Auditable Healthcare Data Sharing Based on Decentralized Identity

Song Wenpeng; Zhang Liang; Ma Yuhang

doi:10.7544/issn1000-1239.202440351

Journal of Computer Research and Development > 2024 > 61(10): 2501-2513. > DOI: 10.7544/issn1000-1239.202440351 CSTR: 32373.14.issn1000-1239.202440351

Song Wenpeng, Zhang Liang, Ma Yuhang. Auditable Healthcare Data Sharing Based on Decentralized Identity[J]. Journal of Computer Research and Development, 2024, 61(10): 2501-2513. DOI: 10.7544/issn1000-1239.202440351

Citation:

PDF (1370 KB)

Auditable Healthcare Data Sharing Based on Decentralized Identity

Song Wenpeng^{1, 2,},
Zhang Liang^{1, 2, 3},
Ma Yuhang³

1.
School of Computer Science, Fudan University, Shanghai 200433
2.
Shanghai Engineering Research Center of Blockchain, Shanghai 200433
3.
School of Cyberspace Security (School of Cryptology), Hainan University, Haikou 570228

Funds: This work was supported by the National Key Research and Development Program of China (2019YFB2101703), the National Natural Science Foundation of China (62272107, U19A2066), the Innovation Action Plan of Shanghai Science and Technology (21511102200), the National Natural Science Foundation of China for Young Scientists (62302129), and the Hainan Provincial Key Research and Development Program (ZDYF2024GXJS030).

More Information

Author Bio:
Song Wenpeng: born in 1982. PhD candidate. His main research interests include proxy re-encryption and blockchain

Zhang Liang: born in 1989. PhD, associate professor, PhD supervisor. His main research interests include applied cryptography and blockchain

Ma Yuhang: born in 2000. Master candidate. His main research interest includes cross-chain technology for blockchain
Received Date: May 26, 2024
Revised Date: July 13, 2024
Available Online: July 17, 2024

Graphical Abstract

Abstract

Abstract

The continuous rapid development of Internet technology has brought increasing convenience for data sharing. However, data security and privacy issues have also emerged. Taking healthcare as an example, people hope to seek treatment quickly and claim reimbursement promptly, but do not want to disclose their medical records and expenses in hospitals. To adapt to the above data sharing scenarios, we propose a decentralized identity (DID) model based on blockchain and proxy re-encryption (PRE). Further, we achieve a data sharing framework for smart healthcare. Blockchain is leveraged to avoid the problem of single-node failure, ensuring data availability and data consistency. PRE is employed to achieve the separation of data generation, management and usage. This character is identical to that of the DID model, where verifiable credential (VC) issuance and verification are separated. Besides, PRE helps to achieve the goal of patient-centered healthcare. Furthermore, we obtain verifiable presentation (VP) by using the BLS aggregation signatures, which enable us to combine and authenticate multiple VCs. We incorporate blockchain as a decentralized trusted third party to check the correctness of cryptographic operations, achieving data verifiability and audibility in an encrypted mode. Also, we make a scrupulous security analysis of the proposed framework and compare it with related work. Finally, we conduct comprehensive experiments based on Ethereum and IPFS (inter-planetary file system), demonstrating the feasibility and efficiency of our solution.
- proxy re-encryption,
- data sharing,
- blockchain,
- smart healthcare,
- decentralized identity

FullText(HTML)

References (29)

