Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지

Blockchain-based Electronic Medical Record Sharing FrameworkUsing Ciphertext Policy Attribute-Based Cryptography for patient's anonymity

환자의 익명성이 보장되는 암호문 정책 속성중심 암호를 활용한 블록체인 기반 전자의무기록 공유 프레임워크

  • 백승수 (고려대학교 정보보호대학원 정보보호학과)
  • Received : 2018.11.15
  • Accepted : 2019.03.29
  • Published : 2019.03.31
Download PDF
⟨ Previous Next ⟩

Abstract

Medical record is part of the personal information that values the dignity and value of an individual, and can lead to serious social prejudice and disadvantage to an individual when it is breached illegally. In addition, the medical record has been highly threatened because its value is relatively high, and external threats are continuing. In this paper, we propose a medical record sharing framework that guarantees patient's privacy based on blockchain using ciphertext policy-based attribute based proxy re-encryption scheme. The proposed framework first uses the blockchain technology to ensure the integrity and transparency of medical records, and uses the stealth address to build the unlinkability between physician and patient. Besides, the ciphertext policy attribute-based proxy re-encryption scheme is used to enable fine-grained access control, and it is possible to share information in emergency situations without patient's agreement.

개인 의료정보는 개인의 존엄성과 가치를 소중히 여기는 개인정보의 한 부분으로서, 만약 불법적인 유출이 되었을 때 한 개인에게 심각한 사회적 편견과 불이익이 돌아올 수 있다. 또한, 그 의료정보는 쓰임새가 많아 그 가치가 상대적으로 높아 내, 외부적인 위협이 지속되고 있는 것이 현실이다. 이에 본 논문에서는 암호문 정책 속성중심 프락시 재암호 기법을 사용하여 블록체인 기반 환자 프라이버시가 보장되는 의료정보공유 프레임워크를 제안한다. 제안하는 프레임워크는 먼저 블록체인을 사용하여 의무기록의 무결성과 투명성을 보장하고, 스텔스 주소를 사용하여 의사-환자의 연계불가성을 제안한다. 또한 암호문 기반 속성중심 암호를 이용하여 세밀한 접근제어가 가능하고, 환자 미동의 및 응급 상황에서의 정보공유가 가능하다.

Keywords

References

  1. Humer, Caroline, and Jim Finkle. "Your medical record is worth more to hackers than your credit card." Reuters.com US Edition 24 (2014).
  2. Monero, "How does monero's privacy work?" https://www.monero.how/how-does-monero-privacy-work (2018.11.11.접속)
  3. Liang, Kaitai, et al. "A ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security." Intelligent Networking and Collaborative Systems (INCoS), 2013 5th International Conference on. IEEE, 2013.
  4. Nakamoto, Satoshi. "Bitcoin: A peer-to-peer electronic cash system." (2008).
  5. Mambo, Masahiro, and Eiji Okamoto. "Proxy cryptosystems: Delegation of the power to decrypt ciphertexts." IEICE transactions on fundamentals of electronics, Communications and computer sciences 80.1 (1997): 54-63.
  6. Liang, Xiaohui, et al. "Attribute based proxy re-encryption with delegating capabilities." Proceedings of the 4th International Symposium on Information, Computer, and Communications Security. ACM, 2009.
  7. Luo, Song, Jianbin Hu, and Zhong Chen. "Ciphertext policy attribute-based proxy re-encryption." International Conference on Information and Communications Security. Springer, Berlin, Heidelberg, 2010.
  8. Azaria, Asaph, et al. "Medrec: Using blockchain for medical data access and permission management." Open and Big Data (OBD), International Conference on. IEEE, 2016.
  9. Conti, Mauro, et al. "A survey on security and privacy issues of bitcoin." IEEE Communications Surveys & Tutorials (2018).
  10. MedicalChain, "whitepaper v2.0," https://medicalchain.com/en/ (2018.11.11.접속)
  11. MedicalBlock, "whitepaper v1.0," https://medicalchain.com/ko/ (2018.11.11.접속)