Skip to main content
Springer Nature Link
Log in

Towards Secure and Privacy-Preserving Data Sharing in e-Health Systems via Consortium Blockchain

  • Systems-Level Quality Improvement
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Electronic health record sharing can help to improve the accuracy of diagnosis, where security and privacy preservation are critical issues in the systems. In recent years, blockchain has been proposed to be a promising solution to achieve personal health information (PHI) sharing with security and privacy preservation due to its advantages of immutability. This work proposes a blockchain-based secure and privacy-preserving PHI sharing (BSPP) scheme for diagnosis improvements in e-Health systems. Firstly, two kinds of blockchains, private blockchain and consortium blockchain, are constructed by devising their data structures, and consensus mechanisms. The private blockchain is responsible for storing the PHI while the consortium blockchain keeps records of the secure indexes of the PHI. In order to achieve data security, access control, privacy preservation and secure search, all the data including the PHI, keywords and the patients’ identity are public key encrypted with keyword search. Furthermore, the block generators are required to provide proof of conformance for adding new blocks to the blockchains, which guarantees the system availability. Security analysis demonstrates that the proposed protocol can meet with the security goals. Furthermor, we implement the proposed scheme on JUICE to evaluate the performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Notes

  1. The hash value of the encrypted PHI is uploaded to the chain while the original ciphertext is stored in the local computer client.

  2. Fast Healthcare Interoperability Resources is a standard describing data formats and elements for exchanging electronic health records. Its goals is to facilitate interoperation between legacy health care systems. This resource makes it easy to provide health care information to health care providers and individuals on a wide variety of devices from computers to tablets to cell phones. It also allows third-party application developers to provide medical applications which can be easily integrated into existing systems.

  3. To avoid the case that less than 8 new blocks are generated in a long period, a time interval can be predefined in the system.

  4. The doctor can also be chosen by the user in practical applications.

  5. 51% attack brings the attacker more cost than benefits thus it rarely happens [12].

  6. https://www.juzhen.io/

  7. http://gas.dia.unisa.it/projects/jpbc/#.Wm8S_GWHnKo

  8. http://solidity.readthedocs.io/en/develop/units-and-global-variables.html

  9. The computer also needs to compute a signature. As signature algorithm is not specified in the scheme, we do not consider its time cost in the system.

References

  1. Abbas, A., and Khan, S. U., A review on the state-of-the-art privacy-preserving approaches in the e-health clouds. IEEE Journal of Biomedical and Health Informatics 18(4):1431–1441, 2014.

    Article  PubMed  Google Scholar 

  2. Shen, Q., Liang, X., Shen, X., Lin, X., and Luo, H., Exploiting geo-distributed clouds for a e-Health monitoring system with minimum service delay and privacy preservation. IEEE Journal of Biomedical and Health Informatics 18(2):430–439, 2014.

    Article  PubMed  Google Scholar 

  3. Yang, Y., and Ma, M., Conjunctive keyword search with designated tester and timing enabled proxy re-encryption function for e-Health clouds. IEEE Transactions on Information Forensics and Security 11(4):746–759, 2016.

    Google Scholar 

  4. Zhou, J., Cao, Z., Dong, X., and Lin, X., PPDM: A Privacy-preserving protocol for cloud-assisted e-Healthcare systems. IEEE Journal of Selected Topics in Signal Processing 9(7):1332–1344, 2015.

    Article  Google Scholar 

  5. Zhang, Z., Dong, M., Zhu, L., Guan, Z., Chen, R., Xu, R., and Ota, K.: Achieving privacy-friendly storage and secure Statistics for smart meter data on outsourced clouds, IEEE Transactions on Cloud Computing. https://doi.org/10.1109/TCC.2017.2685583

  6. Chang, S., Zhu, H., Dong, M., Ota, K., Liu, X., and Shen, X., Private and flexible urban message delivery. IEEE Transactions on Vehicular Technology 65(7):4900–4910, 2016.

    Article  Google Scholar 

  7. Esposito, C., De Santis, A., Tortora, G., Chang, H., and Choo, K. K. R., Blockchain: a panacea for healthcare cloud-based data security and privacy?. IEEE Cloud Computing 5(1):31–37, 2018.

    Article  Google Scholar 

  8. Novo, O., Blockchain meets IoT: An architecture for scalable access management in IoT. IEEE Internet of Things Journal 5(2):1184–1195, 2018.

    Article  Google Scholar 

  9. Wang, J., Li, M., He, Y., Li, H., Xiao, K., and Wang, C., A blockchain based privacy-preserving incentive mechanism in crowdsensing applications. IEEE Access 6:17545–17556, 2018.

    Article  Google Scholar 

  10. Dorri, A., Steger, M., Kanhere, S. S., and Jurdak, R., Blockchain: A distributed solution to automotive security and privacy. IEEE Communications Magazine 55(12):119–125, 2017.

    Article  Google Scholar 

  11. Xia, Q., Sifah, E., Smahi, A., Amofa, S., and Zhang, X., BBDS: Blockchain-Based data sharing for electronic medical records in cloud environments. Information 8(44):1–16, 2017.

    CAS  Google Scholar 

  12. Kuo, T., Kim, H., and Ohno-Machado, L., Blockchain distributed ledger technologies for biomedical and health care applications. Journal of the American Medical Informatics Association 24(6):1211–1220, 2017.

