Flexible and Fine-grained Access Control for EHR in Blockchain-assisted E-healthcare Systems

Dajiang Chen, Li Zhang, Zeyu Liao, Hong Ning Dai, Ning Zhang, Xuemin Shen, Minghui Pang*

*Corresponding author for this work

Research output: Contribution to journalJournal articlepeer-review

3 Citations (Scopus)


It is of the utmost importance to achieve flexible and fine-grained access control of electronic health records (EHR) in smart elderly healthcare (SEH) for providing high-quality healthcare services for the elderly and protecting their privacy simultaneously. In this paper, a flexible, fine-grained, and elderly-centric access control scheme is presented for EHR data in SEH. In the proposed scheme, Ciphertext Policy Attribute Based Encryption (CP-ABE), permission token, dual-key regression, and blockchain techniques are leveraged to realize multi-dimensional access control of EHR data in terms of data generation time, data user properties, access times, and access period. Moreover, a novel token segmentation algorithm is designed to transfer access rights between doctors efficiently for multi-party diagnosis and treatment. Since the elderly can define the attributes of users accessing his/her EHR data, the access number, the access time, and the access range of data from the time dimension of data generation with the cooperation of the Smart Elderly Healthcare (SEH) institution, the privacy of EHR data of the elderly is well protected. The security analysis demonstrates that our scheme can achieve EHR ciphertext indistinguishability under chosen-plaintext attacks and token unlinkability and unforgeability under data users’ collusion attacks. The experimental results show that our scheme performs well in terms of time cost and computational overhead.

Original languageEnglish
Pages (from-to)10992-11007
Number of pages16
JournalIEEE Internet of Things Journal
Issue number6
Early online date30 Oct 2023
Publication statusPublished - 15 Mar 2024

Scopus Subject Areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

User-Defined Keywords

  • Access control
  • blockchain
  • ciphertext policy attribute-based encryption (CP-ABE)
  • electronic health records (EHR)
  • permission delegation
  • smart elderly healthcare (SEH)


Dive into the research topics of 'Flexible and Fine-grained Access Control for EHR in Blockchain-assisted E-healthcare Systems'. Together they form a unique fingerprint.

Cite this