Abstract
In the telecare medicine information system (TMIS), to acquire the medical data, the patients need to log in to the remote medical server. Usually, each hospital has its server and they would not like to share the data with other hospitals. However, the patients are likely to upload their data to the different medical servers. In this case, since the patients have to register for these medical servers, they will need to save many keys for these servers. Hence, it is inconvenient for the patients to use these data. Moreover, the data may be tampered or deleted by an attacker or malicious staff in hospitals. To resolve these problems, we use blockchain to design a privacy-preserving scheme for TMIS. We integrate cryptography (broadcast encryption and Merkle tree) to construct our scheme. Moreover, we utilize the provable security theory to prove the security of our scheme. The security analysis indicates that the proposed scheme achieves privacy protection for the patients.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Cisotto, G., Casarin, E., & Tomasin, S. (2020). Requirements and enablers of advanced healthcare services over future cellular systems. IEEE Communications Magazine, 58(3), 76–81.
Esmaeilzadeh, P. (2020). The effect of the privacy policy of Health Information Exchange (HIE) on patients’ information disclosure intention. Computers & Security, 95, 101819.
Salem, F. M., & Amin, R. (2020). A privacy-preserving RFID authentication protocol based on El-Gamal cryptosystem for secure TMIS. Information Sciences, 527, 382–393.
Sureshkumar, V., Amin, R., Obaidat, M. S., & Karthikeyan, I. (2020). An enhanced mutual authentication and key establishment protocol for TMIS using chaotic map. Journal of Information Security and Applications, 53, 102539.
Office for Civil Rights, Department of Health and Human Services. (2002). Standards for privacy of individually identifiable health information. Final rule. Federal Register, 67(157), 53182–53272.
ASTM. (2005). Standard E2369-05e1 “Standard specification for continuity of care record (CCR)”. West Conshohocken, PA: ASTM International. https://doi.org/10.1520/E236905E01.
Hamza, R., Yan, Z., Muhammad, K., Bellavista, P., & Titouna, F. (2020). A privacy-preserving cryptosystem for IoT e-healthcare. Information Sciences, 527, 493–510.
Ermakova, T., Fabian, B., Kornacka, M., Thiebes, S., & Sunyaev, A. (2020). Security and privacy requirements for cloud computing in healthcare: Elicitation and prioritization from a Patient Perspective. ACM Transactions on Management Information Systems, 11(2), 6:1–6:29.
Tang, F., Ma, S., Xiang, Y., & Lin, C. L. (2019). An efficient authentication scheme for blockchain-based electronic health records. IEEE Access, 7, 41678–41689.
Wang, H., & Song, Y. J. (2018). Secure cloud-based EHR system using attribute-based cryptosystem and blockchain. Journal of Medical Systems, 42(8), 152:1–152:9.
Bhatia, T., Verma, A. K., & Sharma, G. (2020). Towards a secure incremental proxy re-encryption for e-healthcare data sharing in mobile cloud computing. Concurrency and Computation: Practice and Experience. https://doi.org/10.1002/cpe.5520.
Butpheng, C., Yeh, K. H., & Xiong, H. (2020). Security and privacy in IoT-cloud-based e-health systems—A comprehensive review. Symmetry, 12(7), 1191.
Aguiar, E. J. D., Faiçal, B. S., Krishnamachari, B., & Ueyama, J. (2020). A survey of blockchain-based strategies for healthcare. ACM Computing Surveys, 53(2), 27:1–27:27.
Nakamoto, S. (2009). Bitcoin: A peer-to-peer electronic cash system. 2012. [online]. http://www.bitcoin.org/bitcoin.pdf.
Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., et al. (2014). Zerocash: Decentralized anonymous payments from Bitcoin. In IEEE Symposium on Security and Privacy (pp. 459–474).
Ruffing, T., Moreno-Sanchez, P., & Kate, A. (2014). CoinShuffle: Practical decentralized coin mixing for Bitcoin. In European Symposium on Research in Computer Security (pp. 345–364).