    Article  PubMed  PubMed Central  Google Scholar 

  13. Xia, Q., Sifah, E. B., Asamoah, K. O., Gao, J., and Du, X.: MeDShare: Trust-less medical data sharing among cloud service providers via blockchain, IEEE Access. https://doi.org/10.1109/ACCESS.2017.2730843

  14. Yue, X., Wang, H., Jin, D., Li, M., and Jiang, W., Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control. Journal of Medical Systems 40(10):218 , 2016.

    Article  PubMed  Google Scholar 

  15. Zyskind, G., Nathan, O., and Pentland, A.: Decentralizing privacy: Using blockchain to protect personal data. IEEE Security and Privacy Workshops: San Jose, 18–20, 2015

  16. Azaria, A., Ekblaw, A., Vieiraand, T., and Lippmanl, A.: Medrec: Using blockchain for medical data access and permission management. IEEE International Conference on Open and Big Data, 25–30, 2016

  17. Zhang, J., Xue, N., and Huang, X., A secure system for pervasive social network-based healthcare. IEEE Access 4(99):9239–9250, 2016.

    Article  Google Scholar 

  18. Peterson, K., Deeduvanu, R., Kanjamala, P., and Boles, K.: A blockchain-based approach to health information exchange networks

  19. Shae, Z., and Tsai, J.: On the design of a blockchain platform for clinical trial and precision medicine. International Conference on Distributed Computing Systems (ICDCS 2017): Atlanta , 2017

  20. Zhao, H., Zhang, Y., Peng, Y., and Xu, R.: Lightweight backup and efficient recovery scheme for health blockchain keys. IEEE International Symposium on Autonomous Decentralized System (ISADS): Bangkok, 22–24, 2017

  21. Boneh, D., Crescenzo, G. D., Ostrovsky, R., and Persiano, G., Public key encryption with keyword search, EUROCRYPT 2004, LNCS. Vol. 3027, pp. 506–522. Berlin: Springer, 2004.

    Google Scholar 

  22. Baek, J., Safavi-Naini, R., and Susilo, W.: Public key encryption with keyword search revisited, International Conference on Computational Sciences and its Applications (ICCSA): Perugia, 2008

  23. Hu, C., and Liu, P., An enhanced searchable public key encryption scheme with a designated tester and its extensions. Journal of Computer 7(3):716–723, 2012.

    Article  Google Scholar 

  24. Shao, J., Cao, Z., Liang, X., and Lin, H., Proxy re-encryption with keyword search. Information Science 180(13):2576–2587, 2010.

    Article  Google Scholar 

  25. Yau, W., Phan, R., Heng, S., and Goi, B.: Proxy re-encryption with keyword search: New definitions and algorithms. International Conference, SecTech and DRBC: Jeju Island, 13–15, 2010

  26. Ogata, W., and Kurosawa, K., Oblivious keyword search. Journal of Complexity 20(2-3):356–371, 2004.

    Article  Google Scholar 

  27. Ryu, E., and Takagi, T.: Efficient conjunctive keyword-searchable encryption. IEEE 21st International Conference on Advanced Information Networking and Applications: Niagara Falls, 21–23, 2007

  28. Bethencourt, J., Song, D., and Waters, B.: New constructions and practical applications for private stream searching (extended abstract). IEEE Symposium on Security & Privacy: Berkeley, 21–24, 2006

  29. Boneh, D., and Waters, B., Conjunctive, subset, and range queries on encrypted data, TCC 2007, LNCS. Vol. 4392, pp. 535–554. Berlin: Springer, 2007.

  30. Wang, X., Huang, X., Yang, X., Liu, L., and Wu, X., Further observation on proxy re-encryption with keyword search. The Journal of Systems and Software 85:643–654, 2012.

    Article  Google Scholar 

  31. Castro, M., and liskov, B.: Practical Byzantine Fault Tolerance, the Third Symposium on Operating Systems Design and Implementation: New Orleans, 1999

  32. HL7. HL7 Fast Healthcare Interoperability Resources (FHIR). https://www.hl7.org/fhir/. Accessed: 2017-11-20

  33. Leftwich, R.: The path to deriving clinical value from FHIR - InterSystems, http://www.intersystems.com/library/library-item/path-deriving-clinical-value-fhir/. Accessed: 2017-11-20

Download references

Acknowledgments

This work is partly supported by the National Natural Science Foundation of China (Grants No. 61601005, No. 61571240), Natural Science Foundation of Anhui Province (Grant No. 1608085QF138, No. 1808085MF164), Anhui Provincial Key Laboratory of Network and Information Security (Grant No. AHNIS2018003), and Scientific Research Staring Foundation of Anhui Normal University (Grant No. 2014bsqdjj38).

Author information

Authors and Affiliations

  1. College of Physics and Electronic Information, Anhui Normal Univresity, Wuhu, Anhui, 241000, China

    Aiqing Zhang

  2. Faculty of Science, Wilfrid Laurier University, 75 University Avenue West, Waterloo, ON, N2L 3C5, Canada

    Xiaodong Lin

Authors
  1. Aiqing Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Xiaodong Lin
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Aiqing Zhang.

Ethics declarations

Conflict of interests

Author Aiqing Zhang declares that she has no conflict of interest. Author Xiaodong Lin declares that he has no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

This article is part of the Topical Collection on Blockchain-based Medical Data Management System: Security and Privacy Challenges and Opportunities

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, A., Lin, X. Towards Secure and Privacy-Preserving Data Sharing in e-Health Systems via Consortium Blockchain. J Med Syst 42, 140 (2018). https://doi.org/10.1007/s10916-018-0995-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-018-0995-5

Keywords