Towards Secure and Privacy-Preserving Data Sharing for COVID-19 Medical Records: A Blockchain-Empowered Approach

• Published in: IEEE transactions on network science and engineering Vol. 9; no. 1; pp. 271 - 281
• Main Authors: Tan, Liang, Yu, Keping, Shi, Na, Yang, Caixia, Wei, Wei, Lu, Huimin
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.01.2022; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Algorithms; Authorization; Blockchain; Blockchains; Cloud computing; Coronaviruses; COVID-19; Cryptography; Cybersecurity; Data management; Data retrieval; electronic medical records; Encryption; Hospitals; Information management; Information services; Medical records; Outsourcing; Parameters; Privacy; Public health; security and privacy protection; traceable and revocation
• ISSN: 2327-4697; 2334-329X
• DOI: 10.1109/TNSE.2021.3101842

COVID-19 is currently a major global public health challenge. In the battle against the outbreak of COVID-19, how to manage and share the COVID-19 Electric Medical Records (CEMRs) safely and effectively in the world, prevent malicious users from tampering with CEMRs, and protect the privacy of patients are very worthy of attention. In particular, the semi-trusted medical cloud platform has become the primary means of hospital medical data management and information services. Security and privacy issues in the medical cloud platform are more prominent and should be addressed with priority. To address these issues, on the basis of ciphertext policy attribute-based encryption, we propose a blockchain-empowered security and privacy protection scheme with traceable and direct revocation for COVID-19 medical records. In this scheme, we perform the blockchain for uniform identity authentication and all public keys, revocation lists, etc are stored on a blockchain. The system manager server is responsible for generating the system parameters and publishes the private keys for the COVID-19 medical practitioners and users. The cloud service provider (CSP) stores the CEMRs and generates the intermediate decryption parameters using policy matching. The user can calculate the decryption key if the user has private keys and intermediate decrypt parameters. Only when attributes are satisfied access policy and the user's identity is out of the revocation list, the user can get the intermediate parameters by CSP. The malicious users may track according to the tracking list and can be directly revoked. The security analysis demonstrates that the proposed scheme is indicated to be safe under the Decision Bilinear Diffie-Hellman (DBDH) assumption and can resist many attacks. The simulation experiment demonstrates that the communication and storage overhead is less than other schemes in the public-private key generation, CEMRs encryption, and decryption stages. Besides, we also verify that the proposed scheme works well in the blockchain in terms of both throughput and delay.