Sensitive records stored in the cloud such as healthcare records, private conversation and credit card information are targets of hackers and privacy abuse. Current information and record management systems have difficulties achieving privacy protection of such sensitive records in a secure, transparent, decentralized and trustless environment. The Blockchain technology is a nascent and a promising technology that facilitates data sharing and access in a secure, decentralized and trustless environment. The technology enables the use of smart contracts that can be leveraged to complement existing traditional systems to achieve security objectives that were never possible before. In this paper, we propose a framework based on Blockchain technology to enable privacy-preservation in a secured, decentralized, transparent and trustless environment. We name our framework SmartCoAuth. It is based on Ethereum Smart Contract functions as the secure, decentralized, transparent authentication and authorization mechanism in the framework. It also enables tamper-proof auditing of access to the protected records. We analysed how SmartCoAuth could be integrated into a cloud application to provide reliable privacy-preservation among stakeholders of healthcare records stored in the cloud. The proposed framework provides a satisfactory level of data utility and privacy preservation.
[1]
Douglas C. Schmidt,et al.
FHIRChain: Applying Blockchain to Securely and Scalably Share Clinical Data
,
2018,
Computational and structural biotechnology journal.
[2]
Satoshi Nakamoto.
Bitcoin : A Peer-to-Peer Electronic Cash System
,
2009
.
[3]
Cristiano André da Costa,et al.
OmniPHR: A distributed architecture model to integrate personal health records
,
2017,
J. Biomed. Informatics.
[4]
Praneeth Babu Marella,et al.
Ancile: Privacy-Preserving Framework for Access Control and Interoperability of Electronic Health Records Using Blockchain Technology
,
2018
.
[5]
Daniel Davis Wood,et al.
ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER
,
2014
.
[6]
Ashish Singh,et al.
An improved privacy preservation technique in health-cloud
,
2019,
ICT Express.
[7]
Navin Ramachandran,et al.
Authenticating Health Activity Data Using Distributed Ledger Technologies
,
2018,
Computational and structural biotechnology journal.