Decision Model to Design Trust-Focused and Blockchain-Based Health Data Management Applications
Abstract
:1. Introduction and Basics
2. Methods
2.1. Literature Review
(Blockchain OR distributed ledger) AND (sensitiv* OR personal OR priva* OR confidential*) AND (data sharing OR data storage OR data exchange OR off-chain OR on-chain)
(decentral* OR "Blockchain" OR "distributed ledger") AND "identity" AND (health* OR medic*) AND ("data storage" OR "data donation" OR "access management")
2.2. Taxonomy Development
2.3. Approaches from Literature Review
3. Taxonomy
3.1. Existing Dimensions
3.2. Expanded Dimensions
3.2.1. Identity Management System
3.2.2. Access Control Governance
3.2.3. Access Control Policy
3.2.4. Access Granting Mechanism
4. Resulting Decision Model
4.1. What Type of Blockchain should Be Used?
4.2. Which Storage Type should Be Used?
4.3. Which Off-Chain Storage Is Suitable for Storing Data off the Actual Ledger?
4.4. What Identity Management System should Be Used?
4.5. With Whom Does the Patient Wish to Share Their Health Data?
4.6. Is Data Being Used for Machine Learning?
4.7. Who should Govern the Data Access Strategy?
4.8. What Access Policy should Be Used?
4.9. What Additional Access Granting Security should Be Used?
4.10. What Additional Data Storage Security should Be Used?
5. Evaluation
5.1. Use-Case 1: Management of Data from a Digital Dementia Screening Application
5.2. Use-Case 2: General Health Data Management Application in Medical Care
5.3. Use-Case 3: Data Donation via a Data Trustee for Secondary Use of the Data for Medical Research and Development
6. Discussion
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Ismail, L.; Materwala, H.; Karduck, A.P.; Adem, A. Requirements of health data management systems for biomedical care and research: Scoping review. J. Med. Internet Res. 2020, 22, e17508. [Google Scholar] [CrossRef] [PubMed]
- Pohlmann, S.; Kunz, A.; Ose, D.; Winkler, E.C.; Brandner, A.; Poss-Doering, R.; Szecsenyi, J.; Wensing, M. Digitalizing health services by implementing a personal electronic health record in Germany: Qualitative analysis of fundamental prerequisites from the perspective of selected experts. J. Med. Internet Res. 2020, 22, e15102. [Google Scholar] [CrossRef] [PubMed]
- Xu, X.; Weber, I.; Staples, M. Architecture for Blockchain Applications, 1st ed.; Springer Nature: Cham, Switzerland, 2019. [Google Scholar]
- Häyrinen, K.; Saranto, K.; Nykänen, P. Definition, structure, content, use and impacts of electronic health records: A review of the research literature. Int. J. Med. Inform. 2008, 77, 291–304. [Google Scholar] [CrossRef]
- Richter, G.; Borzikowsky, C.; Hoyer, B.F.; Laudes, M.; Krawczak, M. Secondary research use of personal medical data: Patient attitudes towards data donation. BMC Med. Ethics 2021, 22, 164. [Google Scholar] [CrossRef] [PubMed]
- Arlinghaus, T.; Kus, K.; Kajüter, P.; Teuteberg, F. Designing Data Trustees: Status quo and Perspectives for Business Models. HMD Praxis der Wirtschaftsinformatik 2021, 58, 565–579. [Google Scholar] [CrossRef]
- Beinke, J.H.; Fitte, C.; Teuteberg, F. Towards a stakeholder-oriented blockchain-based architecture for electronic health records: Design science research study. J. Med. Internet Res. 2019, 21, e13585. [Google Scholar] [CrossRef] [PubMed]
- Nakamoto, S. Bitcoin: A Peer-to-Peer Electronic Cash System; 2009; Available online: https://bitcoin.org/bitcoin.pdf (accessed on 5 April 2024).
