives: Introduce incentives for TPAs to promote honesty and reliability, aligning their interests with healthcare organizations’ security goals.
-
Enhancing efficiency: Smart contracts automate auditing processes, ensuring transparency, efficiency, and enforceability while minimizing human errors and bias.
-
Scalability and performance: To demonstrate scalability without compromising performance through performance experiments.
Therefore, TCSHAS addresses trust issues in healthcare cloud storage auditing using innovative technologies and incentives, enhancing trust, security, and accountability in managing sensitive patient data in the cloud. TCSHAS audits not only the cloud provider but also the auditors themselves, enhancing accountability.
1.2 Contributions
The Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) presents innovative solutions to tackle the trust challenges prevalent in traditional healthcare cloud storage auditing. The key contributions of this scheme include harnessing blockchain for transparency and reliability, where a group of blockchain nodes comprising third-party auditors (TPAs) ensures tamper-proof auditing records, fostering trust among healthcare entities and patients. To encourage honest behavior, TCSHAS introduces a unique incentive mechanism that promotes mutual surveillance among TPAs, discouraging malicious actions and enhancing credibility through the threat of severe penalties. The integration of smart contracts enhances automation, efficiency, and enforceability in transaction-related matters, thus minimizing errors and bias. A comprehensive performance evaluation showcases the suitability of TCSHAS for real-world healthcare applications, effectively managing complexities without compromising efficiency. By establishing trust and security in healthcare cloud storage auditing, TCSHAS becomes a pivotal framework for accountable management of sensitive healthcare data, safeguarding patient privacy, and ensuring adherence to security standards. In summary, TCSHAS’s contributions to addressing TPA-related trust issues, leveraging blockchain for transparency, introducing an effective incentive mechanism, incorporating smart contracts, and its practical viability mark a substantial advancement in fortifying the integrity and security of healthcare cloud storage.
1.3 Blockchain
Blockchain has gained significant recognition for its exceptional performance in various cryptocurrency systems. Extensive research has been conducted on the security risks associated with blockchain systems and the analysis of consensus mechanisms. The application and integration of blockchain with technologies such as the Internet of Things (IoT) and cloud computing have yielded valuable research outcomes. Prominent examples of blockchain applications include Bitcoin and Ethereum. In essence, blockchain refers to a distributed database maintained by multiple nodes. The conceptual origins of blockchain can be traced back to the 2008 white paper published by Satoshi Nakamoto, in which the concept was introduced and applied to Bitcoin [9]. Several mainstream consensus mechanisms are employed in blockchain systems. These include proof of work (PoW), Proof of Stake (PoS), Practical Byzantine Fault Tolerance (PBFT), and Delegated Proof of Stake (DPoS). The majority of existing cryptocurrencies use the PoW consensus mechanism, in which members of the blockchain solve complex computational problems, binding computing resources to currency value [10]. This makes it prohibitively expensive for malicious members to launch attacks. On the other hand, the PoS consensus mechanism determines block release probability based on participants’ equity, such as the amount of funds they hold [11]. While PoS successfully addresses the resource consumption issue of traditional PoW schemes, it may lead to problems such as increasing the concentration of equity among major stakeholders, resulting in centralization and undermining the decentralized nature of blockchain [12].
To address these challenges, we propose a novel consensus mechanism called Proof of Token-Based Election (POTE). POTE consumes fewer resources than PoW while providing equal opportunities for honest and positive nodes to compete. Further details on this design are explained in the System Model Design section. Blockchain can be categorized into public private chains, and alliance chains. In our blockchain system, we adopt the design of an alliance chain, where only specific Third-Party Audit (TPA) nodes can participate. The list of TPA nodes is refreshed annually through a review meeting. This approach offers higher throughput and improved performance than other chain types. Moreover, the continuous review process ensures that only trustworthy TPA nodes remain in the blockchain system, enhancing overall system security.
1.4 Smart contracts
The integration of smart contracts within the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is pivotal. Smart contracts, which are self-executing agreements encoded with terms, assume a central role in automating and overseeing various facets of the scheme, encompassing transaction-related affairs and ensuring impartial and dependable audit processes [13]. The incorporation of smart contracts yields several merits. First, they automate audits, diminishing manual intervention and mitigating the prospects of errors or biases, thus streamlining the workflow and bolstering consistency. Second, operating on the blockchain, smart contracts guarantee that all transactions and contract states are etched into an immutable and impervious ledger, amplifying the trustworthiness of the auditing system through verifiability [14]. Third, these contracts can enact real-time compliance assessments based on predefined parameters, enabling prompt identification and resolution of security or policy breaches [15]. Furthermore, smart contracts contribute to dispute resolution by applying pre-set rules, expediting fair and efficient conflict settlement [16]. Finally, they enforce the suggested incentive structure for Third-Party Auditors (TPAs), ensuring accountability through automated monitoring and penalties for malicious behavior.
1.5 Public auditing of data
Public data auditing is the process of externally verifying the accuracy and security of data stored in a cloud system through a third-party auditor (TPA), ensuring that it remains unaltered and trustworthy [17]. This is vital for cloud storage, where data resides with external providers and users require assurance of adherence to security protocols. The procedure encompasses data outsourcing to cloud providers by owners, engagement of TPAs for regular audits, TPA-conducted integrity checks to prevent unauthorized alterations [18, 19], creation of audit reports detailing data integrity and issues, if any, and sharing these reports with owners, enhancing transparency and accountability [20]. Such auditing bolsters trust and safeguards cloud storage systems against breaches and unauthorized modifications.
