SSX-EHRs: secure and scalable cross-domain EHRs sharing with blockchain sharding and dynamic proxy re-encryption

SSX-EHRs: secure and scalable cross-domain EHRs sharing with blockchain sharding and dynamic proxy re-encryption

Abstract The exchange of Electronic Health Records (EHRs) among healthcare institutions is essential for providing comprehensive patient care and advancing medical research. However, current systems face several challenges, including data silos, interoperability issues, and high computational costs...

Full description

Saved in:
Bibliographic Details
Main Authors: Krittin Thirasak, Danupat Chainarong, Teerawat Chuaphanngam, Somchart Fugkeaw
Format: Article
Language:English
Published: SpringerOpen 2025-04-01
Series:EURASIP Journal on Information Security
Subjects:
Access control
Data sharing
Cloud
CP-ABE
Cross-regional blockchain
Healthcare
Online Access:https://doi.org/10.1186/s13635-025-00200-y
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Abstract The exchange of Electronic Health Records (EHRs) among healthcare institutions is essential for providing comprehensive patient care and advancing medical research. However, current systems face several challenges, including data silos, interoperability issues, and high computational costs associated with cross-domain data sharing. To address these limitations, this paper presents SSX-EHRs, a novel blockchain-based access control model designed for secure, scalable, and efficient EHR sharing across regions. We propose a distributed architecture of regional blockchains that stores encrypted EHRs in the cloud while maintaining their corresponding indexes on the blockchain. This architecture supports dynamic updates through a Merkle tree structure, enabling the addition of new EHRs without the need to rebuild the entire dataset, while ensuring data integrity through fast Merkle proofs. To enhance user authentication, we incorporate self-sovereign identity (SSI) with an improved zk-SNARKs protocol, which leverages a universal setup to minimize communication costs and optimize authentication for cross-domain environments. Additionally, we introduce a dynamic proxy re-encryption (D-PRE) mechanism that adaptively re-encrypt the ciphertext based on the load sharing. Through comparative analysis and experiments, our results demonstrate that SSX-EHRs achieves higher efficiency in handling larger datasets, improves query response times, and minimizes latency compared to existing solutions.
ISSN:2510-523X

Similar Items