Blockchain-Based Privacy-Preserving Authentication and Access Control Model for E-Health Users
Abstract
:1. Introduction
- The proposed model presents a decentralised, blockchain-based framework for securely authenticating e-health users while maintaining privacy. It integrates blind signatures with Proof of Authority consensus on the Ethereum blockchain.
- Lightweight cryptographic techniques are utilised in the model to meet the scalability and efficiency requirements of e-health systems. Specifically, one-way hash functions and blind signatures are implemented to reduce computational load and memory consumption.
- The model enhances privacy and regulatory compliance by storing only hashed identifiers and metadata on-chain, thereby ensuring adherence to privacy regulations like GDPR and facilitating secure access to patient data while preserving privacy.
- A thorough performance analysis reveals that the model exhibits efficiency improvements in authentication speed, memory utilisation, and signature verification time when compared to established frameworks, indicating its suitability for real-time, large-scale healthcare settings.
2. Literature Review
2.1. Privacy-Preserving Authentication
2.2. Access Control in Blockchain-Based Systems
3. System Model
- User Layer:
- Patients: Create original, anonymised passwords for data access requests and authentication. Their identities are kept private by the use of blind signatures, thus shielding them.
- Doctors, Laboratories, IoMT Devices, Third-Party Users: Generate their own unique identifiers and employ the same blind signature procedure to authenticate themselves with the e-health system.
- Admin: This is a trusted entity that operates on the Ethereum blockchain and requests a blind signature. This includes such as a healthcare provider, a certifying authority, or a regulatory body. The blinding aspect causes the administrator to be unaware of the specific component of the unique identities.
- Authentication Layer:
- Blind Signatures: Is used to provide a privacy-preserving authentication procedure. Each user will anonymise their identity prior to submitting it to the admin for endorsement. The signed message is then unblinded and sent to the Ethereum smart contract for verification.
- Smart Contract-Based Authentication: Is implemented in the Ethereum blockchain. It can be used to check the validity of the signatures of the users using the admin public key. Only authenticated users can proceed to request access to patient data.
- Access Control Layer:
- AccessControlContract: Is the smart contract controlling access in line with set rules. It generates access tokens using lightweight cryptographic methods like SHA-256 and then checks permissions to let users access data securely.
- Proof of Authority (PoA): Guarantees that only the admin node validates and confirms transactions on the Ethereum blockchain. This consensus technique minimises computing expenses and improves scalability.
- Blockchain Layer
- Ethereum Blockchain: Functions as a decentralised ledger that permanently documents all authentication events, access requests, and authorised permissions. Only hashed values and limited information are retained on-chain to safeguard privacy.
- Transaction Logging: This records access requests, permissions, and token issuance in an auditable and immutable manner.
- Data Storage Layer:
- Off-Chain Storage (e.g., IPFS): It securely stores real patient data, including electronic health records (EHRs), off-chain to reduce blockchain storage demands and adhere to data privacy standards. On-chain storage contains hash references that reference off-chain data. This layer’s application is beyond the purview of this research.
- Healthcare Application Layer:
- E-Health Applications: This combines with the levels of authentication and access control to provide a safe interface for many stakeholders—doctors, laboratories, patients—to access or modify health data.
Adversary Model
- External Adversaries: Attempt to obtain unauthorised access to the e-health system by exploiting weaknesses in authentication protocols or intercepting communications. They may execute attacks such as man-in-the-middle (MITM), replay attacks, phishing, or Denial-of-Service (DoS) attacks in order to compromise the system or acquire credentials.
- Insider Adversaries: Authorised users, including healthcare professionals or administrators, may use their lawful access privileges to alter patient data, manipulate smart contracts, or execute unauthorised transactions. Malicious insiders, who deliberately exploit their access, and inquisitive insiders, who inadvertently jeopardise security via carelessness, are both seen as threats.
- Smart Contract Exploiters: Adversaries seeking to exploit vulnerabilities in smart contracts implemented on the Ethereum platform. Potential vulnerabilities include re-entrancy attacks (where attackers repeatedly activate routines), integer overflow/underflow attacks, and other code deficiencies that may modify authentication or access control protocols.
- Data Privacy Adversaries: Aim to undermine patient privacy by linking publicly accessible blockchain data with external information or trying to deanonymise anonymised data. They may evaluate trends in transactional data or attempt to deanonymise obscured identifiers.