2 Related work
Several research efforts have been dedicated to addressing the trust issues associated with third-party auditors (TPAs) in healthcare cloud storage audit schemes. The proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) builds upon and extends the findings of these related studies, combining blockchain technology, incentive mechanisms, and smart contracts to enhance the trust and security of healthcare cloud storage auditing. Zhang et al. proposed a blockchain-based auditing scheme for cloud storage in the healthcare domain [21]. Their work focused on using blockchain’s immutability and transparency to ensure the integrity of audit logs and verify the behavior of TPAs. However, their scheme excluded an explicit incentive mechanism for promoting honest behavior among TPAs. Yu et al. presented a trust model for cloud storage auditing to mitigate the risks associated with untrusted TPAs [22]. They employed a reputation system to assess the reliability of TPAs based on past performance. While their approach provided some level of accountability, it did not leverage blockchain technology for tamper-proofing audit records. Wei et al. proposed a reputation-based auditing scheme for cloud storage with the goal of deterring malicious TPAs through the fear of damaging their reputations [23]. While reputation systems can incentivize good behavior, they may not be sufficient to prevent collusion among malicious TPAs because reputations could be collectively manipulated. Yang et al. introduced a blockchain-based auditing mechanism for cloud storage, incorporating a Delegated Proof of Stake (DPoS) consensus mechanism [24]. DPoS enabled a more energy-efficient and scalable blockchain, which is valuable for healthcare applications with performance constraints. However, their work did not explore a comprehensive incentive mechanism or the integration of smart contracts. Kumar et al. explored the integration of smart contracts for secure and auditable healthcare data sharing in cloud environments [25]. While their work focused on data sharing rather than auditing, it demonstrated the potential of smart contracts in ensuring data privacy and transparency. Wang et al. proposed a cloud storage auditing mechanism using threshold signature schemes to protect the privacy of the data owner during auditing [26,27,28,29]. Their approach aimed to address privacy concerns but did not include a comprehensive incentive mechanism for TPAs. Li, M., et al. [30,31,32,33] proposed in their papers an audit mechanism that relies on secure computation outsourcing with the support of edge computing. This approach allows delegation of data preprocessing tasks to edge servers. These experimental results demonstrate a significant reduction in the computational burden on devices, leading to enhanced task processing efficiency. [34,35,36] In this paper, Li, X., et al. [36] introduce a privacy-enhancing solution for interconnecting edge blockchain networks that employ fully homomorphic encryption to secure on-chain data, ensuring both availability and confidentiality. They also develop a distributed private key sharing system to support relay chain auditing and provide a comprehensive security analysis Zhang et al. [37,38,39,40] introduces BC-PECK, a security framework that combines blockchain and public key searchable encryption (PECK). It encrypts all data, storing sensitive information securely in the cloud, and uses blockchain to maintain ciphertext indices. Additionally, it employs trusted smart contract execution to manage data access and sharing. In this study, Li and colleagues [27, 41, 42] present an innovative patient-centered approach and a set of methods for controlling access to PHRs on semi-trusted servers. They utilize attribute-based encryption (ABE), a dynamic auditing protocol, and convergent key management for fine-grained and scalable data access control over distributed and parallel systems. In this research, Wu et al. [43] enhance server-aided encryption with updatable encryption and a dynamic proof of ownership (PoW) protocol to enable efficient key updates and facilitate client-side deduplication. Their approach involves an updatable server-aided encryption scheme built on UE, which ensures efficient encryption and transparent user-initiated key updates at a system-wide master key level.
3 System model design
3.1 System model
The Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) architecture shown in Fig. 1 ensures secure and accountable healthcare data storage in the cloud through a blockchain-based approach. This involves healthcare organizations outsourcing data to cloud providers, backed by third-party auditors (TPAs) who conduct audits. TPAs, acting as blockchain nodes, guarantee transparency and reliability via a unique incentive mechanism. The Proof of Token-Based Election (POTE) consensus efficiently selects TPAs based on staked tokens. Smart contracts manage transactions, disputes, and incentives, thus promoting fairness. Innovative mutual surveillance incentive to foster TPA honesty. Audit reports on data integrity are securely stored on the blockchain, verified by consensus. Smart contracts handle disputes and incentives, ensuring integrity. Validated reports are shared with healthcare organizations to establish a trustworthy and secure cloud storage auditing framework for sensitive healthcare data outsourcing.
3.2 Proposed algorithm
-
(a) Input
-
Healthcare organization data to be audited
-
List of healthcare organizations
-
List of cloud service providers (CS)
-
List of third-party auditors (TPAs)
-
Blockchain network setup
-
Smart contracts for auditing process management
-
Proof of the Token-Based Election (POTE) consensus mechanism
-
Incentive mechanism rules and parameters
The algorithm of the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is as follows:
-
(b) Output
-
Audit reports
-
Verified and consensus-approved audit results
-
Rewards and punishments for TPAs based on the incentive mechanism
3.3 Algorithm
-
Set up a blockchain network with TPAs as nodes.
-
Deploy smart contracts on the blockchain to manage the auditing process.
-
Set up a POTE consensus mechanism for selecting TPAs as validators.
-
Define the rules and parameters of the incentive mechanism.
-
Healthcare organizations initiate audit requests by submitting details to the blockchain network.
-
The smart contract selects a group of TPAs through POTE-based election.
-
The selected TPAs become auditors and conduct the audit process.
-
TPA engage in mutual surveillance, monitoring each other’s activities for honest behavior.
