DSMAC: Privacy-Aware Decentralized Self-Management of Data Access Control Based on Blockchain for Health Data

In recent years, the interest in using wireless communication technologies and mobile devices in the healthcare environment has increased. However, despite increased attention to the security of electronic health records, patient privacy is still at risk for data breaches. Thus, it is quite a challe...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 10; pp. 101011 - 101028
Main Authors Saidi, Hafida, Labraoui, Nabila, Ari, Ado Adamou Abba, Maglaras, Leandros A., Emati, Joel Herve Mboussam
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 2022
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Access control
Blockchain
Blockchains
Computer Science
Control systems
Cryptography
Data privacy
decentralized access control
Decentralized control
decentralized identifier (DID)
Electronic devices
Electronic health records
IoMT sensors
Medical services
New technology
Privacy
Security
self sovereign identity (SSI)
smart contract
Smart contracts
verifiable credential (VC)
Wireless communications
Blockchain, data privacy, decentralized access control, decentralized IDentifier (DID), IoMT sensors, Self Sovereign Identity (SSI), smart contract, verifiable credential (VC)
Online AccessGet full text

Cover

More Information
Summary:In recent years, the interest in using wireless communication technologies and mobile devices in the healthcare environment has increased. However, despite increased attention to the security of electronic health records, patient privacy is still at risk for data breaches. Thus, it is quite a challenge to involve an access control system especially if the patient's medical data are accessible by users who have diverse privileges in different situations. Blockchain is a new technology that can be adopted for decentralized access control management issues. Nevertheless, different scalability, security, and privacy challenges affect this technology. To address these issues, we suggest a novel Decentralized Self-Management of data Access Control (DSMAC) system using a blockchain-based Self-Sovereign Identity (SSI) model for privacy-preserving medical data, empowering patients with mechanisms to preserve control over their personal information and allowing them to self-grant access rights to their medical data. DSMAC leverages smart contracts to conduct Role-based Access Control policies and adopts the implementation of decentralized identifiers and verifiable credentials to describe advanced access control techniques for emergency cases. Finally, by evaluating performance and comparing analyses with other schemes, DSMAC can satisfy the privacy requirements of medical systems in terms of privacy, scalability, and sustainability, and offers a new approach for emergency cases.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2022.3207803