A Cross-Domain Authentication Scheme Based on Cooperative Blockchains Functioning With Revocation for Medical Consortiums

Abstract

Regional medical consortium systems facilitates medical information sharing. However, many security issues exposed by the dominant centralized architectures, such as single points of failure, unauthorized operations and illegal access, are increasingly apparent constraints on the security and efficiency of data sharing across domains. Even more, any malicious operation detected, effective measures should be executed promptly for identity tracing. In this paper, we propose a secure and efficient cross-domain authentication scheme based on two cooperative blockchains (BCs) for medical consortium systems. Specifically, an intra-domain BC records any legal users’ registration and authentication information while an inter-domain BC is responsible for writing users’ cross-domain authentication information. In each domain, the general hospital acts as a trusted third service provider to achieve cross-chain interactions. For the entire cross-domain authentication procedure, anonymity mechanism is utilized to enhance security, and to trace malicious users, the improved chameleon hash is used in the intra-domain BC to redact the state of the user, and blacklist merkle tree is extended in the inter-domain BC to protect different domains’ services from illegal accessing. In addition, security analysis and performance evaluation are completely given to prove the superior security features and performance compared with other schemes.