- Gai, K.; Guo, J.; Zhu, L.; Yu, S. Blockchain Meets Cloud Computing: A Survey. IEEE Commun. Surv. Tutor. 2020, 22, 2009–2030. [Google Scholar] [CrossRef]
- Erler, C.; Schinle, M.; Dietrich, M.; Stork, W. Decision model to design a blockchain-based system for storing sensitive health data. In Proceedings of the European Conference on Information Systems, Timișoara, Romania, 18–24 June 2022. [Google Scholar]
- Xu, X.; Bandara, H.D.; Lu, Q.; Weber, I.; Bass, L.; Zhu, L. A Decision Model for Choosing Patterns in Blockchain-Based Applications. In Proceedings of the 2021 IEEE 18th International Conference on Software Architecture (ICSA), Stuttgart, Germany, 22–26 March 2021. [Google Scholar]
- Erler, C.; Hu, S.; Danelski, A.; Stork, W.; Sunyaev, A.; Gersch, M. Threat Modeling to Design a Decentralized Health Data Management Application. In Information Technology and Systems; Springer: Cusco, Peru, 2023. [Google Scholar]
- Shostack, A. Threat Modeling; Wiley: Hoboken, NJ, USA, 2014. [Google Scholar]
- Peffers, K.; Tuunanen, T.; Rothenberger, M.A.; Chatterjee, S. A Design Science Research Methodology for Information Systems Research. J. Manag. Inf. Syst. 2007, 24, 45–77. [Google Scholar] [CrossRef]
- Nickerson, R.C.; Varshney, U.; Muntermann, J. A method for taxonomy development and its application in information systems. Eur. J. Inf. Syst. 2013, 22, 336–359. [Google Scholar] [CrossRef]
- Shevchenko, N.; Chick, T.A.; O’Riordan, P.; Scanlon, T.P.; Woody, C. Threat Modeling: A Summary of Available Methods. Software Engineering Institute, Carnegie Mellon University. August 2018. Available online: https://insights.sei.cmu.edu/library/threat-modeling-a-summary-of-available-methods/ (accessed on 5 April 2024).
- Wüst, K.; Gervais, A. Do you Need a Blockchain? In Proceedings of the 2018 Crypto Valley Conference on Blockchain Technology (CVCBT), Zug, Switzerland, 20–22 June 2018; pp. 45–54. [Google Scholar]
- Li, H.; Zhu, L.; Shen, M.; Gao, F.; Tao, X.; Liu, S. Blockchain-Based Data Preservation System for Medical Data. J. Med. Syst. 2018, 42, 141. [Google Scholar] [CrossRef]
- Zhang, A.; Lin, X. Towards Secure and Privacy-Preserving Data Sharing in e-Health Systems via Consortium Blockchain. J. Med. Syst. 2018, 42, 140. [Google Scholar] [CrossRef] [PubMed]
- Hawig, D.; Zhou, C.; Fuhrhop, S.; Fialho, A.S.; Ramachandran, N. Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation-Compliant Health Data Exchange: A Use Case in Blood Glucose Data. J. Med. Internet Res. 2019, 21, e13665. [Google Scholar] [CrossRef]
- Liu, J.; Li, X.; Ye, L.; Zhang, H.; Du, X.; Guizani, M. BPDS: A Blockchain Based Privacy-Preserving Data Sharing for Electronic Medical Records. In Proceedings of the 2018 IEEE Global Communications Conference (GLOBECOM), Abu Dhabi, United Arab Emirates, 9–13 December 2018; pp. 1–6. [Google Scholar]
- Azaria, A.; Ekblaw, A.; Vieira, T.; Lippman, A. MedRec: Using Blockchain for Medical Data Access and Permission Management. In Proceedings of the 2016 2nd International Conference on Open and Big Data (OBD), Vienna, Austria, 22–24 August 2016; pp. 25–30. [Google Scholar]
