[BACK]
Computers, Materials & Continua
DOI:10.32604/cmc.2020.012205
images
Article

Secure and Efficient Data Storage and Sharing Scheme Based on Double Blockchain

Lejun Zhang1,2,*, Minghui Peng1, Weizheng Wang3, Yansen Su4, Shuna Cui5,6 and Seokhoon Kim7

1College of Information Engineering, Yangzhou University, Yangzhou, 225127, China
2School Math & Computer Science, Quanzhou Normal University, Quanzhou, 362000, China
3Division of Computer Science, University of Aizu, Aizu–Wakamatsu, 9658580, Japan
4Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University, Hefei, 230601, China
5Medical College of Yangzhou University, Yangzhou, 225001, China
6Department of Gynecology and Obstetrics, Affiliated Hospital of Yangzhou University, Yangzhou, China
7Department of Computer Software Engineering, Soonchunhyang University, Asan, Korea
*Corresponding Author: Lejun Zhang. Email: zhanglejun@yzu.edu.cn
Received: 19 June 2020; Accepted: 19 July 2020

Abstract: In the digital era, electronic medical record (EMR) has been a major way for hospitals to store patients’ medical data. The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve dynamic balance between privacy protection and data sharing. The storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput. To address these issues, we propose a secure and efficient medical data storage and sharing scheme based on double blockchain. In our scheme, we encrypt the original EMR and store it in the cloud. The storage blockchain stores the index of the complete EMR, and the shared blockchain stores the index of the shared part of the EMR. Users with different attributes can make requests to different blockchains to share different parts according to their own permissions. Through experiments, it was found that cloud storage combined with blockchain not only solved the problem of limited storage capacity of blockchain, but also greatly reduced the risk of leakage of the original EMR. Content Extraction Signature (CES) combined with the double blockchain technology realized the separation of the privacy part and the shared part of the original EMR. The symmetric encryption technology combined with Ciphertext-Policy Attribute-Based Encryption (CP–ABE) not only ensures the safe storage of data in the cloud, but also achieves the consistency and convenience of data update, avoiding redundant backup of data. Safety analysis and performance analysis verified the feasibility and effectiveness of our scheme.

Keywords: Cloud storage; blockchain; electronic medical records; access control; data sharing; privacy

1  Introduction

With the rapid development of information technology, medical data has become the key to discovering and treating diseases [1]. More and more data is transferred from paper to electronic equipment because of the digitization of electronic storage [2,3]. EMR has been a major way for hospitals to store patients’ medical data. The emergence of EMR has brought great opportunities to the development of wise medical practice [4]. Because the value inherent in EMR has given birth to business entities [5,6], EMR sharing is considered to be a promising approach [7,8]. However, there are few critical problems in this environment. 1) It is difficult for patients to obtain the data stored in the hospital [9]. 2) The conventional solutions are still vulnerable to information loss [10]. 3) Different medical institutions are loath to share their data [11]. To address these issues and meet the high demands on data sharing [12], some researchers proposed to use a third–party cloud instead of a private database for data sharing [13,14], and some cryptographic schemes have been proposed to solve these issues, though the disadvantages still exist [15,16]. For the storage and sharing of EMR, there are still some challenges, such as interoperability [17], data security, and privacy [18,19]. For the hospital, the sheer volume of data stored with third parties is not reassuring [20]. The consistency and interoperability of the different types of data from different medical institutions are big problems for data sharing [21]. The emergence of blockchain ensure security and transparency [22]. In recent years, the distributed healthcare blockchain system [23] has emerged [24,25].

Although the emergence of blockchain provides the possibility to solve these issues, the storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput. To address these issues, we propose an EMR storage and sharing scheme based on double blockchain. The main contributions of this paper are summarized as follows:

1.CES combined with the double blockchain technology realizes the separation of the privacy part and the shared part of the original EMR.

2.Cloud storage combined with the double blockchain technology not only solves the problem of the limited storage capacity of the blockchain and reduces the risk of medical data leakage, but also improves throughput and enhances scalability.

3.The symmetric encryption technology combined with the CP–ABE technology not only ensures the storage security of data in the cloud, but also achieves the consistency and convenience of data update.

