eHealthcare system data privacy concept based on Blockchain technology
Abstract
Introduction/purpose: Advances in information and communication technologies have enabled the creation of a symbiotic environment of humans and machines in which humans interact with machines to get better quality of everyday life. In that interaction, environment problems of information security and in particular data privacy are at the forefront. In many countries, there is legal regulation that regulates this problem in terms of securing the goals that must be realized when manipulating private data, and the technology itself is the choice of the creators of information systems. Blockchain technology is one of the methods of choice to ensure the integrity of data and undeniable transactions while digital certificates in conjunction with it enable the realization of data privacy of patients.
Methods: The cryptographic methods of asymmetric cryptography apply blockchain technology and reliable methods of identification in cyberspace, which enables the preservation of data privacy at a high level.
Results: This paper describes the method of patient health data privacy protection in a healthcare system based on digital certificates as an identification method in cyberspace and Blockchain technology as a method for preserving the integrity of transactions and a healthcare information system. The proposed concept enables the separation of private and medical data in such a way that with the accepted principle of patient ownership of medical data, it is possible to achieve primary and secondary use of healthcare data without compromising the patient’s privacy.
Conclusions: The concept of identity assignment to every element in the healthcare information system and the organization/storage of data in accordance with the principles of Blockchain technology proposed in this paper enable the realization of a high level of data privacy in accordance with the European Union General Data Protection Regulation at the international level. In addition, the proposed concept enables the detection of unregistered devices or entities in the system and thus preserves the integrity of the system and increases its overall information security.
References
Balamurugan, B., Poongodi, T., Manu, M.R., Karthikeyan, S. & Sharma, Y. 2023. Convergence of Blockchain, AI and IoT: A Digital Platform, 1st Edition. New York, NY: Chapman & Hall/CRC. ISBN 9780367495305.
Bhushan, B., Rakesh, N., Farhaoui, Y., Nand, P. & Unhelkar, B. 2022. Blockchain Technology in Healthcare Applications: Social, Economic, and Technological Implications, 1st Edition. Boca Raton: CRC Press. Available at: https://doi.org/10.1201/9781003224075.
Bhushan, B., Sharma, S.K., Saračević, M. & Boulmakoul, A. 2023. Blockchain Technology Solutions for the Security of IoT-Based Healthcare Systems: A volume in Cognitive Data Science in Sustainable Computing. Academic Press. Available at: https://doi.org/10.1016/C2021-0-01904-0.
Boonkrong, S. 2021. Authentication and Access Control: Practical Cryptography Methods and Tools. Apress Berkeley, CA. Available at: https://doi.org/10.1007/978-1-4842-6570-3.
Buchmann, J.A., Karatsiolis, E. & Wiesmaier, A. 2013. Introduction to Public Key Infrastructures. Heidelberg: Springer Berlin. Available at: https://doi.org/10.1007/978-3-642-40657-7.
Chen, L., Moody, D., Regenscheid, A. & Robinson, A. 2023. Digital Signature Standard (DSS). Federal Inf. Process. Stds. (NIST FIPS), National Institute of Standards and Technology. Available at: https://doi.org/10.6028/NIST.FIPS.186-5.
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R. & Polk, W. 2008. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, Standards Track. Tech. rep. [online]. Available at: https://www.rfc-editor.org/rfc/rfc5280.html [Accessed: 15 July 2023].
Diffie, W. & Hellman, M. 1976. New directions in cryptography. IEEE Transactions on Information Theory, 22(6), pp. 644–654. Available at: https://doi.org/10.1109/TIT.1976.1055638.
Fernández-Alemán, J.L., Señor, I.C., Lozoya, P.Á.O. & Toval, A. 2013. Security and privacy in electronic health records: A systematic literature review. Journal of Biomedical Informatics, 46(3), pp. 541–562. Available at: https://doi.org/10.1016/j.jbi.2012.12.003.
Forsby, F., Furuhed, M., Papadimitratos, P. & Raza, S. 2018. Lightweight X.509 Digital Certificates for the Internet of Things. In: Fortino, G. et al (Eds.) Proceedings of Interoperability, Safety and Security in IoT, Third International Conference, InterIoT 2017, and Fourth International Conference, SaSeIot. Valencia, Spain, vol. 242. pp.123-133, November 6-7. Cham: Springer. Available at: https://doi.org/10.1007/978-3-319-93797-7_14.
Galbraith, S.D. 2012. Mathematics of Public Key Cryptography, 1st Edition. Cambridge University Press. Available at: https://doi.org/10.1017/CBO9781139012843.
Garbis, J. & Chapman, J.W. 2021. Zero Trust Security: An Enterprise Guide. Apress Berkeley, CA. Available at: https://doi.org/10.1007/978-1-4842-6702-8.
Hines, B. 2020. Digital finance: Security tokens and unlocking the real potential of blockchain. Hoboken, New Jersey: Wiley. ISBN 978-1119756309.
Jayabalan, M. & O’Daniel, T. 2016. Access control and privilege management in electronic health record: a systematic literature review. Journal of Medical Systems, 40, art.number:261. Available at: https://doi.org/10.1007/s10916-016-0589-z.
Knuth, D.E. 1998. The art of computer programming, volume 3: (2nd ed.) sorting and searching. Redwood City, CA: Addison-Wesley Pub. Co. ISBN 978-0-201-89685-5.