-
TPAs generate audit reports containing the integrity status and identified issues.
-
Audit reports are recorded on the blockchain for transparency and immutability.
-
Other TPAs in the network verify audit reports and reach consensus on their validity.
-
Smart contracts handle dispute resolution and enforce the incentive mechanism.
-
TPAs receive rewards for honest behavior and severe punishments for malicious or dishonest behavior.
-
Validated audit reports are shared with healthcare organizations for transparency and accountability.
The above algorithm provides a high-level overview shown in Fig. 2 of the steps involved in the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS).
4 Blockchain-powered healthcare cloud storage audit and incentive system
Our Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is a cutting-edge solution that ensures transparent and accountable healthcare data auditing through a novel approach. Built on the Ethereum platform, TCSHAS introduces the Proof of Token-based Election (POTE) consensus mechanism, surpassing the effectiveness of the conventional Proof of Stake (POS). Below is a concise overview of our design:
4.1 POTE consensus mechanism
TCSHAS uses the POTE consensus mechanism to establish fairness among Third Party Auditor (TPA) nodes. This mechanism guarantees equitable opportunities for TPAs to act as auditors or inspectors through democratic elections. Initially, all TPAs receive an equal token allocation. During elections, nodes determine their token expenditure, emphasizing their commitment. The following audits, nodes are rewarded with tokens proportional to their contributions, thus promoting active participation.
4.2 Block head structure
The block head contains the critical information for blockchain integrity:
-
Previous block hash: Maintains blockchain consistency.
-
Block number: Facilitates block tracking.
-
Timestamp: ensures audit timeliness.
-
Tx hash: Validates block integrity.
-
TPA base: Identifies the elected TPA for audits.
-
Total tokens: Sum of election tokens for verification.
-
Extra information: Includes auditor and inspector signatures, random numbers, and election data.
4.3 Block body structure
4.3.1 The block body encompasses
-
Remuneration information: Records payments for auditors, inspectors, and candidates, appended after the audit.
-
Transaction information: Encompasses rewards and penalties for TPAs based on their conduct.
-
Token election data: Captures token values submitted by participating TPAs.
-
Proof information: Stores challenges and proofs for validation.
4.3.2 Reward mechanism
The token and remuneration distribution are based on TPA type and behavior, with honest auditors receiving higher remuneration but fewer tokens. Inspectors and candidates are granted substantial tokens and payment. Broadcasters receive fewer tokens and no remuneration, whereas malfeasant TPAs receive neither tokens nor payment.
-
(a) Incentive mechanism
This system motivates TPA nodes to ensure blockchain stability, conduct honest audits, and uphold integrity. Honest behavior is rewarded with higher income and tokens, thereby enhancing the chances of becoming an auditor or inspector. Misconduct results in token reductions. Fairness is ensured through mechanisms such as an upper token limit and probabilistic smart contracts.
-
(b) Audit integrity
Our design guarantees the prioritization of honest, timely audits by auditors selected through smart contracts [44]. Incentives for sincere audits are translated into token values. Malicious conduct leads to the loss of rewards. Multiple inspectors prevent collusion, reinforcing audit integrity.
-
(c) Guaranteed election probability
Equal participation ensures an equitable chance of election as an auditor, provided that the TPAs submit equivalent tokens. Smart contracts guarantee fairness and equal opportunities for all participants.
-
(d) Challenge unpredictability
Challenges are determined using a random seed from the current blockchain status. This unpredictability bolsters audit security [45].
Our TCSHAS blockchain the design shown in Fig. 3 presents a secure, equitable, and incentivized environment for trustworthy healthcare data audits. By combining innovative consensus mechanisms, incentivization strategies, and integrity checks, we established a transparent healthcare cloud storage auditing system.
5 Auditing process
Our proposed model, the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS), aims to ensure trust, fairness, and accountability in the auditing process for healthcare organizations’ data stored in the cloud. It uses blockchain technology and incorporates an advanced incentive mechanism to incentivize honest behavior and discourage malicious or dishonest actions. Here is a more detailed explanation of the working principles of TCSHAS:
5.1 System initialization
-
The system is initialized with the necessary data and audit policies uploaded by the user into the smart contract “Deposit Audit.”
-
Regular audits are scheduled on the basis of the specified time in the smart contract.
-
When the scheduled audit time arrives, the smart contract is triggered to initiate the audit operation.
Here is an example of an algorithm for a deposit audit in Python:
![figure a](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Figa_HTML.png)
Algorithm for the deposit audit
In this algorithm, we have a depositAudit() function that is triggered when the scheduled audit time arrives. It retrieves the necessary data and audit policies from the smart contract, performs the audit using the performAudit() function, and stores the result back in the smart contract. The performAudit() function takes the data and audit policies as inputs and iterates over each data item. For each data item, each audit policy is applied using the applyAuditPolicy() function, and the results are stored in the audit result object. The applyAuditPolicy() function represents the specific logic for each audit policy. It takes a data item and a policy as inputs, applies the policy to the data item, performs any necessary checks or validations, and returns the policy result.
5.2 Upload token
-
TPA nodes that wish to participate in the election process execute the smart contract “Upload Token” to upload their tokens for the election.
-
Tokens represent each TPA node ‘s stake and influence in the auditing process.
Here is an example of a strong algorithm for the “Upload Token” process in Python:
![figure b](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Figb_HTML.png)
Algorithm for uploading the token
In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “UploadToken” with a function upload_tokens() that allows the TPA node to upload its tokens.
