Blockchain-Based Multiple Authorities Attribute-Based Encryption for EHR Access Control Scheme

Abstract

The Internet of Medical Things (IOMT) is critical in improving electronic device precision, dependability, and productivity. Researchers are driving the development of digital healthcare systems by connecting available medical resources and healthcare services. However, there are concerns about the security of sharing patients’ electronic health records. In response to the prevailing problems such as difficulties in sharing medical records between different hospitals and patients’ inability to grasp the usage of their medical records, we propose a patient-controlled and cloud-chain collaborative multi-authority attribute-based encryption for EHR sharing with verifiable outsourcing decryption and hiding access policies (VO-PH-MAABE). This scheme uses blockchain to store the validation parameters by utilizing its immutable, which data users use to verify the correctness of third-party outsourcing decryption results. In addition, we use policy-hiding technology to protect data privacy so that data security is guaranteed. Moreover, we use blockchain technology to establish trust among multiple authorities and utilize Shamir secret sharing and smart contracts to compute keys or tokens for attributes managed across multiple administrative domains, which avoids a single point of failure and reduces communication and computation overhead on the data user side. Finally, the ciphertext indistinguishability security under the chosen plaintext attack is demonstrated under the stochastic prediction model and compared with other schemes in terms of functionality, communication overhead, and computation overhead. The experimental results show the effectiveness of this scheme.