- Zhang, P.; White, J.; Schmidt, D.C.; Lenz, G.; Rosenbloom, S.T. FHIRChain: Applying Blockchain to Securely and Scalably Share Clinical Data. Comput. Struct. Biotechnol. J. 2018, 16, 267–278. [Google Scholar] [CrossRef] [PubMed]
- Xiao, Z.; Li, Z.; Liu, Y.; Feng, L.; Zhang, W.; Lertwuthikarn, T.; Mong Goh, R.S. EMRShare: A Cross-Organizational Medical Data Sharing and Management Framework Using Permissioned Blockchain. In Proceedings of the 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS), Singapore, 11–13 December 2018; pp. 998–1003. [Google Scholar]
- Chang, E.Y.; Liao, S.-W.; Liu, C.-T.; Lin, W.-C.; Liao, P.-W.; Fu, W.-K.; Mei, C.-H.; Chang, E.J. DeepLinQ: Distributed Multi-Layer Ledgers for Privacy-Preserving Data Sharing. In Proceedings of the 2018 IEEE International Conference on Artificial Intelligence and Virtual Reality (AIVR), Taichung, Taiwan, 10–12 December 2018; pp. 173–178. [Google Scholar]
- Wang, Y.; Zhang, A.; Zhang, P.; Wang, H. Cloud-Assisted EHR Sharing with Security and Privacy Preservation via Consortium Blockchain. IEEE Access 2019, 7, 136704–136719. [Google Scholar] [CrossRef]
- Dagher, G.G.; Mohler, J.; Milojkovic, M.; Marella, P.B. Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology. Sustain. Cities Soc. 2018, 39, 283–297. [Google Scholar] [CrossRef]
- Nguyen, D.C.; Pathirana, P.N.; Ding, M.; Seneviratne, A. Blockchain for Secure EHRs Sharing of Mobile Cloud Based E-Health Systems. IEEE Access 2019, 7, 66792–66806. [Google Scholar] [CrossRef]
- Hanley, M.; Tewari, H. Managing Lifetime Healthcare Data on the Blockchain. In Proceedings of the 2018 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI), Guangzhou, China, 8–12 October 2018; pp. 246–251. [Google Scholar]
- Daraghmi, E.-Y.; Daraghmi, Y.-A.; Yuan, S.-M. MedChain: A Design of Blockchain-Based System for Medical Records Access and Permissions Management. IEEE Access 2019, 7, 164595–164613. [Google Scholar] [CrossRef]
- Thwin, T.T.; Vasupongayya, S. Blockchain Based Secret-Data Sharing Model for Personal Health Record System. In Proceedings of the 2018 5th International Conference on Advanced Informatics: Concept Theory and Applications (ICAICTA), Krabi, Thailand, 14–17 August 2018; pp. 196–201. [Google Scholar]
- Theodouli, A.; Arakliotis, S.; Moschou, K.; Votis, K.; Tzovaras, D. On the Design of a Blockchain-Based System to Facilitate Healthcare Data Sharing. In Proceedings of the 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), New York, NY, USA, 1–3 August 2018; pp. 1374–1379. [Google Scholar]
- Zaghloul, E.; Li, T.; Ren, J. Security and Privacy of Electronic Health Records: Decentralized and Hierarchical Data Sharing using Smart Contracts. In Proceedings of the 2019 International Conference on Computing, Networking and Communications (ICNC), Honolulu, HI, USA, 18–21 February 2019; pp. 375–379. [Google Scholar]
- Zheng, X.; Mukkamala, R.R.; Vatrapu, R.; Ordieres-Mere, J. Blockchain-based Personal Health Data Sharing System Using Cloud Storage. In Proceedings of the 2018 IEEE 20th International Conference on e-Health Networking, Applications and Services (Healthcom), Ostrava, Czech Republic, 17–20 September 2018; pp. 1–6. [Google Scholar]
- Zhou, T.; Li, X.; Zhao, H. Med-PPPHIS: Blockchain-Based Personal Healthcare Information System for National Physique Monitoring and Scientific Exercise Guiding. J. Med. Syst. 2019, 43, 305. [Google Scholar] [CrossRef] [PubMed]
