1 Introduction

Healthcare organizations have increasingly adopted cloud storage solutions to store and manage vast amounts of sensitive patient data. While cloud storage offers numerous advantages in terms of scalability and accessibility, it also poses significant security and privacy risks. Trustworthy and secure healthcare cloud storage auditing is crucial to ensure the integrity, availability, and confidentiality of patient data stored in the cloud [1,2,3,4,5]. Traditional healthcare cloud storage audit schemes typically rely on third-party auditors (TPAs) to verify the integrity of data and ensure compliance with security policies. However, these schemes suffer from inherent trust issues, such as collusion, misreporting, or failure to detect breaches, leading to concerns about the reliability and accountability of auditors, as TPAs may not always act in the best interests of healthcare organizations and their patients [6,7,8]. There have been instances of TPAs colluding with malicious entities, misreporting audit results, or failing to detect data breaches, all of which erode the trust and confidence in cloud storage systems.

The primary objective of this study was to address the trust issues associated with traditional healthcare cloud storage audit schemes. The authors enhance trust, security, and accountability in the management of sensitive healthcare data stored in the cloud. The key objectives of this study can be summarized as follows:

  • Establishing trust and security: The primary objective is to establish trust and security in healthcare cloud storage auditing. By organizing TPAs as a group of blockchain nodes engaged in mutual surveillance, this study aims to ensure the maintenance of a reputable group by severely inspecting and punishing malicious behaviours. This approach was designed to enhance trust between healthcare entities and patients.

  • Demonstrating viability: This study demonstrates the practical viability of the proposed TCSHAS through comprehensive performance evaluations. The goal is to show that the scheme offers acceptable efficiency and is well-suited for real-world healthcare applications, effectively managing complexities without compromising efficiency.

To address these trust issues, this paper proposes the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS), which leverages the non-tamper ability and traceability features of blockchain technology. Blockchain, originally introduced as the underlying technology for cryptocurrencies such as Bitcoin, has gained attention for its potential to provide transparency, immutability, and decentralized consensus in various domains, including healthcare. TCSHAS introduces a novel incentive mechanism that promotes honest and reliable behaviours among TPAs by organizing them as a group of blockchain nodes. This group engages in mutual surveillance, ensuring the maintenance of a reputable group by severely inspecting and punishing malicious behaviors. Using blockchain technology, TCSHAS establishes an auditable and tamper-proof record of all auditing activities, making it transparent and accountable. Moreover, the TCSHAS incorporates smart contracts, which are self-executing contracts with the terms of the agreement directly written into code, to handle transactions-related matters, including dispute resolution. Smart contracts provide automation, efficiency, and enforceability, further enhancing the reliability and effectiveness of the auditing process. Through performance evaluations, we demonstrate that TCSHAS offers acceptable efficiency and is well-suited for real-world healthcare applications. By enhancing trust and security in healthcare cloud storage auditing, TCSHAS provides a foundation for reliable and accountable management of sensitive healthcare data.

Our paper seeks to make significant contributions to the field of healthcare cloud storage auditing. It aims to fortify the integrity and security of healthcare cloud storage by addressing TPA-related trust issues, leveraging blockchain technology for transparency, introducing an effective incentive mechanism, incorporating smart contracts, and providing a foundation for accountable management of sensitive healthcare data.

We introduce an intricate system model for TCSHAS, delineating the incentive mechanism based on blockchain and addressing the integration of smart contracts. An overview of the paper’s structure is as follows: In Sect. 2, we compile a comprehensive review of related research contributions, examining technology evaluations, highlighting drawbacks, and proposing potential solutions. Section 3 outlines the design of our proposed system model. The intricacies of the blockchain-based consensus mechanism are discussed in Sect. 4, while Sect.  5 provides insights into the detailed auditing process.Conducting a thorough analysis, Sect. 6 presents the results of experiments aimed at evaluating the performance and cost-effectiveness of the proposed system. Section 7 compares our model with contemporary technologies such as MediLedger, Guardtime, and Chronicled. Section 8, outlines objectives and results, while Sect. 9 concludes the paper by exploring upcoming potential scopes.

1.1 Motivations

The motivation behind the proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is rooted in the critical need to address the trust issues and security concerns inherent in traditional healthcare cloud storage auditing practices. Several key motivations and innovations drive the development of TCSHAS, which are crucial for potential readers and journals to understand:

  • Rising reliance on the cloud: Healthcare increasingly depends on cloud storage for patient data. While it offers scalability, security and privacy are vital as patient information migrates to the cloud.

  • Trust issues with auditors: Traditional audits involve third-party auditors (TPAs) who may not always be reliable. TCSHAS aims to improve the trustworthiness and accountability of TPAs.

