A novel system for medical equipment supply chain traceability based on alliance chain and attribute and role access control

Abstract

With the increasing sales of the medical device market, the medical incidents caused by passive medical devices are increasing, which needs to be solved from the medical device supply chain. In addition, there are complex rights retrieval and assignment problems in the medical device supply chain system, and the traditional Role-based Access Control (RBAC) model is no longer suitable for the actual application environment of the supply chain.This article combines the traditional RBAC model and the Attribute-based Access Control (ABAC) model for access control management in the medical device supply chain to overcome the limitations abovementioned, taking advantage of the ABAC model’s flexibility to achieve granular and dynamic management of permissions, as also the RBAC model to simplify the permissions management of the entire system. Blockchain technology’s traceability, non-tampering, and decentralization features are essential to eliminate passive and inferior medical equipment sales activities, solving the problem of mutual mistrust and ‘Information Silo’ between the two sides of medical device transactions. The access control model is implemented in the blockchain’s smart contract, providing granular and dynamic authority management for the medical equipment supply chain and guaranteeing the security and privacy of medical device information in the supply chain. Three smart contracts on Hyperledger Fabric are designed for device management information, storage of implemented access control models, and implementation of access control policies. Experimental results show that the entire system is stable, ensuring high throughput and high security and promising.