- Lee, Y.L.; Lee, H.A.; Hsu, C.Y.; Kung, H.H.; Chiu, H.W. SEMRES—A Triple Security Protected Blockchain Based Medical Record Exchange Structure. Comput. Methods Programs Biomed. 2022, 215, 106595. [Google Scholar] [CrossRef]
- Zhang, L.; Zhang, T.; Wu, Q.; Mu, Y.; Rezaeibagha, F. Secure Decentralized Attribute-Based Sharing of Personal Health Records with Blockchain. IEEE Internet Things J. 2022, 9, 12482–12496. [Google Scholar] [CrossRef]
- Cao, Y.; Sun, Y.; Min, J. Hybrid blockchain–based privacy-preserving electronic medical records sharing scheme across medical information control system. Meas. Control 2021, 54, 1286–1299. [Google Scholar] [CrossRef]
- Hu, C.; Li, C.; Zhang, G.; Lei, Z.; Shah, M.; Zhang, Y.; Xing, C.; Jiang, J.; Bao, R. CrowdMed-II: A blockchain-based framework for efficient consent management in health data sharing. World Wide Web 2022, 25, 1489–1515. [Google Scholar] [CrossRef] [PubMed]
- Wang, Y.; He, M. CPDS: A cross-blockchain based privacy-preserving data sharing for electronic health records. In Proceedings of the 2021 IEEE 6th International Conference on Cloud Computing and Big Data Analytics (ICCCBDA), Chengdu, China, 24–26 April 2021; pp. 90–99. [Google Scholar]
- Jayasinghe, J.G.L.A.; Shiranthaka, K.G.S.; Kavith, T.; Jayasinghe, M.H.D.V.; Abeywardena, K.Y.; Yapa, K. Blockchain-based secure environment for electronic health records. In Proceedings of the 2022 13th International Conference on Computing Communication and Networking Technologies (ICCCNT), Kharagpur, India, 3–5 October 2022. [Google Scholar]
- Lee, S.; Kim, J.; Kwon, Y.; Kim, T.; Cho, S. Privacy Preservation in Patient Information Exchange Systems Based on Blockchain: System Design Study. J. Med. Internet Res. 2022, 24, e29108. [Google Scholar] [CrossRef] [PubMed]
- Zou, R.; Lv, X.; Zhao, J. SPChain: Blockchain-based medical data sharing and privacy-preserving eHealth system. Inf. Process. Manag. 2021, 58, 102604. [Google Scholar] [CrossRef]
- Nguyen, D.C.; Pathirana, P.N.; Ding, M.; Seneviratne, A. A cooperative architecture of data offloading and sharing for smart healthcare with blockchain. In Proceedings of the 2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), Sydney, Australia, 3–6 May 2021. [Google Scholar]
- Boumezbeur, I.; Zarour, K. Blockchain-Based Electronic Health Records Sharing Scheme with Data Privacy Verifiable. Appl. Med. Inform. 2021, 43, 124–135. [Google Scholar]
- Gupta, A.; Rodrigues, R.; Tripathi, A.; Coutinho, R.; Gomes, J. Blockchain for EHR: An off-chain based approach. In Proceedings of the 2022 IEEE Region 10 Symposium (TENSYMP), Mumbai, India, 1–3 July 2022. [Google Scholar]
- Lin, G.; Wang, H.; Wan, J.; Zhang, L.; Huang, J. A blockchain-based fine-grained data sharing scheme for e-healthcare system. J. Syst. Arch. 2022, 132, 102731. [Google Scholar] [CrossRef]
- Zaghloul, E.; Li, T.; Mutka, M.W.; Ren, J. d-MABE: Distributed Multilevel Attribute-Based EMR Management and Applications. IEEE Trans. Serv. Comput. 2022, 15, 1592–1605. [Google Scholar] [CrossRef]
