Blockchain-Enabled EHR Framework for Internet of Medical Things

The Internet of Medical Things (IoMT) offers an infrastructure made of smart medical equipment and software applications for health services. Through the internet, the IoMT is capable of providing remote medical diagnosis and timely health services. The patients can use their smart devices to create, store and share their electronic health records (EHR) with a variety of medical personnel including medical doctors and nurses. However, unless the underlying combination within IoMT is secured, malicious users can intercept, modify and even delete the sensitive EHR data of patients. Patients also lose full control of their EHR since most health services within IoMT are constructed under a centralized platform outsourced in the cloud. Therefore, it is appealing to design a decentralized, auditable and secure EHR system that guarantees absolute access control for the patients while ensuring privacy and security. Using the features of blockchain including decentralization, auditability and immutability, we propose a secure EHR framework which is mainly maintained by the medical centers. In this framework, the patients' EHR data are encrypted and stored in the servers of medical institutions while the corresponding hash values are kept on the blockchain. We make use of security primitives to offer authentication, integrity and confidentiality of EHR data while access control and immutability is guaranteed by the blockchain technology. The security analysis and performance evaluation of the proposed framework confirms its efficiency.


Introduction
The Internet of Medical Things (IoMT) is an extension of Internet of Things (IoT) which combines medical equipment, medical services and medical applications to offer efficient and secure transmission of electronic health records (EHR) within a healthcare system [1]. The EHR data, which are exchanged through the smart devices, can be very beneficial to medical personnel located in remote locations. The IoMT is also projected to offer healthcare services in real time using the internet along with smart devices such as smart phones, smart wearable medical devices or implanted medical devices. Once embraced, the IoMT is expected to reduce the financial cost related to healthcare services while providing timely medical services, quality of medical services, quality of medical experience through fast medical-based decision making [2].
The number of IoT-enabled devices is expected to reach between 50 to 100 billion in the next decade through a variety of internet-based services to enable smart cities, smart homes, smart healthcare, smart grid and so on [3]. Among the different applications of IoT, IoMT is very important as it involves directly the well-being of human kind [4]. With the exponential growth of devices used in IoT, especially in IoMT, user's privacy and security require efficient countermeasures. There are number of security breaches that might occur in IoMT including unauthorized access of patients' EHRs, modification of EHR data, manipulation of EHR data through hijacking of smart medical devices [5,6].
Assume that a patient A is transferred or recommended from hospital H1 to hospital H2. In this scenario, the doctor(s) from H2 may ask the patient to retake the medical tests which were already done in H1 due to untrustworthiness among the medical institutions or probable misinterpretation of medical tests. Retaking the medical test will incur financial burden to the patient while the probability of obtaining the same examination results from the previous hospital is high. Thus, it is appealing to construct an EHR system that allows the health institutions to share the patients data through EHR immutability while the patient keeps full access control of his/her EHR data.
To achieve efficient and secure sharing of EHRs data, there is a number of researchers that suggested security primitives. These techniques mainly focus on constructing an index value for each EHR record and proceed with the encryption of the health data before outsourcing the records through cloud computing. These techniques suffers from the fact that different health institutions use their own techniques of creating the EHR data index or encrypted keys which hinders the sharing among the health institutions [7]. In addition, these systems are based on centralized architectures requiring fully trusted cloud frameworks.
Blockchain technology offers features such as decentralization, immutability, and auditability which can be applied to enforce the privacy and security of EHR in IoMT. Here each medical institution acts as a blockchain node that stores and verifies the health records of patients through the blockchain. Thus, consensus mechanism within the system is used for the audit of the medical treatment process [8].There is also a number of schemes that applied blockchain in EHRs system with the purpose of providing efficient data sharing of health records beside the data confidentiality, integrity and access control [9]. However, these systems suffer from weak privacy preservation which a potential attacker can use to obtain sensitive information such as the preference of certain medical doctor by a number of users due to the public transaction information. Thus, affecting a level of trust among the medical institutions.
In this paper, we propose a blockchain-enabled framework for the internet of medical things. In the proposed scheme, the health institutions act as blockchain nodes, and the blockchain platform is used to store the hash values of the medical records. We also enforce the security of the proposed protocol through security primitives to achieve privacy preservation, authentication and rigorous access control. Specifically, the contribution of the proposed framework can be summarized as follows: We first design a system model for blockchain-enabled system for the internet of medical things. The proposed architecture allows the different institutions to efficiently and securely share the patients' EHRs using the blockchain technology.
