This document proposes a medical data sharing scheme using cryptosystems and blockchain technology. It aims to securely store encrypted medical records in the cloud while recording addresses on a permissioned blockchain. This allows patients to access comprehensive medical histories when switching hospitals. The document outlines objectives like ensuring data confidentiality and verifying user identities. It also provides system design details, the implementation plan using Hyperledger Fabric, and discusses improving the smart contract logic and security of the solution.

1. Medical Data Sharing Scheme Based on Cryptosystem
and Blockchain Technology
by
Vishal Kumar
Roll. No.: 2018IMT-106
ABV–INDIAN INSTITUTE OF INFORMATION
TECHNOLOGY AND MANAGEMENT GWALIOR (M.P.),
INDIA

2. Motivation
In Medical Industry Medical data is critical and sensitive since
a little altering or tampering of data might leeds to wrong
medication or may not be able to get expected medical cure.
Firstly in medical industry they used to store the data
manually by pen paper, So Management and security of the
data is not achieved. So we moved to EMR system which is
far better than manual system.
EMR actually uses cloud to store the data and medical
practitioner uses these data to cure the patient But in this
system confidentiality, security and availability is the major
issues.

3. cont...
The lack of user control over their personal information leads
to harmful consequences such as unauthorized identities can
access/edit the personal medical details.
The critical issues in the electronic health/medical records
(EHR/EMR) is maintaining the interoperability among various
involved identites.
Data stored in the cloud may be damaged by cloud server
failure, administrative errors or malicious attacks.
So, To solve these issues, we moved to Blockchain Technology.

4. Blockchain
Blockchain is an emerging database technology characterized by
decentralization, transparency, and data non-tampering.
With blockchain technology, there is no need to use
third-party companies to store our data reliably, or to worry
about data unavailability.
To solve these problem, blockchain technology using
Hyperledger Fabric framework can be used.
By creating a distributed database of the patient’s medical
data records, the patient can switch hospitals without having
to bother about the medical records.

5. Cont...
Makes easier for the doctor to track a patient’s medical
history.
The two organizations in the network are two different
hospitals.
The distributed database will contain the patient’s medical
records.
Peers are the doctors.

6. Review of Key Related Research
Doukas et al. (2012) uses the public key encryption (PKE)
technology to encrypt medical data, avoiding attacks from
unauthorized person, however major issues in this encryption
technique is that the key can be easily guessed by the attacker
so the Attribute based encryption would be beneficial to use
in this case.
Amofa et al.(2018) proposed a blockchain architecture to
realize the security control of personal data in medical data
sharing by smart contracts with user generated acceptable
policies. The architecture minimized data security risks by
designing a mechanism to control the shared data.

7. Cont...
Battah et al. (2020) presented a blockchain based solution for
multi-party authorization (MPA) and access control for
encrypted data that is stored in distributed storage, such as
IPFS(Interplanetery file system)- A peer to peer, version
controlled, content addressed file system.
Cheung and Newport (2020) proposed a attribute based
ciphertext policy encryption technique, it takes the identity
information of user as a attribute, and allows the data owner
to formulate the access control policy. The access structure is
simple and the public parameters are long, so its efficiency is
low.

8. Cont...
So after reviewing above research papers, i found out that for
encryption of data- ABE, for data source authenticity hiding- ABS,
and for managing the files in the distributed blockchain using IPFS
is better. All of these technique’s is not taken together in any
paper and by combining it we can get much better results than
earlier system.

9. Objectives
Patient’s records should be secure (Cryptographically
encrypted)
To store encrypted medical data in cloud and store address of
it in Blockchain network.
Confidentiality of patient’s records (Permissioned blockchain).
Verification and validation of identities of hospitals, doctors,
and client by CA and MSP.

10. Methodology/System Design
There are three participants in this system:-
Admin - Among all hospitals there will be an admin from any
one hospital for adding doctors in the blockchain network.
Doctors - Only doctors can add patients into the blockchain
network as well as create records of the patients and can view
the entire record of the patient. Doctors can edit only medical
records, but cannot edit the personal details of the patient.
Patients - Patients can view all the medical records, but can
edit only the personal data.

11. cont.
Figure: System Model

12. Implementation Details
Fabric architecture allows to add plugins for the identity
management and consensus algorithm-
Hyperledger fabric is a promissing blockchain framework comes
with policies, smart contracts and provision of secure identities.
Provide reliable and secure solution in managing medical field
records.
Confidentiality and security of data can be achieved through
Attribute based encryption technique.
Performance is optimized, since mining is not required.
Creation of a private channel for only a few participants
among a large blockchain network.

13. Progress so far
Selected some base papers and studied them to find out the
advantages and disadvantages of existing approaches.
Studied Cryptosystem and Blockchain Technology and it’s use
cases and how it can be used for our purpose.
Implemented the basic smart contract logic for this DAPPS.

14. Tasks to be completed
To improve the smart contract logic for better results.
Write efficient code for frontend as well as backend for this
project.
Deployement of this project to the rinkeby test network.

15. Expected research outcome
Improve source code to make to provide scalable and
pluggable solution in terms of increasing hospitals and peers
Overcome security challenges
Doctor should see history of a patient to understand condition
and prescribe proper medication
Provide reliable and secure solution in managing medical field
records.

16. References I
Beimel A T. Schabetsberger et al., “From a paper-based
transmission of discharge summaries to electronic
communication in health care regions,” Int. J. Med. Inform.,
vol. 75, no. 3, pp. 209-215, 2006.
C. Hongbing, R. Chunming, H. Kai, W. Weihong, and L.
Yanyan, “Secure big data storage and sharing scheme for cloud
tenants,” China Commun., vol. 12, no. 6, pp. 106-115, 201.
M. Shen, B. Ma, L. Zhu, R. Mijumbi, X. Du, and J. Hu,
“Cloud-based approximate constrained shortest distance
queries over encrypted graphs with privacy protection,” IEEE
Trans. Inf. Forensics Security, vol. 13, no. 4, pp. 940-953, 2018.

17. References II
F. Xhafa, J. Li, G. Zhao, J. Li, X. Chen, and D. S. Wong,
“Designing cloud-based electronic health record system with
attribute-based encryption,” Multimedia Tools Appl., vol. 74,
no. 10, pp. 3441-3458, 2015.
W. Liang, M. Tang, J. Long, X. Peng, J. Xu and K. C. Li, “A
secure fabric blockchain-based data transmission technique for
industrial Internet-of-Things,” IEEE Trans. Ind. Inf, vol. 15,
no. 6, pp. 3582-3592, 2019.