- Regulatory Compliance Adversaries: Leverage discrepancies between blockchain immutability and regulatory requirements (e.g., GDPR’s “right to be forgotten”). The system mitigates these issues by retaining just hashes and minimum metadata on-chain, while sensitive information is stored off-chain using adaptable compliance alternatives.
4. Proposed Model
4.1. Privacy-Preserving Authentication System for E-Health Users with Enhanced Patient Privacy
Step-by-Step Methodology Flow
- Registration PhaseStep 1.1: Patient Generates Unique Identifier and Blinding Factor: At the beginning, the patient generates a unique identifier (such as a pseudonymous patient ID) that will be used for authentication and data access requests. To ensure privacy, the patient applies a random blinding factor r to their identifier, creating a blinded message :Step 1.2: Submission of Blinded Message for Signing: Then, the patient submits the blinded message to the admin operating on the Ethereum blockchain, requesting a blind signature. The admin does not know the actual content of due to the blinding factor.Step 1.3: Blind Signing by the Admin: Then, the admin, which is a trusted node on the Ethereum blockchain (using the PoA consensus), signs the blinded message using its private key d:The signed blinded message is returned to the patient.Step 1.4: Patient Unblinds the Signature: The patient then unblinds the signature to obtain a valid signature on their original identifier :
- Authentication Phase for E-Health UsersStep 2.1: User-Specific Unique Identifier Generation: Here, each user type (e.g., doctors, laboratories, IoMT devices, and third-party entities) generates its own unique identifier and applies a blinding factor to create a blinded message :Step 2.2: Authentication Request Submission: When a user needs to access patient data or interact with the e-health system, they send their blinded identifier to the admin for signing, similar to the patient registration process. Then, the admin signs the blinded identifier and returns the signed blinded message to the user.Step 2.3: Unblinding and Verification: On reception, the user then unblinds the signed message:This signed identifier is then sent to the smart contract on the Ethereum blockchain for verification alongside the user’s unique identifier .
- Patient Privacy-Preserving Authentication and Data AccessStep 3.1: Privacy-Preserving Authentication by the Smart Contract: On reception, the smart contract will then verify the signatures and of both patients and other users (e.g., doctors and labs) against the admin’s public key e:If both signatures are valid, the smart contract confirms that both the patient and the user have been authenticated without revealing their identities.Step 3.2: One-Way Hash Function for Data Integrity: A one-way hash of the patient’s identifier and a hash of the user’s identifier are computed:These hashes are recorded on the blockchain to ensure data integrity and serve as a verifiable proof of successful authentication while protecting patient privacy.
4.2. Secure and Lightweight Access Control via Smart Contracts in an E-Health System
Step-by-Step Methodology for Access Control
- Registration PhaseStep 1.1: Initialisation of Smart Contracts for Access Control: Initially, the admin deploys a smart contract on the Ethereum blockchain to handle access control. This smart contract, referred here to as the AccessControlContract, maintains a list of authorised entities (doctors, labs, IoMT devices, and third-party users) and their respective permissions. Each entity is associated with a unique hashed identifier and a corresponding set of access rights.Step 1.2: Define Access Policies: The smart contract contains predefined access policies based on user roles and access levels (e.g., read, write, and modify). For example:
- Doctors: Read and write access to patient records.
- Laboratories: Write access for uploading test results, read access to relevant records.
- IoMT Devices: Write access for data transmission.
- Third-party Users (e.g., insurers): Limited read access with explicit patient consent.
Step 1.3: Secure Storage of Access Data: In this work, the AccessControlContract stores only minimal metadata and hashed identifiers on-chain. While the actual patient data remain off-chain in secure, decentralised storage solutions (IPFS). The smart contract includes a reference to the off-chain storage location, represented as a hash pointer. - Access Request PhaseStep 2.1: Secure Storage of Access Data: In this phase, a user (e.g., a doctor) who wishes to access patient data first authenticates using the previously described blind signature process. Upon successful authentication, the user sends an access request to the AccessControlContract, including their unique identifier , the patient’s anonymised identifier , and the requested access type (e.g., read and write).Step 2.2: Compute and Verify Hashes: Upon receiving the request, the smart contract computes the one-way hash values for both the user’s identifier and the patient’s identifier to confirm their validity:These hashes are compared against the records stored on-chain to ensure the identifiers correspond to valid, authenticated entities.
