A Multi-Level Role-Based Provable Data Possession Scheme for Medical Cloud Storage

Abstract

Medical institutions are increasingly leveraging cloud servers to store electronic health records (EHRs), highlighting the need for robust data security measures to protect the sensitive personal information they contain. Our study introduces a blockchain-enabled, fine-grained data integrity auditing scheme that not only safeguards the confidentiality and integrity of EHRs within cloud-based healthcare environments but also demonstrates a significant enhancement in data security with our statistical results, reinforcing the trustworthiness of cloud storage for sensitive medical data. The proposed scheme is notable for its support of dynamic user revocation, implementing a multi-tiered role hierarchy that facilitates the efficient access revocation. In this hierarchy, adding new users or updating existing ones involves merely altering the edge labels, thereby obviating the need for a comprehensive recalculation of cryptographic keys. We have developed a smart contract-based access control mechanism to ensure privacy while enabling granular access control. This mechanism leverages password and role-based authentication to empower multi-tiered roles with the ability to perform data integrity audits by their designated permissions. Through security analysis, we have substantiated that our protocol withstands attacks aimed at subversion, counterfeiting, and tag inconsistency. Compared to existing works, our approach uniquely integrates multi-level role hierarchies with blockchain-based dynamic revocation, achieving higher granularity and adaptability.