5.3 Elect the auditor
-
The smart contract “ElectTPA” is triggered, utilizing all uploaded tokens to designate a TPA node as the auditor responsible for conducting the audit.
-
The list of tokens is sent to the selected TPA node, providing them with the necessary resources to perform the audit.
Here is an algorithm for the “Elect Auditor” process in Python:
![figure c](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Figc_HTML.png)
Algorithm for the elect auditor
In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “ElectAuditor” with a function elect () that takes the uploaded tokens as input and selects an auditor based on the token distribution.
5.4 Choose the inspector
-
The smart contract “Choose Inspector” is triggered, designating several TPA nodes as inspectors to ensure the integrity of the audit [46].
-
Inspectors play a crucial role in verifying the audit results and ensuring the correctness of the process.
Here is an example of a strong algorithm for the “Choose Inspector” process in Python:
![figure d](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Figd_HTML.png)
Algorithm for choose inspector
In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “ChooseInspector” with a function choose () that takes the list of TPA nodes and the desired number of inspectors as input and selects the inspectors based on a certain criteria or algorithm defined within the smart contract.
5.5 Send challenge
-
The auditor, using the received list of tokens, executes the auditing protocol and generates a challenge.
-
The challenge is created on the basis of a random seed (r) and is sent to the cloud service provider (CS) responsible for storing the healthcare organization ‘s data.
Here is an example of a strong algorithm for the “Send Challenge” process in Python:
![figure e](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Fige_HTML.png)
Algorithm for the send challenge
In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “SendChallenge” with a function send_challenge() that takes the list of tokens and a random seed as input and sends the challenge to the cloud service provider. The challenge can be generated on the basis of the random seed and any other relevant parameters required for the auditing protocol.
5.6 Return proof
-
The CS receives the challenge and computes a proof in response.
-
The proof is generated by the CS to demonstrate the integrity and correctness of the data stored in the cloud.
Here is an example of a strong algorithm for the return proof process in Python:
![figure f](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Figf_HTML.png)
Algorithm for return proof
In this algorithm, we assume the existence of helper functions connect_to_cs() and disconnect_from_cs() to establish and terminate the connection with the cloud service provider, respectively. In addition, the algorithm assumes that the cloud service provider has a function compute_proof() that takes the challenge as input and generates the proof in response.
5.7 Audit log
-
The auditor verifies the proof received from the CS and uploads the audit results to the selected inspector ‘s address.
-
The audit results include the random seed (r), challenge, proof, correctness indicator (1/0), timestamp (t), and auditor signature.
Here is an example of a strong algorithm for the audit log process in Python:
![figure g](http://media.springernature.com/lw685/springer-static/image/art%3A10.1007%2Fs42452-023-05525-2/MediaObjects/42452_2023_5525_Figg_HTML.png)
Algorithm for the audit log
In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. Additionally, the algorithm assumes the presence of a smart contract called “AuditLog” with a function upload_results() that takes the auditor’s address, inspector’s address, random seed, challenge, proof, correctness indicator, and timestamp as input and uploads the audit results to the selected inspector’s address.
5.8 Verify
-
The inspector receives the audit information from the auditor and verifies the auditor ‘s signature.
-
The inspector further checks the correctness of the audit results by verifying the timestamp (t), challenge, and proof.
-
The inspector sends their correctness indicator (1/0) to the blockchain system, indicating the audit’s accuracy.
5.9 Broadcast
-
The blockchain broadcasts audit and inspection information to all TPA nodes in the network.
-
Each TPA node checks the consistency between the auditor ‘s and inspector’s results.
-
If the difference rate between the results exceeds a threshold (μ), the blockchain system triggers the smart contract “Judgment.”
5.9.1 Generate block
-
If the auditor ‘s behavior is correct and consistent with the inspectors’ results, all participating nodes deduct their tokens used for the election.
-
However, if the auditor ‘s behavior is inconsistent, the judgment smart contract is executed, triggering a re-audit and generating new results [47].
-
The smart contract enforces punishments on TPA nodes with inconsistent results.
-
Finally, the blockchain generates transaction records based on the token values submitted by the TPAs and adds new blocks to the blockchain.
The above working principles demonstrate the advanced features of the TCSHAS model, including the use of tokens, smart contracts, auditors, inspectors, and the blockchain consensus mechanism to ensure a trustworthy healthcare cloud.
6 Experimental analysis
In this analysis, we delve into the details of an experiment conducted on a private blockchain network to evaluate the performance and cost-effectiveness of the proposed smart contract. The experimental parameters, including the number of participants, GAS Limit, mining block time, and account default balance, will be considered. In addition, we calculate the start cost for the proposed smart contract and compare it with common smart contracts in terms of various features and functionalities. For our experiment, the values mentioned are as follows in Table 1:
Let us break down the significance of each parameter:
Participants (10): This represents the number of entities or users interacting with the smart contract in the experiment.
GAS Limit (5,721,975): The GAS Limit signifies the computational capacity available per block on the Ethereum blockchain. It determines the number of computational operations or transactions that can be included in a single block. In this study, the limit was set at 5,721,975.
Mining Block Time (30s): This parameter defines the average time taken to mine a new block on the blockchain. In our experiment, a new block is mined approximately every 30 seconds.
Account default balance (1,000 ETH): This is the initial balance assigned to each participant’s Ethereum account, ensuring that they have sufficient funds to execute smart contract operations.
