A Blockchain-based approach and Attribute-based Encryption for Healthcare Record Data Exchange

Abstract

Sharing medical data can help doctors to give a more rapid and accurate diagnosis of a patient's health problems. However, electronic healthcare records (EHRs) are also considered sensitive data, whose sharing may raise issues of security and privacy. Most current healthcare systems not only manage their data in centralized databases but also lack protection methods, which makes them vulnerable and targeted for cyberattacks. A vulnerable healthcare system then can lead to the leakage of its managed data and serious consequences. This study aims to improve the security and privacy of exchanging EHRs using blockchain technology, IPFS, and attribute-based encryption (ABE). More specifically, to overcome the weakness of centralized storage, the proposed approach uses decentralized databases in its design. We implement a permissioned blockchain network with multiple nodes to ensure the availability and secure data in case of incidents. Additionally, encryption that incorporates the owner's special attributes guarantees data privacy. The proposed system, called BABEHealth, is intended to improve the robustness of healthcare management systems and deal with known security flaws in existing systems for smart healthcare. To evaluate the performance of the proposed system, we consider the latency of transaction creation, the change in data size when applying encryption, and the encryption time with various data quantities.