In the digital era, electronic medical record (EMR) has been a major way for hospitals to store patients’ medical data. The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve dynamic balance between privacy protection and data sharing. The storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput. To address these issues, we propose a secure and efficient medical data storage and sharing scheme based on double blockchain. In our scheme, we encrypt the original EMR and store it in the cloud. The storage blockchain stores the index of the complete EMR, and the shared blockchain stores the index of the shared part of the EMR. Users with different attributes can make requests to different blockchains to share different parts according to their own permissions. Through experiments, it was found that cloud storage combined with blockchain not only solved the problem of limited storage capacity of blockchain, but also greatly reduced the risk of leakage of the original EMR. Content Extraction Signature (CES) combined with the double blockchain technology realized the separation of the privacy part and the shared part of the original EMR. The symmetric encryption technology combined with Ciphertext-Policy Attribute-Based Encryption (CP–ABE) not only ensures the safe storage of data in the cloud, but also achieves the consistency and convenience of data update, avoiding redundant backup of data. Safety analysis and performance analysis verified the feasibility and effectiveness of our scheme.
With the rapid development of information technology, medical data has become the key to discovering and treating diseases [
Although the emergence of blockchain provides the possibility to solve these issues, the storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput. To address these issues, we propose an EMR storage and sharing scheme based on double blockchain. The main contributions of this paper are summarized as follows: CES combined with the double blockchain technology realizes the separation of the privacy part and the shared part of the original EMR. Cloud storage combined with the double blockchain technology not only solves the problem of the limited storage capacity of the blockchain and reduces the risk of medical data leakage, but also improves throughput and enhances scalability. The symmetric encryption technology combined with the CP–ABE technology not only ensures the storage security of data in the cloud, but also achieves the consistency and convenience of data update.
The rest of the article is organized as follows: in Section 2, we review the related work about the storage and sharing of EMR, and then discuss their limitations. The related technologies of this paper will be described in Section 3. Next in Section 4, the system model of this paper will be described. In Section 5, the process of EMR storage, sharing and management in this scheme will be described in detail. In Section 6, we will conduct security analysis and performance analysis on our scheme. Finally, Section 7 concludes the paper and illustrates future expansion.
In this section, we outline the research status of cloud services and blockchain technology to achieve secure storage and efficient sharing of EMR.
Zhang et al. [
The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve a dynamic balance between privacy protection and data sharing. The storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput. To address these issues, we propose a secure and efficient medical data storage and sharing scheme based on double blockchain. In our scheme, we encrypt the original EMR and store it in the cloud. The storage blockchain stores the index of the complete EMR, and the shared blockchain stores the index of the shared part of the EMR. Users with different attributes can make requests to different blockchains to share different parts of the EMR according to their own permissions.
Blockchain technology is the basic technology of Bitcoin [
The concept of smart contract was first proposed in 2014. Although the idea of smart contracts was proposed long ago, it has never been able to be implemented. It was not until the emergence of blockchain technology that it provided a supportable platform for smart contracts. Smart contracts are modular, reusable, and automatically executed scripts that run on the blockchain. Once the preset conditions are met, the smart contract can be performed automatically without a third party, and the results are written into the blockchain. Through using smart contracts, we can achieve trusted transactions, and these transactions are traceable and irreversible. For users who violate smart contracts, the smart contract setter has the right to revoke the user’s authority.
When a third party needs to view part of the EMR, the compete EMR must be transmitted. But it is easy to leak patients’ privacy and cause waste of resources. Therefore, there is a need for a digital signature scheme based on fine-grained level which must ensure that users can sign at any granular level and the signer can control the extraction method of the signed content. CES can meet the above requirements, and this method is more efficient in terms of computation and communication. CES allows users to remove private data according to their wishes and extract the shared data [
The concept of attribute-based encryption not only realizes one-to-many communication means, but also enhances the information confidentiality. The attribute encryption mechanism is divided into Key Policy Attribute Based Encryption (KP–ABE) and CP–ABE. The specific process is described as follows: Firstly, the authority sets public parameters and master key. Secondly, the data owner can define his own access control policy. The ciphertext adopts a tree structure to describe the access policy. Thirdly, the data owner encrypts the message to form a ciphertext. Fourthly, after users submit their attributes to the certification authority, they will obtain their own public key and private key. Finally, only when their attributes satisfied the access policy, the user can decrypt the ciphertext.