The rest of the article is organized as follows: in Section 2, we review the related work about the storage and sharing of EMR, and then discuss their limitations. The related technologies of this paper will be described in Section 3. Next in Section 4, the system model of this paper will be described. In Section 5, the process of EMR storage, sharing and management in this scheme will be described in detail. In Section 6, we will conduct security analysis and performance analysis on our scheme. Finally, Section 7 concludes the paper and illustrates future expansion.

2  Related Work

In this section, we outline the research status of cloud services and blockchain technology to achieve secure storage and efficient sharing of EMR.

Zhang et al. [26] propose a secure medical record storage and sharing scheme based on double blockchain. In this article, patients encrypt their EMR with private keys and store them in a third-party cloud server. In fact, there is no reliable third party in the real world. The system designed by Xi et al. [27] is based on a permissioned blockchain which allows access to invited users and verified users. The strict access control reduces the efficiency of EMR sharing. The above two schemes both have the same problem in the sharing process of EMR. When a third party needs to view part of the EMR, the compete EMR must be transmitted. It is easy to leak the privacy of the patient and cause waste of resources. To solve this problem and improve efficiency, scientific researchers have proposed CES. Liu et al. proposed a blockchain—based privacy—preserving data sharing scheme [28]. This scheme uses CES to achieve the separation of the private part and shared part of EMR. After patients remove the private part of the EMR, each shared part is encrypted and uploaded to the cloud, and the indexes are stored in the blockchain. Because the cloud only stores the shared part, the patient cannot retrieve the complete EMR.

The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve a dynamic balance between privacy protection and data sharing. The storage capacity of blockchain is limited and single blockchain schemes have poor scalability and low throughput. To address these issues, we propose a secure and efficient medical data storage and sharing scheme based on double blockchain. In our scheme, we encrypt the original EMR and store it in the cloud. The storage blockchain stores the index of the complete EMR, and the shared blockchain stores the index of the shared part of the EMR. Users with different attributes can make requests to different blockchains to share different parts of the EMR according to their own permissions.

3  Preliminaries

3.1 Blockchain

Blockchain technology is the basic technology of Bitcoin [29] invented by the mysterious Satoshi Nakamoto in 2008. The block header contains information such as version number, previous block hash, nonce, Merkle root, timestamp and target difficulty. The blockchain operates in a peer-to-peer manner. After all transactions are broadcast in the blockchain network, all transactions will be allocated to each network maintenance node in the blockchain for verification. Only when 51% of the participating nodes in the blockchain network reach a consensus can the block be validated and added to the blockchain. All legal transactions are stored in data blocks. The basic structure of the blockchain is shown in Fig. 1.

images

Figure 1: Blockchain basic structure

3.2 Smart Contract

The concept of smart contract was first proposed in 2014. Although the idea of smart contracts was proposed long ago, it has never been able to be implemented. It was not until the emergence of blockchain technology that it provided a supportable platform for smart contracts. Smart contracts are modular, reusable, and automatically executed scripts that run on the blockchain. Once the preset conditions are met, the smart contract can be performed automatically without a third party, and the results are written into the blockchain. Through using smart contracts, we can achieve trusted transactions, and these transactions are traceable and irreversible. For users who violate smart contracts, the smart contract setter has the right to revoke the user’s authority.

3.3 Content Extraction Signature

When a third party needs to view part of the EMR, the compete EMR must be transmitted. But it is easy to leak patients’ privacy and cause waste of resources. Therefore, there is a need for a digital signature scheme based on fine-grained level which must ensure that users can sign at any granular level and the signer can control the extraction method of the signed content. CES can meet the above requirements, and this method is more efficient in terms of computation and communication. CES allows users to remove private data according to their wishes and extract the shared data [30]. It has been widely used in many fields.

3.4 Ciphertext Policy Attribute Based Encryption

The concept of attribute-based encryption not only realizes one-to-many communication means, but also enhances the information confidentiality. The attribute encryption mechanism is divided into Key Policy Attribute Based Encryption (KP–ABE) and CP–ABE. The specific process is described as follows: Firstly, the authority sets public parameters and master key. Secondly, the data owner can define his own access control policy. The ciphertext adopts a tree structure to describe the access policy. Thirdly, the data owner encrypts the message to form a ciphertext. Fourthly, after users submit their attributes to the certification authority, they will obtain their own public key and private key. Finally, only when their attributes satisfied the access policy, the user can decrypt the ciphertext.