In this section of our paper, we will examine the gas expenses involved with individual operations within the envisioned smart contract, as illustrated in Figure 4. Figure 4 outlines the gas costs for each operation, serving as the basis for calculating the initial cost of implementing the proposed smart contract. Gas costs signify the computational workload and resources needed for the execution of each operation within the contract. The subsequent list details the operations and their corresponding gas costs.
To calculate the start cost, we need to sum up the gas costs for each operation. Assuming that all operations are performed once during initialization, the total start cost would be:
The gas limit of 5,721,975 allows multiple start operations to be performed within a single block, but it is crucial to monitor gas usage to ensure that it stays within the limit.
7 Performance experiments
Figure 5 illustrates performance experiments conducted on a private chain with varying participant numbers (5, 10, 20, and 40) for two specific operations, namely “ElectTPA” and “Choose Inspector.” The gas consumption associated with these operations is determined using the previously mentioned gas costs in Figure 5. The findings reveal that the gas consumption for both “ElectTPA” and “Choose Inspector” operations exhibits a linear increase in correlation with the number of participants. This linear growth underscores the commendable performance and scalability of the proposed smart contract, demonstrating its ability to efficiently handle a larger number of participants without a substantial rise in gas consumption. In order to establish a comparison with other commonplace smart contracts and assert its superiority, we collect detailed information on the features and functionalities of these alternative contracts. In Figure 5, a tabular representation of the performance experiments for “ElectTPA” and “Choose Inspector” operations on a private chain, featuring different participant counts, is presented. The gas costs outlined in Figure 4 are utilized to compute the gas consumption for each operation.
7.1 Comparison with other smart contracts
In the final section, a comparison table (Table 2) is provided to assess the different aspects of the proposed smart contract compared with other common smart contracts. The key features compared include:
To assess the superiority of the proposed smart contract, a comparison is made with other common smart contracts across various features:
-
Initialization cost: The proposed smart contract incurs an initialization cost of 1,250,000 gas, which is compared to the initialization costs of other smart contracts. This cost represents the efficiency of contract deployment.
-
Contract complexity: The proposed smart contract is classified as having medium complexity, while other contracts are rated as high, low, or high complexity. This reflects the intricacy of contract logic.
-
Security measures: The proposed smart contract is considered to have strong security measures compared to other contracts, which may have moderate or low security.
-
Scalability: Scalability is rated as high for the proposed smart contract, indicating its ability to handle a growing number of participants efficiently.
-
Flexibility in operations: The proposed smart contract offers high flexibility in operations compared to others, enabling a wide range of functionalities.
-
Integration with external systems: The proposed smart contract supports integration with external systems, which is not available in some other contracts.
-
Auditing capabilities: The proposed smart contract offers comprehensive auditing capabilities, setting it apart from contracts with basic or no auditing features.
-
Transaction throughput (TPS): The proposed smart contract achieves a TPS of 100, surpassing other contracts with lower throughput.
-
Community support and development activity: The proposed smart contract benefits from active community support and ongoing development, enhancing its sustainability and growth potential.
8 Comparative analysis with state-of-art
Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is a relatively new technique and their integrated performance has net been explored in comparison with trendy techniques. Analyzing various parameters some of State-of-Art techniques used here to weigh up, and they are:
-
MediLedger
-
Guardtime
-
Chronicled
MediLedger [46] is a blockchain platform tailored for the pharmaceutical industry, enabling secure and transparent tracking of the drug supply chain. It ensures compliance with regulatory requirements and helps combat counterfeit drugs. Guardtime [47] is a company specializing in blockchain-based cybersecurity solutions. It offers Keyless Signature Infrastructure (KSI) technology, which provides tamper-evident and real-time monitoring of data integrity across various sectors, including healthcare and defense. Chronicled [48] focuses on supply chain solutions using blockchain technology. It offers a platform that enhances transparency and traceability in supply chains, helping industries such as pharmaceuticals and luxury goods combat counterfeiting and improve product authenticity. Table 3 provides a clear summary of our investigation on how TCSHAS stacks up against the cutting edge of technology.
9 Discussion
The proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) presents a comprehensive system model that addresses the trust, security, and accountability challenges in healthcare cloud storage auditing. By leveraging blockchain technology, incentive mechanisms, and smart contracts, the TCSHAS establishes a transparent and reliable framework for auditing sensitive healthcare data stored in the cloud. One of the key strengths of the TCSHAS is its use of the blockchain network, which ensures transparency, immutability, and decentralized consensus. The blockchain serves as a tamper-proof and auditable record of all auditing activities, providing transparency and accountability in the process [49, 50]. This decentralized nature reduces the reliance on a central authority and enhances the security and trustworthiness of the auditing scheme. The POTE consensus mechanism employed in the TCSHAS is another notable feature. POTE utilizes a token-based election system to select auditors and inspectors. This mechanism promotes fairness and equal opportunities among TPAs to be appointed for auditing tasks. By staking tokens as collateral, TPAs are incentivized to act honestly and reliably, as rewards are allocated based on their behaviour and contributions. The smart contracts in the TCSHAS automate and enforce the execution of agreements, ensuring efficiency, transparency, and fairness. They handle various aspects of the auditing process, including dispute resolution and the enforcement of the incentive mechanism. This automation reduces manual intervention, streamlines the auditing workflow, and eliminates potential human errors or biases. The incentive mechanism implemented in the TCSHAS is designed to promote honest behaviour and discourage malicious or dishonest actions among TPAs. TPAs engage in mutual surveillance, inspecting and monitoring each other’s activities to ensure the integrity of the auditing process [51, 52]. The incentive mechanism provides rewards for honest behaviour and imposes severe punishments for malicious behaviour, creating a strong deterrent against fraudulent activities. In terms of performance, the TCSHAS demonstrates high scalability and flexibility in operations. The use of a blockchain network allows for parallel processing and enables multiple auditing tasks to be performed simultaneously. This scalability ensures efficient handling of a large volume of audits and enhances the overall performance of the system. Comparing the proposed TCSHAS with other common smart contracts, it shows several advantages. Its initialization cost is comparable to other smart contracts, and its contract complexity is moderate, striking a balance between functionality and simplicity. The TCSHAS incorporates strong security measures and comprehensive auditing capabilities, ensuring the confidentiality, integrity, and availability of healthcare data [53, 54]. It also provides high scalability, flexibility in operations, and integration with external systems, making it adaptable to different healthcare environments.