Danezis, G., Fournet, C., Kohlweiss, M., & Parno, B. (2013) . Pinocchio coin: Building zerocoin from a succinct pairing-based proof system. In PETShop’13 Proceedings of the first ACM workshop on language support for privacy-enhancing technologies (pp. 27–30).
Kosba, A., Miller, A., Shi, E., Wen, Z., & Papamanthou, C. (2016). Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In IEEE Symposium on Security and Privacy (pp. 839–858).
Green, M., & M & Miers, I., (2017). Bolt: Anonymous payment channels for decentralized currencies. In ACM Sigsac Conference on Computer and Communications Security (pp. 473–489).
Huang, K., Zhang, X. S., Mu, Y., Rezaeibagha, F., Du, X. J., & Guizani, N. (2020). Achieving intelligent trust-layer for Internet-of-Things via self-redactable blockchain. IEEE Transactions on Industrial Informatics, 16(4), 2677–2686.
Ge, C. P., Liu, Z., & Fang, L. M. (2020). A blockchain based decentralized data security mechanism for the Internet of Things. Journal of Parallel and Distributed Computing, 141, 1–9.
Gai, K. K., Wu, Y. L., Zhu, L. H., Zhang, Z. J., & Qiu, M. K. (2020). Differential privacy-based blockchain for industrial Internet-of-Things. IEEE Transactions on Industrial Informatics, 16(6), 4156–4165.
Wilkinson, S., Boshevski, T., Brandoff, T., & Buterin, V., (2014). Storj: a peer-to- peer cloud storage network, The whitepaper is Storj Labs, Atlanta, GA, USA, Tech. Rep., Accessed 10 Jan 2019. [Online]. Available: https://storj.io/storj.pdf.
McGhin, T., Choo, K. K. R., Liu, C. Z., & He, D. B. (2019). Blockchain in healthcare applications: Research challenges and opportunities. Journal of Network and Computer Applications, 135, 62–75.
Miller, A., Juels, A., Shi, E., Parno, B., & Katz, J. (2014). Permacoin: Repurposing Bitcoin work for data preservation. In IEEE Symposium on Security and Privacy (pp. 475–490).
Boneh, D., Gentry, C., & Waters, B. (2005). Collusion resistant broadcast encryption with short ciphertexts and private keys. In Advances in Cryptology-CRYPTO (pp. 258–275).
Gentry, C., & Waters, B. (2009). Adaptive security in broadcast encryption systems (with short ciphertexts). In Advances in Cryptology-EUROCRYPT (pp. 171–188).
Kim, J., Susilo, W., Au, M. H., & Seberry, J. (2015). Adaptively secure identity-based broadcast encryption with a constant-sized ciphertext. IEEE Transactions on Information Forensics and Security, 10(3), 679–693.
Guo, D. L., Wen, Q. Y., Li, W. M., Zhang, H., & Jin, Z. P. (2016). Adaptively secure broadcast encryption with constant ciphertexts. IEEE Transactions on Broadcasting, 62(3), 709–715.
Merkle, R. C. (1980). Protocols for public key cryptosystems. In IEEE Symposium on Security and Privacy (pp. 122–134).
Sander, T., & Ta-Shma, A. (1999). Auditable, anonymous electronic cash. In Advances in Cryptology-CRYPTO (pp. 555–572).
Wang, C., Wang, Q., Ren, K., & Lou, W. (2013). Privacy-preserving public auditing for data storage security in cloud computing. In IEEE INFOCOM (pp. 1–9).
Zhou, L. J., Wang, L. C., & Sun, Y. R. (2018). MIStore: A blockchain-based medical insurance storage system. Journal of Medical Systems, 42(8), 149:1–149:17.
Acknowledgements
We are appreciate for the helpful comments and suggestions of anonymous reviewers. This work is supported by NSFC (Grant Nos. 62072051, 61976024, 61972048), National Key R&D Program of China (Grant No. 2020YFB1005900), and the Fundamental Research Funds for the Central Universities (Grant No. 2019XD-A01).
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Lin, H., Zhang, H., Yan, H. et al. A Secure Online Treatment Blockchain Service. Wireless Pers Commun 117, 1773–1795 (2021). https://doi.org/10.1007/s11277-020-07945-4
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07945-4