4  EMR Storage and Sharing Model Based on Double Blockchain

4.1 Notations

Notations and corresponding descriptions are given in Tab. 1.

Table 1: Notations

images

4.2 System Model

As shown in Fig. 2, our model is divided into three layers. The role of these three layers is introduced as follows.

images

Figure 2: System overall framework

Data Acquirement Layer. In the data acquirement layer, images generates images and images. images can extract the sub-messages from images. After images uploads corresponding information to the cloud, the cloud will return images. images can generate images and images according to images.

Data Storage Layer. The main function of this layer is to store images, images and images. We use the storage blockchain to store images and use the shared blockchain to store images. The cloud stores the ciphertext of sub-message, the corresponding symmetric key ciphertext, and the signature of the sub-message.

Data Sharing Layer. We achieve the data sharing of images and images. imagescan obtain images after making a request to the storage blockchain. images can send requests to the sharing blockchain to achieve sharing images.

5  EMR Storage and Sharing Scheme Based on Double Blockchain

5.1 EMR Storage Based on Double Blockchain

5.1.1 EMR Storage Based on Double Blockchain

It is assumed that EMR contains 9 parts: Name, gender, date of birth, images number, symptoms, diagnosis result, prescription, medical examination report and medical history, images, images, images. Because the complete signature generation requires key pair, we first introduce key pair generation method.

Key generation: Firstly, the certification authority randomly selects two unequal prime numbers: images and images. Secondly, the certification authority calculates images and sets Euler function: images. Thirdly, images randomly selects an integer images that is prime with images in the interval images, and find an integer images to satisfy images. Finally, according to the above calculation, images. images.

images will use the generated key pair to generate images’s images based on the complete signature generation algorithm.

Algorithm name: The complete signature generation algorithm

Input:images’s private key, images; images’s EMR, images

Output: The full signature, images

1) int images = 1;     //Parameter for cyclic control

2) for (images = 1; images <= 9; images ++) {

3)   Select a CES–Tag randomly with a fixed length, defined as images;}

4) for (images = 1; images <= 9; images ++) {

5)   images;}            //The symbol || stands for connection, calculate the hash value of the sub-message connected with random number

6) images;  // Connect the values of images together

7) images;     //Connect the values of images together

8) images;           //Sign a with images

9) images;

10) return images;

In order to ensure the transmission security of data, images will use his symmetric encryption key images to encrypt images, and use images to encrypt images. Then images sends the set of two encrypted information images to images, the set formula is shown in Eq. (1).

images

5.1.2 Extraction of Sub-Messages

In this section, CES realizes the separation of the privacy part and the shared part. After images receive the set of two encrypted information images, images first decrypt ciphertext of images with images and obtains images further. In order to ensure the integrity and authenticity of the data, images will verify the correctness of images. 1) For each sub-message images, images calculate the hash value images, where images. images determine whether the calculated hash value is equal to the hash value obtained in the decrypted message. If they are equal, go to step two. 2) images verify the correctness of images using images and calculate images, If the calculation result is equal to images, images is a valid signature.

After images ensure that EMR and images is accurate, images can extract each sub-message from EMR. We assume that the subset to be extracted is defined as images. The extraction signature generation algorithm is as follows. images can generate a signature corresponding to the sub-message according to the extraction signature generation algorithm. Therefore, the corresponding signature of the privacy part is images, and the corresponding signature of the shared part data is images.

Algorithm name: The extraction signature generation algorithm

Input:images’s EMR, images; EMR’s full signature, images; The subset to be extracted, images

Output: Extract signature of subset to be extracted, images

1) int images = 1;      //Parameter for cyclic control

2) images = null;   //images represents the hash value of the unextracted message, the initial value is null.

3) images = null;    //images represents the random number of the extracted message, the initial value is null.

4) for (images = 1; images <= 9; images ++) {

5)   Extract images from images;}

6) for (images = 1; images <= 9; images ++) {

7)   if (imagesimages) {

8)       images;

9)       images; }

10)   else {

11)       images;}}

12) images;

13) return images

5.1.3 Encryption of Sub-Messages

In this section, the symmetric encryption technology combined with CP–ABE not only ensures the safe storage of data in the cloud, but also achieves the consistency and convenience of data update, avoiding redundant backup of data. After images extract each sub-message from EMR and generate an extraction signature corresponding to the sub-message, two different encryption methods need to be performed in sequence.

Firstly, images will use different symmetric encryption keys to encrypt each sub-message. The encryption method is shown in Eq. (2).

images

Secondly, images set different access control policies for different symmetric encryption keys images, where images, images’s images is shown in Fig. 3, where images. images’s images is shown in Fig. 4, where images. The ciphertext images is generated as shown in Eq. (3), where images. The ciphertext images is generated as shown in Eq. (4), where images .

images

Figure 3: images’s tree structure access control policy, images

images

Figure 4: Ki’s tree structure access control policy, i ∈ {2,3,4,5,6,7}

After images uploads the ciphertext to the cloud, images will receive the storage address images. The ciphertext stored in the cloud is shown in Eq. (5).

images

images

images

5.1.4 Index Generation

In this section, images generates indexes of images and images respectively according to images. The two index generation methods are introduced as follows.

imagesIndexshare generation: After images receive images, images first use images to sign the two parts of images and images, the generated signature is defined as images, then images use images to encrypt images, images and images. The encryption result combined with images generates images. Finally, images store images to shared blockchain. images generation process is shown in Eq. (6).

imagesIndexfull generation: The process of images generation is similar to the process of images generation. images generation process is shown in Eq. (7).

images

images

5.1.5 Index Release

In this section, unlike traditional index release, A double blockchain structure is used to achieve index release. The storage blockchain stores the index of the complete EMR, and the shared blockchain stores the index of the shared part. The detailed process is described as follows. 1) images use images to sign images and images respectively and get the signatures images and images. 2) After images generate the signature and calculating the index hash, images will send a request images to the shared blockchain to request storage images, the request generation process is shown in Eq. (8). images will also send a request images to the storage blockchain to request storage images, the request generation process is shown in Eq. (9).

images

images

In the next section, images and images are collectively referred to as images. imagesand images are collectively referred to as images. Consensus process is described as follows.

(1) The master node will verify and collect legal transactions in a data set images, the generation method of the data set is shown in Eq. (10). The master node will broadcast images to all consensus nodes for verification. The hash value of the data set is shown in Eq. (11), and the set images is shown in Eq. (12).

images

images

images

(2) If more than 50% of the consensus nodes agree, this means that new blocks are successfully created, the data will be uploaded to the blockchain. images is shown in Eq. (13). The public key of the consensus node is defined as images.

images

5.2 EMR Sharing Based on Double Blockchain

5.2.1 Double Blockchain Access Authentication

In order to achieve the sharing of EMR, first of all, patients first need to make a request to the blockchain to obtain the cloud data storage address. The steps to obtain the cloud data storage address are the same for both sharing images and sharing images. images initiates an EMR request transaction images to the blockchain network. The request images is shown in Eq. (14). Once the preset conditions are met, the smart contract can be performed automatically without a third party, and the results are written into the blockchain. Through using smart contracts, we can achieve trusted transactions, and these transactions are traceable and irreversible. For users who violate smart contracts, the smart contract setter has the right to revoke the user’s authority.

images

5.2.2 Ciphertext Acquisition

In this section, images will obtain the ciphertext stored in the cloud according to the obtained index. The detailed process is described as follows.

images first send a request to the sharing blockchain. If the request meets the access control preset by the smart contract, the smart contract will be automatically induced to use images to decrypt images, then images can obtain images, images and images. After images submits these data to the cloud server, the cloud server will verify the correctness of the signature, if the signature is correct, the cloud server will send the ciphertext images, the corresponding symmetric encryption key ciphertext images and the corresponding signature images to images, where images.

The process of images requesting to share images is similar to images requesting to share images.

5.2.3 Ciphertext Decryption and Verification

In order to decrypt and verify the obtained ciphertext, images first submit images to the authorized institution. After the authorized institution verifies the accuracy of the attribute of images, the authorized institution will generate images, then the authorized institution sends images and images to images. Therefore, the public key of images is images and the private key is images. Because different data users have different permissions, the decryption of ciphertext is divided into two parts: images ciphertext decryption and images ciphertext decryption. The following two detailed decryption processes are introduced as follows.

(1) images ciphertext decryption

After images obtain the shared part ciphertext images, the corresponding symmetric encryption key ciphertext imagesand the corresponding signature images, where images. images will first decrypt the symmetric encryption key ciphertext, decryption process is shown in Eq. (15). Then images use the obtained symmetric encryption key to decrypt images ciphertext, decryption process is shown in Eq. (16). Therefore, images have realized the sharing of images.

images

images

(2) images ciphertext decryption.

After images obtain the shared part ciphertext images, the corresponding symmetric encryption key ciphertext images and the corresponding signature images, where images. images will first decrypt the symmetric encryption key ciphertext, decryption process is shown in Eq. (17), then images use the obtained symmetric encryption key to decrypt images ciphertext, decryption process is shown in Eq. (18). Therefore, images have realized the sharing of images.

images

images

5.3 EMR Management Based on Double Blockchain

5.3.1 Definition of Sub-Message

In our scheme, images have the absolute right to use and control EMR. and patients should be able to redefine the privacy and shared parts according to their wishes.

Next a real scene will be described, assume that images need to define the medical examination report images that was originally private data as shared data. In our scheme, images only need to change the original access policy from images to images, and then re-encrypt images to obtain a new ciphertext images, encryption process is shown in Eq. (19). After obtaining the new ciphertext images, images only need to replace the original ciphertext images with the new one images. Through the above simple process, images can redefine the privacy and shared parts.

images

5.3.2 Definition of User Rights

For images who violate the treaty, images should have the right to revoke images’s authority. Therefore, the redefinition of user rights is very significant for images

Next a real scene will be described, suppose images define the government that was originally images as images and images define the researchers who were originally as images as images. In our scheme, images’s access control policy need to change from images to images, where images. imagesis shown in Fig. 5. images’s access control policy need to change from images to images, where images. images is shown in Fig. 6. images need to encrypt images to obtain a new ciphertext images using a new access strategy images, where images. The encryption process is shown in Eq. (20), then images need to encrypt images to obtain a new ciphertext images using a new access strategy images, where images. The encryption process is shown in Eq. (21). Through the above simple process, images can redefine user rights.

images

Figure 5: images’s tree structure access control policyimages

images

Figure 6: images’s tree structure access control policyimages

images

images

6  Performance Analysis

6.1 Security Analysis

Security is a key issue in EMR sharing. Here, we analyze the security of our scheme from the following four aspects.

1.Anti-tampering: Our scheme encrypts the original EMR and stores it in the cloud, imagesIndexfull is stored in the storage blockchain. Indexshare is stored in the shared blockchain. Therefore, the tamper-proof feature of the blockchain ensures that the original EMR stored in our cloud are immutable and cannot be modified arbitrarily.

2.Privacy protection: In our scheme, the semi-trusted cloud cannot obtain the plaintext of EMR. Compared with setting strict access control, P can separate the private part and shared part of the EMR according to their own wishes in our scheme, the double blockchain technology also realizes the separation of the private data and shared data. Our scheme achieves true privacy protection.

3.Data consistency: In order to realize that users with different attributes can access different parts, the cloud needs to store a complete EMR and a shared part in traditional schemes. While in our scheme, we use CP–ABE technology to encrypt Mshare and Mprivate separately so that the cloud only needs to store an original EMR, ensuring the consistency of data update and avoiding redundant backup of data.

4.Data integrity: From the generation of the complete EMR, to the extraction of the privacy and shared parts, and then to storage and sharing. Throughout these processes, our scheme ensures the integrity and accuracy of EMR.

6.2 Efficiency Analysis

6.2.1 Cloud Storage Efficiency Analysis

We compare the amount of data that the three schemes of traditional scheme, BPDS and our scheme need to store in the cloud, as shown in Tab. 2.

Table 2: Ciphertext storage

images

From Tab. 2 we can see the comparison of the amount of data that the traditional scheme and our scheme. The cloud needs to store images, images, images and images in the traditional scheme. Our scheme only needs to store images, images and images, where images, there is no need to back up images. Although our scheme stores symmetric encryption ciphertext and signature of the key, the amount of these data is very small compared to images. Our scheme not only ensures the safe storage of data in the cloud, but also achieves the consistency and convenience of data update, avoiding redundant backup of data.

