Improving Healthcare Applications Security Using Blockchain
, Waleed Aladrousy 2, Mohamed Elhoseny 2,3, Samir Elmougy 2 and Ahmed Elsaid Tolba 2
Round 1
Reviewer 1 Report
The paper presents an application of blockchain to health system. However, it appear to me a mere exsercise.
Moreover, the problem of authentication of the involved peer is not discussed.
Author Response
Response to Reviewer 1 Comments
Point 1: The paper presents an application of blockchain to health system. However, it appears to me a mere exercise.
Response 1: We thank the reviewer for his feedback. But, The paper aims to contribute to the scientific field by proposing
- A blockchain security system that secures the medical data collected from the Internet of Medical Things (IoMT) system that we designed and implemented before.
- A blockchain security system uses SHA-256 to hash the new block. We modify SHA-256 by using a run length code algorithm to compress data.
- new Smart contract technique that guarantee to transfer the money from the patient's wallet to the physician's wallet after the physician sends treatment to the patient.
Point 2: Moreover, the problem of authentication of the involved peer is not discussed.
Response 2: We thank the reviewer for pointing this out. We have already proposed that part in pervouse paper and we published it. we have also revisit our paper and shows that this part is done in paper that already publish before.
((Please see page 10, lines 329-331, where the text modified as follow :-))
In our related work [4], The patient's digital signature is used for authentication before the client delivers the vital signs to the receiver. If the authentication parties occur, the system sends the patient vital signs to the physician.
Author Response File: 
Author Response.pdf
Reviewer 2 Report
The abstract is too short. It shall contain at least 250 words.
The axes of figure 1 are blur. Make sure that this figure has no copyright issues.
Mention the key contributions of the work in bullet form before the end of the last paragraph of the introduction section.
Section 3 can further be extended otherwise it shall be merged with section 4.
Provide equation numbering and cite them in the text.
Line 367 calls Table 14, but no such table exists. Please correct this numbering.
Change the background of Figures 4 and 5 to white.
Check the spelling of the title in Figure 5 “ Debosite time”
Every less technical demonstration has been provided for Figures 4 and 5. The authors shall add more detail.
In Conclusion, a discussion has been added about the “complexity analysis”. I suggest to please add a new heading with the title “ complexity analysis and adding a discussion about the complexity analysis along with the comparison with already existing work.
As per my understanding, the work cannot be considered for publication as it contains nothing novel. Only the hash function has been used and nothing else.
Author Response
Response to Reviewer 2 Comments
Point 1: The abstract is too short. It shall contain at least 250 words.
Response 1: We thank the reviewer for pointing this out. we modified our abstract based on your segestion.
((Please see page 1, lines 12-31, where the text modified as follow :-))
Nowadays, the Internet of Medical Things (IoMT) technology is growing and leading the revolution in the global healthcare field. Exchanged information through IoMT permits attackers to hack or modify the patient's data. Hence, the security and privacy of this information are critical issues to saving it. The standard privacy techniques are not enough secured, so this paper introduces blockchain technology that is used for securing data. Blockchain is used with the smart contract to secure private patient records. This paper helps the patient to send his vital signs to the physician through the internet without going to him. These vital signs are collected from the IoMT system that we developed before. In the proposed method, each medical record is stored in the block and connected to the previous block by a hashing function. To secure the new block SHA256 algorithm is used. We modified in SHA256 algorithm by using run length code in compressing data. If any hacker tries to attack any medical record, he must change all previous blocks. To save the rights of the doctor and patient smart contract is built into the Blockchain system. When the transaction begins, the Smart contract withdraws the money from the patient's wallet and stores them in the smart contract. When the physician sends the treatment to the patient, the smart contract transfers the money to the physician. This paper shows that all recent work uses blockchain 2 to implement their security system. This paper also shows that our security system can create a new block with O(n+d) time complexity. As a result, our system can create one hundred blocks in two minutes. Also, our system can deposit the money from the patient's wallet to the physician's wallet in time near the instance. This paper also shows that our method performs better than all subsequent versions of the original blockchain.
Point 2: The axes of figure 1 are blur. Make sure that this figure has no copyright issues.
Response 2: We apologized for that problem. We removed that figure and replaced it with the table that explain the number of vulunabrites every year.
