A Decentralised Authentication and Access Control Mechanism for Medical Wearable Sensors Data

Abstract

Recent years have seen an increase in medical big data, which can be attributed to a paradigm shift experienced in medical data sharing induced by the growth of medical technology and the Internet of Things. The evidence of this potential has been proved during the recent covid-19 pandemic, which was characterised by the use of medical wearable devices to help with the medical data exchange between the healthcare providers and patients in a bid to contain the pandemic. However, the use of these technologies has also raised questions and concerns about security and privacy risks. To assist in resolving this issue, this paper proposes a blockchain-based access control framework for managing access to users’ medical data. This is facilitated by using a smart contract on the blockchain, which allows for delegated access control and secure user authentication. This solution leverages blockchain technology’s inherent autonomy and immutability to solve the existing access control challenges. We have presented the solution in the form of a medical wearable sensor prototype and a mobile app that uses the Ethereum blockchain in a real data sharing control scenario. Based on the empirical results, the proposed solution has proven effective. It has the potential to facilitate reliable data exchange while also protecting sensitive health information against potential threats. When subjected to security analysis and evaluation, the system exhibits performance improvements in data privacy levels, high security and lightweight access control design compared to the current centralised access control models.