References

[1]	Saxena A, Sharma T, Gupta H, et al. Revamping healthcare with Web 3.0[C]//Proc of the Int Conf on Innovative Computing & Communication (ICICC). Berlin: Springer, 2022. http://dx.doi.org/10.2139/ssrn.4381964
[2]	Garzon S R, Yildiz H, Küpper A. Decentralized identifiers and self-sovereign identity in 6G[J]. IEEE Network, 2022, 36(4): 142−148 doi: 10.1109/MNET.009.2100736
[3]	Avellaneda O, Bachmann A, Barbir A, et al. Decentralized identity: Where did it come from and where is it going?[J]. IEEE Communications Standards Magazine, 2019, 3(4): 10−13 doi: 10.1109/MCOMSTD.2019.9031542
[4]	Reed D, Sporny M, Longley D, et al. Decentralized identifiers (DIDs) v1.0. Draft Community Group Report[S/OL]. 2020 [2024-03-24]. https://www.w3.org/TR/did-core/#references
[5]	Szalachowski P. Password-authenticated decentralized identities[J]. IEEE Transactions on Information Forensics and Security, 2021, 16: 4801−4810 doi: 10.1109/TIFS.2021.3116429
[6]	Costan V, Devadas S. Intel SGX explained[J/OL]. Cryptology ePrint Archive. 2016 [2024-03-24]. https://eprint.iacr.org/2016/086
[7]	Fathalla E S, Azab M, Xin Chunsheng, et al. PT-SSIM: A proactive, trustworthy self-sovereign identity management system[J]. IEEE Internet of Things Journal, 2023, 10(19): 17155−17169 doi: 10.1109/JIOT.2023.3273988
[8]	Maram S K D, Zhang Fan, Wang Lun, et al. CHURP: Dynamic-committee proactive secret sharing[C]//Proc of the 2019 ACM SIGSAC Conf on Computer and Communications Security. New York ACM, 2019: 2369−2386
[9]	Khalili M, Dakhilalian M, Susilo W. Efficient chameleon Hash functions in the enhanced collision resistant model[J]. Information Sciences, 2020, 510: 155−164 doi: 10.1016/j.ins.2019.09.001
[10]	Zhang Liang, Kan Haibin, Huang Honglan. Patient-centered cross-enterprise document sharing and dynamic consent framework using consortium blockchain and ciphertext-policy attribute-based encryption[C]//Proc of the 19th ACM Int Conf on Computing Frontiers. New York: ACM, 2022: 58−66
[11]	Rouselakis Y, Waters B. Efficient statically-secure large-universe multi-authority attribute-based encryption[C]//Proc of Int Conf on Financial Cryptography and Data Security. Berlin: Springer, 2015: 315−332
[12]	Wood G. A secure decentralised generalised transaction ledger[J]. Ethereum Project Yellow Paper, 2014, 151: 1−32
[13]	Benet J. IPFS-content addressed, versioned, P2P file system[J]. arXiv preprint, arXiv: 1407.3561, 2014
[14]	Thilakanathan D, Chen S, Nepal S, et al. A platform for secure monitoring and sharing of generic health data in the cloud[J]. Future Generation Computer Systems, 2014, 35: 102−113 doi: 10.1016/j.future.2013.09.011
[15]	Ge C, Susilo W, Baek J, et al. A verifiable and fair attribute-based proxy re-encryption scheme for data sharing in clouds[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 19(5): 2907−2919
[16]	Zhou Yuyang, Zhao Liang, Jin Yuqiao, et al. Backdoor-resistant identity-based proxy re-encryption for cloud-assisted wireless body area networks[J]. Information Sciences, 2022, 604: 80−96 doi: 10.1016/j.ins.2022.05.007
[17]	Sharma B, Halder R, Singh J. Blockchain-based interoperable healthcare using zero-knowledge proofs and proxyre-encryption[C]//Proc of 2020 Int Conf on Communication Systems & Networks (COMSNETS). Piscataway, NJ: IEEE, 2020: 1−6
[18]	Gao Juntao, Yu Haiyong, Zhu Xiuqin, et al. Blockchain-based digital rights management scheme via multiauthority ciphertext-policy attribute-based encryption and proxy re-encryption[J]. IEEE Systems Journal, 2021, 15(4): 5233−5244 doi: 10.1109/JSYST.2021.3064356
[19]	Agyekum K O B O, Xia Qi, Sifah E B, et al. A proxy re-encryption approach to secure data sharing in the Internet of things based on blockchain[J]. IEEE Systems Journal, 2021, 16(1): 1685−1696
[20]	Yao Shimao, Dayot R V J, Ra I H, et al. An identity-based proxy re-encryption scheme with single-hop conditional delegation and multi-hop ciphertext evolution for secure cloud data sharing[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 3833−3848 doi: 10.1109/TIFS.2023.3282577
[21]	Boldyreva A. Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme[C]//Proc of the Int Workshop on Public Key Cryptography. Berlin: Springer, 2002: 31−46
[22]	Boneh D, Lynn B, Shacham H. Short signatures from the Weil pairing[C]//Proc of the Int Conf on the Theory and Application of Cryptology and Information Security. Berlin: Springer, 2001: 514−532
[23]	Keshta I, Aoudni Y, Sandhu M, et al. Blockchain aware proxy re-encryption algorithm-based data sharing scheme[J]. Physical Communication, 2023, 58: 102048 doi: 10.1016/j.phycom.2023.102048
[24]	Diffie W, Hellman M E. New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976, 22(6): 365−390
[25]	Rahimi A, Maddah-Ali M A. Multi-Party proof generation in QAP-based zk-SNARKs[J]. IEEE Journal on Selected Areas in Information Theory, 2021, 2(3): 931−941 doi: 10.1109/JSAIT.2021.3102267
[26]	Karati A, Islam S K H, Biswas G P. A pairing-free and provably secure certificateless signature scheme[J]. Information Sciences, 2018, 450: 378−391 doi: 10.1016/j.ins.2018.03.053
[27]	Wang Xuan, Ma Jianfeng, Xhafa F, et al. Cost-effective secure E-health cloud system using identity based cryptographic techniques[J]. Future Generation Computer Systems, 2017, 67: 242−254 doi: 10.1016/j.future.2016.08.008
[28]	Sun Maosheng, Ge Chunpeng, Fang Liming, et al. A proxy broadcast re-encryption for cloud data sharing[J]. Multimedia Tools and Applications, 2018, 77: 10455−10469 doi: 10.1007/s11042-017-4448-9
[29]	Nunez D. UMBRAL: A threshold proxy re-encryption scheme[J/OL]. [2024-05-16]. https://raw.githubusercontent.com/nucypher/umbral-doc/master/umbral-doc.pdf