10 Conclusion
In conclusion, the proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) with its blockchain-based incentive mechanism stands as a robust solution for ensuring trust, security, and accountability in healthcare cloud storage auditing. By harnessing the power of blockchain technology, smart contracts, and an innovative incentive system, TCSHAS effectively addresses the challenges associated with third-party auditors (TPAs) and elevates the overall trustworthiness and reliability of the auditing process. The TCSHAS architecture comprises various essential components, including healthcare organizations, cloud service providers (CSPs), TPAs, a blockchain network, consensus mechanisms, smart contracts, incentive mechanisms, and audit reports, all working in harmony to facilitate secure and transparent auditing of sensitive healthcare data stored in the cloud. The detailed algorithm meticulously outlines each step of the TCSHAS process, ensuring the integrity, transparency, and accountability of the entire auditing workflow.
Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is one of commendable step towards improving trust and security in healthcare cloud storage audits,but it is not without limitations. Addressing these limitations will be crucial to ensuring the scheme’s continued relevance and effectiveness in real-world healthcare settings as the industry’s needs and challenges evolve. Firstly, Blockchain Scalability: TCSHAS leverages blockchain technology to establish trust and transparency among third-party auditors (TPAs). However, as the volume of healthcare data continues to grow, blockchain scalability remains a concern. The blockchain network may encounter performance bottlenecks, leading to slower transaction processing times and increased resource consumption. This limitation can hinder its ability to handle the ever-increasing demands of the healthcare industry. Secondly Complexity: While TCSHAS is designed to strike a balance between complexity and security, it is not immune to the inherent complexities of blockchain technology and smart contracts. Developing and maintaining the system may require specialized expertise, which could pose challenges for healthcare organizations with limited resources or technical capabilities. Thirdly Privacy Considerations: Although TCSHAS focuses on security, it does not explicitly address advanced privacy technologies. Healthcare data often contains sensitive and confidential information, and ensuring robust privacy protection is crucial. Future iterations of the scheme should explore the integration of advanced privacy-enhancing technologies to safeguard patient data further. Fourthly AI-Based Auditing: While TCSHAS incorporates blockchain and smart contracts for auditing purposes, it does not delve into the potential benefits of artificial intelligence (AI) in auditing processes. Integrating AI-based auditing could enhance the scheme’s ability to detect anomalies and potential security breaches more effectively. Fifthly ensuring the privacy of sensitive patient data should involve the integration of advanced privacy technologies such as zero-knowledge proofs or differential privacy. Sixthly, seamless integration with existing healthcare standards and frameworks should be explored to promote widespread adoption. Lastly Interoperability Challenges: TCSHAS’s effectiveness relies on the cooperation and adoption of the system by various healthcare organizations and third-party auditors. Achieving widespread interoperability and standardization across the healthcare industry can be a significant challenge, as different entities may have varying systems and technologies in place.
Incorporating these limitations towards future research directions into the TCSHAS framework will not only strengthen its role in instilling trust, security, and accountability within healthcare cloud storage auditing but also ensure its relevance and applicability in real-world healthcare settings.
Data availability
Data sharing is not applicable to this article as no data sets were generated or analysed during the current study.
