{"title":"DAMFSD: A decentralized authorization model with flexible and secure delegation","authors":"Minghui Li, Jingfeng Xue, Zhenyan Liu, Yiran Suo, Tianwei Lei, Yong Wang","doi":"10.1016/j.iot.2024.101317","DOIUrl":null,"url":null,"abstract":"<div><p>During the digital age of healthcare, it is crucial to utilize medical data scattered across different healthcare institutions to improve diagnostic precision and customize treatment strategies. A common solution to achieve this is establishing an authorization service that facilitates secure sharing of medical data and promotes interoperability among various healthcare institutions. However, there is a risk of a single point of failure because the majority of authorization systems in use rely on a central trusted service. This paper proposes DAMFSD, a decentralized authorization model with flexible and secure permissions delegation for medical data sharing. Specifically, patients can transfer their permissions to reliable institutions or individuals for flexible management and delegation while they retain control and monitor their permissions. We use cryptographic techniques for secure and fine-grained delegation and smart contracts to enable decentralized and flexible delegation. Finally, we performed a security analysis to demonstrate DAMFSD’s feasibility and conducted a performance evaluation on the permissioned blockchain to show its applicability.</p></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"27 ","pages":"Article 101317"},"PeriodicalIF":6.0000,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2542660524002580/pdfft?md5=787404f049712bac3b89330049936352&pid=1-s2.0-S2542660524002580-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660524002580","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
During the digital age of healthcare, it is crucial to utilize medical data scattered across different healthcare institutions to improve diagnostic precision and customize treatment strategies. A common solution to achieve this is establishing an authorization service that facilitates secure sharing of medical data and promotes interoperability among various healthcare institutions. However, there is a risk of a single point of failure because the majority of authorization systems in use rely on a central trusted service. This paper proposes DAMFSD, a decentralized authorization model with flexible and secure permissions delegation for medical data sharing. Specifically, patients can transfer their permissions to reliable institutions or individuals for flexible management and delegation while they retain control and monitor their permissions. We use cryptographic techniques for secure and fine-grained delegation and smart contracts to enable decentralized and flexible delegation. Finally, we performed a security analysis to demonstrate DAMFSD’s feasibility and conducted a performance evaluation on the permissioned blockchain to show its applicability.
期刊介绍:
Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT.
The journal will place a high priority on timely publication, and provide a home for high quality.
Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.