Enhancing identity and access management using Hyperledger Fabric and OAuth 2.0: A block-chain-based approach for security and scalability for healthcare industry

Block-chain-based Identity and access management framework is a promising solution to privacy and security issues raised during the exchange of patient data in the healthcare industry. This technology ensures the confidentiality and integrity of sensitive information by providing a decentralized and...

Full description

Saved in:
Bibliographic Details
Main Authors: Shrabani Sutradhar, Sunil Karforma, Rajesh Bose, Sandip Roy, Sonia Djebali, Debnath Bhattacharyya
Format: Article
Language:English
Published: KeAi Communications Co., Ltd. 2024-01-01
Series:Internet of Things and Cyber-Physical Systems
Subjects:
Online Access:http://www.sciencedirect.com/science/article/pii/S2667345223000470
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Block-chain-based Identity and access management framework is a promising solution to privacy and security issues raised during the exchange of patient data in the healthcare industry. This technology ensures the confidentiality and integrity of sensitive information by providing a decentralized and immutable ledger. In our research, we propose an identity and access management system that employs Hyper-ledger Fabric and OAuth 2.0 for improved security and scalability. This combination allows for transparency and immutability of user transactions and minimizes the risk of fraud and unauthorized access. Additionally, Hyper-ledger Fabric's privacy, security, and scalability features enable granular access control to sensitive information, while OAuth 2.0 authorizes only trusted third-party applications to access specific data on the Fabric network. The proposed approach can handle large volumes of data and support multiple applications, thus providing a secure and scalable solution for managing access to the Fabric network. Moreover, our solution employs Role-based access control based on the patient's role, ensuring privacy and confidentiality. Our statistical analysis demonstrates that the proposed approach can efficiently and securely manage patient identity and access, potentially transforming the healthcare industry by enhancing data interoperability, reducing fraud and errors, and improving patient privacy and security. Furthermore, our solution can facilitate compliance with regulatory requirements such as HIPAA and GDPR.
ISSN:2667-3452