A Project Presentation on Cyber security in e

A
Project Presentation
on Cyber security in e healthcare using Ehr system

Presented By
Amitesh Mishra (1900970100014)

Introduction

EHR system (electronic health record system). Every hospital keeps a record of its patients data either they store it locally or use a cloud service provider.Most of the time,the data is on a server that belongs to the hospital , the major problem that it causes is inability to transfer your records and also data leaks, manipulation and unauthorized access.

By making a decentralized EHR the patient's record and data is stored in a decentralized environment after securing it. It provides a patient centric system in which patient has control over his data i.e. patient themselves decide who can view their profiles/data.Patient can grant or revoke data access permission to/from any doctor. 


Literature Survey

Authors :Shangping Wang; Dan Zhang; Yaling Zhang
[1.]Blockchain-Based Personal Health Records Sharing Scheme With Data Integrity Verifiable
Proposed a health record system in which they are providing centralized cloud data storage through the use of symmetric and attribute-based encryption.
Furthermore,they have used blockchain and smart contracts to verify the integrity of the data received from the cloud storage.They have provided algorithms and smart contract codes,implementing their thesis and also performance and efficiency graphs. 

[2.]Authors :Jathin Sreenivas,Kshitij Yelpale,Varsha Vasudev Kamath

Proposed a health record system on Hyperledger Fabric,a permissioned blockchain solution for stroing and sharing health care records.Patients have full control of their medical information and authorize doctors to view their record using grand/revoke access.Fabric has a built in access control for identity management and databases for limited storage.

[3.]Author:Shivansh Kumar
Shivansh Kumar,Aman Kumar Bharti,Ruhul Amin
Decentralized secure storage of medical records using Blockchain and IPFS: A comparative analysis with future directions

Showed various implementation of blockchain and ipfs in healthcare sectors.Ipfs a decentralized peer to peer storage for storing data off-chain as it is very expensive and energy-consuming to store large chunks of data on the Blockchain.As it is not a centralized database, loss of any server or workstation does not mean the loss of any patient’s data.







Research Gap

Storage - Storage on on a single server is a one point of failure mechanism.A centralized storage is also highly prone to attacks as all the information and data is stored on a single node.

Decentralization - A centralized web app has a front end and a backend that interacts with the database whereas a dapp or a decentralized application has a front end and has smart contracts as back end that interacts with the blockchain.

Security - Storage of data records are mainly on a centralized server and if the data is changed or altered there is no proof with blockchain the central authority is removed 





Research Objective


To provide a secure decentralized EHR system.


To make data accessible from anywhere. 


To build a secure Role based access control system.


To provide authentication and integrity of the data stored using blockchain.




Problem Statement


The use of blockchain technology can increase security and privacy, as well as the availability of records for both patients and providers.
 

The following research questions have been made:

.)How to store and exchange health records with the integration of blockchain technology.

.)How can confidentiality, integrity and availability be maintained with the use of
  decentralization for sensitive healthcare data?

.)How can privacy be maintained while the blockchain network is remained public and           
transparent 

Proposed Work

The proposed architecture has three sides Patient,Doctor and ipfs.

• One can log in either as a doctor or as a patient.

• Patient will upload his/her health records, which will  be encrypted and then stored on the        IPFS, While the Blockchain stores a hash link to this data.

• Doctor will request the patient’s medical record.
 
• Patient can grant or revoke data access permission to/from any doctor.

• After the patient grants access, the doctor will be able to retrieve the contents located

Add medical 
data
Encrypt data
Add data 
to ipfs
Get hash(CID)
Storing hash onto the blockchain 
using smart contracts
Front-end
Blockchain

Blockchain and smart contracts

Blockchain technology is a  decentralized distributed ledgers, It stores data in a ledger made up of a set of blocks. 
Each block is linked to the previous using a hash value hence constructung a chain of blocks which makes it immutable.
Whenever a new block is added to the blockchain the block is sent to each node which verifies the block. And once the verification is done, the block gets added to the Blockchain. This verification and validation of blocks by these participating nodes is called consensus.


Smart contracts

Smart contracts are self executable codes that run on the blockchain when certain conditions are met which ensures trust. 
Smart contracts are immutable, which means their code and conditions can not be changed or updated once they are deployed on the Blockchain

IPFS: InterPlanatery File System (IPFS) is a peer-to-peer (P2P)  protocol that allows for a distributed way of storing and accessing files.
IPFS has replaced the standard location-based addressing by content-based addressing.
When data is uploaded to IPFS, it is split into smaller chunks,, and given a unique hash called a content identifier (CID) which is used to retrieve the data.
System Design

Front -end

Handles user interface,communication with the data layer and encryption and decryption of the data the encryption strategy uses both RSA and AES to achieve maximum security.


Data layer

Ipfs distributed file storage system is used for off-chain storage of data.When a file is uploaded, a cryptographic hash(CID) is generated which is then stored in the blockchain using smart contract transactions.


Blockchain layer/contract layer

Each smart contract is deployed into the blockchain.It defines the logic behind the app providing access control and making sure no unauthorized access takes place.

Use case diagram
Sequence Diagram

Implementation

Result

Conclusion

The proposed system makes use of smart contracts, decentralized storage
using IPFS and symmetric and asymmetric encryption as the fundamentals for creating a strong and robust solution for securely exchanging electronic health records between
patients and providers.
It does so by storing reference variables on the blockchain while the sensitive information
of health records is encrypted and stored off-chain on IPFS.

Future scope

Querying data through blockchain with the help of graph

Use of a consortium blockchain like Hyperledger Fabric with access control built in.




Reference

[1.]  S Wang, D Zhang; Y Zhang "Blockchain-Based Personal Health Records Sharing Scheme With Data Integrity Verifiable" 

[2.]  J Sreenivas,K Yelpale,V Vasudev Kamath 
Varsha Vasudev Kamath "Blockchain Solution to Healthcare Record System using Hyperledger Fabric"

[3.] S Kumar ,A Kumar Bharti,RAmin
"Decentralized secure storage of medical records using Blockchain and IPFS: A comparative analysis with future directions"