- Lightweight Access Control EnforcementStep 3.1: Verify User Permissions: Here, the smart contract checks the user’s permissions against the predefined access control policies. If the user has the required access rights for the requested operation (e.g., a doctor requesting read access to a patient’s EHR), the smart contract proceeds to the next step.Step 3.2: Verify User Permissions: Upon successful verification of permissions, the smart contract generates a secure access token T using a lightweight cryptographic hash function:
- is the current time, ensuring token validity is time-bound.
- is a random value to prevent token replay attacks.
The access token T is time-limited and unique to prevent unauthorised reuse.Step 3.3: Store Access Record on the Blockchain: Then, the smart contract logs the access request, the type of access granted, and the expiration time of the access token on the blockchain, ensuring an immutable record for auditing purposes. The log entry includes the following:
4.3. Secure Access Execution for E-Health Data
Step-by-Step Methodology for Access Execution
- Access Token Presentation to Off-Chain StorageStep 1.1: Requesting Data from Off-Chain Storage: Here, the user presents the access token T to the off-chain storage system to retrieve or modify the requested patient data. The data are stored off-chain for scalability and efficiency, but only hash pointers (links to the actual data) are recorded on the blockchain.The request includes the following:
- The access token T;
- The user identifier ;
- The patient identifier ;
- The data request (e.g., retrieve EHRs and modify test results).
Step 1.2: Data Integrity Verification via Hashes:- Upon receiving the request, the off-chain storage system verifies the validity of the access token by recalculating the hash:
- If matches the presented access token T, the token is considered valid, and the request is granted. This ensures that only authorised users with the correct token can access the data.
Step 1.3: Data Integrity Verification via Hashes:- In this system, the system will now check the timestamp to ensure the token is still within its valid time period. If the token has expired, the request is denied.
- The system also verifies the nonce to ensure that the token is unique and has not been reused in a replay attack. If the nonce is valid, the request proceeds.
- Secure Data Access and RetrievalStep 2.1: Granting Access to Data:
- If the access token T is valid and all conditions (timestamp, nonce, and permissions) are met, the off-chain storage system grants access to the requested data.
- The data (e.g., a patient’s electronic health record or lab results) are then retrieved and securely transmitted to the authorised user.
Step 2.2: Data Integrity Check:- The retrieved data include a hash value that was stored on-chain at the time of data creation or modification. The user can verify the data’s integrity by recalculating the hash:
- The recalculated hash is compared with the hash stored on-chain. If the hashes match, the data are confirmed to be unaltered and authentic.
- Logging and AuditingStep 3.1: Logging the Data Access Event:
- Once the data are retrieved or modified, the access event is logged on the blockchain, recording details such as the user identifier , patient identifier , access token T, and the type of data operation (read, write, modify).The log entry on the blockchain contains the following:This log provides an immutable and auditable trail of all access attempts, ensuring transparency and accountability.
Step 3.2: Audit and Compliance:- Admin can audit the access logs on the Ethereum blockchain to verify that only authorised users have accessed patient data and that no unauthorised modifications were made.
- The system’s use of hashed identifiers and access tokens ensures that patient privacy is preserved during audits, in compliance with regulations such as GDPR and HIPAA.
- Handling Invalid or Expired TokensStep 4.1: Token Expiry:
- If the access token’s timestamp indicates that it has expired, the off-chain storage system denies the request and logs the failed attempt on the blockchain. The user must re-authenticate and obtain a new token from the smart contract.
Step 4.2: Invalid Token or Replay Attack:- If the access token T does not match the recalculated hash , or if the nonce has already been used, the off-chain storage system denies the request and logs the suspicious attempt.
- This ensures the system remains resilient to replay attacks and other token forgery attempts.
In summary, the proposed blockchain-based authentication and access control solution improves patient privacy and guarantees regulatory compliance via the utilisation of blind signatures, the Ethereum blockchain, smart contracts, Proof of Authority, and one-way hash functions. This system offers resilient, scalable, and privacy-preserving authentication for diverse e-health users, including doctors, labs, IoMT devices, and third-party entities. The system utilises time-bound access tokens and streamlined access control methods to provide efficient and secure data access while preserving the integrity, transparency, and availability of critical health information. Algorithm 1 highlights the comprehensive technique, including privacy-preserving authentication, Secure Access Control, and Secure Access Execution for e-health systems.