We then design a secure, decentralized, yet auditable framework using Ethereum as a decentralized application platform to offer access control and immutability while the authentication and confidentiality of EHR is achieved using elliptic curve cryptography-based primitives.
We later provide the analysis of the proposed framework by proving the robustness of the framework against well-known malicious attacks. We also provide the performance of the proposed framework through simulation.
The rest of this paper is organized as follows: We first present the related work on current application that are based on blockchain and specifically within the healthcare domain in section 2. In section 3, we describe the system model for the proposed framework and key security primitives used to design the protocol. We describe the different algorithms of the proposed framework in section 4. In section 5, we provide the performance analysis of the framework in terms of security goals and simulation while the concluding remarks and future work are presented in section 6.
Recently, there are several articles investigating the applicability of blockchain technology in areas beside the original financial sector. The authors in [10] provided a survey summarizing the potential fields of application for the blockchain technology. These fields include the smart grid, the healthcare system, the e-voting systems, the insurance field and the education sector. In the same work, the authors discussed the opportunities, the advantages and challenges faced while applying blockchain in the afore-mentioned fields and potential future research directions. In [11], the authors emphasized on a number of technical issues which may affect the privacy, scalability, selfish mining of blockchain-based systems. The work described the current state of the art of blockchain-based systems and future directions. The authors in [12] researched on how the use of blockchain technologies can be maximized in smart cities to form what they labelled as smart communities or smart nations by locating different IoT devices in several geographical sites. The authors also discussed efficient measures for block creation, verification, cryptographic primitives and consensus algorithms.
To attain efficient and secure sharing of EHRs data, a considerable number of articles recommended the adoption of diversified security primitives without the use of blockchain [13][14][15]. Most of the proposed techniques mainly suggested building an index value for each EHRs records and continue with the encryption of the health data before outsourcing the records through cloud computing. However, different health institutions would use their own techniques of creating the EHRs data index or encrypted keys which would hinder EHRs sharing among the health institutions. Furthermore, Most of these systems were built on a centralized architecture which requires a fully trust of the cloud. There are also a number of work that discussed the integration of blockchain based techniques within the healthcare systems. The authors in [16] discussed the integration of blockchain technology in biomedical and healthcare sector. The authors focused on the advantages that are offered through blockchain including decentralization, security and EHRs data auditability. However, the authors pointed out a number of limitations that would occur by using the current blockchain solutions including EHRs confidentiality, low speed, scalability and potential malicious attacks. Another work on blockchain enabled EHRs systems was proposed in [17]. The authors suggested a scalable system for clinical records through an architecture that was complying with the local health information center. Their studies highlighted a number of drawbacks that might occur including privacy of patient, scalability of EHRs systems mainly due to the volume of EHRs. The authors also discussed the lack of universal standards to enforce the exchange of EHRs on blockchain-based system. There is also a number of schemes applying blockchain in EHRs system with the purpose of providing efficient data sharing of health records beside the data confidentiality, integrity and access control. However, these systems suffer from weak privacy preservation which a potential attacker can use to obtain sensitive data such as the preference of certain medical doctor by a number of users due to the public transaction information. Thus, affecting a level of trust among the medical institutions.

System Model
In this section, we describe the proposed system architecture along with the main entities in the system as depicted in Fig. 1. The proposed architecture is made by the following main entities. The health authority, the hospital, and the patient. The roles and duties of each entity is described as follows: The health authority (HA): This is a government office which acts as a trusted authority responsible for regulating all the medical centers within a specific region. Its duties include registering the medical centers based on clear and rigorous rules set by the government. The patient is then registered by the health authority. The health authority will supervise both the patients and the hospitals before joining the blockchain. The health authority is assumed to have severs with sufficient computing capabilities. In case of dispute, the HA is able to trace and reveal the identity of the entities in dispute.
The hospitals: These are public and private health centers such as clinics, community health center, or any other center which may generate and/or make use of the EHRs patients. These hospitals usually have several levels of workers, but for simplicity we only assume two types, namely the doctor and the nurse. These employees perform diversified treatments for a patient including consultation, medical tests, etc. Furthermore, they can create EHRs for patients or access available EHRs for patients.
The patients: These are individuals, a single person or a group of family members, who have access to the EHR generated at a particular medical center during a treatment. The patient has the absolute right on their EHR and can authorize the doctors, nurses or family members to access or update their EHR data.

