Towards Decentralized Accountability and Self-sovereignty in Healthcare Systems

  • Xueping Liang
  • Sachin Shetty
  • Juan Zhao
  • Daniel Bowden
  • Danyi LiEmail author
  • Jihong Liu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10631)


With the increasing development and adoption of wearable devices, people care more about their health conditions than ever before. Both patients and doctors as well as insurance agencies benefit from this advanced technology. However, the emerging wearable devices creates a major concern over health data privacy as data collected from those devices can reflect patients’ heath conditions and habits, and could increase the data disclosure risks among the healthcare providers and application vendors. In this paper, we propose using the trusted execution platform enabled by Intel SGX to provide accountability for data access and propose a decentralized approach with blockchain technology to address the privacy concern. By developing a web application for personal health data management (PHDM) systems, the individuals are capable of synchronizing sensor data from wearable devices with online account and controlling data access from any third parties. The protected personal health data and data access records are hashed and anchored to a permanent but secure ledger with platform dependency, ensuring data integrity and accountability. Analysis shows that our approach provides user privacy and accountability with acceptable overhead.


Privacy protection Healthcare industry Access control Self-sovereignty Trusted computing Blockchain Decentralization Intel SGX Accountability 



This work was supported by Office of the Assistant Secretary of Defense for Research and Engineering (OASD (R & E)) agreement FA8750-15-2-0120. The work was also supported by a grant from the National Natural Science Foundation of China (No. 61402470) and the research project of Trusted Internet Identity Management (2016YFB0800505 and 2016YFB0800501).


  1. 1.
  2. 2.
    Chainpoint: a scalable protocol for anchoring data in the blockchain and generating blockchain receipts.
  3. 3.
  4. 4.
  5. 5.
    Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for cpu based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 13 (2013)Google Scholar
  6. 6.
    Chen, L., Li, J.: Flexible and scalable digital signatures in TPM 2.0. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS 2013, pp. 37–48. ACM, New York (2013).
  7. 7.
    Clippinger, J.H.: Why Self-Sovereignty Matters. Accessed 7 Mar 2017
  8. 8.
    Ekblaw, A., Azaria, A., Halamka, J.D., Lippman, A.: A case study for blockchain in Healthcare:MedRec prototype for electronic health records and medical research data. In: Proceedings of IEEE Open & Big Data Conference (2016)Google Scholar
  9. 9.
    Hardjono, T., Pentland, A.S.: Verifiable anonymous identities and access control in permissioned blockchainsGoogle Scholar
  10. 10.
    Kish, L.J., Topol, E.J.: Unpatients-why patients should own their medical data. Nat. Biotechnol. 33(9), 921–924 (2015)CrossRefGoogle Scholar
  11. 11.
    Liang, X., Zhao, J., Shetty, S., Li, D.: Towards data assurance and resilience in IoT using distributed ledger. In: IEEE MILCOM. IEEE (2017)Google Scholar
  12. 12.
    Liang, X., Shetty, S., Tosh, D., Kamhoua, C., Kwiat, K., Njilla, L.: ProvChain: a blockchain-based data provenance architecture in cloud environment with enhanced privacy and availability. In: International Symposium on Cluster, Cloud and Grid Computing. IEEE/ACM (2017)Google Scholar
  13. 13.
    Liang, X., Zhao, J., Shetty, S., Liu, J., Li, D.: Integrating blockchain for data sharing and collaboration in mobile healthcare applications, October 2017Google Scholar
  14. 14.
    Merkle, R.C.: Protocols for public key cryptosystems. In: 1980 IEEE Symposium on Security and Privacy, p. 122. IEEE, April 1980Google Scholar
  15. 15.
    Paquin, C.: U-prove technology overview v1.1 (revision 2), April 2013.
  16. 16.
    Paquin, C., Zaverucha, G.: U-prove cryptographic specification v1. 1. Technical report, Microsoft Corporation (2011)Google Scholar
  17. 17.
    Peterson, K., Deeduvanu, R., Kanjamala, P., Boles, K.: A blockchain-based approach to health information exchange networks (2016)Google Scholar
  18. 18.
    Sarangdhar, N., Nemiroff, D., Smith, N., Brickell, E., Li, J.: Trusted platform module certification and attestation utilizing an anonymous key system, 19 May 2016. US Patent App. 14/542,491
  19. 19.
    Thierer, A.D.: The internet of things and wearable technology: addressing privacy and security concerns without derailing innovation. Richmond J. Law Technol. 21, 1 (2014)Google Scholar
  20. 20.
    Yue, X., Wang, H., Jin, D., Li, M., Jiang, W.: Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 40(10), 218 (2016). Scholar
  21. 21.
    Zhang, J., Xue, N., Huang, X.: A secure system for pervasive social network-based healthcare. IEEE Access 4, 9239–9250 (2016)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Xueping Liang
    • 1
    • 2
    • 3
  • Sachin Shetty
    • 4
  • Juan Zhao
    • 3
  • Daniel Bowden
    • 5
  • Danyi Li
    • 1
    Email author
  • Jihong Liu
    • 1
  1. 1.Institute of Information EngineeringChinese Academy of SciencesBeijingChina
  2. 2.School of Cyber SecurityUniversity of Chinese Academy of SciencesBeijingChina
  3. 3.College of EngineeringTennessee State UniversityNashvilleUSA
  4. 4.Virginia Modeling Analysis and Simulation CenterOld Dominion UniversityNorfolkUSA
  5. 5.Sentara HealthcareNorfolkUSA

Personalised recommendations