Kudrati, A. & Pillai, B. 2022. Zero Trust Journey Across the Digital Estate, 1st Edition. Boca Raton: CRC Press. Available at: https://doi.org/10.1201/9781003225096.
Kumar, V., Jain, V., Sharma, B., Chatterjee, J.M. & Shrestha, R. 2022. Smart City Infrastructure: The Blockchain Perspective, 1st Edition. Hoboken, NJ: Willey. ISBN 978-1119785385.
Lee, D. & Deng, R.H. 2018. Handbook of Blockchain, Digital Finance, and Inclusion, Volume 1: Cryptocurrency, FinTech, InsurTech, and Regulation. San Diego, CA: Academic Press. Available at: https://doi.org/10.1016/C2015-0-04334-9.
Liang, Y.C. 2019. Blockchain for Dynamic Spectrum Management. In: Dynamic Spectrum Management. pp.121-146. Singapore: Springer. Available at: https://doi.org/10.1007/978-981-15-0776-2_5.
Mamdouh, M., Awad, A.I., Khalaf, A.A.M. & Hamed, H. 2021. Authentication and Identity Management of IoHT Devices: Achievements, Challenges, and Future Directions. Computers & Security, 111, art.number:102491. Available at: https://doi.org/10.1016/j.cose.2021.102491.
Menezes, A.J., van Oorschot, P.C. & Vanstone, S.A. 1997. Handbook of Applied Cryptography. Boca Raton: CRC Press. Available at: https://doi.org/10.1201/9780429466335.
Murphy, S. 2015. Healthcare Information Security and Privacy, 1st Edition. New York, NY: McGraw-Hill. ISBN 978-071831796.
Nakamoto, S. 2008. Bitcoin: A Peer-to-Peer Electronic Cash System. SSRN, 21 August, pp. 1-9. Available at: https://doi.org/10.2139/ssrn.3440802.
Omar, A.A., Bhuiyan, M.Z.A., Basu, A., Kiyomoto, S. & Rahman, M.S. 2019. Privacy-friendly platform for healthcare data in cloud based on blockchain environment. Future Generation Computer Systems, 95, pp. 511–521. Available at: https://doi.org/10.1016/j.future.2018.12.044.
Rais, R., Morillo, C., Gilman, E. & Barth, D. 2024. Zero Trust Networks, 2nd Edition. O’Reilly Media. ISBN 9781492096597.
Salman, T., Zolanvari, M., Erbad, A., Jain, R. & Samaka, M. 2019. Security Services Using Blockchains: A State of the Art Survey. IEEE Communications Surveys and Tutorials, 21(1), pp. 858–880. Available at: https://doi.org/10.1109/COMST.2018.2863956.
Shoniregun, C.A., Dube, K. & Mtenzi, F. 2010. Electronic Healthcare Information Security. New York, NY: Springer. Available at: https://doi.org/10.1007/978-0-387-84919-5.
Singh, A.K. & Zhou, H. 2022. Medical Information Processing and Security: Techniques and applications. Institution of Engineering and Technology. Available at: https://doi.org/10.1049/PBHE044E.
Smith, S.S. 2020. Blockchain, Artificial Intelligence and Financial Services: Implications and Applications for Finance and Accounting Professionals. Cham: Springer. Available at: https://doi.org/10.1007/978-3-030-29761-9.
Stamp, M. 2011. Information Security: Principles and Practice. Hoboken, NJ: Wiley. Available at: https://doi.org/10.1002/9781118027974.
Stawicki, S.P. 2023. Blockchain in Healthcare: From Disruption to Integration. Cham: Springer. Available at: https://doi.org/10.1007/978-3-031-14591-9.
Summers, A. 2022. Understanding Blockchain and Cryptocurrencies: A Primer for Implementing and Developing Blockchain Projects, 1st Edition. Boca Raton: CRC Press. Available at: https://doi.org/10.1201/9781003187165.
Todorov, D. 2007. Mechanics of User Identification and Authentication: Fundamentals of Identity Management, 1st Edition. New York, NY: Auerbach Publications. Available at: https://doi.org/10.1201/9781420052206.
Vacca, J.R. 2004. Public Key Infrastructure: Building Trusted Applications and Web Services, 1st Edition. New York, NY: Auerbach Publications. Available at: https://doi.org/10.1201/9780203498156.
Wang, Y., Zhang, A., Zhang, P. & Wang, H. 2019. Cloud-Assisted EHR Sharing With Security and Privacy Preservation via Consortium Blockchain. IEEE Access, 7, pp. 136704–136719. Available at: https://doi.org/10.1109/access.2019.2943153.
Zheng, Z. 2022. Modern Cryptography Volume 1: A Classical Introduction to Informational and Mathematical Principle. Singapore: Springer. Available at: https://doi.org/10.1007/978-981-19-0920-7.
Zheng, Z., Tian, K. & Liu, F. 2023. Modern Cryptography Volume 2: A Classical Introduction to Informational and Mathematical Principle. Singapore: Springer. Available at: https://doi.org/10.1007/978-981-19-7644-5.
Copyright (c) 2023 Dejan B. Cizelj, Tomislav B. Unkašević, Zoran Đ. Banjac
This work is licensed under a Creative Commons Attribution 4.0 International License.
Proposed Creative Commons Copyright Notices
Proposed Policy for Military Technical Courier (Journals That Offer Open Access)
Authors who publish with this journal agree to the following terms:
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).