Towards cross-chain access control model for medical data sharing

Abstract

Secure and scalable dynamic data interaction is significant to improve the level of medical collaboration and facilitate patients’ medical treatment. The consortium blockchain provides integrity and traceability management for medical data through preset authorized access and consensus mechanisms. However, how to realize the secure sharing of data among patients in the heterogeneous consortium blockchains, enabling users to own medical data ownership, and to share medical data securely and dynamically between different medical institutions is still challenging. To this end, we propose a cross-chain based access control model for medical data sharing, which model is patient-centered and solves the contradiction between medical data sharing and user privacy. Then, a dynamic access control strategy based on identity and role is designed. The strategy is written by smart contracts and can provide security for medical data access. Finally, in order to reduce the cost of storage on the blockchain, we adopted (InterPlanetary File System) IPFS as the storage system for medical data. Experimental results show that our model can complete the autonomous and secure authorization of medical data in milliseconds, and can realize the secure sharing of medical data onto heterogeneous consortium blockchains.