Blockchain-based data access control for healthcare
Unauthorized access to data is one of the biggest privacy concerns that hinder most organizations to adopt big data technology. Although some mechanisms and systems have been set-up to handle access authorization and identity management for huge databases, nevertheless, the scalability requirements...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Published: |
2020
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Unauthorized access to data is one of the biggest privacy concerns that hinder most organizations to adopt big data technology. Although some mechanisms and systems have been set-up to handle access authorization and identity management for huge databases, nevertheless, the scalability requirements of big data are far beyond what the conventional databases can handle. Therefore, it is trivial to set-up a scalable and efficient identity management algorithm for conventional databases. As such, this study presents the opportunities and problems of implementing cryptography and blockchain for identity management and authorization control in big data, focusing on the healthcare domain. A healthcare organization typically stores and shares data when using distributed systems on a centralized server. All-access requests are passed through a centralized access control system, which makes the control system easy to manage. A centralized strategy however has the following drawbacks: single point of failure, central authority, and limited transparency. However, existing decentralized solutions such as blockchain manage authentication off the decentralized network leveraging the network for identity check only, they lack authorization mechanism for blockchain requirements of models with deterministic outcomes. Firstly, in this research, we explored data access control privacy issues, through a literature study and proposed a decentralized data access and sharing system that preserves privacy to ensure adequate data access management under the blockchain. Secondly, we designed a blockchain framework to resolve the decentralized data access and sharing system privacy issues, by implementing a public key infrastructure model, that utilizes a signature cryptography algorithm (elliptic curve and signcryption). This design was implemented on the blockchain, providing a model with a deterministic outcome that also manages authentication and identity checks on the blockchain. Lastly, we evaluated the performance of the proposed blockchain model as compared to existing approaches. We evaluated and studied the blockchain on four performance metrics which include throughput, latency, scalability, and security. The performance evaluation results further showed that the proposed model achieves higher throughput and lower latency compared to existing approaches when the workload is varied up to 10,000 transactions. |
|---|