Decentralized authentication and access control protocol for blockchain-based e-health systems

Abstract

The Internet of things technology has accelerated the development of e-health solutions and allows patients to obtain a more satisfying medical service experience. Each electronic health system(EHS) usually allows its subsystems to manage and access patient data to achieve its unique objective. Due to the limited computing power and storage capacity of the terminal, it is difficult to protect large amounts of patients’ medical record data in EHS. Medical data are a meaningful medical history resource, and are very important for the treatment and rehabilitation of patients. The privacy and integrity protection of medical data is a on-negotiable requirement for rational application in traditional medical systems. To achieve secure resource sharing and efficient service provision between users and medical service providers, we present a blockchain-based decentralized authentication and access control protocol for EHS that addresses broader medical data privacy and security needs. A practical Byzantine fault-tolerant(PBFT) negotiation mechanism based on multi-weighted subjective logic is adopted to improve the negotiation process. Finally, using BAN logic, we prove the reliability of the systems-security protections, which demonstrates that our proposal can withstand known security attacks.