A Hierarchical Multi Blockchain for Fine Grained Access to Medical Data

The health care ecosystem involves various interconnected stakeholders with different, and sometimes conflicting security and privacy needs. Sharing medical data, sometimes generated by remote medical devices, is a challenging task. Although several solutions exist in the literature covering functional requirements such as interoperability and scalability, as well as security & privacy requirements such as fine-grained access control and data privacy, balancing between them is not a trivial task as off-the-shelf solutions do not exist. On one hand, centralized cloud architectures provide scalability and interoperable access, but make strong trust assumptions. On the other, decentralized blockchain based solutions favor data privacy and independent trust management, but typically do not support dynamic changes of the underlying trust domains. To cover this gap, in this paper, we present a novel hierarchical multi expressive blockchain architecture. At the top layer, a proxy blockchain enables independently managed trust authorities to interoperate. End-users from different health care domains, such as hospitals or device manufacturers are able to access and securely exchange medical data, provided that a commonly agreed domain-wise access policy is enforced. At the bottom layer, one or more domain blockchains allow each domain (e.g. a hospital or device manufacturer) to enforce their policy and allow fine-grained access control with attribute-based encryption. This architecture is designed to provide the autonomous management of trusted medical data/devices and the transactions of mutually untrusted stakeholders, as well as an inherent forensics mechanism tailored for granular auditing. Smart contracts are used to enforce decentralized policies. Ciphertext-policy attribute based encryption (CP-ABE) is used to distribute the decryption process among end users and the system, as well as support an efficient credential revocation mechanism. We demonstrate the efficiency of the proposed architecture through a proof of concept implementation. Finally we analyse the major security and performance characteristics.