[1]	Wu Haibo, Liu Hui, Sun Yi, Li Jun. A Concurrent Conflict Transaction Optimization Method for Consortium Blockchain Hyperledger Fabric[J]. Journal of Computer Research and Development, 2024, 61(8): 2110-2126. DOI: 10.7544/issn1000-1239.202220644
[2]	Yang Bo, Guo Haoran, Feng Junhui, Li Ge, Jin Zhi. A Rule Conflict Detection Approach for Intelligent System of Internet of Things[J]. Journal of Computer Research and Development, 2023, 60(3): 592-605. DOI: 10.7544/issn1000-1239.202110941
[3]	Ding Xue’er, Niu Jun, Zhang Kaile, Mao Xinyi. Code Search Method Based on the Reachability Analysis of Petri Nets[J]. Journal of Computer Research and Development, 2022, 59(1): 236-250. DOI: 10.7544/issn1000-1239.20200586
[4]	Zhou Hang, Huang Zhiqiu, Hu Jun, Zhu Yi. Real-Time System Resource Conflict Checking Based on Time Petri Nets[J]. Journal of Computer Research and Development, 2009, 46(9): 1578-1585.
[5]	Zhao Mingfeng, Song Wen, Yang Yixian. Confusion Detection Based on Petri-Net[J]. Journal of Computer Research and Development, 2008, 45(10): 1631-1637.
[6]	Cui Huanqing and Wu Zhehui. Structural Properties of Parallel Program's Petri Net Model[J]. Journal of Computer Research and Development, 2007, 44(12): 2130-2135.
[7]	Lao Songyang, Huang Guanglian, Alan F. Smeaton, Gareth J. F. Jones, Hyowon Lee. A Query Description Model of Soccer Video Based on BSU Composite Petri-Net[J]. Journal of Computer Research and Development, 2006, 43(1): 159-168.
[8]	Li Botao and Luo Junzhou. Modeling and Analysis of Non-Repudiation Protocols by Using Petri Nets[J]. Journal of Computer Research and Development, 2005, 42(9): 1571-1577.
[9]	Yao Jian, Mao Bing, and Xie Li. A DAG-Based Security Policy Conflicts Detection Method[J]. Journal of Computer Research and Development, 2005, 42(7): 1108-1114.
[10]	Jiang Hao and Dong Yisheng. A Time Performance Evaluation Method for Workflow Based on Extended Timed Petri Net[J]. Journal of Computer Research and Development, 2005, 42(5): 849-855.