<p>The rapid digitisation of healthcare services presents challenges in guaranteeing safe, scalable, and privacy-preserving access to sensitive medical information. This article presents BBAS, a blockchain-based authentication system for e-Health. BBAS incorporates a multi-factor authentication (MFA) framework that includes password hashing, one-time passwords (OTP), and biometric verification, with a hybrid access control model that combines role-based access control (RBAC) and attribute-based access control (ABAC). To guarantee enduring security, BBAS utilises post-quantum digital signatures (CRYSTALS-Dilithium) and exploits the InterPlanetary file system (IPFS) for off-chain data storage, assuring tamper-resistance and scalability. We implemented the system using solidity smart contracts on a permissioned Ethereum network and assessed via 500 authentication iterations. Results show BBAS outperforms benchmark models across all critical metrics: authentication success rate (ASR: 98.6%), latency (0.05&#xa0;s), throughput (19,000 req/s), gas cost (35,000 gas/req), block confirmation time (10&#xa0;s), and storage overhead (0.03 KB/record). Biometric error rates—false acceptance rate (FAR: 0.5%), false rejection rate (FRR: 1.2%), and equal error rate (EER: 0.85%)—are markedly decreased, therefore improving both security and usability. This research validates BBAS as a reliable, scalable, and quantum-resistant authentication framework for contemporary e-Health systems.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

BBAS: A blockchain-based authentication system for e-health with multi-factor authentication, access control, and post-quantum security

  • Rabia Latif,
  • Bello Musa Yakubu,
  • Nor Shahida Mohd Jamail,
  • Amir Mohamed Talib,
  • Fahad Omar Alomary

摘要

The rapid digitisation of healthcare services presents challenges in guaranteeing safe, scalable, and privacy-preserving access to sensitive medical information. This article presents BBAS, a blockchain-based authentication system for e-Health. BBAS incorporates a multi-factor authentication (MFA) framework that includes password hashing, one-time passwords (OTP), and biometric verification, with a hybrid access control model that combines role-based access control (RBAC) and attribute-based access control (ABAC). To guarantee enduring security, BBAS utilises post-quantum digital signatures (CRYSTALS-Dilithium) and exploits the InterPlanetary file system (IPFS) for off-chain data storage, assuring tamper-resistance and scalability. We implemented the system using solidity smart contracts on a permissioned Ethereum network and assessed via 500 authentication iterations. Results show BBAS outperforms benchmark models across all critical metrics: authentication success rate (ASR: 98.6%), latency (0.05 s), throughput (19,000 req/s), gas cost (35,000 gas/req), block confirmation time (10 s), and storage overhead (0.03 KB/record). Biometric error rates—false acceptance rate (FAR: 0.5%), false rejection rate (FRR: 1.2%), and equal error rate (EER: 0.85%)—are markedly decreased, therefore improving both security and usability. This research validates BBAS as a reliable, scalable, and quantum-resistant authentication framework for contemporary e-Health systems.