Notations and corresponding descriptions are given in
Notations | Description |
---|---|
Patient | |
Doctor | |
User/privileged user/general user | |
Consensus node/master node | |
Shared part/privacy part/complete EMR/extraction part | |
Signature of sub-message/full signature/extract signature | |
The access policy | |
Ciphertext stored in the cloud | |
System public parameters | |
System master key | |
CEAS | Content extraction access structure |
A hash function | |
A timestamp | |
As shown in
It is assumed that EMR contains 9 parts: Name, gender, date of birth,
1) int
2) for (
3) Select a CES–Tag randomly with a fixed length, defined as
4) for (
5)
6)
7)
8)
9)
10) return
In order to ensure the transmission security of data,
In this section, CES realizes the separation of the privacy part and the shared part. After
After
1) int
2)
3)
4) for (
5) Extract
6) for (
7) if (
8)
9)
10) else {
11)
12)
13) return
In this section, the symmetric encryption technology combined with CP–ABE not only ensures the safe storage of data in the cloud, but also achieves the consistency and convenience of data update, avoiding redundant backup of data. After
Firstly,
Secondly,
After
In this section,
In this section, unlike traditional index release, A double blockchain structure is used to achieve index release. The storage blockchain stores the index of the complete EMR, and the shared blockchain stores the index of the shared part. The detailed process is described as follows. 1)
In the next section,
(1) The master node will verify and collect legal transactions in a data set
(2) If more than 50% of the consensus nodes agree, this means that new blocks are successfully created, the data will be uploaded to the blockchain.
In order to achieve the sharing of EMR, first of all, patients first need to make a request to the blockchain to obtain the cloud data storage address. The steps to obtain the cloud data storage address are the same for both sharing
In this section,
The process of
In order to decrypt and verify the obtained ciphertext,
(1)
After
(2)
After
In our scheme,
Next a real scene will be described, assume that
For
Next a real scene will be described, suppose
Security is a key issue in EMR sharing. Here, we analyze the security of our scheme from the following four aspects.
Anti-tampering: Our scheme encrypts the original EMR and stores it in the cloud, Privacy protection: In our scheme, the semi-trusted cloud cannot obtain the plaintext of EMR. Compared with setting strict access control, Data consistency: In order to realize that users with different attributes can access different parts, the cloud needs to store a complete EMR and a shared part in traditional schemes. While in our scheme, we use CP–ABE technology to encrypt Data integrity: From the generation of the complete EMR, to the extraction of the privacy and shared parts, and then to storage and sharing. Throughout these processes, our scheme ensures the integrity and accuracy of EMR.
We compare the amount of data that the three schemes of traditional scheme, BPDS and our scheme need to store in the cloud, as shown in
Scheme | Ciphertext storage |
---|---|
Traditional scheme | |
BPDS | |
Ours |
From
From
It is assumed that the number of sub-messages in each complete EMR is
The above results show that the amount of data that our scheme needs to store in the cloud is between the traditional scheme and
When
In
As can be seen from
As can be seen from
(1) Definition of sub-message: When
(2) Definition of user rights: EMR that has been uploaded to the cloud should exist as a kind of historical data. When
The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve a dynamic balance between privacy protection and data sharing. The traditional EMR storage and sharing scheme based on a single blockchain has poor scalability and low throughput. Our paper proposes an EMR storage and sharing scheme based on double blockchain. The original EMR is encrypted and stored in a semi-trusted cloud. We use a tamper-proof double blockchain structure to store the index of the complete EMR and the index of the shared part. Double blockchain structure allows users with different attributes to request sharing on different blockchains. CES combined with CP–ABE allows
The authors would like to thank the reviewers for their detailed reviews and constructive comments, which have helped improve the quality of this paper.