ABSTRACT
COVID-19 is currently a major global public health challenge. In the battle against the outbreak of COVID-19, how to manage and share the COVID-19 Electric Medical Records (CEMRs) safely and effectively in the world, prevent malicious users from tampering with CEMRs, and protect the privacy of patients are very worthy of attention. In particular, the semi-trusted medical cloud platform has become the primary means of hospital medical data management and information services. Security and privacy issues in the medical cloud platform are more prominent and should be addressed with priority. To address these issues, on the basis of ciphertext policy attribute-based encryption, we propose a blockchain-empowered security and privacy protection scheme with traceable and direct revocation for COVID-19 medical records. In this scheme, we perform the blockchain for uniform identity authentication and all public keys, revocation lists, etc are stored on a blockchain. The system manager server is responsible for generating the system parameters and publishes the private keys for the COVID-19 medical practitioners and users. The cloud service provider (CSP) stores the CEMRs and generates the intermediate decryption parameters using policy matching. The user can calculate the decryption key if the user has private keys and intermediate decrypt parameters. Only when attributes are satisfied access policy and the user's identity is out of the revocation list, the user can get the intermediate parameters by CSP. The malicious users may track according to the tracking list and can be directly revoked. The security analysis demonstrates that the proposed scheme is indicated to be safe under the Decision Bilinear Diffie-Hellman (DBDH) assumption and can resist many attacks. The simulation experiment demonstrates that the communication and storage overhead is less than other schemes in the public-private key generation, CEMRs encryption, and decryption stages. Besides, we also verify that the proposed scheme works well in the blockchain in terms of both throughput and delay.
ABSTRACT
IoT-based smart healthcare system allows doctors to monitor and diagnose patients remotely, which can greatly ease overcrowding in the hospitals and disequilibrium of medical resources, especially during the rage of COVID-19. However, the smart healthcare system generates enormous data which contains sensitive personal information. To protect patients’privacy, we propose a secure blockchain-assisted access control scheme for smart healthcare system in fog computing. All the operations of users are recorded on the blockchain by smart contract in order to ensure transparency and reliability of the system. We present a blockchain-assisted Multi-Authority Attribute-Based Encryption (MA-ABE) scheme with keyword search to ensure the confidentiality of the data, avoid single point of failure and implement fine-grained access control of the system. IoT devices are limited in resources, therefore it is not practical to apply the blockchain-assisted MA-ABE scheme directly. To reduce the burdens of IoT devices, We outsource most of the computational tasks to fog nodes. Finally, the security and performance analysis demonstrate that the proposed system is reliable, practical, and efficient. IEEE
ABSTRACT
With the assistance of Internet of Things (IoT), the fast developing Healthcare Internet of Things (H-IOT) have promoted the healthcare ecosystem into the era of Health 5.0 and enables many promising medical applications, such as remote healthcare that is crucial in pandemic (e.g, COVID-19). Healthcare participants can make accurate diagnosis, treatment and research based on the shared Personal Health Records (PHRs) sensed from remote H-IOT devices. However, current H- IOT systems fall short of a secure and trustworthy PHR sharing service in remote healthcare, which is able to prevent user privacy leakage and PHR violation together with high efficiency in key distribution apart from supporting efficient data retrieval and fine-grained access control. In response, we present a blockchain- based hierarchical data sharing framework (BHDSF) to provide fine-grained access control and efficient retrieval over encrypted PHRs with low consumed hierarchical key distribution and key leakage resistance. Compared with existing solutions, BHDSF takes untrusted cloud and malicious auditor into consideration simultaneously, and achieves trustworthy PHR integrity auditing and metadata verification by leveraging blockchain technique. Besides, BHDSF enables efficiently aggregative authentication for source records from H-IoT devices, which is lacked in most of existing data sharing frameworks. Finally, we demonstrate the feasibility of BHDSF by conducting extensive empirical tests over real-world dataset. IEEE