Abstract
This paper is an exploration to securely integrate geo-scattered medical data silos and to provide privacy-preserving data sharing via blockchain and cryptography. We leverage broadcast encryption, key regression, data privacy classification, blockchain and smart contract holistically to address such a challenge. In our design, a patient’s medical records are divided into multiple parts with different sensitivities according to personal privacy requirements. Each part is encrypted with a symmetric encryption key and it is broadcast encrypted to a pre-defined user set. Data encryption keys are generated by a key regression scheme, where keys used to encrypt low-sensitivity data parts can be derived from keys used to encrypt high-sensitivity data parts. With such a mechanism, we can enforce strict access and privacy control on medical data. Furthermore, we use Ethereum blockchain to connect various institutions to provide efficient data sharing, and we design smart contracts to implement the business logic of medical data sharing.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
General data protection regulation (2016). https://eugdpr.org/the-regulation/
Summary of the HIPAA security rule (2017). https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/
https://www.healthcareitnews.com/projects/biggest-healthcare-data-breaches-2018-so-far (2018)
Azaria, A., Ekblaw, A., Vieira, T., Lippman, A.: MedRec: using blockchain for medical data access and permission management. In: International Conference on Open and Big Data (OBD), pp. 25–30. IEEE (2016)
Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_16
Buterin, V.: A next-generation smart contract and decentralized application platform. White Paper (2014)
Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed Cryptocurrencies and Consensus Ledgers, vol. 310 (2016)
Ethereum: Proof of stake FAQ (2014). https://github.com/ethereum/wiki/wiki/Proof-of-Stake-FAQ
Fan, K., Wang, S., Ren, Y., Li, H., Yang, Y.: MedBlock: efficient and secure medical data sharing via blockchain. J. Med. Syst. 42(8), 136 (2018)
Fiat, A., Naor, M.: Broadcast encryption. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 480–491. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48329-2_40
Fu, K., Kamara, S., Kohno, T.: Key regression: enabling efficient key distribution for secure distributed storage (2006)
Guo, R., Shi, H., Zhao, Q., Zheng, D.: Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems. IEEE Access 776(99), 1–12 (2018)
Hur, J., Noh, D.K.: Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans. Parallel Distrib. Syst. 22(7), 1214–1221 (2011)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2009). http://bitcoin.org/bitcoin.pdf
Peterson, K., Deeduvanu, R., Kanjamala, P., Boles, K.: A blockchain-based approach to health information exchange networks. In: Proceedings of the NIST Workshop Blockchain Healthcare, vol. 1, pp. 1–10 (2016)
Qiu, H., Noura, H., Qiu, M., Ming, Z., Memmi, G.: A user-centric data protection method for cloud storage based on invertible DWT. IEEE Trans. Cloud Comput. (2019)
Qiu, H., Qiu, M., Memmi, G., Liu, M.: Secure health data sharing for medical cyber-physical systems for the healthcare 4.0. IEEE J. Biomed. Health Inform. 24, 2499–2505 (2020)
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Sousa, J., Bessani, A., Vukolic, M.: A byzantine fault-tolerant ordering service for the hyperledger fabric blockchain platform. In: 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 51–58 (2018)
Xia, Q., Sifah, E.B., Asamoah, K.O., Gao, J., Du, X., Guizani, M.: MeDShare: trust-less medical data sharing among cloud service providers via blockchain. IEEE Access 5, 14757–14767 (2017)
Yang, H., Yang, B.: A blockchain-based approach to the secure sharing of healthcare data. In: Proceedings of the Norwegian Information Security Conference (2017)
Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 261–270. ACM (2010)
Zhang, A., Lin, X.: Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain. J. Med. Syst. 42(8), 140 (2018)
Acknowledgment
The authors would like to thank the anonymous referees for their reviews and insightful suggestions to improve this paper. This work is partially supported by the National Science Foundation of USA (Award No. 1547428, No. 1738965).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Jin, H., Xu, C., Luo, Y., Li, P. (2020). Blockchain-Based Secure and Privacy-Preserving Clinical Data Sharing and Integration. In: Qiu, M. (eds) Algorithms and Architectures for Parallel Processing. ICA3PP 2020. Lecture Notes in Computer Science(), vol 12454. Springer, Cham. https://doi.org/10.1007/978-3-030-60248-2_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-60248-2_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-60247-5
Online ISBN: 978-3-030-60248-2
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)