Secure and Lightweight Blockchain-Enabled Access Control for Fog-Assisted IoT Cloud Based Electronic Medical Records Sharing

Somchart Fugkeaw; Leon Wirz; Lyhour Hak

doi:10.1109/ACCESS.2023.3288332

IEEE Access (Jan 2023)

Secure and Lightweight Blockchain-Enabled Access Control for Fog-Assisted IoT Cloud Based Electronic Medical Records Sharing

Somchart Fugkeaw,
Leon Wirz,
Lyhour Hak

Affiliations

Somchart Fugkeaw: ORCiD; Sirindhorn International Institute of Technology, Thammasat University, Pathum Thani, Thailand
Leon Wirz: Sirindhorn International Institute of Technology, Thammasat University, Pathum Thani, Thailand
Lyhour Hak: ORCiD; Sirindhorn International Institute of Technology, Thammasat University, Pathum Thani, Thailand

DOI: https://doi.org/10.1109/ACCESS.2023.3288332
Journal volume & issue: Vol. 11
pp. 62998 – 63012

Abstract

Read online

As for the advancement of IoT and cloud computing in healthcare, outsourcing encrypted Electronic medical records (EMRs) created by the aggregation of medical treatment applications and health data collected from IoT devices enables high accessibility, effective collaboration, and zero computational operation cost. Current applications and research works generally concern the privacy of the finest EMRs that are encrypted with secure and lightweight cryptographic protocols before they are outsourced to the cloud. However, this process does not consider the security and privacy of the data collected by IoT devices, where the data being transferred can be leaked before they are aggregated. Furthermore, existing IoT-cloud based access control solutions have not addressed the outsourced encryption, privacy of IoT data transmission and aggregation, and the policy update of the EMRs in an integrated manner. In this paper, we propose an access control scheme called LightMED which provides secure, fine-grained, and scalable EMR sharing in a cloud-based environment integrated with fog computing, CP-ABE, and blockchain technology. We propose a secure IoT data transmission and aggregation method based on lightweight encryption and digital signing. At the core, we introduce outsourced encryption with a privacy-preserving access policy scheme and an outsourced encryption and decryption algorithm leveraged by the collaboration between fog nodes and blockchain. In addition, we introduce a novel lightweight policy update algorithm to enable the data owners of EMRs to effectively manage their policies in a secure and effective manner. Finally, we performed the comparative analysis to illustrate the computation cost and conducted experiments to evaluate the performance of our scheme and related works. The experimental results showed that our scheme outperformed existing works since it yielded least processing cost of both encryption and decryption at end-users’ devices, which demonstrates the higher efficiency and practicality of our scheme.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords