Flexible and Fine-Grained Access Control for EHR in Blockchain-Assisted E-Healthcare Systems

It is of the utmost importance to achieve flexible and fine-grained access control of electronic health records (EHRs) in smart elderly healthcare (SEH) for providing high-quality healthcare services for the elderly and protecting their privacy simultaneously. In this article, a flexible, fine-grained, and elderly centric access control scheme is presented for EHR data in SEH. In the proposed scheme, ciphertext policy attribute-based encryption (CP-ABE), permission token, dual-key regression, and blockchain techniques are leveraged to realize multidimensional access control of EHR data in terms of data generation time, data user properties, access times, and access period. Moreover, a novel token segmentation algorithm is designed to transfer access rights between doctors efficiently for multiparty diagnosis and treatment. Since the elderly can define the attributes of users accessing his/her EHR data, the access number, the access time, and the access range of data from the time dimension of data generation with the cooperation of the SEH institution, the privacy of EHR data of the elderly is well protected. The security analysis demonstrates that our scheme can achieve EHR ciphertext indistinguishability under chosen-plaintext attacks and token unlinkability and unforgeability under data users' collusion attacks. The experimental results show that our scheme performs well in terms of time cost and computational overhead.