From Tab. 2 we can see the comparison of the amount of data between images scheme and our scheme. images scheme only needs to store images, images in the cloud, where images, while our scheme needs to stored images, images, imagesin the cloud, where images. Although our scheme stores more data, our scheme does not cause redundant backup of data. Compared with images scheme, our scheme can realize that images can access images and images can access images.

It is assumed that the number of sub-messages in each complete EMR is images, the number of sub-messages in the shared part is images and the number of sub-messages in the privacy part is images. images. In the BPDS scheme, when images upload an EMR to the cloud, they need to upload the sub-messages of the shared part separately. But in our scheme, images only need to upload the EMR once.

The above results show that the amount of data that our scheme needs to store in the cloud is between the traditional scheme and images scheme. Compared with the traditional scheme, our scheme saves storage space in cloud storage. Compared with images scheme, our scheme saves the time of uploading EMR and the time of index generation, our scheme also provides better server quality.

6.2.2 Blockchain Storage Efficiency Analysis

When images need to store and share his own EMR, images need to store these images indexes into the blockchain in images scheme. But in our scheme, images only need to store the index of the complete EMR in the storage blockchain, and store the index of the shared part in the shared blockchain. The storage capacity of the blockchain is limited, our scheme better realizes the storage of the indexes and reduces the burden of blockchain storage.

6.2.3 Blockchain Sharing Efficiency Analysis

In images scheme, all users request to share the shared part of the EMR on a blockchain. Because each sub-message of the shared part is separate, images request needs to be issued for the sharing of an EMR. But in our scheme, we adopt a tamper-proof double blockchain structure to distinguish users, at the same time, users only need to issue one request on a blockchain. Compared with images scheme, our efficiency has improved a lot. The experimental results are shown in Figs. 7 and 8.

images

Figure 7: Response time of user requests when number of users and shared sub-messages is different

images

Figure 8: Average response time of user requests when number of users is different

As can be seen from Fig. 7, when the number of users in the system is fixed, as the number of sub-messages increases, the response time for processing user requests continues to increase in images scheme. The reason is that each sub-message in images scheme is separated. However, in our scheme, our cloud stores a complete EMR, so the response time for processing user requests is not affected by the number of sharing sub-messages.

As can be seen from Fig. 8, when the number of users does not exceed the carrying capacity of the system, our scheme and BPDS scheme can still quickly process user requests, but as the number of users increases, the double blockchain structure has more and more obvious advantages compared with the traditional single blockchain, in the meanwhile, the double blockchain structure allows users with different attributes to request sharing on different blockchains.

6.2.4 Analysis of EMR Update Efficiency

(1) Definition of sub-message: When images need to redefine whether the sub-message of the EMR belongs to private data or shared data in images scheme, images cannot reset the privacy and shared parts of EMR. But in our scheme, after extracting all the sub-messages of the EMR, images only need to re-encrypt the symmetric encryption key corresponding to the sub-message, and replace the original symmetric encryption key ciphertext.

(2) Definition of user rights: EMR that has been uploaded to the cloud should exist as a kind of historical data. When images need to redefine user rights, images need to re-encrypt the EMR and upload them to the cloud in images scheme. The replacement of the original EMR will often lead to inconsistencies in the data. But in our scheme, re-encrypting symmetric encryption keys can realize the redefinition of user rights without changing and replacing the original EMR, our scheme ensures data update consistency and convenience.

7  Conclusion

The traditional centralized medical system and semi-trusted cloud storage are difficult to achieve a dynamic balance between privacy protection and data sharing. The traditional EMR storage and sharing scheme based on a single blockchain has poor scalability and low throughput. Our paper proposes an EMR storage and sharing scheme based on double blockchain. The original EMR is encrypted and stored in a semi-trusted cloud. We use a tamper-proof double blockchain structure to store the index of the complete EMR and the index of the shared part. Double blockchain structure allows users with different attributes to request sharing on different blockchains. CES combined with CP–ABE allows images to share EMR according to their wishes. Through experimental analysis, compared with the traditional scheme and images scheme. our scheme not only saves the cloud storage space, but also ensures the consistency of storage. In our scheme, images can achieve complete privacy protection when sharing data.

