A privacy-preserving and redactable healthcare blockchain system

Publication Type

Journal Article

Publication Date

1-2024

Abstract

Blockchain as an open and immutable ledger is being posited as the next frontier in healthcare that will help solve the industry’s interoperability challenges. However, immutability in processing personal data is no longer legal since the General Data Protection Regulation (GDPR) requires the “right to be forgotten” as a critical data subject right. To observe such data regulation, it is desirable to build a healthcare blockchain with data redaction in a controlled way. Moreover, electronic health records (EHRs) usually are sensitive and the conventional blockchain lacks systematic and formal security analysis of data confidentiality, especially in the multi-user setting. Furthermore, EHRs are typically helpful in medical research for predicting epidemic diseases and valuable in insurance agencies making business plans. Hence, in healthcare blockchain systems, data confidentiality and flexible key distribution have become the most challenging issues that should be urgently resolved. In this paper, we propose a privacy-preserving and redactable healthcare blockchain system (PRHBS). Our solution offers fine-grained block-level data reduction and secure data sharing with flexible key distribution mechanisms. We give the formal definition and security models of PRHBS, and propose a generic construction based on trapdoorbased chameleon-hash function, attribute-based encryption, and puncturable encryption. We present formal security analysis and give an instantiation based on our proposed generic construction. The comprehensive comparison and experimental simulation demonstrate that our implementation exhibits comparable performance, while surpassing the most relevant solutions in terms of functionality.

Keywords

Blockchains, chameleon hash functions, Cryptography, Data privacy, Diseases, Encryption, healthcare blockchain, Insurance, Medical services, Redactable blockchain

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Services Computing

First Page

1

Last Page

14

ISSN

1939-1374

Identifier

10.1109/TSC.2024.3356595

Publisher

Institute of Electrical and Electronics Engineers

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1109/TSC.2024.3356595

This document is currently not available here.

Share

COinS