Access Control for Electronic Health Records with Hybrid Blockchain-Edge Architecture

TL;DR

This paper introduces a hybrid blockchain-edge architecture for secure, efficient access control of electronic health records, combining blockchain-based policy management with edge node data storage.

Contribution

It presents a novel hybrid system integrating blockchain and edge computing for EHR access control, enhancing security and performance.

Findings

Blockchain-based controller ensures tamper-proof access logs.

Edge nodes enforce attribute-based access policies.

System achieves efficient transaction processing and quick response times.

Abstract

The global Electronic Health Record (EHR) market is growing dramatically and expected to reach $39.7 billions by 2022. To safe-guard security and privacy of EHR, access control is an essential mechanism for managing EHR data. This paper proposes a hybrid architecture to facilitate access control of EHR data by using both blockchain and edge node. Within the architecture, a blockchain-based controller manages identity and access control policies and serves as a tamper-proof log of access events. In addition, off-chain edge nodes store the EHR data and apply policies specified in Abbreviated Language For Authorization (ALFA) to enforce attribute-based access control on EHR data in collaboration with the blockchain-based access control logs. We evaluate the proposed hybrid architecture by utilizing Hyperledger Composer Fabric blockchain to measure the performance of executing smart contracts and ACL policies in terms of transaction processing time and response time against unauthorized data retrieval.