Blockchain-based eHealth system for auditable EHRs manipulation in cloud environments

https://doi.org/10.1016/j.jpdc.2020.10.002Get rights and content

Highlights

  • A blockchain-based eHealth system BCES is proposed to achieve the traceability and tamper-resist of data manipulation.

  • The structure of the Proof-Chain retains a reasonable channel of accountability for vulnerable patients.

  • An attribute-based proxy re-encryption algorithms (ABPRE) is adopted to achieve fine-grained access control for patients.

Abstract

The development of cloud-assisted electronic health system effectively addresses the drawbacks of traditional medical management system. However, some challenging problems such as security and privacy in data storage and sharing cannot be ignored. First, it is difficult to ensure the integrity of electronic health records (EHRs) during the data outsourcing process. Second, it is difficult to guarantee the privacy and traceability of EHRs during the data sharing process. In this paper, a blockchain-based eHealth system called BCES is proposed to ensure that the manipulation of EHRs can be audited. In BCES, each legitimate query manipulation of data consumers, together with each legitimate outsourcing manipulation of hospitals, will be written into the blockchain as a transaction for permanent storage, which ensures the traceability. At the same time, the attributes-based proxy re-encryption is adopted to achieve fine-grained access control of medical data, and any behavior that threatens the integrity of EHRs will be discovered by the auditor. Due to the traceable and tamper-resistant characteristic of blockchain, any entity that had an illegal manipulation of EHRs will be held accountable to the evidence of our constructed Proof-Chain. Finally, security analysis and performance evaluation demonstrate that this scheme is secure and efficient.

Introduction

Applying Cloud Computing and Internet of Things technologies in medical and diagnostic services industry has already shown great advantages to improving the quality of services. Among the numerous existing schemes, the cloud-assisted electronic health system (eHealth System) has the most prominent manifestation [13], [30]. Compared with the traditional paper-based systems, eHealth systems provide a more flexible, efficient and convenient platform for storing and processing electronic health records (EHRs) from different medical institutions [4]. There is no doubt that the implementation of the cloud-assisted electronic health system will greatly change the current medical applications. Specifically, eHealth System will allow medical institutions to outsource patients’ EHRs to cloud servers and establish flexible access control mechanism without incurring significant storage and maintenance costs [32].

Although the superiority of the cloud-assisted electronichealth system is obvious, as an emerging application, there will inevitably be some security and privacy issues [29]. The medical institutions, such as hospitals, usually maintain the primary stewardship of eHealth system [11]. Therefore, the pre-processing and the outsourcing process of EHRs are usually completed by hospitals once authorized by patients. Patients can only access their EHRs during the interaction with hospitals. Most of the other time, patients have no control over their EHRs. Therefore, in order to improve the quality of medical services, allowing users to monitor their own data at any time is an important issue that needs to be resolved in current stage of researches.

Meanwhile, cloud service providers are unwilling to invest too much money and equipment to protect the privacy of patients’ EHRs out of their Service Level Agreements (SLA). They are simply committed to protecting data privacy as much as possible [1]. A single point of failure of the cloud server is also common in reality, and once the failure occurs, the integrity of EHRs is bound to be endangered [5]. Therefore, excessive trust cannot be placed on cloud service providers, the design of new strategies to break down cloud service providers’ right to control EHRs also becomes the focus of this paper.

A few existing schemes assume that cloud servers will not collude with authorized hospitals to tamper with patients’ EHRs. However, this assumption does not conform to the real situation in a sense. As commercial organizations, cloud service providers tend to compromise with interests. Therefore, it is difficult to deal with such trouble without introducing a fully trusted third-party regulator.

Another concern in cloud-assisted electronic health systems is how to provide a controlled, cross-domain and flexible data sharing of EHRs. The dissemination of EHRs has been considered to be a breakthrough for the discovery of new techniques and new therapies for curing diseases [14]. However, on one hand, the current cloud service providers have not achieved a satisfactory data sharing mechanism; on the other hand, data sharing at the current stage is highly likely to cause the risk of privacy leakage [20]. To address this problem, attribute-based cryptosystem is embedded in cloud data sharing schemes [15], [22], [26], which can realize one-to-many cloud data sharing [2], [12], and any individual who satisfies the attribute condition can access the source data. However, in the cloud-assisted electronic health system, patients, as data owners, usually do not want visitors who meet the attribute conditions to arbitrarily access their valuable EHRs, and they expect each visit must be authorized. Therefore, it is challenging to implement fine-grained access control and ensure that data transactions are legal and traceable.

