Arab Journal of Basic and Applied Sciences (Jan 2021)
BZKP: Blockchain-based zero-knowledge proof model for enhancing healthcare security in Bahrain IoT smart cities and COVID-19 risk mitigation
Abstract
Smart cities achieved digital transformation of patients’ health records through the use of new technology in IoT healthcare industry. Such technologies of using IoT and remote patient monitoring systems have become dramatically fundamental to reduce the movement of patients, and hence reducing the risk of spreading Covid-19 infection. The Ministry of Health in the Kingdom of Bahrain strives to achieve digital transformation in the healthcare industry, where the National Health Information System (I-SEHA) was launched to provide higher-quality health services. The system interconnects the public healthcare institutes, allowing access to patient’s data from any location without the hassle of moving the files physically. Digitization of medical data of patients and sharing some of the data with other institutions outside the protected networks may lead to major privacy and integrity concerns. This paper introduces Blockchain-based Zero-Knowledge Proof (BZKP) model, which is an IoT-based patient-centric model that fuses a zero-knowledge proof solution to be developed for protecting patient’s privacy, and ensures patients prior consent on any access to their data including their health status and account balance. The proposed model is developed to provide a robust and scalable architecture for data sharing, which protects the privacy of sensitive data while maintaining high availability. It also provides strong trust and integrity of data by using the immutability features of the blockchain. BZKP is based on pre-approved blockchain access tokens to address challenges of accountability and privacy in Bahrain smart cities. As a result, the model provides a secure and trusted access model between different stakeholders to share patient data while maintaining privacy, trust, and high availability. The zero-knowledge proof can be used with the smart contracts, which provides programmable actions that can be used for automating the prescriptions dispensation process for private pharmacies in a decentralized manner with high confidence. Finally, it recommends enhanced electronic key (eKey) procedures used by eGovernment of the Kingdom of Bahrain to update the smart card which stores the personal keys for protecting patient’s privacy and provide better consent.
Keywords