((Please see page 2, lines 59-60, where the table is shown as follow :-))
Table 1 NIST graph of Number of [3]
|
Year |
Number of vulnerabilities |
|
2015 |
9867 |
|
2016 |
11207 |
|
2017 |
16585 |
|
2018 |
17814 |
|
2019 |
17,416 |
|
2020 |
18,335 |
|
2021 |
18,378 |
Point 3: Mention the key contributions of the work in bullet form before the end of the last paragraph of the introduction section.
Response 3: We thank the reviewer for pointing this out. We modified in the contribution section to make it clear.
((Please see page 2, lines 60-80, where the text modified as follow :-))
This paper focuses on implementing a system that helps patients to get their treatment without going to a physician. They will use the internet to send their vital signs. As well as, the physician sends treatment to the patient through the internet. This paper focuses on implementing a security system that protects medical data from being stolen or hacked by anyone.
This paper also guarantees to transfer the money from the patient's wallet to the physician's wallet after the physician sends treatment to the patient.
So, the objective of the proposed system is to implement a blockchain system to secure data for each transaction between parties embedded with the smart contract to avoid using intermediate between parties in each transaction. In this paper, we implement a blockchain to secure the medical data collected from the Internet of Medical Things (IoMT) system that was designed and implemented before [4]. Also, we use SHA-256 to hash the new block by using some information about the previous blocks. We modify SHA-256 by using a run length code algorithm to compress data. So, we use blockchain to secure medical data that will be sent to the physician. We also implement the smart contract in our blockchain to guarantee that the doctor will take the money when he sends the treatment to his patient. So, the proposed system consists of two main parts. The first part creates a new block for each transaction using the information of the last block in the blockchain. The second part builds a smart contract between the physician and patient to guarantee that transaction will finish successfully by automatically withdrawing the money from the patient's wallet to the physician's wallet.
Point 4: Section 3 can further be extended otherwise it shall be merged with section 4.
Response 4: We thank the reviewer for his feedback. We merged Section 3 and section 4 together.
Point 5: Provide equation numbering and cite them in the text.
Response 5: We thank the reviewer for his feedback. We numbered all equation in the paper.
Point 6: Line 367 calls Table 14, but no such table exists. Please correct this numbering.
Response 6: We thank the reviewer for catching this error. We changed it to its correct number.
Point 7: Change the background of Figures 4 and 5 to white.
Response 7: We thank the reviewer for his feedback. We Change the background of figures 4 and 5 to white.
Point 8: Check the spelling of the title in Figure 5 “ Debosite time”
Response 8: We thank the reviewer for catching this error. We changed it to its correct spelling.
((Please see page 15, lines 446-447, where the word is modified to correct spelling))
Point 9: Every less technical demonstration has been provided for Figures 4 and 5. The authors shall add more detail.
Response 9: We thank the reviewer for pointing this out. We added more describtion for the two figures.
((Please see page 14 and 15, lines 422-446, where the text added as follow :-))
The following figure shows the amount of time needed by all recent methods and our proposed system to create a specific number of blocks. Figure 4 shows that our proposed method can create many blocks in 1 minute. For example, if there are 1000 transactions that will happen now, we want to create 1000 blocks. In this case, our proposed method will take 1500 seconds (25 minutes) to build that block. By comparison with other blockchain versions, blockchain 1 will take 180000 seconds (50 hours) to create the 1000 blocks. Blockchain 2 will take 14000 seconds (4 hours) to build the same number of blocks. Blockchain 3 will take 2000 seconds (34 minutes) to create 1000 blocks. Our proposed method performs better Because our proposed method uses run length code to compress data, so it takes a little amount of money to create the block than other methods. Figure 4 also shows that our proposed method builds any number of blocks at little time as possible.
Figure 6 shows the time that each method takes to transfer money from patient to physician. Figure 6 shows the comparison between all recent methods and our proposed when there are many deposits process needed to happen in the same moment. For example, if there is 500 deposits process needed, blockchain 1 need 6250 seconds to transfer the money from 500 patients to 500 physicians. blockchain 2 need 2500 seconds to transfer the money from 500 patient to 500 physicians. Blockchain 3 and our proposed system takes 8 seconds to send the money from 500 patients to 500 physicians.
Figure 6 shows the time that the proposed method takes to deposit money in a physician's wallet is similar to that the blockchain 3 takes but is less than the time that other versions take.
Point 10: In Conclusion, a discussion has been added about the “complexity analysis”. I suggest to please add a new heading with the title “ complexity analysis and adding a discussion about the complexity analysis along with the comparison with already existing work.
