Blockchain-based eHealth system for auditable EHRs manipulation in cloud environments

The development of cloud-assisted electronic health system effectively addresses the drawbacks of traditional medical management system. However, some challenging problems such as security and privacy in data storage and sharing cannot be ignored. First, it is difficult to ensure the integrity of electronic health records (EHRs) during the data outsourcing process. Second, it is difficult to guarantee the privacy and traceability of EHRs during the data sharing process. In this paper, a blockchain-based eHealth system called BCES is proposed to ensure that the manipulation of EHRs can be audited. In BCES, each legitimate query manipulation of data consumers, together with each legitimate outsourcing manipulation of hospitals, will be written into the blockchain as a transaction for permanent storage, which ensures the traceability. At the same time, the attributes-based proxy re-encryption is adopted to achieve fine-grained access control of medical data, and any behavior that threatens the integrity of EHRs will be discovered by the auditor. Due to the traceable and tamper-resistant characteristic of blockchain, any entity that had an illegal manipulation of EHRs will be held accountable to the evidence of our constructed Proof-Chain. Finally, security analysis and performance evaluation demonstrate that this scheme is secure and efficient. (C) 2020 Elsevier Inc. All rights reserved.

Automated summary

This paper proposes a blockchain-based eHealth system called BCES to address security and privacy issues in traditional medical management systems. By writing data manipulations into the blockchain for auditing, the system ensures traceability and integrity of data, while utilizing attribute-based proxy re-encryption for fine-grained access control of medical data.