A privacy-preserving and redactable healthcare blockchain system
Publication Type
Journal Article
Publication Date
1-2024
Abstract
Blockchain as an open and immutable ledger is being posited as the next frontier in healthcare that will help solve the industry’s interoperability challenges. However, immutability in processing personal data is no longer legal since the General Data Protection Regulation (GDPR) requires the “right to be forgotten” as a critical data subject right. To observe such data regulation, it is desirable to build a healthcare blockchain with data redaction in a controlled way. Moreover, electronic health records (EHRs) usually are sensitive and the conventional blockchain lacks systematic and formal security analysis of data confidentiality, especially in the multi-user setting. Furthermore, EHRs are typically helpful in medical research for predicting epidemic diseases and valuable in insurance agencies making business plans. Hence, in healthcare blockchain systems, data confidentiality and flexible key distribution have become the most challenging issues that should be urgently resolved. In this paper, we propose a privacy-preserving and redactable healthcare blockchain system (PRHBS). Our solution offers fine-grained block-level data reduction and secure data sharing with flexible key distribution mechanisms. We give the formal definition and security models of PRHBS, and propose a generic construction based on trapdoorbased chameleon-hash function, attribute-based encryption, and puncturable encryption. We present formal security analysis and give an instantiation based on our proposed generic construction. The comprehensive comparison and experimental simulation demonstrate that our implementation exhibits comparable performance, while surpassing the most relevant solutions in terms of functionality.
Keywords
Blockchains, chameleon hash functions, Cryptography, Data privacy, Diseases, Encryption, healthcare blockchain, Insurance, Medical services, Redactable blockchain
Discipline
Information Security
Research Areas
Cybersecurity
Publication
IEEE Transactions on Services Computing
First Page
1
Last Page
14
ISSN
1939-1374
Identifier
10.1109/TSC.2024.3356595
Publisher
Institute of Electrical and Electronics Engineers
Citation
XU, Shengmin; NING, Jianting; LI, Xiaoguo; YUAN, Jiaming; HUANG, Xinyi; and DENG, Robert H..
A privacy-preserving and redactable healthcare blockchain system. (2024). IEEE Transactions on Services Computing. 1-14.
Available at: https://ink.library.smu.edu.sg/sis_research/8656
Copyright Owner and License
Authors
Additional URL
https://doi.org/10.1109/TSC.2024.3356595