Acknowledgement: The authors would like to thank the reviewers for their detailed reviews and constructive comments, which have helped improve the quality of this paper.

Funding Statement: This work is sponsored by the Natural Science Foundation of Heilongjiang Province of China under Grant No. LC2016024. Natural Science Foundation of the Jiangsu Higher Education Institutions Grant No. 17KJB520044 and Six Talent Peaks Project in Jiangsu Province No. XYDXX–108.

Conflicts of Interest: The authors declare that they have no conflicts of interest to report regarding the present study.

References

1K. O. Asamoah, E. B. Sifah, A. Smahi, Q. Xia, H. Xia. (2018). et al., “GridMonitoring: Secured sovereign blockchain based monitoring on smart grid. ,” Access IEEE, vol. 6, pp, 9917–9925, .

2G. Perera, A. Holbroo and L. Thdbane. (2011), “Views on health information sharing and privacy from primary care practices using electronic medical records. ,” International Journal of Medical Informatics, vol. 80, no. (2), pp, 94–101, . [Google Scholar]

3M. Turkanović, M. Hölbl, K. Košič, M. Heričko and A. Kamišalić. (2018), “EduCTX: A blockchain-based higher education credit platform. ,” Access IEEE, vol. 6, pp, 5112–5127, . [Google Scholar]

4J. Gu, B. Sun, X. Du, J. Wang, Y. Zhuang. (2018). et al., “Consortium blockchain-based malware detection in mobile devices. ,” Access IEEE, vol. 6, pp, 12118–12128, . [Google Scholar]

5M. A. Uddin, A. Stranieri, I. Gondal and V. Balasubramanian. (2018), “Continuous patient monitoring with a patient centric agent: A block architecture. ,” Access IEEE, vol. 6, pp, 32700–32726, . [Google Scholar]

6N. Tapas, G. Merlino and F. Longo. (2018), “Blockchain-based IoT-cloud authorization and delegation” in SMARTCOMP, pp, 411–416, . [Google Scholar]

7C. Li, Y. Cao, Z. Hu and M. Yoshikawa. (2019), “ Blockchain-based bidirectional updates on fine-grained medical data,” in 2019 IEEE 35th Int. Conf. on Data Engineering Workshops, Macao, IEEE, pp. 22–27, . [Google Scholar]

8R. Guo, H. Shi, D. Zheng, C. Jing, C. Zhuang. (2019). et al., “Flexible and efficient blockchain-based ABE scheme with multi-authority for medical on demand in telemedicine system. ,” Access IEEE, pp, 1, . [Google Scholar]

9K. Fan, S. Wang, Y. Ren, H. Li and Y. Yang. (2018), “MedBlock: Efficient and secure medical data sharing via blockchain. ,” Journal of Medical Systems, vol. 42, no. (8), pp, 136, . [Google Scholar]

10J. Y. Zhang, S. Q. Zhong, T. Wang, H. C. Chao and J. Wang. (2020), “Blockchain-based systems and applications: A survey. ,” Journal of Internet Technology, vol. 21, no. (1), pp, 1–14, . [Google Scholar]

11Y. R. Ge, D. K. Ahn, B. Unde, H. D. Gage and J. J. Carr. (2013), “Patient-controlled sharing of medical imaging data across unaffliated healthcare organizations. ,” Journal of the American Medical Informatics Association, vol. 20, no. (1), pp, 157–163, . [Google Scholar]

12S. J. Lee, E. B. Larson, S. Dublin, R. L. Walker, Z. Marcum. (2017). et al., “Electronic medical record (EMR) predictors of undiagnosed dementia. ,” Alzheimers & Dementia, vol. 13, no. (7), pp, 1040–1041, . [Google Scholar]

13S. Jiang, J. Cao, H. Wu, Y. Yang, M. Ma. (2018). et al., “BlocHIE: A blockchain-based platform for healthcare information exchange,” in SMARTCOMP, pp, 49–56, . [Google Scholar]

14J. Huang. (2015), “A new economic model in cloud computing: Cloud service provider vs. network service provider,” in GLOBECOM, pp, 1–6, . [Google Scholar]