Security Goals
In this subsection, we describe the main security objectives which the proposed protocol aims to satisfy beyond the basic security requirements such as authentication, confidentiality and integrity: Privacy Preservation: The privacy of the patient is very sensitive, thus the proposed protocol should not reveal the real identity of the entities involved in the transactions through it is a public blockchain.
Unlinkability: The proposed framework should not allow any unauthorized person or entity to reveal whether two different transactions were originated from the same entity.
Access control: The patient should be able to share his/her EHR with the person of his choice using a well-established access control mechanism. Though the EHRs are located in remote servers, none should be able to access the data without a prior authorization of the patient.

Preliminaries
In this subsection, we present the basic security primitives which are used to construct the proposed scheme including blockchain and elliptic curve cryptography.
Blockchain: In this work, we adopt Ethereum as a decentralized platform for smart contracts [18]. We choose Ethereum because (a) it is a programmable blockchain, (2) the users of Ethereum can easily build, deploy and run smart contracts on it and (3) within a transaction, the user can transfer the signed data packet from one account to another. The transactions in Ethereum are made of an account nonce, Gas price, Gas limit, an address of a recipient amount of ether, the sender digital signature with additional optional fields that a participant can use.
Elliptic Curve Cryptography: Assume an elliptic curve EC and a prime finite field Fp. The curve EC can be represented over Fp using a cubic equation 2 = 3 + + , where , ∈ , along with the discriminant Δ = 4 3 + 27 2 ≠ 0. = ( , ) is the set of all points over the Curve EC and an additional point which makes an additive cyclic group using the point addition + under a tangent method. Assume P and Q to be representing two randoms within the group G. Let be a line that contains the randoms P and Q, we have a tangent line to the curve EC if = and another point R at the intersection between and the elliptic curve EC. Let ′ be another line that connects R and that line being parallel to the y-axis. We define + = ′ ∈ when we have the line ′ intersecting with the curve EC to get a point ′ . We also define a scalar multiplication as = ( + +. . + ). The details for the complexity assumptions for the Discrete Log (DL) problem, the computational Diffie-Hellman (CDH) problem can be found here for interested readers [19].

Protocol Description
In this section, we describe the five main stages within the proposed framework. The first phase shows the different steps involved in system initialization, the second and the third phases describes how the entities within our system are registered. The fourth step presents an algorithm that demonstrates how the EHR data are created and shared between the patient and the doctor. The last phase demonstrates how the patient EHR data can be shared between a patient and another doctor with rigorous access control and immutability.

System Setup
The proposed protocol is constructed by adopting Ethereum as the blockchain platform. the cryptographic public parameters are generated as shown in Algorithm 1. This phase is undertaken by the health authority (M) who sets up the system.

Patient Registration
A patient participating in the system registers an Ethereum account or address. This account contains the health authority which the corresponding hospital (H) belongs to, the ID of the hospital (Hi, Hj,…, Hn) and the patient (P1). Each entity that registers to the blockchain platform is provided with a key pair = { , } as described in Algorithm 2.

Hospital Registration
We assume one hospital but other health institutions such as community health center can join the system. The following algorithm shows the details steps involved in the registration of a medical doctor working for a specific health institution ℋ .

Medical Record Sharing
Assume that a patient Pi goes to a hospital Hi in which the patient consults a designated medical doctor Di. During the consultation period or treatment, the doctor generates the health records which might include the test results, diagnosis notes and others. The detail of how the health records are generated, encrypted and shared on the servers of the hospital are shown in Algorithm 4.

Medical Record Resharing
Assume that the patient is sharing his health records to another doctor Dj within the same hospital. However, the algorithm can easily be adopted for sharing the health records in a different hospital. The detail of the sharing steps are described in algorithm 5. 17: 2 computes = ′ ( ) to recover We assume in this work an optional time line after which a given HR can be deleted. The server ℋ 1 can therefore delete the health records. In addition, the corresponding hash values shall also be deleted from the blockchain.

Performance
In this section we present the performance of the proposed scheme which is divided in two main parts. The first subsection discusses the security analysis of the protocol and the next subsection provides the evaluation of the scheme through simulation.