  • Trustworthy blockchain: TCSHAS employs blockchain to create a tamper-proof audit trail, enhancing transparency and trust in audit reports and encouraging honest behavior among TPAs.

  • Incorporate incentives: Introduce incentives for TPAs to promote honesty and reliability, aligning their interests with healthcare organizations’ security goals.

  • Enhancing efficiency: Smart contracts automate auditing processes, ensuring transparency, efficiency, and enforceability while minimizing human errors and bias.

  • Scalability and performance: To demonstrate scalability without compromising performance through performance experiments.

Therefore, TCSHAS addresses trust issues in healthcare cloud storage auditing using innovative technologies and incentives, enhancing trust, security, and accountability in managing sensitive patient data in the cloud. TCSHAS audits not only the cloud provider but also the auditors themselves, enhancing accountability.

1.2 Contributions

The Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) presents innovative solutions to tackle the trust challenges prevalent in traditional healthcare cloud storage auditing. The key contributions of this scheme include harnessing blockchain for transparency and reliability, where a group of blockchain nodes comprising third-party auditors (TPAs) ensures tamper-proof auditing records, fostering trust among healthcare entities and patients. To encourage honest behavior, TCSHAS introduces a unique incentive mechanism that promotes mutual surveillance among TPAs, discouraging malicious actions and enhancing credibility through the threat of severe penalties. The integration of smart contracts enhances automation, efficiency, and enforceability in transaction-related matters, thus minimizing errors and bias. A comprehensive performance evaluation showcases the suitability of TCSHAS for real-world healthcare applications, effectively managing complexities without compromising efficiency. By establishing trust and security in healthcare cloud storage auditing, TCSHAS becomes a pivotal framework for accountable management of sensitive healthcare data, safeguarding patient privacy, and ensuring adherence to security standards. In summary, TCSHAS’s contributions to addressing TPA-related trust issues, leveraging blockchain for transparency, introducing an effective incentive mechanism, incorporating smart contracts, and its practical viability mark a substantial advancement in fortifying the integrity and security of healthcare cloud storage.

1.3 Blockchain

Blockchain has gained significant recognition for its exceptional performance in various cryptocurrency systems. Extensive research has been conducted on the security risks associated with blockchain systems and the analysis of consensus mechanisms. The application and integration of blockchain with technologies such as the Internet of Things (IoT) and cloud computing have yielded valuable research outcomes. Prominent examples of blockchain applications include Bitcoin and Ethereum. In essence, blockchain refers to a distributed database maintained by multiple nodes. The conceptual origins of blockchain can be traced back to the 2008 white paper published by Satoshi Nakamoto, in which the concept was introduced and applied to Bitcoin [9]. Several mainstream consensus mechanisms are employed in blockchain systems. These include proof of work (PoW), Proof of Stake (PoS), Practical Byzantine Fault Tolerance (PBFT), and Delegated Proof of Stake (DPoS). The majority of existing cryptocurrencies use the PoW consensus mechanism, in which members of the blockchain solve complex computational problems, binding computing resources to currency value [10]. This makes it prohibitively expensive for malicious members to launch attacks. On the other hand, the PoS consensus mechanism determines block release probability based on participants’ equity, such as the amount of funds they hold [11]. While PoS successfully addresses the resource consumption issue of traditional PoW schemes, it may lead to problems such as increasing the concentration of equity among major stakeholders, resulting in centralization and undermining the decentralized nature of blockchain [12].

To address these challenges, we propose a novel consensus mechanism called Proof of Token-Based Election (POTE). POTE consumes fewer resources than PoW while providing equal opportunities for honest and positive nodes to compete. Further details on this design are explained in the System Model Design section. Blockchain can be categorized into public private chains, and alliance chains. In our blockchain system, we adopt the design of an alliance chain, where only specific Third-Party Audit (TPA) nodes can participate. The list of TPA nodes is refreshed annually through a review meeting. This approach offers higher throughput and improved performance than other chain types. Moreover, the continuous review process ensures that only trustworthy TPA nodes remain in the blockchain system, enhancing overall system security.

1.4 Smart contracts

The integration of smart contracts within the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is pivotal. Smart contracts, which are self-executing agreements encoded with terms, assume a central role in automating and overseeing various facets of the scheme, encompassing transaction-related affairs and ensuring impartial and dependable audit processes [13]. The incorporation of smart contracts yields several merits. First, they automate audits, diminishing manual intervention and mitigating the prospects of errors or biases, thus streamlining the workflow and bolstering consistency. Second, operating on the blockchain, smart contracts guarantee that all transactions and contract states are etched into an immutable and impervious ledger, amplifying the trustworthiness of the auditing system through verifiability [14]. Third, these contracts can enact real-time compliance assessments based on predefined parameters, enabling prompt identification and resolution of security or policy breaches [15]. Furthermore, smart contracts contribute to dispute resolution by applying pre-set rules, expediting fair and efficient conflict settlement [16]. Finally, they enforce the suggested incentive structure for Third-Party Auditors (TPAs), ensuring accountability through automated monitoring and penalties for malicious behavior.

