Submitted by CAE Community on

The healthcare ecosystem involves several interconnected stakeholders with different and sometimes conflicting security and privacy requirements. Sharing medical data, particularly remotely generated data, is a challenging task. Although there are several solutions in the literature that address the interoperability & scalability functional requirements of such services, as well as the security & privacy requirements, achieving a good balance between these is not a trivial task as off-the-shelf solutions do not exist. On one hand, centralized cloud based architectures provide interoperability & scalability, but make strong trust assumptions. On the other, decentralized blockchain platforms support independent trust management and data privacy, but typically do not allow dynamic changes of the underlying trust domains.

To address this challenge we propose a hierarchical multi-expressive blockchain architecture that addresses this challenge by providing: (a) dynamic trust management between different authorities, (b) flexible access control policy enforcement at the domain and cross-domain level and, (c) a global source of trust for all entities by an immutable forensics-by-design auditing mechanism. Fine-grain access is enabled by using an attribute based encryption scheme that provides a single access point that cannot be bypassed by users or authorities and that supports flexible shared multiowner encryption, when attribute keys from different authorities are combined to decrypt data. The effectiveness of the proposed approach is validated experimentally. The multi-blockchain has also been implemented using the Hyberledger Fabric.

This work based on the following publications of the presenter.

  1. JANUS: Efficient multi-authority & multi-domain attribute based access control in practice, submitted, 2022.
  2. A hierarchical multiblockchain for fine grained access to medical data, V Malamas, P. Kotzanikolaou, TK Dasaklis, M. Burmester, IEEE Access 8, 134393-134412, 2020
  3. A forensics by design management framework for medical devices based on blockchain, V Malamas, TK Dasaklis, P Kotzanikolaou, M Burmester, S Katsikas, IEEE World Congress on Services (SERVICES) 2642, 35-40, 2019

 

Mike Burmester, Xiuwen Liu