Security Analysis
In this subsection, we discuss how the proposed scheme is secure in terms of the security goals. Privacy Preservation: The proposed protocol is secure against the leaking of the sensible IDs of all the entities in the system though all the blockchain transactions are public. As shown in Algorithm 5, we build an authorization token in which the address of the medical doctor was omitted. Thus, even if an adversary gets hold of the contents, he cannot retrace the real entity of the doctor. Thus, the proposed scheme ensures the privacy of the patients and the doctors.
Authentication: In the proposed scheme, a patient first books an appointment with a doctor using the registration credentials. As mentioned in Algorithm 1, each participant registers an Ethereum account = {ℳ, ℋ , } and is provided with key pairs = { , }. Therefore any unregistered patient cannot even successfully register an appointment with the doctor through the hospital ℋ . Thus, the proposed framework guarantees the authentication of entities.
Authorization: The proposed scheme achieves authorization because the patient can only share his EHR data with designated doctors.
generates a transactions token = ( || || 1 ) within the Ethereum blockchain which is sent to the doctor 2 . 2 then proceeds with the verification of the authorization token using its private key 2 . Based on elliptic curve discrete logarithm problem the (ECDLP), a non-valid secret key cannot achieve a valid verification.
Confidentiality: As shown in Algorithm 4, each transaction between the patient and any doctor is encrypted. encrypts the authorization token as 1 = 2 ( ) and sends to the doctor 1 .
Even if a malicious user gets hold on the message, he cannot get any meaningful content from it. Therefore, the proposed framework guarantees the confidentiality of patient's sensitive data. Auditability: The proposed scheme achieves strong auditability which a doctor may not deny in case the patient EHR data are tampered with. It is hard or almost impossible for an adversary to modify the EHR which is exchanged between the patient and the doctor. In algorithm 2, we see that the doctor generates a transaction ℛ 1 = { 1 , 1 , ℎ 1 } and broadcast it to the Ethereum blockchain which guarantees the immutability of the transaction

Performance Analysis
In the performance evaluation, we used Ethereum as a public blockchain, this is mainly because the transactions fee are very affordable compared to other public blockchain. In addition, the time to upload in Ethereum varies between 3 to 4 min, which is quite convenient compared to other public blockchain such Bitcoin. We performed the evaluation of the proposed framework using a Windows 10 Home system, 3.6 GHz with i7 CPU for 16 GB RAM capacity. The size of the Ethereum address for is set to 25 bytes while the hash functions for ℎ 2 (. ) and ℎ 3 (. ) are SHA-256 and SHA-3 respectively. The key pair = { , } are 32 bytes for public key and 66 for the private key. The symmetric keys used in the protocol are set to 128 bits. We consider secp256k1 algorithm for the operations related to encryption/ decryption (. )/ _ (. ) and signature generation and verification (. )/ (. ). We adopt the parameter settings from this work [20] for transactions and certificate calculation. on the number of patient We first investigate the computation cost for the encryption and decryption phases based on the size of the health records. This is quite crucial since some EHR may have multimedia contents such as pictures. We considered the health records with a range of 50 to 500 MB since we assume that the EHR can contain multimedia contents. As seen in Fig. 2a, the computation overhead increases as the size of the EHR increases. Then we investigate the communication cost incurred by the patient device and the hospital devices during the diagnosis phase. As seen on the Fig. 2b, it takes about 4 KB on the device of the patient when he is being diagnosed by a single doctor. On the hospital size, since we assume that the hospital sever has sufficient computation cost, the communication cost incurred on the device is very minimal as depicted in Fig. 2b. Lastly we investigate the computational burden on the hospital servers based on the number of the patients. As shown in Fig. 2c, for a number of around 10 patients making the consultation at the same time, the computation burden is around 300 ms, which is quite satisfactory.

Conclusion
In this paper, we presented a secure and blockchain enabled framework for EHR data for the internet of medical things (IoMT). The system architecture of the proposed framework allows a patient to secure share his data with several medical personnel with rigorous access control and immutability. We use a consortium blockchain to store the hash values of the patients data to offer auditability and immutability of the EHR data and ensured patient's control on his sensitive data. We made use of cryptographic primitives to guarantee the robustness of the proposed framework against well-known attacks. The security analysis of the proposed framework meets the requirements including privacy, unlinkability and access control. Furthermore, the performance evaluation shows that the proposed framework yields high computational efficiency.

Conflicts of Interest:
The authors declare that they have no conflicts of interest to report regarding the present study.