1.5 Public auditing of data

Public data auditing is the process of externally verifying the accuracy and security of data stored in a cloud system through a third-party auditor (TPA), ensuring that it remains unaltered and trustworthy [17]. This is vital for cloud storage, where data resides with external providers and users require assurance of adherence to security protocols. The procedure encompasses data outsourcing to cloud providers by owners, engagement of TPAs for regular audits, TPA-conducted integrity checks to prevent unauthorized alterations [18, 19], creation of audit reports detailing data integrity and issues, if any, and sharing these reports with owners, enhancing transparency and accountability [20]. Such auditing bolsters trust and safeguards cloud storage systems against breaches and unauthorized modifications.

2 Related work

Several research efforts have been dedicated to addressing the trust issues associated with third-party auditors (TPAs) in healthcare cloud storage audit schemes. The proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) builds upon and extends the findings of these related studies, combining blockchain technology, incentive mechanisms, and smart contracts to enhance the trust and security of healthcare cloud storage auditing. Zhang et al. proposed a blockchain-based auditing scheme for cloud storage in the healthcare domain [21]. Their work focused on using blockchain’s immutability and transparency to ensure the integrity of audit logs and verify the behavior of TPAs. However, their scheme excluded an explicit incentive mechanism for promoting honest behavior among TPAs. Yu et al. presented a trust model for cloud storage auditing to mitigate the risks associated with untrusted TPAs [22]. They employed a reputation system to assess the reliability of TPAs based on past performance. While their approach provided some level of accountability, it did not leverage blockchain technology for tamper-proofing audit records. Wei et al. proposed a reputation-based auditing scheme for cloud storage with the goal of deterring malicious TPAs through the fear of damaging their reputations [23]. While reputation systems can incentivize good behavior, they may not be sufficient to prevent collusion among malicious TPAs because reputations could be collectively manipulated. Yang et al. introduced a blockchain-based auditing mechanism for cloud storage, incorporating a Delegated Proof of Stake (DPoS) consensus mechanism [24]. DPoS enabled a more energy-efficient and scalable blockchain, which is valuable for healthcare applications with performance constraints. However, their work did not explore a comprehensive incentive mechanism or the integration of smart contracts. Kumar et al. explored the integration of smart contracts for secure and auditable healthcare data sharing in cloud environments [25]. While their work focused on data sharing rather than auditing, it demonstrated the potential of smart contracts in ensuring data privacy and transparency. Wang et al. proposed a cloud storage auditing mechanism using threshold signature schemes to protect the privacy of the data owner during auditing [26,27,28,29]. Their approach aimed to address privacy concerns but did not include a comprehensive incentive mechanism for TPAs. Li, M., et al. [30,31,32,33] proposed in their papers an audit mechanism that relies on secure computation outsourcing with the support of edge computing. This approach allows delegation of data preprocessing tasks to edge servers. These experimental results demonstrate a significant reduction in the computational burden on devices, leading to enhanced task processing efficiency. [34,35,36] In this paper, Li, X., et al. [36] introduce a privacy-enhancing solution for interconnecting edge blockchain networks that employ fully homomorphic encryption to secure on-chain data, ensuring both availability and confidentiality. They also develop a distributed private key sharing system to support relay chain auditing and provide a comprehensive security analysis Zhang et al. [37,38,39,40] introduces BC-PECK, a security framework that combines blockchain and public key searchable encryption (PECK). It encrypts all data, storing sensitive information securely in the cloud, and uses blockchain to maintain ciphertext indices. Additionally, it employs trusted smart contract execution to manage data access and sharing. In this study, Li and colleagues [27, 41, 42] present an innovative patient-centered approach and a set of methods for controlling access to PHRs on semi-trusted servers. They utilize attribute-based encryption (ABE), a dynamic auditing protocol, and convergent key management for fine-grained and scalable data access control over distributed and parallel systems. In this research, Wu et al. [43] enhance server-aided encryption with updatable encryption and a dynamic proof of ownership (PoW) protocol to enable efficient key updates and facilitate client-side deduplication. Their approach involves an updatable server-aided encryption scheme built on UE, which ensures efficient encryption and transparent user-initiated key updates at a system-wide master key level.

