The existing blockchain-based medical data sharing schemes perform access control without the consideration of time dimension. To solve this problem, this paper proposes a medical data security sharing scheme, based on consortium blockchain in consideration of time dimension to perform access control. Firstly, medical data ciphertext is stored in cloud storage, and the metadata is stored in the consortium blockchain, such that the medical data can be stored and shared safely. Secondly, by combining smart contract with ciphertext-policy attribute-based encryption (CP-ABE), a data security sharing protocol is designed to realize fine-grained access control with time dimension. The security analysis and experimental results show that this scheme could realize fine-grained access control with time dimension, besides ensuring the security of the stored medical data.
ZHOU Zhengqiang, CHEN Yuling, LI Tao, REN Xiaojun, QING Xinyi
. Medical Data Security Sharing Scheme Based on Consortium Blockchain[J]. Journal of Applied Sciences, 2021
, 39(1)
: 123
-134
.
DOI: 10.3969/j.issn.0255-8297.2021.01.011
[1] Tawalbeh L A, Mehmood R, Benkhlifa E, et al. Mobile cloud computing model and big data analysis for healthcare applications[J]. IEEE Access, 2016:6171-6180.
[2] Xia Q, Sifah E B, Asamoah K O, et al. Medshare:trust-less medical data sharing among cloud service providers via blockchain[J]. IEEE Access, 2017:14757-14767.
[3] 侯佳音, 史淳樵. 云计算技术在医院的信息化建设中的应用研究[J]. 电子设计工程, 2016, 24(5):35-39. Hou J Y, Shi C Q. Application of cloud computing technologies in information technology of hospitals[J]. Electronic Design Engineering, 2016, 24(5):35-39.
[4] Xiong N, Vasilakos A V, Wu J, et al. A self-tuning failure detection scheme for cloud computing service[C]//International Parallel and Distributed Processing Symposium, 2012:668-679.
[5] 王崇霞, 丁颜, 刘倩, 等. 云计算环境的联盟身份认证方案设计[J]. 应用科学报, 2015, 33(2):215222. Wang C X, Ding Y, Liu Q, et al. Design of alliance identity authentication scheme in cloud computing environment[J]. Journal of Applied Sciences, 2015, 33(2):215-222. (in Chinese)
[6] Sang Y, Shen H, Tan Y, et al. Efficient protocols for privacy preserving matching against distributed datasets[C]//International Conference on Information and Communication Security, 2006:210-227.
[7] Xhafa F, Li J W, Zhao G, et al. Designing cloud-based electronic health record system with attribute-based encryption[J]. Multimedia Tools Applications, 2015, 74(10):3441-3458.
[8] Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption:attribute-based encryption and (hierarchical) inner product encryption[C]//Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Riviera, French, 2010:62-91.
[9] Zhang H L, Yu J, Tian C L, et al. Cloud storage for electronic health records based on secret sharing with verifiable reconstruction outsourcing[J]. IEEE Access, 2018:40713-40722.
[10] Nakamoto S. Bitcoin:a peer-to-peer electronic cash system[EB/OL].[2020-10-15]. https://bitcoin.org/bitcoin.pdf.
[11] 李博, 郑博, 郭子阳, 等. 区块链技术在金融方向应用的发展及展望[J]. 应用科学学报, 2019, 37(2):151-163. Li B, Zheng B, Guo Z Y, et al. The state-of-the-art blockchain applications in finance:progress and trends[J]. Journal of Applied Sciences, 2019, 37(2):151-163. (in Chinese)
[12] 薛腾飞, 傅群超, 王枞. 基于区块链的医疗数据共享模型研究[J]. 自动化学报, 2017, 43(9):15551562. Xue T F, Fu Q C, Wang C, et al. A medical data sharing model via blockchain[J]. Acta Automatica Sinica, 2017, 43(9):1555-1562.
[13] Yue X, Wang H, Jin D, et al. Healthcare data gateways:found healthcare intelligence on blockchain with novel privacy risk control[J]. Journal of Medical Systems, 2016, 40(10):218.
[14] Liu J W, Li X L, Ye L, et al. BPDS:a blockchain based privacy-preserving data sharing for electronic medical records[C]//2018 IEEE Global Communications Conference. Abu Dhabi, United Arab Emirates, 2018:1-6.
[15] Dagher G G, Mohler J, Milojkovic M, et al. Ancile:privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology[J]. Sustainable Cities and Society, 2018, 39:283-297.
[16] Wang S, Zhang D, Zhang Y. Blockchain-based personal health records sharing scheme with data integrity verifiable[J]. IEEE Access, 2019, 7:102887-102901.
[17] Wang H, Song Y. Secure cloud-based HER system using attribute-based cryptosystem and blockchain[J]. Journal of Medical Systems, 2018, 42(8):152-161.
[18] Yang X, Li T, Pei X, et al. Medical data sharing scheme based on attribute cryptosystem and blockchain technology[J]. IEEE Access, 2020, 8:45468-45476.
[19] Zhang R, Liu L, Xue R. Role-based and time-bound access and management of EHR data[J]. Security and Communication Networks, 2014, 7(6):994-1015.
[20] Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption[C]//Proceeding of 2007 IEEE Symposium on Security and Privacy. Piscataway, NJ, USA:IEEE, 2007:321-324.
[21] Szabo N. Smart contracts:building blocks for digital markets[EB/OL].[2020-08-26]. https://ww.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart_contracts_2.html.
[22] Castro M, Liskov B. Practical Byzantine fault tolerance and proactive recovery[J]. ACM Transactions on Computer Systems, 2002, 20(4):398-461.
[23] Azaria A, Ekblaw A, Vieira T, et al. Medrec:using blockchain for medical data access and permission management[C]//IEEE International Conference on Open and Big Data, 2016:25-30.
