Cloud-based Secure Personal Health Record Management System using Mixnode and Blockchain

Security and privacy of personal health information are the two major concerns for the users of an e-health system. For privacy reasons, it is desired that unauthorized users including the third parties cannot link the outsourced e-health documents to their owners. This work proposes a symmetric key-based scheme that employs mix networks for achieving un-observable outsourced data access and Blockchain for achieving outsourced data integrity. An important security requirement named forward secrecy is implemented on Blockchains so that a medical health care provider is restricted to access any future health document after her session expires. Procedures for publishing and accessing e-health documents are proposed and analyzed.

[1]  David W. Bates,et al.  White Paper: Personal Health Records: Definitions, Benefits, and Strategies for Overcoming Barriers to Adoption , 2006, J. Am. Medical Informatics Assoc..

[2]  P. Appelbaum Privacy in psychiatric treatment: threats and responses. , 2002, The American journal of psychiatry.

[3]  Marko Hölbl,et al.  A Systematic Review of the Use of Blockchain in Healthcare , 2018, Symmetry.

[4]  Ben Adida,et al.  GenePING: secure, scalable management of personal genomic data , 2006, BMC Genomics.

[5]  Anish Mathuria,et al.  Achieving Forward Secrecy and Unlinkability in Cloud-Based Personal Health Record System , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[6]  Paul C. Tang,et al.  Integrated Personal Health Records: Transformative Tools for Consumer-Centric Care , 2008, BMC Medical Informatics Decis. Mak..

[7]  Ming Li,et al.  Securing Personal Health Records in Cloud Computing: Patient-Centric and Fine-Grained Data Access Control in Multi-owner Settings , 2010, SecureComm.

[8]  Yaling Zhang,et al.  A Blockchain-Based Framework for Data Sharing With Fine-Grained Access Control in Decentralized Storage Systems , 2018, IEEE Access.

[9]  Lynn A. Karoly,et al.  Health Insurance Portability and Accountability Act of 1996 (HIPAA) Administrative Simplification , 2010, Practice Management Consultant.

[10]  Douglas C. Schmidt,et al.  FHIRChain: Applying Blockchain to Securely and Scalably Share Clinical Data , 2018, Computational and structural biotechnology journal.

[11]  Anish Mathuria,et al.  Security and Privacy Issues in Outsourced Personal Health Record , 2017, Research Advances in Cloud Computing.

[12]  Fusheng Wang,et al.  Secure and Trustable Electronic Medical Records Sharing using Blockchain , 2017, AMIA.

[13]  Mark Ryan,et al.  Privacy-supporting cloud computing by in-browser key translation , 2013, J. Comput. Secur..