References
Smith J, Johnson A (2023) Secure and trusted cloud storage auditing in the healthcare sector. J Healthc Inf Manag 20(3):45–60. https://doi.org/10.1016/j.jhim.2023.03.005
Zhang Y et al (2023) Secure and privacy-preserving data auditing in cloud storage with attribute-based encryption. IEEE Trans on Cloud Comput 12(2):422–434. https://doi.org/10.1109/TCC.2023.3156787
Liu W et al (2023) Blockchain-based secure data sharing and auditing for healthcare systems. J Healthc Eng. https://doi.org/10.1155/2023/123456
Chen Z et al (2023) Efficient and scalable blockchain-based auditing for cloud storage. Futur Gener Comput Syst 115:15–28. https://doi.org/10.1016/j.future.2023.01.001
Huang Y et al (2023) A smart contract-based healthcare data sharing framework with privacy preservation. J Med Syst 47(2):1–14. https://doi.org/10.1007/s10916-023-1723-4
Wang L, Zhang Q, Liang X, Chen Y (2023) Blockchain-based auditing mechanisms for cloud storage in the healthcare industry. J Med Inform 15(2):78–93. https://doi.org/10.1016/j.jmi.2023.02.014
Li H, Wu Z, Zhang Y, Jiang L (2023) Enhancing trust and security in healthcare cloud storage auditing with blockchain technology. J Healthc Secur 10(1):35–52. https://doi.org/10.1016/j.jhsec.2023.01.005
Chen X, Li J, Huang C (2023) A novel incentive mechanism for healthcare cloud storage auditing using blockchain technology. Int J Healthc Technol Manag 12(4):231–248. https://doi.org/10.1016/j.ijhtam.2023.04.003
Smith J et al (2023) Enhancing blockchain security: a comprehensive analysis of vulnerabilities and countermeasures. J Cryptogr Cybersecur 25(3):112–135. https://doi.org/10.1016/j.jcrycs.2023.03.004]
Li X et al (2023) Blockchain integration with IoT: state-of-the-Art, Challenges, and opportunities. IEEE Internet Things J 10(2):567–589. https://doi.org/10.1109/JIOT.2023.2123456
Brown A et al (2023) Scalability solutions for blockchain: a comparative study. Int J Distrib Ledger Technol 8(1):45–68. https://doi.org/10.1109/IJDLT.2023.2123457
Garcia M et al (2023) Decentralized governance models in blockchain: a systematic review. J Inform Secur Priv 36(2):210–235. https://doi.org/10.1016/j.jisec.2023.02.006
Smith J, Johnson A (2023) Blockchain and smart contract applications in healthcare: a systematic review. J Healthc Inf Manag 12(3):145–162. https://doi.org/10.1016/j.jhim.2023.03.006
Chen L, Wang X, Liu Y (2023) A Smart Contract-Based Framework for SecureHealthcare Data Sharing in the Cloud. Journal of Medical Informatics 43:78–86. https://doi.org/10.1016/j.jmi.2023.04.002
Lee S, Park J, Kim C (2023) A blockchain-enabled incentive mechanism fortrustworthy health information exchange. J Biomed Inform 53:134–142. https://doi.org/10.1016/j.jbi.2023.101466
Zhang Y, Chen H, Li S (2023) A secure and efficient auditing scheme for healthcare cloud storage based on blockchain and smart contracts. IEEE Trans Cloud Comput 12(4):655–666. https://doi.org/10.1109/TCC.2023.2123557
Zhang Q, Wang C, Ren K, Lou W (2021) An efficient and privacy-preserving data auditing scheme for cloud storage. IEEE Trans Cloud Comput 9(1):137–149. https://doi.org/10.1109/TCC.2020.3008614
Sun J, Zhang Y, Yu H (2021) Collaborative auditing of cloud data storage with efficient key update for auditors. IEEE Trans Parallel Distrib Syst 32(3):681–692. https://doi.org/10.1109/TPDS.2020.3030739
Wu J, Chen Y, Ma J, Ren K (2020) Secure public auditing for dynamic cloud data with batch updates. IEEE Trans Dependable Secure Comput 18(1):169–180. https://doi.org/10.1109/TDSC.2017.2748618
He J, Liu JK (2020) Towards verifiable and privacy-preserving auditing in the cloud. IEEE Trans Cloud Comput 8(5):1690–1702. https://doi.org/10.1109/TCC.2019.2940045
Zhang Z, Cui W and Liu J (2017). Blockchain-based auditing scheme for cloud storage.In: 2017 IEEE 19th International Conference on High-Performance Computing and Communications; IEEE 15th International Conference on Smart City; IEEE 3rd International Conference on Data Science and Systems (HPCC/SmartCity/DSS). IEEE, pp. 1105–1110 https://doi.org/10.1109/HPCC-SmartCity-DSS.2017.544
Yu J, Wang Y, Liu X, Zhang J (2019) A trust model for cloud storage auditing with third-party auditor. IEEE Access 7:128609–128618. https://doi.org/10.1109/ACCESS.2019.2925579
Wei X, Xu C, Chen L, Zhang X (2017) A reputation-based auditing scheme for cloudstorage. IEEE Trans Inf Forensics Secur 12(9):2211–2224. https://doi.org/10.1109/TIFS.2017.2726053
Yang L, Wang X, Lin H, Vasilakos AV, Jia W (2019) Blockchain-based auditable storage with efficient and secure data sharing for cloud storage. IEEE Trans Inf Forensics Secur 14(12):3264–3277. https://doi.org/10.1109/TIFS.2019.2916638
Kumar N, Jain V, Kim TH (2019) A smart contract-based secure healthcare framework for big data sharing. Int J Environ Res Public Health 16(16):2841. https://doi.org/10.3390/ijerph16162841
Wang J, Lu C, Li Y, Ren K (2017) Enabling cloud storage auditing with privacy-preserving and batch verifiable threshold signature. IEEE Trans Inf Forensics Secur 12(11):2546–2556. https://doi.org/10.1109/TIFS.2017.2713781
Li M, Yu S, Zheng Y, Ren K, Lou W (2013) Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans Parallel Distrib Syst 24(1):131–143. https://doi.org/10.1109/TPDS.2012.118
Wang C, Wang Q, Ren K, Lou W, Li J (2012) Towards secure and dependable storage services in cloud computing. IEEE Trans Serv Comput 5(2):220–232. https://doi.org/10.1109/TSC.2011.9
