Flexible and Fine-grained Access Control for EHR in Blockchain-assisted E-healthcare Systems

Dajiang Chen, Li Zhang, Zeyu Liao, Hong Ning Dai, Ning Zhang, Xuemin Shen, Minghui Pang*

*Corresponding author for this work

Research output: Contribution to journalJournal articlepeer-review


It is of the utmost importance to achieve flexible and fine-grained access control of electronic health records (EHR) in smart elderly healthcare (SEH) for providing high-quality healthcare services for the elderly and protecting their privacy simultaneously. In this paper, a flexible, fine-grained, and elderly-centric access control scheme is presented for EHR data in SEH. In the proposed scheme, Ciphertext Policy Attribute Based Encryption (CP-ABE), permission token, dual-key regression, and blockchain techniques are leveraged to realize multi-dimensional access control of EHR data in terms of data generation time, data user properties, access times, and access period. Moreover, a novel token segmentation algorithm is designed to transfer access rights between doctors efficiently for multi-party diagnosis and treatment. Since the elderly can define the attributes of users accessing his/her EHR data, the access number, the access time, and the access range of data from the time dimension of data generation with the cooperation of the Smart Elderly Healthcare (SEH) institution, the privacy of EHR data of the elderly is well protected. The security analysis demonstrates that our scheme can achieve EHR ciphertext indistinguishability under chosen-plaintext attacks and token unlinkability and unforgeability under data users’ collusion attacks. The experimental results show that our scheme performs well in terms of time cost and computational overhead.

Original languageEnglish
Number of pages15
JournalIEEE Internet of Things Journal
Publication statusE-pub ahead of print - 30 Oct 2023

Scopus Subject Areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications

User-Defined Keywords

  • Access control
  • Access Control
  • Blockchain
  • Blockchains
  • CP-ABE
  • EHR
  • Internet of Things
  • Medical services
  • Older adults
  • Peer-to-peer computing
  • Permission
  • Permission Delegation
  • Smart Elderly Healthcare


Dive into the research topics of 'Flexible and Fine-grained Access Control for EHR in Blockchain-assisted E-healthcare Systems'. Together they form a unique fingerprint.

Cite this