3 System model design

3.1 System model

The Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) architecture shown in Fig. 1 ensures secure and accountable healthcare data storage in the cloud through a blockchain-based approach. This involves healthcare organizations outsourcing data to cloud providers, backed by third-party auditors (TPAs) who conduct audits. TPAs, acting as blockchain nodes, guarantee transparency and reliability via a unique incentive mechanism. The Proof of Token-Based Election (POTE) consensus efficiently selects TPAs based on staked tokens. Smart contracts manage transactions, disputes, and incentives, thus promoting fairness. Innovative mutual surveillance incentive to foster TPA honesty. Audit reports on data integrity are securely stored on the blockchain, verified by consensus. Smart contracts handle disputes and incentives, ensuring integrity. Validated reports are shared with healthcare organizations to establish a trustworthy and secure cloud storage auditing framework for sensitive healthcare data outsourcing.

Fig. 1
figure 1

Trustworthy healthcare cloud storage auditing scheme (TCSHAS) architecture

Full size image

3.2 Proposed algorithm

  • (a) Input

  • Healthcare organization data to be audited

  • List of healthcare organizations

  • List of cloud service providers (CS)

  • List of third-party auditors (TPAs)

  • Blockchain network setup

  • Smart contracts for auditing process management

  • Proof of the Token-Based Election (POTE) consensus mechanism

  • Incentive mechanism rules and parameters

The algorithm of the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is as follows:

  • (b) Output

  • Audit reports

  • Verified and consensus-approved audit results

  • Rewards and punishments for TPAs based on the incentive mechanism

3.3 Algorithm

  • Set up a blockchain network with TPAs as nodes.

  • Deploy smart contracts on the blockchain to manage the auditing process.

  • Set up a POTE consensus mechanism for selecting TPAs as validators.

  • Define the rules and parameters of the incentive mechanism.

  • Healthcare organizations initiate audit requests by submitting details to the blockchain network.

  • The smart contract selects a group of TPAs through POTE-based election.

  • The selected TPAs become auditors and conduct the audit process.

  • TPA engage in mutual surveillance, monitoring each other’s activities for honest behavior.

  • TPAs generate audit reports containing the integrity status and identified issues.

  • Audit reports are recorded on the blockchain for transparency and immutability.

  • Other TPAs in the network verify audit reports and reach consensus on their validity.

  • Smart contracts handle dispute resolution and enforce the incentive mechanism.

  • TPAs receive rewards for honest behavior and severe punishments for malicious or dishonest behavior.

  • Validated audit reports are shared with healthcare organizations for transparency and accountability.

The above algorithm provides a high-level overview shown in Fig. 2 of the steps involved in the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS).

Fig. 2
figure 2

Data flow through the components of proposed auditing scheme

Full size image

4 Blockchain-powered healthcare cloud storage audit and incentive system

Our Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is a cutting-edge solution that ensures transparent and accountable healthcare data auditing through a novel approach. Built on the Ethereum platform, TCSHAS introduces the Proof of Token-based Election (POTE) consensus mechanism, surpassing the effectiveness of the conventional Proof of Stake (POS). Below is a concise overview of our design:

4.1 POTE consensus mechanism

TCSHAS uses the POTE consensus mechanism to establish fairness among Third Party Auditor (TPA) nodes. This mechanism guarantees equitable opportunities for TPAs to act as auditors or inspectors through democratic elections. Initially, all TPAs receive an equal token allocation. During elections, nodes determine their token expenditure, emphasizing their commitment. The following audits, nodes are rewarded with tokens proportional to their contributions, thus promoting active participation.

4.2 Block head structure

The block head contains the critical information for blockchain integrity:

  • Previous block hash: Maintains blockchain consistency.

  • Block number: Facilitates block tracking.

  • Timestamp: ensures audit timeliness.

  • Tx hash: Validates block integrity.

  • TPA base: Identifies the elected TPA for audits.

  • Total tokens: Sum of election tokens for verification.

  • Extra information: Includes auditor and inspector signatures, random numbers, and election data.

4.3 Block body structure

4.3.1 The block body encompasses

  • Remuneration information: Records payments for auditors, inspectors, and candidates, appended after the audit.

  • Transaction information: Encompasses rewards and penalties for TPAs based on their conduct.

  • Token election data: Captures token values submitted by participating TPAs.

  • Proof information: Stores challenges and proofs for validation.

4.3.2 Reward mechanism

The token and remuneration distribution are based on TPA type and behavior, with honest auditors receiving higher remuneration but fewer tokens. Inspectors and candidates are granted substantial tokens and payment. Broadcasters receive fewer tokens and no remuneration, whereas malfeasant TPAs receive neither tokens nor payment.

