Skip to main content

Advertisement

Log in

MedAccess HBPF: A Privacy-Preserving Hybrid-Blockchain Framework for Secure and Efficient Cloud-Based Electronic Health Record Sharing

  • Original Research
  • Published:
SN Computer Science Aims and scope Submit manuscript

Abstract

Electronic Health Record (EHR) sharing is essential for enhancing the quality of healthcare services, particularly in organ donation systems where timely access to patient data is crucial. However, centralized cloud-based EHR systems are susceptible to privacy breaches and unauthorized access. This paper presents the MedAccess Hybrid-Blockchain Privacy Framework (HBPF), a novel approach that combines the scalability of cloud storage with the security and immutability of blockchain technology. Our framework employs a hybrid blockchain architecture consisting of a Record Chain (RecChain) Blockchain for storing immutable transaction records and an Audit Chain (AuditChain) Blockchain for managing sensitive operations and overseeing the RecChain. The framework also incorporates a Three-Party Key Exchange Protocol (TPKE) protocol enabling fine-grained access control and ensuring that only authorized healthcare providers can access specific EHRs. Performance evaluation demonstrates that the MedAccess HBPF framework achieves significant improvements over existing models. Specifically, it reduces storage costs by 50% compared to BCAACPC, and maintains low computational costs, starting at 20 ms and only slightly increasing to about 25 ms, making it suitable for large-scale deployment. These results highlight the framework's effectiveness in maintaining high computational efficiency and low communication overhead, making it a viable solution for modern healthcare systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Data Availability

The corresponding author can provide the dataset generated and analyzed during this study upon reasonable request.

References

  1. Boniol M, Kunjumen T, Nair TS, Siyam A, Campbell J, Diallo K. The global health workforce stock and distribution in 2020 and 2030: a threat to equity and “universal” health coverage? BMJ Glob Health. 2022;7(6): e009316.

    Article  Google Scholar 

  2. Li C, Dong M, Li J, Xu G, Chen X, Ota K. Healthchain: secure EMRs management and trading in distributed healthcare service system. IEEE Internet Things J. 2021;8(9):7192–202.

    Article  Google Scholar 

  3. Chenthara S, Ahmed K, Wang H, Whittaker F. Security and privacy-preserving challenges of e-health solutions in cloud computing. IEEE Access. 2019;7:74361–82.

    Article  Google Scholar 

  4. Qiu H, Qiu M, Liu M, Memmi G. Secure health data sharing for medical cyber-physical systems for the healthcare 4.0. IEEE J Biomed Health Inform. 2020;24(9):2499–505.

    Article  Google Scholar 

  5. Wang Y, Zhang A, Zhang P, Wang H. Cloud-assisted EHR sharing with security and privacy preservation via consortium blockchain. IEEE Access. 2019;7:136704–19.

    Article  Google Scholar 

  6. Zukaib U, Cui X, Hassan M, Harris S, Hadi HJ, Zheng C. Blockchain and machine learning in EHR security: a systematic review. IEEE Access. 2023;11:130230–56.

    Article  Google Scholar 

  7. Jayabalan J, Jeyanthi N. Scalable blockchain model using off-chain IPFS storage for healthcare data security and privacy. J Parallel Distrib Comput. 2022;164:152–67.

    Article  Google Scholar 

  8. Singh S, Rathore S, Alfarraj O, Tolba A, Yoon B. A framework for privacy-preservation of IoT healthcare data using Federated Learning and blockchain technology. Fut Gen Comput Syst. 2021;2:5.

    Google Scholar 

  9. Yu K, Tan L, Shang X, Huang J, Srivastava G, Chatterjee P. Efficient and privacy-preserving medical research support platform against COVID-19: a blockchain-based approach. IEEE Cons Electron Mag. 2021;10(2):111–20.

    Article  Google Scholar 

  10. Edemacu K, Jang B, Kim JW. Collaborative ehealth privacy and security: an access control with attribute revocation based on OBDD access structure. IEEE J Biomed Health Inform. 2020;24(10):2960–72.

    Article  Google Scholar 

  11. Sahai A, Waters B. Fuzzy identity-based encryption. In: Cramer R, editor. Advances in cryptology—EUROCRYPT 2005. EUROCRYPT 2005. Lecture notes in computer science, vol. 3494. Berlin: Springer; 2005.

    Google Scholar 

  12. Goyal V, Pandey O, Sahai A, Waters B. Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM conference on Computer and communications security (CCS '06). Association for Computing Machinery, New York, 2006;89–98.

  13. Lewko A, Waters AB. Decentralizing attribute-based encryption. In: Paterson KG, editor. Advances in cryptology—EUROCRYPT 2011. EUROCRYPT 2011. Lecture notes in computer science, vol. 6632. Berlin: Springer; 2011.

