Scalable blockchain model using off-chain IPFS storage for healthcare data security and privacy

Traditional healthcare systems in the present scenario follow centralized client-server architecture to store and process patient-health related information. Data stored in each of the healthcare institution remain in silos which cannot be easily shared with other institutions due to technical and infrastructural constraints. Hospitals do not have an effective and secure data sharing mechanism leading to monetary and resource loss in the case of a person visiting different hospitals. Blockchain, a disruptive technology with secure and reliable decentralized framework, and can be used to circumvent problems in traditional healthcare architecture for secure storage, sharing and retrieval of Electronic Health Records (EHR). A blockchain-based framework integrated with InterPlanetary File System (IPFS) for EHR in healthcare management has been proposed in this paper. This proposed framework will enable healthcare institutions to maintain fail-safe and tamper-proof healthcare ledgers in a decentralized manner. Hospitals and doctors act as lightweight nodes, whereas patient nodes can be full or lightweight nodes. The model proposes two-factor authentication and multi-factor authentication for preventing fake node attacks. Patient-centric access model allows the patients to act as digital stewards for their health data, allowing access to doctors and hospitals on demand and revoking it after stipulated time. Symmetric key encryption (AES-128) is used for encrypting data before storing into IPFS. Asymmetric encryption (RSA 4096) is used for generating digital envelopes to pass on symmetric key to authorized entities. Digital signatures (RSA-1024) make sure that the transactions are valid and from authorized nodes. Hashing of the encrypted data is done using SHA-256 algorithm. Multiple layers of security implemented in this model makes sure that adversaries cannot obtain data stored in IPFS; even if they retrieve the data, it will not be meaningful since it is encrypted. The proposed framework for off-chain storage of health data using IPFS saves blockchain structure from scalability issues. Further the proposal for blockchain integration with IPFS helps preserve privacy in the healthcare system, making it highly secure, scalable and robust. (C)& nbsp;2022 Elsevier Inc. All rights reserved.

Automated summary

Traditional healthcare systems use centralized client-server architecture to store and process patient-health related information. This paper proposes a blockchain-based framework integrated with InterPlanetary File System (IPFS) to secure storage, sharing and retrieval of Electronic Health Records (EHR). The framework ensures fail-safe and tamper-proof healthcare ledgers, with multiple layers of security and encryption techniques.