<p>The growing adoption of electronic health (e-health) systems, enabled by the Internet of Things (IoT), has revolutionized patient care by supporting remote monitoring and more efficient service delivery. However, the sensitive nature of health data and the involvement of multiple stakeholders pose significant challenges in securing data access, safeguarding privacy, and ensuring regulatory compliance. Traditional security solutions such as classical access control models, encryption, and centralized identity management often lack the flexibility, scalability, and transparency required by modern IoT-enabled e-health ecosystems. Although blockchain technology has been proposed to enhance transparency and data integrity, many existing approaches fail to implement comprehensive access control mechanisms or effective privacy-preserving strategies. This paper proposes a secure and context-aware access control framework based on blockchain technology with smart contracts and three formally specified, rule-based inference systems. Each rule is specifically designed to address a distinct core category of e-health data: patient identification, medical, and administrative/financial data. These inference systems dynamically assess access requests based on stakeholder roles and data sensitivity levels. They generate decisions that either grant full access, apply data masking (pseudonymization, generalization, or aggregation), or deny access altogether. Sensitive health data remains securely stored off-chain, while smart contracts enforce access policies in real time using embedded inference rules. A formal validation of the inference systems was conducted to ensure the soundness, i.e., no unauthorized access and the completeness, i.e., no legitimate access omitted. This validation reinforces the framework’s reliability and supports secure, privacy-preserving data sharing in IoT-enabled e-health environments.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Towards a formal framework for blockchain-based access control in e-health systems

  • Aida Ben Chehida Douss,
  • Ryma Abassi

摘要

The growing adoption of electronic health (e-health) systems, enabled by the Internet of Things (IoT), has revolutionized patient care by supporting remote monitoring and more efficient service delivery. However, the sensitive nature of health data and the involvement of multiple stakeholders pose significant challenges in securing data access, safeguarding privacy, and ensuring regulatory compliance. Traditional security solutions such as classical access control models, encryption, and centralized identity management often lack the flexibility, scalability, and transparency required by modern IoT-enabled e-health ecosystems. Although blockchain technology has been proposed to enhance transparency and data integrity, many existing approaches fail to implement comprehensive access control mechanisms or effective privacy-preserving strategies. This paper proposes a secure and context-aware access control framework based on blockchain technology with smart contracts and three formally specified, rule-based inference systems. Each rule is specifically designed to address a distinct core category of e-health data: patient identification, medical, and administrative/financial data. These inference systems dynamically assess access requests based on stakeholder roles and data sensitivity levels. They generate decisions that either grant full access, apply data masking (pseudonymization, generalization, or aggregation), or deny access altogether. Sensitive health data remains securely stored off-chain, while smart contracts enforce access policies in real time using embedded inference rules. A formal validation of the inference systems was conducted to ensure the soundness, i.e., no unauthorized access and the completeness, i.e., no legitimate access omitted. This validation reinforces the framework’s reliability and supports secure, privacy-preserving data sharing in IoT-enabled e-health environments.