Algorithm 1: Complete Methodology | |
1 | Start |
2 | // Privacy-Preserving Authentication for E-Health Users |
3 | For each user (Patient, Doctor, Laboratory, IoMT Device, or Third Party):
|
4 | // Blind Signing by the Admin |
5 | Admin signs the blinded message: |
6 | Admin returns the signed blinded message to the user |
7 | // Unblinding the Signature |
8 | User unblinds the signature: |
9 | User submits to the smart contract for verification |
10 | // Smart Contract Verification |
11 | Smart contract verifies the signature:
|
12 | // Secure and Lightweight Access Control via Smart Contracts |
13 | If authentication is successful, user sends an access request to the |
AccessControlContract:
| |
14 | Smart contract computes hash values:
|
15 | Smart contract verifies user permissions:
|
16 | Log the access request on the blockchain with:
|
17 | // Secure Access Execution for E-Health Data |
18 | User presents the access token T to the off-chain storage system to retrieve or modify patient data |
19 | Off-chain storage system verifies the token by recalculating:
|
20 | Validate the token’s timestamp and nonce to prevent replay attacks and ensure token freshness:
|
21 | User retrieves or modifies patient data:
|
22 | Logging and Auditing |
23 | Log the access event on the blockchain:
|
24 | Admin or auditors can audit the blockchain logs to verify:
|
25 | End |
5. Security Analysis of the Proposed Model
- Privacy-Preserving Authentication: Ensure that users (e.g., doctors, laboratories, IoMT devices, and third parties) can authenticate themselves without revealing their real identities or sensitive information.
- Data Integrity: Ensure that data remain unchanged during transmission and storage, maintaining its integrity.
- Access Control: Ensure that only authorised entities can access or modify sensitive health data.
- Confidentiality: Protect sensitive health information from unauthorised access.
- Anonymity: Ensure that patient identities remain anonymous and protected against unauthorised deanonymisation attacks.
- Resistance to Replay Attacks: Prevent adversaries from reusing previously intercepted messages to impersonate legitimate users.
- Resistance to Insider Attacks: Prevent trusted users or nodes from misusing their access privileges to tamper with data or perform unauthorised actions.
5.1. Security Analysis Using the Real-Or-Random (ROR) Model
5.1.1. ROR Analysis Framework and Setup
- The challenger C sets up the system parameters, including the public and private keys for blind signatures, and initializes the smart contract on the Ethereum blockchain.
- The adversary A is allowed to interact with the system and make various queries such as the following:
- Authentication Queries: To test the authenticity of different users (doctors, labs, devices, third parties).
- Access Control Queries: To attempt to access specific data or resources.
- Challenge Queries: To challenge the system and receive a token that could either be real or random.
- The adversary A tries to distinguish whether the token received is from a real session or a random one.
- Real World: In the real-world scenario, it is presumed that the system operates normally, generating valid access tokens using the following formula:
- Random World: In the random-world scenario, it is presumed that the system generates a completely random token that does not correspond to any valid access control logic.
5.1.2. Detailed Steps and Mathematics for the ROR Analysis
- Goal: Is to ensure that the adversary A cannot use a previously intercepted access token to gain unauthorised access.
- Proof:
- Assuming that the adversary intercepts a valid access token T during a legitimate session.
- The token T is given by the following:
- If A reuses T in a different session, the following would occur:
- -
- The will differ, making the new token .
- -
- The ensures that even if all other values are the same, .
- The hash function is collision-resistant.
- Any change in the input (Timestamp or Nonce) results in a completely different output, ensuring that replaying T fails with overwhelming probability.
- Goal: Is to ensure that an adversary A cannot intercept or alter messages between users and the e-health system to impersonate legitimate users.
- Proof:
- In an MITM attack, we assume that A intercepts communication between a user and the smart contract on the blockchain.
- The user submits the blinded identifier for signing.
- The admin signs the blinded identifier: and returns it to the user.
- The adversary cannot modify without invalidating the blind signature, as any alteration would require knowledge of , which is unknown to A.
