A decentralized authorization framework for medical data protection in NDN-based healthcare systems
摘要
In recent years, there has been a significant shift from host-centric to data-centric networking across various digital sectors and critical environments. Named data networking (NDN) is the most prominent paradigm of data-centric networking implemented in real-world applications. The healthcare industry is considered one of the most prominent sectors to have adapted to this transformation. While NDN-based healthcare systems have demonstrated significant advances in building data-centric security frameworks, the expansion of interconnected medical systems has introduced novel security breaches, such as unauthorized access to medical data. Therefore, continuous improvements to access control mechanisms in NDN-based healthcare systems are extremely important. Most of the existing NDN-based access control mechanisms lack comprehensive integration of security deployment, in-network caching, and distributed content retrieval. To address this issue, this study proposes a decentralized authorization framework for NDN-based healthcare systems, providing fine-grained access control to medical data. The proposed framework integrates a smart contract-based access control (SCBAC) mechanism to provide an attribute-based and policy-driven enforced data access approach and proxy re-encryption (PRE) to enable secure delegation of decryption rights without exposing original data. The evaluation of the proposed framework encompassed three main aspects: performance, security, and scalability, under three different load conditions for scalability testing. The results of the simulation experiments show that the proposed framework achieves a response time of around 132 ms, maintains more than 94% accuracy in access success and denial rates, and accurately delegates to authorized entities with 97.4%-96.5% accuracy, while incurring re-encryption overhead of up to 8 ms. These outcomes improve the response to multiple cyber threats, including unauthorized access and breaches of medical data in dynamic NDN-based healthcare environments.