  • (a) Incentive mechanism

This system motivates TPA nodes to ensure blockchain stability, conduct honest audits, and uphold integrity. Honest behavior is rewarded with higher income and tokens, thereby enhancing the chances of becoming an auditor or inspector. Misconduct results in token reductions. Fairness is ensured through mechanisms such as an upper token limit and probabilistic smart contracts.

  • (b) Audit integrity

Our design guarantees the prioritization of honest, timely audits by auditors selected through smart contracts [44]. Incentives for sincere audits are translated into token values. Malicious conduct leads to the loss of rewards. Multiple inspectors prevent collusion, reinforcing audit integrity.

  • (c) Guaranteed election probability

Equal participation ensures an equitable chance of election as an auditor, provided that the TPAs submit equivalent tokens. Smart contracts guarantee fairness and equal opportunities for all participants.

  • (d) Challenge unpredictability

Challenges are determined using a random seed from the current blockchain status. This unpredictability bolsters audit security [45].

Our TCSHAS blockchain the design shown in Fig. 3 presents a secure, equitable, and incentivized environment for trustworthy healthcare data audits. By combining innovative consensus mechanisms, incentivization strategies, and integrity checks, we established a transparent healthcare cloud storage auditing system.

Fig. 3
figure 3

Design of the block

Full size image

5 Auditing process

Our proposed model, the Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS), aims to ensure trust, fairness, and accountability in the auditing process for healthcare organizations’ data stored in the cloud. It uses blockchain technology and incorporates an advanced incentive mechanism to incentivize honest behavior and discourage malicious or dishonest actions. Here is a more detailed explanation of the working principles of TCSHAS:

5.1 System initialization

  • The system is initialized with the necessary data and audit policies uploaded by the user into the smart contract “Deposit Audit.”

  • Regular audits are scheduled on the basis of the specified time in the smart contract.

  • When the scheduled audit time arrives, the smart contract is triggered to initiate the audit operation.

Here is an example of an algorithm for a deposit audit in Python:

figure a

Algorithm for the deposit audit

In this algorithm, we have a depositAudit() function that is triggered when the scheduled audit time arrives. It retrieves the necessary data and audit policies from the smart contract, performs the audit using the performAudit() function, and stores the result back in the smart contract. The performAudit() function takes the data and audit policies as inputs and iterates over each data item. For each data item, each audit policy is applied using the applyAuditPolicy() function, and the results are stored in the audit result object. The applyAuditPolicy() function represents the specific logic for each audit policy. It takes a data item and a policy as inputs, applies the policy to the data item, performs any necessary checks or validations, and returns the policy result.

5.2 Upload token

  • TPA nodes that wish to participate in the election process execute the smart contract “Upload Token” to upload their tokens for the election.

  • Tokens represent each TPA node ‘s stake and influence in the auditing process.

Here is an example of a strong algorithm for the “Upload Token” process in Python:

figure b

Algorithm for uploading the token

In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “UploadToken” with a function upload_tokens() that allows the TPA node to upload its tokens.

5.3 Elect the auditor

  • The smart contract “ElectTPA” is triggered, utilizing all uploaded tokens to designate a TPA node as the auditor responsible for conducting the audit.

  • The list of tokens is sent to the selected TPA node, providing them with the necessary resources to perform the audit.

Here is an algorithm for the “Elect Auditor” process in Python:

figure c

Algorithm for the elect auditor

In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “ElectAuditor” with a function elect () that takes the uploaded tokens as input and selects an auditor based on the token distribution.

5.4 Choose the inspector

  • The smart contract “Choose Inspector” is triggered, designating several TPA nodes as inspectors to ensure the integrity of the audit [46].

  • Inspectors play a crucial role in verifying the audit results and ensuring the correctness of the process.

Here is an example of a strong algorithm for the “Choose Inspector” process in Python:

figure d

Algorithm for choose inspector

In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “ChooseInspector” with a function choose () that takes the list of TPA nodes and the desired number of inspectors as input and selects the inspectors based on a certain criteria or algorithm defined within the smart contract.

5.5 Send challenge

  • The auditor, using the received list of tokens, executes the auditing protocol and generates a challenge.

  • The challenge is created on the basis of a random seed (r) and is sent to the cloud service provider (CS) responsible for storing the healthcare organization ‘s data.

Here is an example of a strong algorithm for the “Send Challenge” process in Python:

figure e

Algorithm for the send challenge

In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. In addition, the algorithm assumes the presence of a smart contract called “SendChallenge” with a function send_challenge() that takes the list of tokens and a random seed as input and sends the challenge to the cloud service provider. The challenge can be generated on the basis of the random seed and any other relevant parameters required for the auditing protocol.

5.6 Return proof

  • The CS receives the challenge and computes a proof in response.