Blockchain is a decentralized distributed database that creates a completely trusted environment between unfamiliar individuals without third-party trust endorsements [7]. Furthermore, blockchain combined with cryptography technology can ensure transaction traceability, irreparable modification, non-repudiation, support data security sharing and large-scale collaborative computing, as well as privacy protection for users’ identity and data [34]. In order to further develop the potential of the blockchain, many emerging technologies have also been applied to blockchain systems, such as edge computing [8]. A blockchain system combining multiple technologies will achieve greater scalability, security and efficiency. Due to the characteristic of the hash function, once the data is written into the blockchain through the consensus mechanism, no one can modify or forge the data. Therefore, the blockchain technology has been seen as a powerful tool to address the above problems in cloud-assisted electronic health systems through its attractive features [19]. However, many current studies on blockchain-based medical systems simply focus on the storage of data and the blockchain is only regarded as a distributed database, which have not give play to the potential value. Furthermore, incomplete secure data sharing and a large amount of data redundancy make many schemes unable to be applied in practice. Since current verification schemes usually involve complex calculations, patients with low computing power are always struggling to pay high computational costs to check the accuracy of their data.

Based on the foregoing overview on progresses recorded and challenges in current researches, a blockchain-based eHealth system called BCES is proposed, in order to achieve integrity of EHRs and support the data sharing of confidential EHRs. BCES inherits the advantages of traditional electronic medical systems and overcomes the defects mentioned above. Different from existing blockchain schemes, our scheme abandons the idea of using blockchain to store medical data indexes, thereby ensuring data integrity to a certain extent. The innovation of our solution is that the key information of each outsourcing and query operation is regarded as a transaction, and the transaction bill will eventually be written into the blockchain for permanent storage. Any entity with illegal manipulation will be held responsible based on the evidence in the blockchain.

Specifically, the contributions of this paper are as follows:

(1) Aiming at the drawbacks of existing medical systems, we designed a novel and efficient blockchain-based eHealth system-BCES. In this scheme, the characteristics of the blockchain are fully utilized to ensure that all kinds of users’ manipulation logs of EHRs are traceable and transparent. Moreover, the structure of the Proof-Chain retains a reasonable channel of accountability for vulnerable patient groups.

(2) Flexible access control strategies are designed for the secure sharing of EHRs. The introduction of attributes allows users to customize the authorization group, and the introduction of proxy nodes allows patients to successfully complete data authorization without requiring large computing power.

(3) Benefits from the security characteristics of the blockchain, our scheme can resist a variety of attacks, such as substitution attack, migration attack, collusion attack and replay attack, etc. And meanwhile, a performance evaluation is conducted to show the feasibility and efficiency of our scheme.

The rest of this paper is organized as follows: Section 2 reviews related work. Preliminaries are described in Section 3. In Section 4, we make the problem statement and clarify the design goals. The specific construction of our scheme is proposed in Section 5. Simulation results and discussions are presented in Section 6. Section 7 concludes the whole paper.

Section snippets

Related work

Due to the explosive growth of medical data, the traditional isolated medical data management schemes have shown obvious flaws. In order to overcome the shortcomings and improve the quality of medical services, some interactive medical systems have been implemented [16], [25]. Most of these solutions focus on how to realize the interaction between medical institutions, but pay little attention to the security and privacy threats of EHRs. As the value of medical data continues to grow, the

Bilinear maps

Let G1 be an additive cycle group and G2 be a multiplicative group with the same order p, and g is the generator of G1. A bilinear map e:G1×G1G2 has the following properties:

(1) Bilinearity: eaP,bQ=e(P,Q)ab for all P,QG1 and a,bZn.

(2) Nondegeneracy: there exists P,QG1, e(P,Q)1.

(3) Computability: there exists an efficiently computable algorithm for computing.

Bilinear mapping is an important cryptographic tool. It is used by the cryptographic algorithms such as KeyGen, Sign, and Verify

Analysis of existing cloud-assisted eHealth systems

The typical system model is shown in Fig. 2. Generally, there are five different entities in the model: hospitals, patients, cloud service provider (CSP), research institutions and key server.

As a trusted authority, key server is responsible for distributing key pairs for participating users. CSP stores data from different hospitals and provides an EHRs sharing platform. The research institution sends query requests to the cloud according to its own needs and obtains the query result. Doctors

The proposed scheme-BCES

In this section, we introduce the construction and workflow of BCES in detail. Roughly, our scheme can be divided into three parts which include system setting up, data outsourcing and data sharing. To simplify the description, the meaning of some special characters are shown as Table 1.

Security analysis

We will analyze the security of BCES in terms of the following aspects.