    Google Scholar 

  14. Miao Y, Ma J, Liu X, Li X, Jiang Q, Zhang J. Attribute-based keyword search over hierarchical data in cloud computing. IEEE Trans Serv Comput. 2020;13(6):985–98.

    Google Scholar 

  15. Michalas A. The lord of the shares: combining attribute-based encryption and searchable encryption for flexible data sharing. In Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing (SAC '19). Association for Computing Machinery, New York, 2019;146–155.

  16. Goyal V, Pandey O, Sahai AW, Brent. Attribute-based encryption for fine-grained access control of encrypted data. Proc ACM Conf Comput Commun Secur. 2006;89–98:89–98. https://doi.org/10.1145/1180405.1180418.

    Article  Google Scholar 

  17. Wang S, Zhou J, Liu JK, Yu J, Chen J, Xie W. An efficient file hierarchy attribute-based encryption scheme in cloud computing. IEEE Trans Inf Forensics Secur. 2016;11(6):1265–77.

    Article  Google Scholar 

  18. Ge A, Zhang R, Chen C, Ma C, Zhang Z. Threshold ciphertext policy attribute-based encryption with constant size ciphertexts. In: Susilo W, Mu Y, Seberry J, editors. Information security and privacy. ACISP 2012. Lecture notes in computer science, vol. 7372. Berlin: Springer; 2012.

    Google Scholar 

  19. Rajput AR, Li Q, Ahvanooey MT, Masood I. EACMS: emergency access control management system for personal health record based on blockchain. IEEE Access. 2019;7:84304–17.

    Article  Google Scholar 

  20. Abouali M, Sharma K, Ajayi O, Saadawi T. Performance evaluation of secured blockchain-based patient health records sharing framework. 2022 IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS), Toronto, 2022;1–7.

  21. Nguyen DC, Pathirana PN, Ding M, Seneviratne A. Blockchain for secure EHRs sharing of mobile cloud based e-health systems. IEEE Access. 2019;7:66792–806. https://doi.org/10.1109/ACCESS.2019.2917555.

    Article  Google Scholar 

  22. Wang M, Guo Y, Zhang C, Wang C, Huang H, Jia X. MedShare: a privacy-preserving medical data sharing system by using blockchain. IEEE Trans Serv Comput. 2023;16(1):438–51.

    Google Scholar 

  23. Ghayvat H, et al. CP-BDHCA: blockchain-based confidentiality-privacy preserving big data scheme for healthcare clouds and applications. IEEE J Biomed Health Inform. 2022;26(5):1937–48.

    Article  Google Scholar 

  24. Yao Y, Chang J, Zhang A. Efficient data sharing scheme with fine-grained access control and integrity auditing in terminal-edge-cloud network. IEEE Internet Things J. 2024;2:5.

    Google Scholar 

  25. Zhang Y, Xiong L, Ling L, Fagen N, Xianhua W, Hanzhou. A blockchain-based privacy-preserving auditable authentication scheme with hierarchical access control for mobile cloud computing. J Syst Architect. 2023;142: 102949.

    Article  Google Scholar 

  26. Xiang X, Cao J, Fan W. Decentralized authentication and access control protocol for blockchain-based e-health systems. J Netw Comput Appl. 2022;207:5.

    Article  Google Scholar 

  27. Liu S, Chen L, Yu H, Gao S, Fang H. BP-AKAA: blockchain-enforced privacy-preserving authentication and key agreement and access control for IIoT. J Inf Secur Appl. 2023;73:25.

    Google Scholar 

  28. Ma K, Song G, Zhou Y, Xu R, Yang B. An efficient identity authentication protocol with revocation, tracking and fine-grained access control for electronic medical system. Comput Stand Interfaces. 2024;88:2.

    Article  Google Scholar 

  29. Zhang Y, Xiong L, Li F, Hao Y. Blockchain-based privacy-preserving authentication with hierarchical access control using polynomial commitment for mobile cloud computing. IEEE Internet Things J. 2024;2:1–1.

    Google Scholar 

Download references

Acknowledgements

The authors acknowledged the CMR University, Bengaluru, India for supporting the research work by providing the facilities.

Funding

No funding received for this research.

Author information

Authors and Affiliations

Authors

Contributions

This research work was made possible by all the authors.

Corresponding author

Correspondence to Divyashree Duggegowda.

Ethics declarations

Conflict of interest

No conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Duggegowda, D., Ramamoorthy, U. MedAccess HBPF: A Privacy-Preserving Hybrid-Blockchain Framework for Secure and Efficient Cloud-Based Electronic Health Record Sharing. SN COMPUT. SCI. 5, 1018 (2024). https://doi.org/10.1007/s42979-024-03343-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s42979-024-03343-w

Keywords

Navigation