DID-HVC-based Web3 healthcare data security and privacy protection scheme

Abstract

In response to the current situation that Web2 Internet medical giants monopolize data elements and deprive medical users of their data rights and interests, self-sovereign identity(SSI) in the open environment of “Web3+Medicine” will make it possible for users to control and manage their e-medical data independently. However, SSI is a new identity management paradigm, and in the face of frequent interactions between identity credentials and application services, the existing research schemes have a coarse granularity of identity privacy protection, so there is an urgent need for attestation methods that selectively minimize the disclosure of identity attributes. In this study, we propose a SSI attribute selectively disclosable scheme based on a decentralized identifiers-hash verifiable credentials (DID-HVC) and design a model, that enables medical users not only to selectively minimize the disclosure of identity attribute data using verifiable credentials (VCs) with hash claims and combines with DID incorporating random obfuscation factors, to prevent overexposure of personal and healthcare privacy information, but also to safeguard users’ VCs are not linked and analysed. Finally, we provide a security and practicality analysis of our scheme and do simulation experiments based on Ethernet. The experimental results show that our scheme can more securely solve the problem of excessive privacy leakage of medical users within a feasible timeframe.