- If A tries to forge a signature , it would require solving the discrete logarithm problem or breaking the RSA assumption, both of which are computationally infeasible.
- Any tampering with or the signature will be detected by the smart contract’s verification checks.
- Blind signatures ensure that only valid messages are accepted, and any modification will be rejected.
- Goal: Is to ensure that an adversary A cannot deanonymise patient identities or link their actions to specific individuals.
- Proof:
- User identifiers and patient identifiers are blinded before submission and signed using blind signatures.
- Only the blinded messages and are submitted to the admin, ensuring the admin does not know the original identifiers.
- On the blockchain, only hashed values and are stored:
- The hash function is pre-image resistant, meaning A cannot find the original identifier from the hash.
- The blinded identifiers and hash values do not reveal any identifiable information.
- The adversary cannot link the hashed identifiers to specific users or patients.
- Goal: Is to ensure that trusted insiders cannot misuse their access privileges to perform unauthorised actions or tamper with data.
- Proof:
- The system uses the PoA consensus mechanism, which requires less computational power compared to Proof of Work (PoW), reducing vulnerability to DoS attacks.
- The smart contracts implement rate-limiting to prevent excessive requests from a single user.
5.2. Security Goals and Their Implementation in the Proposed Model
6. Performance Evaluation
6.1. Simulation Setup
- Accuracy, Precision, and Recall: They are used to evaluate the system’s ability to correctly authenticate users.
- Average Memory Usage: It is used to measure memory overhead during operations.
- Average Authentication Latency: It is used to capture the time taken for user authentication.
- Signature Verification Time: It is the time required to verify blind signatures.
- Throughput: It is the transactions per second to assess scalability.
6.2. Authentication Latency Analysis
6.3. Average Memory Utilisation Analysis
6.4. Signature Verification Time Analysis
6.5. Throughput Analysis
6.6. Gas Consumption Analysis
6.7. Comparison of Accuracy, Precision, and Recall Metrics Across Datasets
6.7.1. Accuracy Trends
6.7.2. Precision Trends
6.7.3. Recall Trends
6.7.4. Combined Metric Analysis
6.7.5. Comparison of Benchmark Models
6.7.6. Privacy Protection and Regulatory Compliance in the Proposed Model
- Patient Anonymity through Blind SignaturesBlind signatures ensure that user authentication is conducted without revealing personal identifiers. This aligns with Article 5 of the GDPR, which mandates data minimisation and pseudonymisation to enhance privacy. The proposed system allows users to authenticate and request access without exposing their identities, which reduces the risk of unauthorised tracking.
- Smart Contract-Based Fine-Grained Access ControlThe implementation of smart contracts ensures that access control policies are enforced transparently and automatically. The AccessControlContract only permits authorised entities (e.g., doctors and laboratories) to retrieve specific data based on predefined access permissions. This supports HIPAA’s “Minimum Necessary Standard”, which limits access to only essential information.
- Off-Chain Storage for GDPR ComplianceBlockchain’s immutability poses challenges in meeting the GDPR’s “Right to be Forgotten” (Article 17), which requires data deletion upon user request. Our approach addresses this issue by storing only hashed references on-chain while actual health data remain off-chain in the InterPlanetary File System (IPFS). Users can revoke access and request data deletion from the off-chain repository, ensuring regulatory adherence.
- Auditable and Tamper-Resistant LoggingThe Ethereum-based blockchain ledger records access requests and permissions in an immutable manner, ensuring auditability for compliance verification. This aligns with HIPAA’s “Security Rule”, which requires healthcare organisations to maintain detailed audit trails of data access and modifications.
7. Why Proof of Authority (PoA) for E-Health Authentication?
Limitations and Future Work
- Collusion Risk: A limited number of validators may collaborate to distort transactions, alter access privileges, or exclude certain parties.
- Censorship Potential: In contrast to completely decentralised networks, Proof of Authority (PoA) networks enable validators to selectively authorise or deny transactions, which may result in censorship over data access situations.
- Single Point of Failure: Should many validators be compromised, the whole system may be jeopardised, undermining trust in authentication and access control systems.