Response 10: We thank the reviewer for pointing this out. We added complexity analysis in discussion section and we also added the time complexity compraison between all recent method and proposed system in table 11.
((Please see page 13, lines 400-406 , where the text added as follow :-))
In the proposed method, we modified in hashing function by using run length code to compress data. So, the time complexity of our proposed system is O(n) if the hashing code doesn’t start with some zero number, where n is the size of the hash function. If the hash code for each block starts with d number of consequence zeros, the time complexity will be O (n + d). With compressing data with run length code, the time is reduced.
The time complexity for creating a smart contract is O (1) because the smart contract doesn't take much time to build a smart contract.
((Please see page 14 , lines 418- 422 where the text added as follow :-))
Also, table 11 shows that the time complexity of our proposed system is better than all recent methods except blockchain 3. Blockchain 3 takes the same time complexity as our proposed method takes. But the proposed method takes less time than blockchain 3 takes because the proposed method uses run length code to compress data.
Point 11: As per my understanding, the work cannot be considered for publication as it contains nothing novel. Only the hash function has been used and nothing else.
Response 11: We thank the reviewer for his feedback. But, our proposed system does not only propose a hash function. The paper aims to contribute to the scientific field by proposing
- A blockchain security system that secures the medical data collected from the Internet of Medical Things (IoMT) system that we designed and implemented before.
- A blockchain security system uses SHA-256 to hash the new block. We modify SHA-256 by using a run length code algorithm to compress data.
- new Smart contract technique that guarantee to transfer the money from the patient's wallet to the physician's wallet after the physician sends treatment to the patient.
Author Response File: Author Response.pdf
Reviewer 3 Report
1. Authors try in this work to present the importance of blockchain in healthcare domain. However they forget to describe the architecture of IoT medical, I think they should explain where we can apply the proposed system.
2. The implementation consists of two parts, at the first part they introduce the implementation of Blockchain which is not well explained, I suggest to more the 5 steps and to detail more importance of each one and how blockchain improve security. The other part introduces the implementation of Smart contract.
3. Authors mentioned that Figure 2 shows the framework of the proposed system and the security, they must explain how they secure IoT Medical system through blockchain syetm
4. the authors show tables: Table 9,Table 10, Table 11 Hashing the massage 343 and then Table 10 Smart contract in an inactive state if patient abort contract 349 Table 11 Smart contract in an inactive state if doctor send treatment 355: they should combined these tables and be prudent...
5. All Figures should be improved, figure 1 can be removed or switch with other figure which present more vulnerabilities in healthcare applications.
6. English must be improved
Author Response
Response to Reviewer 3 Comments
Point 1: Authors try in this work to present the importance of blockchain in healthcare domain. However they forget to describe the architecture of IoT medical, I think they should explain where we can apply the proposed system.
Response 1: We thank the reviewer for pointing this out but the main issue of that paper is how to secure data that are collected from IoMT system that we already design and implemented before.
Our IoMT system is described in A secure real-time internet of medical smart things (IOMST) paper (https://www.sciencedirect.com/science/article/abs/pii/S0045790617338995)
We also added application scenario for our proposed method to show where and how our peoposed system work.
((Please see page 6, lines 249-259, where the application scenario is added as follow :-))
For more clarification, Figure 2 shows the application scenario of the proposed sys-tem. The previous IoMT that we developed before collects the patients' vital signs. There-fore, the collected data are sent to our microcontroller. The microcontroller sends a request that asks the physician to treat our patient. If the physician agrees, the collected data are sent directly to the blockchain to create a new block. The new block is created using the in-formation of the previous block. After that, the blockchain inserts transaction information into that block and sends data to the smart contract to build a new contract. Therefore, a smart contract withdraws the money that a physician takes after he sends treatment from patient wallets. Therefore, the physician sends treatment to a smart contract that sends it directly to the patient. Finally, smart contract transfers money to physician wallets.
Figure 2 application scenario of our proposed system
Point 2: The implementation consists of two parts, at the first part they introduce the implementation of Blockchain which is not well explained, I suggest to more the 5 steps and to detail more importance of each one and how blockchain improve security. The other part introduces the implementation of Smart contract.
Response 2: We thank the reviewer for pointing this out. We added more description for blockchain steps and shows the how the blockchain improve security.
