Electronic health record (EHR) has recorded the process of occurrence, development, and treatment of diseases. So it has high medical value. Owing to the private and sensitive nature of medical data for patients, the data sharing and privacy preservation are critical issues in EHR. Blockchain technology may be a promising solution for the problems above since it holds the features of decentralization and tamper resistance. In the paper, we propose a medical data sharing and protection scheme based on the hospital's private blockchain to improve the electronic health system of the hospital. Firstly, the scheme can satisfy various security properties such as decentralization, openness, and tamper resistance. A reliable mechanism is created for the doctors to store medical data or access the historical data of patients while meeting privacy preservation. Furthermore, a symptoms-matching mechanism is given between patients. It allows patients who get the same symptoms to conduct mutual authentication and create a session key for their future communication about the illness. The proposed scheme is implemented by using PBC and OpenSSL libraries. Finally, the security and performance evaluation of the proposed scheme is given.
INDEX TERMSBlockchain, electronic health record, medical data, sharing and protection, symptoms-matching.
I. INTRODUCTION
Wireless body area network (WBAN) provides a medium through which physiological information could be harvested and transmitted to application provider (AP) in real time. Integrating WBAN in a heterogeneous Internet of Things (IoT) ecosystem would enable an AP to monitor patients from anywhere and at anytime. However, the IoT roadmap of interconnected 'Things' is still faced with many challenges. One of the challenges in healthcare is security and privacy of streamed medical data from heterogeneously networked devices. In this paper, we first propose a heterogeneous signcryption scheme where a sender is in a certificateless cryptographic (CLC) environment while a receiver is in identity-based cryptographic (IBC) environment. We then use this scheme to design a heterogeneous access control protocol. Formal security proof for indistinguishability against adaptive chosen ciphertext attack and unforgeability against adaptive chosen message attack in random oracle model is presented. In comparison with some of the existing access control schemes, our scheme has lower computation and communication cost.
Recently, the concept of the Internet of Things (IoT) has drawn considerable attention from both industry and academia. In the IoT, millions of objects with sensors collect data and send the data to servers that analyze, manage and use the data in order to construct some kinds of smart systems, such as smart grid, intelligent transportation systems, healthcare systems and even smart city. It is critical to establish a secure channel between the sensors and servers in order to ensure the correctness of collected data. If the collected data is tampered, the results of data analysis is unbelievable, and may even bring serious disaster. In this paper, we propose a heterogeneous ring signcryption scheme for secure communication from sensors to servers. We prove that this scheme has the indistinguishability against adaptive chosen ciphertext attacks (IND-CCA2) and existential unforgeability against adaptive chosen messages attacks under the computational Diffie-Hellman problem in the random oracle model. Our scheme has the following advantages (1) it simultaneously achieves confidentiality, integrity, authentication, non-repudiation and anonymity in a logical single step; (2) it is heterogeneous and allows a sensor node in an identity-based cryptography to send a message to a server in a public key infrastructure. These features make our scheme suitable for data transmission in the IoT.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.