8. Conclusions
Funding
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- Sharma, A.; Kaur, S.; Singh, M. A secure blockchain framework for the internet of medical things. Trans. Emerg. Telecommun. Technol. 2024, 35, e4917. [Google Scholar] [CrossRef]
- Preetha, A.D.; Kumar, T.P. Securing IoT-based healthcare systems from counterfeit medicine penetration using Blockchain. Appl. Nanosci. 2023, 13, 1263–1275. [Google Scholar] [CrossRef]
- Yakubu, B.M.; Ali, S.M.; Khan, M.I.; Bhattarakosol, P. PatCen: A blockchain-based patient-centric mechanism for the granular access control of infectious disease-related test records. PLoS ONE 2024, 19, e0310407. [Google Scholar] [CrossRef] [PubMed]
- Altaf, A.; Iqbal, F.; Latif, R.; Yakubu, B.M.; Latif, S.; Samiullah, H. A survey of blockchain technology: Architecture, applied domains, platforms, and security threats. Soc. Sci. Comput. Rev. 2023, 41, 1941–1962. [Google Scholar] [CrossRef]
- Javed, L.; Yakubu, B.M.; Waleed, M.; Khaliq, Z.; Suleiman, A.B.; Mato, N.G. Bhc-iot: A survey on healthcare iot security issues and blockchain-based solution. Int. J. Electr. Comput. Eng. Res. 2022, 2, 1–9. [Google Scholar] [CrossRef]
- Xiang, X.; Cao, J.; Fan, W. Decentralized authentication and access control protocol for blockchain-based e-health systems. J. Netw. Comput. Appl. 2022, 207, 103512. [Google Scholar] [CrossRef]
- Chelladurai, U.; Pandian, S. A novel blockchain based electronic health record automation system for healthcare. J. Ambient Intell. Humaniz. Comput. 2022, 13, 693–703. [Google Scholar] [CrossRef]
- Alsuqaih, H.N.; Hamdan, W.; Elmessiry, H.; Abulkasim, H. An efficient privacy-preserving control mechanism based on blockchain for E-health applications. Alex. Eng. J. 2023, 73, 159–172. [Google Scholar] [CrossRef]
- Xiang, X.; Zhao, X. Blockchain-assisted searchable attribute-based encryption for e-health systems. J. Syst. Archit. 2022, 124, 102417. [Google Scholar] [CrossRef]
- Pawar, P.; Parolia, N.; Shinde, S.; Edoh, T.O.; Singh, M. eHealthChain a blockchain-based personal health information management system. Ann. Telecommun. 2022, 77, 33–45. [Google Scholar] [CrossRef]
- Zhang, G.; Yang, Z.; Liu, W. Blockchain-based privacy preserving e-health system for healthcare data in cloud. Comput. Netw. 2022, 203, 108586. [Google Scholar] [CrossRef]
- Sarier, N.D. Privacy Preserving Biometric Authentication on the blockchain for smart healthcare. Pervasive Mob. Comput. 2022, 86, 101683. [Google Scholar] [CrossRef]
- Samuel, O.; Omojo, A.B.; Mohsin, S.M.; Tiwari, P.; Gupta, D.; Band, S.S. An anonymous IoT-based E-health monitoring system using blockchain technology. IEEE Syst. J. 2022, 17, 2422–2433. [Google Scholar] [CrossRef]
- Hegde, M.; Rao, R.R.; Nikhil, B. DDMIA: Distributed dynamic mutual identity authentication for referrals in blockchain-based health care networks. IEEE Access 2022, 10, 78557–78575. [Google Scholar] [CrossRef]
- Lodha, L.; Baghela, V.S.; Bhuvana, J.; Bhatt, R. A blockchain-based secured system using the Internet of Medical Things (IOMT) network for e-healthcare monitoring. Meas. Sensors 2023, 30, 100904. [Google Scholar] [CrossRef]
- Wazid, M.; Gope, P. BACKM-EHA: A novel blockchain-enabled security solution for IoMT-based e-healthcare applications. ACM Trans. Internet Technol. 2023, 23, 1–28. [Google Scholar] [CrossRef]
- Sun, L.; Liu, D.; Li, Y.; Zhou, D. A Blockchain-Based E-Healthcare System with Provenance Awareness. IEEE Access 2024, 12, 110098–110112. [Google Scholar] [CrossRef]
- Kumar, V.; Ali, R.; Sharma, P.K. A secure blockchain-assisted authentication framework for electronic health records. Int. J. Inf. Technol. 2024, 16, 1581–1593. [Google Scholar] [CrossRef]
- Sunitha, M.J.; Asendra, C.; Kumar, B.B.; Goud, E.H.; Basha, S.H. User Authentication Scheme and Identity Management for E-Health Systems using Blockchain Technology. In Proceedings of the 2024 International Conference on Knowledge Engineering and Communication Systems (ICKECS), Chikkaballapur, India, 18–19 April 2024; IEEE: Piscataway, NJ, USA, 2024; Volume 1, pp. 1–7. [Google Scholar]
