Abstract
Access control is a crucial part of a system’s security, restricting what actions users can perform on resources. Therefore, access control is a core component when dealing with e-Health data and resources, discriminating which is available for a certain party. We consider that current systems that attempt to assure the share of policies between facilities are mostly centralized, being prone to system’s and network’s faults and do not assure the integrity of policies lifecycle. Using a blockchain as store system for access policies we are able to ensure that the different entities have knowledge about the policies in place while maintaining a record of all permission requests, thus assuring integrity, auditability and authenticity.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bogaerts, J., Decat, M., Lagaisse, B., Joosen, W.: Entity-based access control: supporting more expressive access control policies. In: Proceedings of the 31st Annual Computer Security Applications Conference, ACSAC 2015, pp. 291–300. ACM, New York (2015)
Boulos, M.N.K., Rocha, A., Martins, A., Vicente, M.E., Bolz, A., Feld, R., Tchoudovski, I., Braecklein, M., Nelson, J., Laighin, G.Ó., et al.: CAALYX: a new generation of location-based services in healthcare. Int. J. Health Geogr. 6(1), 9 (2007)
Buterin, V.: On public and private blockchains, August 2015. https://blog.ethereum.org/2015/08/07/on-public-and-private-blockchains/. Accessed 06 June 2017
Chepurnoy, A., Meshkov, D.: On space-scarce economy in blockchain systems. IACR Cryptology ePrint Archive 2017, 644 (2017)
Intel Corporation: Sawtooth lake latest documentation (2015). https://intelledger.github.io/. Accessed 06 Feb 2017
Deloitte: Bitcoin, blockchain & distributed ledgers: caught between promise and reality. Technical report, Centre for the Edge, Australia (2015)
Di Francesco Maesa, D., Mori, P., Ricci, L.: Blockchain based access control. In: Distributed Applications and Interoperable Systems: 17th IFIP WG 6.1 International Conference, pp. 206–220 (2017)
Buterin, V.: Ethereum: a next-generation smart contract and decentralized application platform (2014)
Godik, S., Moses, T.: OASIS extensible access control markup language (XACML). OASIS Committee Specification cs-xacml-specification-1.0 (2002)
Hu, V.C., Ferraiolo, D., Kuhn, D.R.: Assessment of access control systems. US Department of Commerce, National Institute of Standards and Technology (2006)
Hu, V.C., Ferraiolo, D., Kuhn, R., Friedman, A.R., Lang, A.J., Cogdell, M.M., et al.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Special Publication 800(162) (2013)
IDC: The digital universe: driving data growth in healthcare. Report, EMC Corporation and International Data Corporation (2014)
Li, M., Yu, S., Ren, K., Lou, W.: Securing personal health records in cloud computing: patient-centric and fine-grained data access control in multi-owner settings. In: Social-Informatics and Telecommunications Engineering. Lecture Notes of the Institute for Computer Sciences, pp. 89–106 (2010)
Lukowicz, P., Kirstein, T., Troster, G.: Wearable systems for health care applications. Methods Inf. Med.-Methodik der Inf. der Med. 43(3), 232–238 (2004)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system, p. 9 (2008)
Nijeweme-d’Hollosy, W.O., van Velsen, L., Huygens, M., Hermens, H.: Requirements for and barriers towards interoperable ehealth technology in primary care. IEEE Internet Comput. 19(4), 10–19 (2015)
Patrick, K., Griswold, W.G., Raab, F., Intille, S.S.: Health and the mobile phone. Am. J. Prev. Med. 35(2), 177 (2008)
Tan, L., Wang, N.: Future internet: the internet of things. In: 2010 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), vol. 5, pp. V5-376–V5-380, August 2010
Tang, P.C., Ash, J.S., Bates, D.W., Overhage, J.M., Sands, D.Z.: Personal health records: definitions, benefits, and strategies for overcoming barriers to adoption. J. Am. Med. Inform. Assoc. 13(2), 121–126 (2006)
Underwood, S.: Blockchain beyond bitcoin. Commun. ACM 59(11), 15–17 (2016)
Yue, X., Wang, H., Jin, D., Li, M., Jiang, W.: Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control. J. Med. Syst. 40(10), 218 (2016)
Acknowledgment
This work was supported by Project “NanoSTIMA: Macro-to-Nano Human Sensing: Towards Integrated Multimodal Health Monitoring and Analytics/NORTE-01-0145-FEDER-000016” is financed by the North Portugal Regional Operational Programme (NORTE 2020), under the PORTUGAL 2020 Partnership Agreement, and through the European Regional Development Fund (ERDF).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Dias, J.P., Sereno Ferreira, H., Martins, Â. (2020). A Blockchain-Based Scheme for Access Control in e-Health Scenarios. In: Madureira, A., Abraham, A., Gandhi, N., Silva, C., Antunes, M. (eds) Proceedings of the Tenth International Conference on Soft Computing and Pattern Recognition (SoCPaR 2018). SoCPaR 2018. Advances in Intelligent Systems and Computing, vol 942. Springer, Cham. https://doi.org/10.1007/978-3-030-17065-3_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-17065-3_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-17064-6
Online ISBN: 978-3-030-17065-3
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)