Blockchain-Enabled and Data-Driven Smart Healthcare Solution for Secure and Privacy-Preserving Data Access

Author/Creator ORCID

Date

2021-07-12

Department

Program

Citation of Original Publication

Younis, Mohamed et al.; Blockchain-Enabled and Data-Driven Smart Healthcare Solution for Secure and Privacy-Preserving Data Access; IEEE Systems Journal, 12 July, 2021; https://doi.org/10.1109/JSYST.2021.3092519

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
© 2021 IEEE.  Personal use of this material is permitted.  Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works

Subjects

Abstract

The major advances in body-mounted sensors and wireless technologies have been revolutionizing the healthcare industry, where patient’s conditions can be remotely monitored by medical staff. Such a model is gaining broad support due to its economic and social advantages. However, the wealth of sensor measurements pose major technical challenges on where to store the collected data, how to ensure its integrity, who control access permissions, and how to enable secure interaction between patients and medical facilities and professionals. This article aspires to provide a holistic solution based on blockchain technology. Our solution puts the patient in charge for granting and revoking access permissions and makes it easy for healthcare organizations and providers to meet privacy regulations. The sensor data are to reside on cloud storage, while access control and session logs are maintained on blockchain. In addition, a novel data-driven authentication and secure communication protocol is proposed to mitigate the risk of fraud and identity theft. In order to enforce such a protocol, all interactions between the cloud and patients and healthcare providers are regulated through smart contracts. The security properties of our solution are analyzed using AVISPA; it is also shown to be computationally efficient.