  • The proof is generated by the CS to demonstrate the integrity and correctness of the data stored in the cloud.

Here is an example of a strong algorithm for the return proof process in Python:

figure f

Algorithm for return proof

In this algorithm, we assume the existence of helper functions connect_to_cs() and disconnect_from_cs() to establish and terminate the connection with the cloud service provider, respectively. In addition, the algorithm assumes that the cloud service provider has a function compute_proof() that takes the challenge as input and generates the proof in response.

5.7 Audit log

  • The auditor verifies the proof received from the CS and uploads the audit results to the selected inspector ‘s address.

  • The audit results include the random seed (r), challenge, proof, correctness indicator (1/0), timestamp (t), and auditor signature.

Here is an example of a strong algorithm for the audit log process in Python:

figure g

Algorithm for the audit log

In this algorithm, we assume the existence of helper functions connect_to_blockchain() and disconnect_from_blockchain() to establish and terminate the connection with the blockchain network, respectively. Additionally, the algorithm assumes the presence of a smart contract called “AuditLog” with a function upload_results() that takes the auditor’s address, inspector’s address, random seed, challenge, proof, correctness indicator, and timestamp as input and uploads the audit results to the selected inspector’s address.

5.8 Verify

  • The inspector receives the audit information from the auditor and verifies the auditor ‘s signature.

  • The inspector further checks the correctness of the audit results by verifying the timestamp (t), challenge, and proof.

  • The inspector sends their correctness indicator (1/0) to the blockchain system, indicating the audit’s accuracy.

5.9 Broadcast

  • The blockchain broadcasts audit and inspection information to all TPA nodes in the network.

  • Each TPA node checks the consistency between the auditor ‘s and inspector’s results.

  • If the difference rate between the results exceeds a threshold (μ), the blockchain system triggers the smart contract “Judgment.”

5.9.1 Generate block

  • If the auditor ‘s behavior is correct and consistent with the inspectors’ results, all participating nodes deduct their tokens used for the election.

  • However, if the auditor ‘s behavior is inconsistent, the judgment smart contract is executed, triggering a re-audit and generating new results [47].

  • The smart contract enforces punishments on TPA nodes with inconsistent results.

  • Finally, the blockchain generates transaction records based on the token values submitted by the TPAs and adds new blocks to the blockchain.

The above working principles demonstrate the advanced features of the TCSHAS model, including the use of tokens, smart contracts, auditors, inspectors, and the blockchain consensus mechanism to ensure a trustworthy healthcare cloud.

6 Experimental analysis

In this analysis, we delve into the details of an experiment conducted on a private blockchain network to evaluate the performance and cost-effectiveness of the proposed smart contract. The experimental parameters, including the number of participants, GAS Limit, mining block time, and account default balance, will be considered. In addition, we calculate the start cost for the proposed smart contract and compare it with common smart contracts in terms of various features and functionalities. For our experiment, the values mentioned are as follows in Table 1:

Table 1 Experimental values
Full size table

Let us break down the significance of each parameter:

Participants (10): This represents the number of entities or users interacting with the smart contract in the experiment.

GAS Limit (5,721,975): The GAS Limit signifies the computational capacity available per block on the Ethereum blockchain. It determines the number of computational operations or transactions that can be included in a single block. In this study, the limit was set at 5,721,975.

Mining Block Time (30s): This parameter defines the average time taken to mine a new block on the blockchain. In our experiment, a new block is mined approximately every 30 seconds.

Account default balance (1,000 ETH): This is the initial balance assigned to each participant’s Ethereum account, ensuring that they have sufficient funds to execute smart contract operations.

In this section of our paper, we will examine the gas expenses involved with individual operations within the envisioned smart contract, as illustrated in Figure 4. Figure 4 outlines the gas costs for each operation, serving as the basis for calculating the initial cost of implementing the proposed smart contract. Gas costs signify the computational workload and resources needed for the execution of each operation within the contract. The subsequent list details the operations and their corresponding gas costs.

Fig. 4
figure 4

Cost of the proposed smart contract

Full size image

To calculate the start cost, we need to sum up the gas costs for each operation. Assuming that all operations are performed once during initialization, the total start cost would be:

$${\text{Total start cost }} = {\text{ Sum of gas costs for each operation}}$$
$$\begin{aligned} {\text{Total start cost }} = & { 2}00,000 \, + { 15}0,000 \, + { 18}0,000 \, + { 1}00,000 \, + { 12}0,000 \, + { 15}0,000 \, + { 1}00,000 \\ \, + { 8}0,000 \, + { 9}0,000 \, + { 8}0,000 \\ \end{aligned}$$
$${\text{Total start cost }} = { 1},{25}0,000{\text{ gas}}$$

The gas limit of 5,721,975 allows multiple start operations to be performed within a single block, but it is crucial to monitor gas usage to ensure that it stays within the limit.

