Cross-Organizational Access Control for EHRs: Trustworthy, Flexible, Transparent

摘要

Nowadays, Electronic Medical Records (EHRs) are closely linked to people's social lives. In order to ensure the convenience of medical services, many related organizations need to share EHRs across organizations to exchange information. The existing private EHR shareable schemes still contain some security issues, e.g., unreliability of cloud service provider, complex key calculation and unreliable backward security. In this paper, we propose an attribute-based access control scheme based on the smart contract (ABAC-SC). By virtue of the blockchain technique, ABAC-SC can be directly embedded into the existing private EHRs shareable system to solve existing unsafe problems. Considering the storage constraints of the blockchain, a data processing solution is designed to reduce the storage requirements of the pre-data upload process. We simulate our ABAC-SC scheme in Ethereum's test network Rinkeby, and the experimental results show the feasibility of our solution.