A Blockchain-Assisted Verifiable Outsourced Attribute-Based Signcryption Scheme for EHRs Sharing in the Cloud

Xiaodong Yang; Ting Li; Wanting Xi; Aijia Chen; Caifen Wang

doi:10.1109/ACCESS.2020.3025060

IEEE Access (Jan 2020)

A Blockchain-Assisted Verifiable Outsourced Attribute-Based Signcryption Scheme for EHRs Sharing in the Cloud

Xiaodong Yang,
Ting Li,
Wanting Xi,
Aijia Chen,
Caifen Wang

Affiliations

Xiaodong Yang: ORCiD; College of Computer Science and Engineering, Northwest Normal University, Lanzhou, China
Ting Li: ORCiD; College of Computer Science and Engineering, Northwest Normal University, Lanzhou, China
Wanting Xi: ORCiD; College of Computer Science and Engineering, Northwest Normal University, Lanzhou, China
Aijia Chen: College of Computer Science and Engineering, Northwest Normal University, Lanzhou, China
Caifen Wang: ORCiD; College of Computer Science and Engineering, Northwest Normal University, Lanzhou, China

DOI: https://doi.org/10.1109/ACCESS.2020.3025060
Journal volume & issue: Vol. 8
pp. 170713 – 170731

Abstract

Read online

The sharing of electronic health records (EHRs) has shown great advantages in the accurate treatment of patients and the development of medical institutions. However, it is easy to cause some security problems in the process of medical data sharing. Generally, after a patient's EHRs are generated by different medical institutions, they are outsourced to the cloud server (CS) by the authorized medical institutions for storage, which causes the patient to lose control of EHRs. Moreover, malicious medical institutions and semi-trusted cloud servers may collude to tamper with EHRs to seek benefits, which threatens the integrity of EHRs. Therefore, we propose a blockchain-assisted verifiable outsourced attribute-based signcryption scheme (BVOABSC) which realizes the secure sharing of EHRs in a multi-authority cloud storge environment. Firstly, we use the attribute-based signcryption algorithm to realize the confidentiality and unforgeability of the EHRs and protect the privacy of the signer. Secondly, it greatly reduces the computational burden of users by using verifiable outsourcing computation mechanism. Most of the designcryption calculation is performed by the cloud server, and the correctness of the generated partial designcryption ciphertext is verified by users. Furthermore, we use blockchain technology to protect outsourced EHRs from tampering by illegal users. Specifically, each operation on outsourced EHRs is stored as a transaction on the public blockchain, which ensures that EHRs cannot be modified. At the same time, the auditor can verify the integrity of the outsourced EHRs by checking the corresponding transactions. In addition, the smart contract created by the patient can solve the problems in cloud storage, such as tampering EHRs and returning incorrect results. Finally, security analysis and performance evaluation show that the proposed BVOABSC scheme satisfies stronger security and higher efficiency than similar schemes.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords