Improving the data access control using blockchain for healthcare domain

Introduction

The US social insurance system, such as healthcare, is gradually obtaining digital medical information, thanks to the fast-expanding availability of data which will considerably build up the number of medical information collected securely.¹ Furthermore, a change in perspective in the medical services sector has seen the new trend of computerizing medical records. The medical services sector is therefore rapidly rising in data volume as far as randomness and simplicity are concerned. Although the public healthcare sector is struggling with the magnitude of big data, security and privacy concerns are converging as threats and vulnerabilities grow.^2,3

The modern and revolutionary technology to build safer, more private, and interoperable health systems, blockchain technology has proven to be efficient. The aim of this paper is to propose a decentralized model for sharing and storing medical information utilizing blockchain technology to ensure security, preserving complete privacy, and allowing the owner to be completely in control of their data. In this research, additional efforts were made to harness and itemize all blockchain technology technical tools and the current influence of this developing technology on healthcare and industry.

Recent studies in the healthcare sector dealing with is-sues of scalability have used blockchain. Nonetheless, the application of blockchain in these studies was limited to the healthcare dataset index and the storage of verified transactions by endorsing peers. In contrast to these approaches, the current blockchain model pro-poses the storage of all medical datasets in blockchain and also improving data throughput limitations. In light of these proposed improvements, Yang et al.⁴ proposed the use of blockchain as an index of a medical dataset and a list of user’s information. Similarly, Daraghmi et al.⁵ introduced a data-sharing and access authentication scheme based on a private blockchain. Likewise, Genestier et al.⁶ offered a novel proposal for reshaping healthcare permission monitoring using blockchain technology and allow users to access their entire health record data. In their implementation, there is no permission settings and no access restriction. MedRec⁷ is a software system developed using blockchain technology by the MIT media lab to handle electronic health records. They created a hospital management system that responds to four major issues: disjointed, delayed access to health care information; process compatibility; respect for autonomy; and enhanced data quantity and quality for clinical research.

Medical Chain⁸ project began in 2016, with the launch of the first model in mid-2017. Later in 2017, a partnership with the Linux Foundation was created. In the early months of 2018, a beta version of the program was published. The primary objective is to develop a single, accurate version of the user's health data.

MedBlock,⁹ which is architecture based on a hybrid blockchain to protect Electronic Medical Records (EMRs). Their design nodes identify them as endorsers, orderers, and committers. Yet, the access control strategy to allow third-party researchers access to medical data is not specified precisely.

Xia et al.¹⁰ introduced the Blockchain-Based Data Sharing (BBDS) system allowing owners and participants to access EMR from a shared repository theory based on positive identity and key verification.

Diversely, other research projects related to adopting blockchain in the healthcare domain are summarized as follows.

Blockchain Health,¹¹ ASTRI¹² and Bloq¹³ allow users to use the integrated platform to share health data with researchers, which creates a tamper-proof knowledge custody chain. Similarly, HIE of One^14-16 is a blockchain software initiative that provides resources for patients to access their own records. Hyperledger¹⁷ and IBM Blockchain¹⁸ is hyperledger fabric's first regulated platform, allowing the development of company blockchain platforms that users can monitor and spread through various organizations.

All the principal functions of blockchain technology and some true blockchain applications in healthcare were discussed at this point. More concretely, issues addressed in this chapter include authentication management, identity management, and cryptography. In the next section we will clarify the model that helps to il-lustrate how the blockchain network communicates with the developed model.

The paper contributions are summarized as follows:

Methods

The overall data storage workflow is displayed in Figure 1 based on the following steps:

Figure 1. Overall framework of proposed system.

From Figure 1, steps (a) to (f) depict the procedures for accessing a data source:

1: procedure JOINFUNCTION (Alice, Bob)
2:  Alice executes:
3:     SKAlice ← RPAlice
4:     EncRPSKAlice = enc (PKBob, RPSKAlice)
5:     Alice shares EncRPSKAlice with Bob
6:  Bob executes:
7:     PKBob ← RPBob
8:     Bob shares PKBob with Alice
9:  return EncRPSKAlice
10: end procedure

1: procedure POLICYCHECK (PKK, xp)
2:  Bob ← False
3:  apolicy = H (PKK)
4:  if M [apolicy] ≠ null then
5:  PKAlice,0 PKBob, POLICYAlice,Parse(M [apolicy])
6:      if PKK = PKAlice or
7:  (PKK = PKBob and xp ∈ POLICYAlice, Bob) then
8:  Bob ← True
9:      end if
10:  end if
11: end procedure

1: procedure RWTX (PKK, m)
2:  c, xp, rw = Parse(m)
3:  if PolicyCheck (PKK, xp) = 1 then
4:     PKAlice, PKBob. POLICYAlice, Bob ← Parse (M [H () PKAlice])
5:     axp = H (PKAlice||xp)
6:  if rw = 0 then
7:        hc = H(c)
8:        M [axp] ← M [axp] ∪ hc
9:        (DHT) ds [hc] ← c
10:        return hc
11:     else if c ∈ M [axp] then
12:        (DHT) return ds [hc]
13:     end if
14:  end if
15:  return 0
16: end procedure

Experimental evaluations and results

In the evaluations, all algorithms run on the same PC, we observed the various experimental evaluations conducted for Hyperledger fabric. In the experiment, we considered scenarios where a client or user sends ‘N’ transactions of a certain type ‘f’ to the blockchain in an asynchronous manner. Between 1000 to 10,000 transactions were asynchronously sent to the blockchain server. The number of run transaction requests is set from 1000 to 10,000 transactions, with increments of 1000 transactions for every run a sample digitized data collection, namely OpenMRS that consists of 5000 patients and 500,000 observations is used for our evaluation. We have study latency and throughput up to 600blocks in the thesis presented for the work (see Table 1). We benchmarked the proposed model against approaches proposed.^4,5 Also, all algorithms run on the same evaluation PC for a fair comparison.

Case study: implementing the proposed model prototype to healthcare

Figure 2 depict the average latency across specific block sizes, analyzing various datasets or arrival rates of transactions. From Figure 2, we made several observations. This include the average latency in our approach is almost two-times less than that of average latency in both approaches by^4,5 for all block sizes, except for when the transaction is at 1000 TX, we saw that latency of all approaches are lower. Further observations shows that, as the number of transactions and block size increases, the average latency for all approaches go higher, and the difference in average latency in all approaches are more noticeable. It can be most obvious especially as the block size increases, the number of transaction arrival rate increases from 5,000 to 10,000 transactions. This is because the volume of pending transactions at validation stage grew on high count which affected commit latency.

Figure 2. Average latency with block size of 200–400 on various transaction arrival rates.

Evaluating the impact of endorsement policy

Figure 3 depict the average latency time of endorsement policy with the various number of transactions per second (TPS) (for the number of transactions ranging from 1000 to 10000). From Figure 3, it can be observed that the number of sub-policies and the number of signature validation has caused high latency for the join, content authentication and secure content access functions in^4,5 approaches.

Figure 3. Average latency time of 4–8 peers on endorsement policy.

Impact of state database

We study the throughput and latency over varying transaction arrival rates for database utilized in the three approaches with different transaction complexity.

From Figures 4 and 5, shows that as transaction arrival increased for read/write only complexity, the throughput increased and latency decreased. This was observed while utilizing CouchDB as the state database.

Figure 4. Throughput of 5000–10000 transaction arrival rate with read/write transaction.

Figure 5. Latency of 5000–10000 transaction arrival rate with read/write transaction.

The result shows that GoLevelDB performance was better than CouchDB with respect to ledger database. The reason behind the relatively good performance is the existence of key-value state database embedded in the peer mechanism.

Discussion

By implementing the proposed model and incorporating it with blockchain technologies, the proposed model makes tough reference pointers for heterogeneous databases and trades these pointers rather than real information by means of the blockchain part. This approach can overcome service provider limitations for medical imaging centers or hospitals in rural areas in particular by enabling scalable data sharing without requiring data to be uploaded to some other centralized repository, whereby other parties may share and retrieve data.

The proposed model also ensures exhaustive attention is given to efficiency and effectiveness. In addition, the proposed model creates authentication tokens that are linked to each participating care agency (service manager or organization) as electronic health identities.

The performance evaluation results further showed that the proposed model achieves higher throughput and lower latency compared to existing approaches when the workload varies up to 10,000 transactions.

It's also worth noting that the proposed model preserves confidentiality and security by controlling transactions with timed-based chaincodes. The use of sophisticated encryption maintains security and access control.

Security and access control are maintained by the adoption of advanced encryption (such as the proposed hybrid PKI) and authentication methods that defend against adversarial efforts to change unwanted entry when issuing encryption information to verify and validate transactions to network users.

Conclusions

We had presented a model, which describes the interaction between a blockchain network and the designed model. To ensure a safe and private environment to communicate and store health data, the designed model exploits the most significant elements of blockchain technology while suppressing features that are not significant. In future work, we expect to perform refined simulations so that our model is tested more rigorously. We could do this by downloading and testing a wider range of various blockchain frameworks in a verified setting, for instance, using the blockchain instance of Amazon Web Services' blockchain.

Author contributions

Olaosebikan Tahir Yinka constructed the protytpe and conducted the experimental evaluations under the guidance of his supervisors, Su-Cheng Haw and Timothy Tzen Vun Yap. Samini Subramaniam is the external collaborator while Su-Cheng Haw is the corresponding author for this paper.

Data availability

No data are associated with this article.

Software availability

Ethics approval

Ethical approval was given by the ethical approval board of Multimedia University, with number: EA1762021.