- Kumar, P.; Kumar, R.; Garg, S.; Kaur, K.; Zhang, Y.; Guizani, M. A secure data dissemination scheme for IoT-based e-health systems using AI and blockchain. In Proceedings of the GLOBECOM 2022-2022 IEEE Global Communications Conference, Rio de Janeiro, Brazil, 4–8 December 2022; IEEE: Piscataway, NJ, USA, 2022; pp. 1397–1403. [Google Scholar]
- Chinnasamy, P.; Albakri, A.; Khan, M.; Raja, A.A.; Kiran, A.; Babu, J.C. Smart contract-enabled secure sharing of health data for a mobile cloud-based e-health system. Appl. Sci. 2023, 13, 3970. [Google Scholar] [CrossRef]
- Mishra, A.K.; Mohapatra, Y. Hybrid blockchain based medical data sharing with the optimized CP-ABE for e-Health systems. Int. J. Inf. Technol. 2024, 16, 121–130. [Google Scholar] [CrossRef]
- Haritha, T.; Anitha, A. Multi-level security in healthcare by integrating lattice-based access control and blockchain-based smart contracts system. IEEE Access 2023, 11, 114322–114340. [Google Scholar] [CrossRef]
- Chen, X.; Wang, B.; Li, H. A privacy-preserving multi-factor authentication scheme for cloud-assisted IoMT with post-quantum security. J. Inf. Secur. Appl. 2024, 81, 103708. [Google Scholar] [CrossRef]
- Bagheri, N.; Bendavid, Y.; Safkhani, M.; Rostampour, S. Smart Grid Security: A PUF-Based Authentication and Key Agreement Protocol. Future Internet 2023, 16, 9. [Google Scholar] [CrossRef]
- Rai, S.; Paul, R.; Banerjee, S.; Meher, P.; Sah, G. A Combined Approach of PUF and Physiological Data for Mutual Authentication and Key Agreement in WMSN. J. Grid Comput. 2024, 22, 23. [Google Scholar] [CrossRef]
- Tomar, A.; Tripathi, S. A Chebyshev Polynomial-Based Authentication Scheme Using Blockchain Technology for Fog-Based Vehicular Network. IEEE Trans. Mob. Comput. 2024, 23, 9075–9089. [Google Scholar] [CrossRef]
- Kumar, R.; Singh, S.; Singh, D.; Kumar, M.; Gill, S.S. A robust and secure user authentication scheme based on multifactor and multi-gateway in IoT enabled sensor networks. Secur. Priv. 2024, 7, e335. [Google Scholar] [CrossRef]
- Luu, L.; Chu, D.H.; Olickel, H.; Saxena, P.; Hobor, A. Making smart contracts smarter. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016; pp. 254–269. [Google Scholar]
Approach | Techniques Used | Challenges Identified | References |
---|---|---|---|
Decentralised Authentication Protocols | PBFT consensus, Elliptic Curve Cryptography (ECC) | High computational costs, synchronisation challenges between on-chain and off-chain storage | [6] |
Privacy-Preserving Control Mechanisms | K-means clustering, Geometric Data Perturbation (GDP), ECC | High computational overhead, scalability issues in IoT environments | [8] |
Blockchain-Assisted Secure Data Sharing | Searchable Attribute-Based Encryption (SABE), blockchain for decentralised access management | High computational overhead during decryption, latency from blockchain consensus mechanisms | [9] |
Privacy-Preserving EHR Management | Pairing-based cryptography, secure key exchange protocols | High computational costs, potential delays due to consensus mechanisms | [11] |
Biometric Authentication Protocols (PPBA) | Zero-Knowledge Proofs (ZKP), privacy coins, blockchain | High transaction fees, potential vulnerabilities | [12] |
Blockchain-Enabled IoMT Security Systems | Smart contracts, decentralised storage | High computational costs, synchronisation challenges | [15] |
Access Control and Key Management Protocols | ECC, smart contracts | Real-time processing delays, computational overhead | [16] |
Provenance-Aware Blockchain Systems | Directed Acyclic Graph (DAG) structures | High computational costs, latency in auditing processes | [17] |
AI-Based Secure Data Dissemination | Deep learning techniques combined with blockchain | High computational cost and latency, scalability issues, synchronisation issues | [20] |