Performance evaluation

In this section, we conduct the experiments on an Ubuntu 18.04 with an Intel(R) Core (TM) i5-3230M CPU @2.60 GHz 4G memory.

We first test the time cost of the cryptographic algorithms involved in BCES based on cpabe-0.10 library. In this scheme, we choose the prime-order bilinear groups with 128 bits. It is worth noting that this test parameter only serves as a test reference and might not meet the security requirements of the actual system.

Conclusion

The current cloud-assisted electronic medical system combined with the blockchain has some unresolved issues, such as users’ inability to actually control their own medical data, hidden safety hazards in EHRs data sharing, and unreasonable protection of the integrity of EHRs. In order to make up for the gaps, a novel blockchain-based eHealth system-BCES was proposed. In this scheme, a Proof-Chain to store various users’ manipulations on EHRS was also established. Based on the characteristics of

CRediT authorship contribution statement

Haiping Huang: Conceptualization, Methodology, Modelling, Software. Xiang Sun: Data curation, Algorithm design, Writing - original draft. Fu Xiao: Supervision, Investigation, Validation. Peng Zhu: Software, Visualization. Wenming Wang: Writing - review & editing.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This work was supported by the National Key Research and Development Program [Grant No. 2018YFB0803403]; the National Natural Science Foundation of China [Grant Nos. ​ 61672297, and 61872194]; the Key Research and Development Program of Jiangsu Province [Grant No. BE2017742]; the Postgraduate Research & Practice Innovation Program of Jiangsu Province [Grant No. KYCX19_0908]; the Key Project on Anhui Provincial Natural Science Study by Colleges and Universities [Grant Nos. KJ2019A0579,

Haiping Huang received the B.Eng. degree and M.Eng. degree in Computer Science and Technology from Nanjing University of Posts and Telecommunications, Nanjing, China, in 2002 and 2005, respectively; and the Ph.D. degree in Computer Application Technology from Soochow University, Suzhou, China, in 2009. From May 2013 to November 2013, he was a Visiting Scholar with the School of Electronics and Computer Science, University of Southampton, Southampton, U.K. He is currently a professor with the

References (34)

  • GaiK. et al.

    Permissioned blockchain and edge computing empowered privacy-preserving smart grid networks

    IEEE Internet Things J.

    (2019)
  • GaoC. et al.

    M-SSE: An effective searchable symmetric encryption with enhanced security for mobile devices

    IEEE Access

    (2018)
  • GoyalV. et al.

    Attribute-based encryption for fine-grained access control of encrypted data

  • GuoR. et al.

    Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems

    IEEE Access

    (2018)
  • HongH. et al.

    A fine-grained attribute based data retrieval with proxy re-encryption scheme for data outsourcing systems

    Mob. Netw. Appl.

    (2018)
  • HuangH. et al.

    Private and secured medical data transmission and analysis for wireless sensing healthcare system

    IEEE Trans. Ind. Inform.

    (2017)
  • KosbaA. et al.

    Hawk: The blockchain model of cryptography and privacy-preserving smart contracts

  • Cited by (0)

    Haiping Huang received the B.Eng. degree and M.Eng. degree in Computer Science and Technology from Nanjing University of Posts and Telecommunications, Nanjing, China, in 2002 and 2005, respectively; and the Ph.D. degree in Computer Application Technology from Soochow University, Suzhou, China, in 2009. From May 2013 to November 2013, he was a Visiting Scholar with the School of Electronics and Computer Science, University of Southampton, Southampton, U.K. He is currently a professor with the School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China. His research interests include wireless sensor networks and Internet of Things.

    Xiang Sun received the B.S. degree from Soochow University, Suzhou, China, in 2017. He is currently pursuing the M.S. degree with the School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China. His research interests include privacy protection in Internet of things and blockchain.

    Fu Xiao received the Ph.D. degree in Computer Science and Technology from Nanjing University of Science and Technology, Nanjing, China, in 2007. He is currently a Professor and Ph.D. supervisor with the School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China. His main research interest is Wireless Sensor Networks. Dr. Xiao is a member of the IEEE Computer Society and the Association for Computing Machinery.

    Peng Zhu received the B.S. degree from Nanjing University of Information Science and Technology, NanJiing, China, in 2018. He is currently pursuing the M.S. degree with the School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China. His research interests include privacy protection in Internet of things and blockchain.

    Wenming Wang received the M.S. degree from the College of Information Science and Technology, Jinan University, Guangzhou, China, in 2014. He is currently a Lecturer with the School of Computer and Information, Anqing Normal University. He is pursuing the Ph.D. degree with the School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing, China, simultaneously. His research interests include wireless sensor networks and information security.

    View full text