This paper introduces a consortium blockchain architecture enhanced with zero-knowledge proofs (ZKPs) to enable secure, auditable health data sharing while maintaining strict patient privacy and regulatory accountability. The proposed design ensures that protected health information (PHI) remains entirely off-chain within institutional electronic health record (EHR) systems, while only policy commitments and minimal access receipts are anchored on a permissioned ledger. Authorization is verified using selective-disclosure ZKPs through a “predicate-first” strategy for common checks such as role membership, purpose binding, and revocation epoch. More complex or emergency access cases are supported by circuit-based SNARK/STARK proofs. A prototype implementation is evaluated under workflow-realistic synthetic access patterns. Results show that end-to-end authorization achieves clinically responsive latencies (median and 95th percentile within acceptable clinical thresholds). Predicate proofs demonstrate fast proving and low-cost on-chain verification, while circuit proofs verify within seconds after setup. Audit queries over append-only indexed receipts complete interactively across hourly, daily, and weekly windows, with an on-chain footprint that sustains near-real-time audit-write rates. These findings confirm that auditable privacy can be achieved in federated healthcare settings without undermining operational throughput. Key insights include prioritizing prover capacity, using adaptive batching, enforcing epoch-bound revocation via short-lived credentials, and limiting complex circuits to exceptional cases.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

ZKP-Enabled Consortium Blockchain for Secure and Auditable Health Data Sharing

  • Tolibjon Mansurov,
  • Bobir Boltaev,
  • Khumoyun Barоtov,
  • Makhliyo Sharifova,
  • Nigina Navruzova

摘要

This paper introduces a consortium blockchain architecture enhanced with zero-knowledge proofs (ZKPs) to enable secure, auditable health data sharing while maintaining strict patient privacy and regulatory accountability. The proposed design ensures that protected health information (PHI) remains entirely off-chain within institutional electronic health record (EHR) systems, while only policy commitments and minimal access receipts are anchored on a permissioned ledger. Authorization is verified using selective-disclosure ZKPs through a “predicate-first” strategy for common checks such as role membership, purpose binding, and revocation epoch. More complex or emergency access cases are supported by circuit-based SNARK/STARK proofs. A prototype implementation is evaluated under workflow-realistic synthetic access patterns. Results show that end-to-end authorization achieves clinically responsive latencies (median and 95th percentile within acceptable clinical thresholds). Predicate proofs demonstrate fast proving and low-cost on-chain verification, while circuit proofs verify within seconds after setup. Audit queries over append-only indexed receipts complete interactively across hourly, daily, and weekly windows, with an on-chain footprint that sustains near-real-time audit-write rates. These findings confirm that auditable privacy can be achieved in federated healthcare settings without undermining operational throughput. Key insights include prioritizing prover capacity, using adaptive batching, enforcing epoch-bound revocation via short-lived credentials, and limiting complex circuits to exceptional cases.