Smart Contract-Enabled EHR Sharing Frameworks | Blockchain, smart contracts | Computational overhead, scalability concerns | [21] |
Hybrid Blockchain Models | Private and consortium blockchains, optimised encryption techniques | Latency, scalability challenges | [22] |
Multi-Level Security Frameworks | Lattice-Based Access Control (LBAC), blockchain smart contracts | High computational resources required | [23] |
Blockchain-Assisted Authentication Frameworks | Multi-Factor Authentication (MFA), smart contracts | Computational costs, scalability limitations | [18] |
User Authentication Schemes | Modified RSA encryption, blockchain | High computational overhead, latency issues | [19] |
Common Challenges Across Approaches | Various cryptographic and blockchain-based techniques | High computational costs, scalability limitations, latency issues | [6,8,9,11,12,15,16,17,18,19,20,21,22,23] |
Security Goal 7 | How It Is Achieved in the Proposed Model |
---|---|
Privacy-Preserving | Utilizes blind signatures to ensure that users authenticate without revealing their real identities. |
Authentication | Hash-based pseudonymous identifiers prevent unauthorised user tracking. |
Data Integrity | One-way hash functions (SHA-256) ensure that data remain immutable during transmission and storage. Any modification results in a verifiable hash mismatch. |
Access Control | Smart contracts enforce role-based and attribute-based access control (RBAC/ABAC), ensuring only authorised entities can access or modify sensitive health data. |
Confidentiality | End-to-end encryption ensures that sensitive health information remains protected from unauthorised access. Only encrypted references (hash pointers) are stored on-chain. |
Anonymity | Patient data are stored off-chain, with only hashed identifiers referenced on the blockchain, ensuring that patient identities remain anonymous. |
Resistance to Replay Attacks | Time-based nonces and PoA consensus ensure that authentication tokens are unique and cannot be reused, preventing replay attacks. |
Resistance to Insider Attacks | Decentralised transaction logging prevents unauthorised modifications by insiders, ensuring auditability. Access logs are immutable and verifiable via blockchain. |
Model | Authentication Method | Security Features | Consensus Mechanism | Key Limitations |
---|---|---|---|---|
Kumar et al. [18] | Multi-factor authentication with cryptographic hashing | Secure key exchange, role-based access control (RBAC) | Proof of Work (PoW) | High computational cost, slow transaction processing |
Haritha et al. [23] | Smart contract-based authentication with biometric encryption | Privacypreserving biometric authentication, Zero-Knowledge Proofs (ZKP) | Proof of Stake (PoS) | Susceptibility to Sybil attacks, validation delays |
Proposed Model | Smart contract-based authentication with blind signatures | Enhanced privacy, resistance to replay and insider attacks | Proof of Authority (PoA) | Optimised for regulatory compliance, but depends on trusted validators |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2025 by the author. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Alabdulatif, A. Blockchain-Based Privacy-Preserving Authentication and Access Control Model for E-Health Users. Information 2025, 16, 219. https://doi.org/10.3390/info16030219
Alabdulatif A. Blockchain-Based Privacy-Preserving Authentication and Access Control Model for E-Health Users. Information. 2025; 16(3):219. https://doi.org/10.3390/info16030219
Chicago/Turabian StyleAlabdulatif, Abdullah. 2025. "Blockchain-Based Privacy-Preserving Authentication and Access Control Model for E-Health Users" Information 16, no. 3: 219. https://doi.org/10.3390/info16030219
APA StyleAlabdulatif, A. (2025). Blockchain-Based Privacy-Preserving Authentication and Access Control Model for E-Health Users. Information, 16(3), 219. https://doi.org/10.3390/info16030219