7 Performance experiments

Figure 5 illustrates performance experiments conducted on a private chain with varying participant numbers (5, 10, 20, and 40) for two specific operations, namely “ElectTPA” and “Choose Inspector.” The gas consumption associated with these operations is determined using the previously mentioned gas costs in Figure 5. The findings reveal that the gas consumption for both “ElectTPA” and “Choose Inspector” operations exhibits a linear increase in correlation with the number of participants. This linear growth underscores the commendable performance and scalability of the proposed smart contract, demonstrating its ability to efficiently handle a larger number of participants without a substantial rise in gas consumption. In order to establish a comparison with other commonplace smart contracts and assert its superiority, we collect detailed information on the features and functionalities of these alternative contracts. In Figure 5, a tabular representation of the performance experiments for “ElectTPA” and “Choose Inspector” operations on a private chain, featuring different participant counts, is presented. The gas costs outlined in Figure 4 are utilized to compute the gas consumption for each operation.

Fig. 5
figure 5

Execution cost of ElectTPA and choose inspector

Full size image

7.1 Comparison with other smart contracts

In the final section, a comparison table (Table 2) is provided to assess the different aspects of the proposed smart contract compared with other common smart contracts. The key features compared include:

Table 2 Comparison table of our smart contract with other common smart contracts
Full size table

To assess the superiority of the proposed smart contract, a comparison is made with other common smart contracts across various features:

  • Initialization cost: The proposed smart contract incurs an initialization cost of 1,250,000 gas, which is compared to the initialization costs of other smart contracts. This cost represents the efficiency of contract deployment.

  • Contract complexity: The proposed smart contract is classified as having medium complexity, while other contracts are rated as high, low, or high complexity. This reflects the intricacy of contract logic.

  • Security measures: The proposed smart contract is considered to have strong security measures compared to other contracts, which may have moderate or low security.

  • Scalability: Scalability is rated as high for the proposed smart contract, indicating its ability to handle a growing number of participants efficiently.

  • Flexibility in operations: The proposed smart contract offers high flexibility in operations compared to others, enabling a wide range of functionalities.

  • Integration with external systems: The proposed smart contract supports integration with external systems, which is not available in some other contracts.

  • Auditing capabilities: The proposed smart contract offers comprehensive auditing capabilities, setting it apart from contracts with basic or no auditing features.

  • Transaction throughput (TPS): The proposed smart contract achieves a TPS of 100, surpassing other contracts with lower throughput.

  • Community support and development activity: The proposed smart contract benefits from active community support and ongoing development, enhancing its sustainability and growth potential.

8 Comparative analysis with state-of-art

Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is a relatively new technique and their integrated performance has net been explored in comparison with trendy techniques. Analyzing various parameters some of State-of-Art techniques used here to weigh up, and they are:

  • MediLedger

  • Guardtime

  • Chronicled

MediLedger [46] is a blockchain platform tailored for the pharmaceutical industry, enabling secure and transparent tracking of the drug supply chain. It ensures compliance with regulatory requirements and helps combat counterfeit drugs. Guardtime [47] is a company specializing in blockchain-based cybersecurity solutions. It offers Keyless Signature Infrastructure (KSI) technology, which provides tamper-evident and real-time monitoring of data integrity across various sectors, including healthcare and defense. Chronicled [48] focuses on supply chain solutions using blockchain technology. It offers a platform that enhances transparency and traceability in supply chains, helping industries such as pharmaceuticals and luxury goods combat counterfeiting and improve product authenticity. Table 3 provides a clear summary of our investigation on how TCSHAS stacks up against the cutting edge of technology.