((Please see page 7, lines 265-273, where the text is modified as follow :-))
Figure 3 shows that each patient should ask the doctor for treatment. Then, the physician approves helping the patient. Therefore, the blockchain system starts to create the block with the information about the transaction, the creation time of the block, and the previous and current hash code. The current block is connected to the last block by hashing the information of the current block together with the previous hash code. The new block hashes using the SHA256 algorithm. We also use run length code to compress the data of the transaction. Then, this block is added to the chain. After that, it is difficult to hack or modify the patient's information because to hack that block, the hacker must extract all previous blocks.
Also, application scenario shows the importance of using blockchain in our system.
((Please see page 6, lines 249-259, where the application scenario is added :-))
Point 3: Authors mentioned that Figure 2 shows the framework of the proposed system and the security, they must explain how they secure IoT Medical system through blockchain system.
We thank the reviewer for pointing this out. We added application scenario for our proposed method to show the role of blockchain and master contract to secure data.
((Please see page 6, lines 249-259, where the application scenario is added as follow :-))
For more clarification, Figure 2 shows the application scenario of the proposed sys-tem. The pervious IoMT that we developed before start to collect vital signs of patient. Therefore, the collected data are sent to our microcontroller. Microcontroller send to physi-cian to ask him to treat our patient. If the physician agrees, the collected data are sent di-rectly to blockchain to create a new block. The new block is created using the information of pervious block. After that, blockchain insert transaction information into block then sent data to smart contract to create a new contract. Therefore, smart contract withdraws the money that physical take after he sends treatment from patient wallets. Therefore, physi-cian send treatment to smart contract that sent it directly to patient. Finally, smart contract transfer money to physician wallets.
Figure 2 application scenario of our proposed system
Point 4: T the authors show tables: Table 9,Table 10, Table 11 Hashing the massage 343 and then Table 10 Smart contract in an inactive state if patient abort contract 349 Table 11 Smart contract in an inactive state if doctor send treatment 355: they should combined these tables and be prudent.
Response 4: We thank the reviewer for pointing this out. We combine tables 9 , 11, 12 and 13 into table 10.
((Please see page 13, where the table is shown as follow :-))
Table 10 Smart contract states
|
Doctor address |
Patient address |
Getter (money in patient wallets) |
State |
Value for transaction |
|
1531494619742 |
2145867523656 |
100 |
0(create state) |
100 |
|
1531494619742 |
2145867523656 |
100 |
1(locked state) |
100 |
|
1531494619742 |
2145867523656 |
100 |
2(inactive state) |
100 |
|
1531494619742 |
2145867523656 |
0 |
2(inactive state) |
100 |
Point 5: All Figures should be improved, figure 1 can be removed or switch with other figure which present more vulnerabilities in healthcare applications.
Response 5: We apologized for that problem. We removed that figure and replaced it with the table that shows the number of vulunabrites that was discovered every year. Healthycare system based on sendimg data over the internet, so vulnerabilities that appear in the internet may face healthcare system.
((Please see page 2, lines 59-60, where the table is shown as follow :-))
Table 1 NIST graph of Number of [3]
|
Year |
Number of vulnerabilities |
|
2015 |
9867 |
|
2016 |
11207 |
|
2017 |
16585 |
|
2018 |
17814 |
|
2019 |
17,416 |
|
2020 |
18,335 |
|
2021 |
18,378 |
Point 6: English must be improved.
Response 6: We thank the reviewer for his feedback. We revised the paper and improved the English description and the grammar of the paper.
Author Response File: Author Response.pdf
Round 2
Reviewer 1 Report
The authors tried to solve the problems of previous version and they substantially got it.
However, in my opinion, the paper is still a "case study" and not a model, I suggest to highlight also in the title this fact.
Author Response
Response to Reviewer 1 Comments
Point 1: The authors tried to solve the problems of previous version and they substantially got it.
However, in my opinion, the paper is still a "case study" and not a model, I suggest to highlight also in the title this fact.
Response 1: We thank the reviewer for pointing this out. We modified the tilte of paper based on your segestion.
((Please see page 1, line 2 where the title is modified as follow :-))
Improving Healthcare Applications Security Using Blockchain.
Author Response File: Author Response.pdf
Reviewer 2 Report
Thank you authors for considering my comments. I suggest to add key contributions in bullet form. Do not add methodology in these points.
Furthermore, add space complexity.
For figure 6, increase the gap of y-axis label.
Change the y-axis label of figure 5 to Time (sec).