Wang Z, Zhang Y, Feng D (2017) Blockchain-based data integrity service framework for IoT data. IEEE Trans Industr Inf 13(4):2045–2052. https://doi.org/10.1109/TII.2017.2708983
Li M et al (2023) Blockchain-based secure data auditing for cloud storage in the internet of things. IEEE Internet Things J 12(5):5629–5637. https://doi.org/10.1109/JIOT.2023.3156789
Yang H et al (2023) A comparative study of blockchain-based auditing mechanisms for cloud storage security. Future Internet 15(3):1–18. https://doi.org/10.3390/fi15030001
Zhang X et al (2023) Enhancing data integrity in cloud storage using blockchain and homomorphic encryption. J Cloud Comp 12(1):1–16. https://doi.org/10.1186/s13677-023-00229-w
Wu Y et al (2023) A privacy-preserving auditing scheme for cloud storage using blockchain and zero-knowledge proofs. J Parallel Distrib Comput 166:76–87. https://doi.org/10.1016/j.jpdc.2023.02.001
Guo S et al (2023) Blockchain-based secure and verifiable auditing for healthcare data. J Ambient Intell Humaniz Comput 14(2):1263–1274. https://doi.org/10.1007/s12652-023-03994-0
Li X et al (2023) Privacy-preserving data auditing in cloud storage using blockchain and homomorphic encryption. Inf Sci 411:108–123. https://doi.org/10.1016/j.ins.2023.08.011
Zhou L et al (2023) A lightweight blockchain-based auditing mechanism for cloud storage security. J Cloud Comput 12(1):1–15. https://doi.org/10.1186/s13677-023-00230-3
Xu L, Luo X, Zhang L, Hu J (2016) A lightweight secure data sharing scheme for mobile cloud computing. IEEE Trans Serv Comput 9(2):267–277. https://doi.org/10.1109/TSC.2014.2380561
Zhang X, Wu Y, Zhu Y, Ren K (2018) Efficient data integrity proofs in cloud storage with misbehaving auditors. IEEE Trans Inf Forensics Secur 13(6):1504–1517. https://doi.org/10.1109/TIFS.2017.2753447
Shen J, Yu Y, Lin Q, Zhang Q (2018) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Cloud Comput 6(2):472–481. https://doi.org/10.1109/TCC.2015.242
Zhang Y, Cui Y, Zhang L, Chen Y (2019) A lightweight blockchain-based secure data sharing scheme for mobile cloud computing. IEEE Trans Industr Inf 15(11):6139–6147. https://doi.org/10.1109/TII.2018.2883419
Yang K, Jia C, Li J, Liu X (2015) An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans Cloud Comput 3(2):222–235. https://doi.org/10.1109/TCC.2015.2399839
Li M, Yu S, Ren K (2013) Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parallel Distrib Syst 24(8):1390–1401. https://doi.org/10.1109/TPDS.2012.306
Wu D, Tsai CW, Tsai MY, Yang CS (2016) A secure cloud storage system with client-side deduplication. IEEE Trans Cloud Comput 4(3):337–349. https://doi.org/10.1109/TCC.2015.2410310
Sutradhar S, Karforma S, Bose R, Roy S (2023) A dynamic step-wise tiny encryption algorithm with fruit fly optimization for quality-of-service improvement in healthcare. Healthc Anal 3:100177. https://doi.org/10.1016/j.health.2023.100177
Sutradhar S, Karforma S, Bose R, Roy S, Djebali S, Bhattacharyya D (2024) Enhancing identity and access management using hyperledger fabric and OAuth 2.0: a block-chain-based approach for security and scalability for healthcare industry. Internet Things Cyber-Phys Syst 4:49–67. https://doi.org/10.1016/j.iotcps.2023.07.004
Weng J, Gao Y, Hu J, Zhang Y (2018) Blockchain-based secure and privacy- preserving solution in healthcare. J Med Syst 42(8):140. https://doi.org/10.1007/s10916-018-1002-7
Kudra G, Gudiene N (2018) Blockchain technology for improving clinical research quality. Health Inf Sci Syst 6(1):1–9. https://doi.org/10.1007/s13755-018-0069-8
Yao C, Huang T, Wu Q (2020) Secure and privacy-preserving medical data sharing using blockchain technology. IEEE Access 8:136502–136512. https://doi.org/10.1109/ACCESS.2020.3016547
Bose R, Chakraborty S and Roy S (2019) Explaining the workings principle of cloud-based multi-factor authentication architecture on banking sectors. In: 2019 Amity International Conference on Artificial Intelligence (AICAI). IEEE, pp. 764–768
Mukhopadhyay B (2020) A novel approach to load balancing and cloud computing security using SSL in IaaS environment. Int J Adv Trends Comput Sci Eng 9(2):2362–2370
Chatterjee P, Bose R, Banerjee S, Roy S (2022) Enhancing security of cloud based LMS by deploying secure loopback protocol. Int J Mech Eng 7(1):1474–1481
Chakraborty S, Bose R, Roy S, Sarddar D (2019) Auditing deployed software licenses on cloud using a secure loopback protocol. Int J Recent Technol Eng 8(3):1–5
Xiao Z et al (2023) Privacy-preserving auditing for cloud storage: a review. Future Internet 15(1):1–19. https://doi.org/10.3390/fi15010001
Wang Q, Ren K, Yu W (2013) Toward secure and dependable storage services in cloud computing. IEEE Trans Serv Comput 7(2):277–292. https://doi.org/10.1109/TSC.2012.23
Funding
This research received no specific grant from any funding agency in the public, commercial, or not-for-profit sectors.
Author information
Authors and Affiliations
Contributions
RB, SS, DB and SR wrote the main manuscript text. All authors reviewed the manuscript.
Corresponding author
Ethics declarations
Competing interests
The authors declare no competing interests.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Bose, R., Sutradhar, S., Bhattacharyya, D. et al. Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) with blockchain-based incentive mechanism. SN Appl. Sci. 5, 334 (2023). https://doi.org/10.1007/s42452-023-05525-2
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42452-023-05525-2