Table 3 Comparative analysis of TCSHAS with state-of-art techs
Full size table

9 Discussion

The proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) presents a comprehensive system model that addresses the trust, security, and accountability challenges in healthcare cloud storage auditing. By leveraging blockchain technology, incentive mechanisms, and smart contracts, the TCSHAS establishes a transparent and reliable framework for auditing sensitive healthcare data stored in the cloud. One of the key strengths of the TCSHAS is its use of the blockchain network, which ensures transparency, immutability, and decentralized consensus. The blockchain serves as a tamper-proof and auditable record of all auditing activities, providing transparency and accountability in the process [49, 50]. This decentralized nature reduces the reliance on a central authority and enhances the security and trustworthiness of the auditing scheme. The POTE consensus mechanism employed in the TCSHAS is another notable feature. POTE utilizes a token-based election system to select auditors and inspectors. This mechanism promotes fairness and equal opportunities among TPAs to be appointed for auditing tasks. By staking tokens as collateral, TPAs are incentivized to act honestly and reliably, as rewards are allocated based on their behaviour and contributions. The smart contracts in the TCSHAS automate and enforce the execution of agreements, ensuring efficiency, transparency, and fairness. They handle various aspects of the auditing process, including dispute resolution and the enforcement of the incentive mechanism. This automation reduces manual intervention, streamlines the auditing workflow, and eliminates potential human errors or biases. The incentive mechanism implemented in the TCSHAS is designed to promote honest behaviour and discourage malicious or dishonest actions among TPAs. TPAs engage in mutual surveillance, inspecting and monitoring each other’s activities to ensure the integrity of the auditing process [51, 52]. The incentive mechanism provides rewards for honest behaviour and imposes severe punishments for malicious behaviour, creating a strong deterrent against fraudulent activities. In terms of performance, the TCSHAS demonstrates high scalability and flexibility in operations. The use of a blockchain network allows for parallel processing and enables multiple auditing tasks to be performed simultaneously. This scalability ensures efficient handling of a large volume of audits and enhances the overall performance of the system. Comparing the proposed TCSHAS with other common smart contracts, it shows several advantages. Its initialization cost is comparable to other smart contracts, and its contract complexity is moderate, striking a balance between functionality and simplicity. The TCSHAS incorporates strong security measures and comprehensive auditing capabilities, ensuring the confidentiality, integrity, and availability of healthcare data [53, 54]. It also provides high scalability, flexibility in operations, and integration with external systems, making it adaptable to different healthcare environments.

10 Conclusion

In conclusion, the proposed Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) with its blockchain-based incentive mechanism stands as a robust solution for ensuring trust, security, and accountability in healthcare cloud storage auditing. By harnessing the power of blockchain technology, smart contracts, and an innovative incentive system, TCSHAS effectively addresses the challenges associated with third-party auditors (TPAs) and elevates the overall trustworthiness and reliability of the auditing process. The TCSHAS architecture comprises various essential components, including healthcare organizations, cloud service providers (CSPs), TPAs, a blockchain network, consensus mechanisms, smart contracts, incentive mechanisms, and audit reports, all working in harmony to facilitate secure and transparent auditing of sensitive healthcare data stored in the cloud. The detailed algorithm meticulously outlines each step of the TCSHAS process, ensuring the integrity, transparency, and accountability of the entire auditing workflow.

Trustworthy Healthcare Cloud Storage Auditing Scheme (TCSHAS) is one of commendable step towards improving trust and security in healthcare cloud storage audits,but it is not without limitations. Addressing these limitations will be crucial to ensuring the scheme’s continued relevance and effectiveness in real-world healthcare settings as the industry’s needs and challenges evolve. Firstly, Blockchain Scalability: TCSHAS leverages blockchain technology to establish trust and transparency among third-party auditors (TPAs). However, as the volume of healthcare data continues to grow, blockchain scalability remains a concern. The blockchain network may encounter performance bottlenecks, leading to slower transaction processing times and increased resource consumption. This limitation can hinder its ability to handle the ever-increasing demands of the healthcare industry. Secondly Complexity: While TCSHAS is designed to strike a balance between complexity and security, it is not immune to the inherent complexities of blockchain technology and smart contracts. Developing and maintaining the system may require specialized expertise, which could pose challenges for healthcare organizations with limited resources or technical capabilities. Thirdly Privacy Considerations: Although TCSHAS focuses on security, it does not explicitly address advanced privacy technologies. Healthcare data often contains sensitive and confidential information, and ensuring robust privacy protection is crucial. Future iterations of the scheme should explore the integration of advanced privacy-enhancing technologies to safeguard patient data further. Fourthly AI-Based Auditing: While TCSHAS incorporates blockchain and smart contracts for auditing purposes, it does not delve into the potential benefits of artificial intelligence (AI) in auditing processes. Integrating AI-based auditing could enhance the scheme’s ability to detect anomalies and potential security breaches more effectively. Fifthly ensuring the privacy of sensitive patient data should involve the integration of advanced privacy technologies such as zero-knowledge proofs or differential privacy. Sixthly, seamless integration with existing healthcare standards and frameworks should be explored to promote widespread adoption. Lastly Interoperability Challenges: TCSHAS’s effectiveness relies on the cooperation and adoption of the system by various healthcare organizations and third-party auditors. Achieving widespread interoperability and standardization across the healthcare industry can be a significant challenge, as different entities may have varying systems and technologies in place.

Incorporating these limitations towards future research directions into the TCSHAS framework will not only strengthen its role in instilling trust, security, and accountability within healthcare cloud storage auditing but also ensure its relevance and applicability in real-world healthcare settings.