Furthermore, the following reference can be considered to help enrich the content of the article,
Saima Kanwal, Feng Tao, Ahmad Almogren, Ateeq Ur Rehman, Rizwan Taj and Ayman Radwan “A Robust data hiding reversible technique for improving the security in e-health care system” in Computer Modeling in Engineering & Sciences, vol. 134, Issue 01, pp. 201-219. DOI: 10.32604/cmes.2022.020255
Add limitations of your work. Thanks
Author Response
Response to Reviewer 2 Comments
Point 1: Thank you authors for considering my comments. I suggest to add key contributions in bullet form. Do not add methodology in these points..
Response 1: We apologized for that problem. we added key contributions in bullet form..
((Please see page 1, lines 64-73, where the text modified as follow :-))
The paper aims to contribute to the scientific field by proposing
- A blockchain security system that secures the medical data collected from the Internet of Medical Things (IoMT) system that we designed and implemented before [4].
- A blockchain security system uses SHA-256 to hash the new block. We modify SHA-256 by using a run length code algorithm to compress data.
- New Smart contract technique that guarantees to transfer the money from the patient's wallet to the physician's wallet after the physician sends treatment to the patient.
Point 2: Furthermore, add space complexity.
Response 2: We thank the reviewer for pointing this out. We added space complexity in the discution section.
((Please see page 14, lines 409-410, where the text is added as follow :-))
|
Parameters |
BlockChain 1.0 |
BlockChain 2.0 |
BlockChain 3.0 |
Baiju [48] |
Asma Khatoon [47] |
proposed system |
|
space complexity |
O(n) |
O(n) |
O(n) |
O(n) |
O(n) |
O(n) |
((Please see page 14, lines 428-430, where the text is added as follow :-))
Also, table 11 shows that all methods need O(n) space complexity to create any number of transactions, Where n represents the number of transactions.
Point 3: For figure 6, increase the gap of y-axis label.
Response 3: We thank the reviewer for pointing this out. We modified figure 6.
((Please see page 15, lines 446-447, where the Figure 5 modified as follow :-))
Point 4: Change the y-axis label of figure 5 to Time (sec).
Response 4: Response 3: We thank the reviewer for pointing this out. We change y axis label to Time(sec) in figure 5.
((Please see page 15, lines 435-436, where the Figure 5 modified as follow :-))
Point 5: Furthermore, the following reference can be considered to help enrich the content of the article,
Saima Kanwal, Feng Tao, Ahmad Almogren, Ateeq Ur Rehman, Rizwan Taj and Ayman Radwan “A Robust data hiding reversible technique for improving the security in e-health care system” in Computer Modeling in Engineering & Sciences, vol. 134, Issue 01, pp. 201-219. DOI: 10.32604/cmes.2022.020255
Response 5: We thank the reviewer for his feedback. We added it to our future work.
((Please see page 16, lines 463-464, where the feature work is modified as follow :-))
Also, we intend to make patients and physicians able to send the image through our system, so we will develop a technique that hides data from that image [50].
Point 6: Add limitations of your work.
Response 6: We thank the reviewer for his feedback. We added a proposed work limitation in conclusion.
((Please see page 16, lines 459-464, where the Figure 5 modified as follow :-))
Our proposed method has one problem, the patient must wait until the physician sends the treatment to him. So, In future work, we intend to use a deep learning algorithm to design and build a robot that replaces physicians. This system can send the treatment to the patient without returning to the doctor or sending data over the internet. Also, we intend to make patients and physicians able to send the image through our system, so we will develop a technique that hides data from that image [50].
Author Response File: Author Response.pdf
Round 3
Reviewer 2 Report
The authors have significantly revised the article just a minor edit is required in Figure 6 if appropriate:
In the figure label it will be like.
Two wallets not wallet.
Also on the y-axis, it will be like Time(Sec), it is better to mention Min in the sub-script, is necessary. Thank you
Author Response
Response to Reviewer 2 Comments
Point 1: The authors have significantly revised the article just a minor edit is required in Figure 6 if appropriate:
In the figure label it will be like.
- Two wallets not wallet.
- Also on the y-axis, it will be like Time (Sec), it is better to mention Min in the sub-script, is necessary.
Response 1: We thank the reviewer for catching this error. We modified the figure title as per your suggestions. We measure the time in seconds. So, we replace MIN with SEC.
((Please see page 15, line 445, where the figure title is modified as follows:-))
Author Response File: Author Response.pdf