15R. Calvo, D. Thilakanathan and S. Chen. (2014), “Secure multiparty data sharing in the cloud using hardware-based TPM devices. ,” in 2014 IEEE 7th Int. Conf. on Cloud Computing, Anchorage, AK, IEEE, pp. 224–231, . [Google Scholar]

16A. N. Khan, M. L. M. Kiah, M. Ali, S. A. Madani and A. U. R. Khan. (2014), “BSS: Block-based sharing scheme for secure data storage services in mobile cloud environment. ,” Journal of Supercomputing, vol. 70, no. (2), pp, 946–976, . [Google Scholar]

17N. Zeinali, A. Asosheh and S. Setareh. (2016), “The conceptual model to solve the problem of interoperability in health information systems. ,” in 2016 8th Int. Sym. on Telecommunications, Tehran, IEEE, pp. 684–689, . [Google Scholar]

18A. Sajid and H. Abbas. (2016), “Data privacy in cloud-assisted healthcare systems: State of the art and future challenges. ,” Journal of Medical Systems, vol. 40, no. (6), pp, 151, . [Google Scholar]

19A. J. Burke. (2015), “Health information exchange (HIE) technology infrastructure for privacy assurance trustmark (PAT) test and development,” in Southeastcon, [Google Scholar]

20B. Mishra and D. Jena. (2016), “Securing files in the cloud. ,” in 2016 IEEE Int. Conf. on Cloud Computing in Emerging Markets, Bangalore, IEEE, pp. 40–45, . [Google Scholar]

21Z. Q. Xia, J. J. Tan, J. Wang, R. L. Zhu, H. G. Xiao. (2019). et al., “Research on fair trading mechanism of surplus power based on blockchain. ,” Journal of Universal Computer Science, vol. 25, no. (10), pp, 1240–1260, . [Google Scholar]

22W. J. Gordon and C. Catalini. (2018), “Blockchain technology for healthcare: Facilitating the transition to patient-driven interoperability. ,” Computational & Structural Biotechnology Journal, vol. 16, pp, 224–230, . [Google Scholar]

23A. Gervais, G. O. Karame, K. Wust, V. Glykantzis, H. Ritzdorf. (2016). et al., “On the security and performance of proof of work blockchains. ,” in Proc. of the ACM SIGSAC Conf. on Computer and Communications Security, Vienna, Austria: , pp, 3–16, . [Google Scholar]

24A. Dubovitskaya, Z. G. Xu, S. Ryu, M. Schumacher and F. S. Wang. (2017), “Secure and trustable electronic medical records sharing using blockchain. ,” in Amia Annual Sym. proceedings, Washington, D.C., IEEE, pp, 650–659, . [Google Scholar]

25K. Peterson, R. Deeduvanu, P. Kanjamala and K. Boles. (2016), “A blockchain-based approach to health information exchange networks. ,” in Proc. of NIST Workshop Blockchain Healthcare, Gaithersburg, MD, USA: , pp, 1–10, . [Google Scholar]

26N. Zeinali, A. Asosheh and S. Setareh. (2016), “The conceptual model to solve the problem of interoperability in health information systems. ,” in 2016 8th Int. Sym. on Telecommunications, Tehran, IEEE, pp. 684–689, . [Google Scholar]

27X. Qi, S. Emmanuel and S. Abla. (2017), “BBDS: Blockchain-based data sharing for electronic medical records in cloud environments. ,” Information—An International Interdisciplinary Journal, vol. 8, no. (2), pp, 44, . [Google Scholar]

28J. Liu, X. Li, L. Ye, H. Zhang, X. Du. (2018). et al., “BPDS: A blockchain based privacy-preserving data sharing for electronic medical records,” in GLOBECOM, Abu Dhabi: , . [Google Scholar]

29Y. Wang, A. Zhang, P. Zhang and H. Wang. (2019), “Cloud-assisted EHR sharing with security and privacy preservation via consortium blockchain. ,” Access IEEE, vol. 7, pp, 136704–136719, . [Google Scholar]

30S. J. Lee, E. B. Larson and S. Dublin. (2017), “Electronic medical record (EMR) predictors of undiagnosed dementia. ,” Alzheimers & Dementia, vol. 13, no. (7), pp, 1040–1041, . [Google Scholar]

images This work is licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.