Secure Access Control for Electronic Health Records in Blockchain-Enabled Consumer Internet of Medical Things
Yujie Hong, Liang Yang, Wei Liang, Anke Xie
Abstract
The popularization of electronic health records (EHRs) effectively improves the efficiency of diagnosis and treatment of diseases, however, it also lays a hidden danger for the leakage of patients’ privacy, so it needs a stricter and more flexible access control mechanism. In addition, the medical ministry (MM) usually investigates illegal medical activities after they have already taken place and caused harm, resulting in a serious lag in regulation. To solve these problems, we propose a blockchain-based system that enables patient-leading fine-grained access control against EHRs. In contrast to the currently existing systems, this scheme uses blank EHRs as the medium, combining attribute-based encryption and blockchain to enable MM to engage in the regulation of medical activities before they taking place. In order to reduce the storage cost of the whole system, we apply the chameleon hash function to the process of calculating file storage addresses in the inter-planetary file system. Moreover, the introduction of single sign-on can improve the security and efficiency of patients’ vital signs transmission in telemedicine scenario, and the introduction of proxy re-encryption can improve the efficiency of authorization of EHRs. Theoretical analysis and experiments show that the scheme satisfies both the security and feasibility requirements.