Secure and Lightweight Blockchain-Enabled Access Control for Fog-Assisted IoT Cloud Based Electronic Medical Records Sharing

As for the advancement of IoT and cloud computing in healthcare, outsourcing encrypted Electronic medical records (EMRs) created by the aggregation of medical treatment applications and health data collected from IoT devices enables high accessibility, effective collaboration, and zero computational operation cost. Current applications and research works generally concern the privacy of the finest EMRs that are encrypted with secure and lightweight cryptographic protocols before they are outsourced to the cloud. However, this process does not consider the security and privacy of the data collected by IoT devices, where the data being transferred can be leaked before they are aggregated. Furthermore, existing IoT-cloud based access control solutions have not addressed the outsourced encryption, privacy of IoT data transmission and aggregation, and the policy update of the EMRs in an integrated manner. In this paper, we propose an access control scheme called LightMED which provides secure, fine-grained, and scalable EMR sharing in a cloud-based environment integrated with fog computing, CP-ABE, and blockchain technology. We propose a secure IoT data transmission and aggregation method based on lightweight encryption and digital signing. At the core, we introduce outsourced encryption with a privacy-preserving access policy scheme and an outsourced encryption and decryption algorithm leveraged by the collaboration between fog nodes and blockchain. In addition, we introduce a novel lightweight policy update algorithm to enable the data owners of EMRs to effectively manage their policies in a secure and effective manner. Finally, we performed the comparative analysis to illustrate the computation cost and conducted experiments to evaluate the performance of our scheme and related works. The experimental results showed that our scheme outperformed existing works since it yielded least processing cost of both encryption and decryption at end-users' devices, which demonstrates the higher efficiency and practicality of our scheme.

Automated summary

In this paper, a access control scheme called LightMED is proposed to provide secure, fine-grained, and scalable EMR sharing in a cloud-based environment integrated with fog computing, CP-ABE, and blockchain technology. A secure IoT data transmission and aggregation method based on lightweight encryption and digital signing is introduced. Additionally, a novel lightweight policy update algorithm is proposed to enable effective management of EMR policies. Experimental results show that the scheme outperforms existing works in terms of processing cost and efficiency.