- Sabu, S.; Ramalingam, H.M.; Vishaka, M.; Swapna, H.R.; Hegde, S. Implementation of a secure and privacy-aware E-Health record and IoT data sharing using blockchain. Glob. Trans. Proc. 2021, 2, 429–433. [Google Scholar] [CrossRef]
- Lee, H.A.; Kung, H.H.; Udayasankaran, J.G.; Kijsanayotin, B.; Marcelo, A.B.; Chao, L.R.; Hsu, C.Y. An Architecture and Management Platform for Blockchain-Based Personal Health Record Exchange: Development and Usability Study. J. Med. Internet Res. 2020, 22, e16748. [Google Scholar] [CrossRef]
- Huang, H.; Zhu, P.; Xiao, F.; Sun, X.; Huang, Q. A blockchain-based scheme for privacy-preserving and secure sharing of medical data. Comput. Secur. 2020, 99, 102010. [Google Scholar] [CrossRef]
- Zhao, F.; Yu, J.; Yan, B. Towards cross-chain access control model for medical data sharing. Procedia Comput. Sci. 2022, 202, 330–335. [Google Scholar] [CrossRef]
- Li, L.; Yue, Z.; Wu, G. Electronic medical record sharing system based on hyperledger fabric and InterPlanetary file system. In Proceedings of the 2021 5th International Conference on Compute and Data Analysis, Sanya, China, 2–4 February 2021. [Google Scholar]
- Ramesh, D.; Mishra, R.; Atrey, P.K.; Edla, D.R.; Misra, S.; Qi, L. Blockchain based efficient tamper-proof EHR storage for decentralized cloud-assisted storage. Alex. Eng. J. 2023, 68, 205–226. [Google Scholar] [CrossRef]
- Qin, Q.; Jin, B.; Liu, Y. A Secure Storage and Sharing Scheme of Stroke Electronic Medical Records Based on Consortium Blockchain. BioMed Res. Int. 2021, 2021, 6676171. [Google Scholar] [CrossRef] [PubMed]
- Baldin, I.; Chase, J.; Crabtree, J.; Nechyba, T.; Christopherson, L.; Stealey, M.; Kneifel, C.; Orlikowski, V.; Carter, R.; Scott, E.; et al. ImPACT: A networked service architecture for safe sharing of restricted data. Future Gener. Comput. Syst. 2022, 129, 269–285. [Google Scholar] [CrossRef]
- Lomotey, R.K.; Kumi, S.; Deters, R. Data Trusts as a Service: Providing a platform for multi-party data sharing. Int. J. Inf. Manag. Data Insights 2022, 2, 100075. [Google Scholar] [CrossRef]
- Bouras, M.A.; Lu, Q.; Zhang, F.; Wan, Y.; Zhang, T.; Ning, H. Distributed Ledger Technology for eHealth Identity Privacy: State of The Art and Future Perspective. Sensors 2020, 20, 483. [Google Scholar] [CrossRef]
- Registering and Enrolling Identities with a CA. Available online: https://hyperledger-fabric-ca.readthedocs.io/en/latest/deployguide/use_CA.html (accessed on 24 October 2023).
- Rawal, B.S.; Manogaran, G.; Peter, A. Cybersecurity and Identity Access Management; Springer: Singapore, 2023. [Google Scholar]
- Al-Hamdani, W.A. Cryptography Based Access Control in Healthcare Web Systems. In Proceedings of the InfoSecCD’10: 2010 Information Security Curriculum Development Conference, Kennesaw, GA, USA, 1–3 October 2010; pp. 66–79. [Google Scholar]
- PasswordBits. The Difference between Password vs. Encryption Protection. Available online: https://passwordbits.com/the-difference-between-password-vs-encryption-protection/ (accessed on 29 December 2023).
- Schinle, M.; Erler, C.; Stork, W. Data Sovereignty in Data Donation Cycles—Requirements and Enabling Technologies for the Data-driven Development of Health Applications. In Proceedings of the 54th Hawaii International Conference on System Sciences, Maui, HI, USA, 5–8 January 2021; pp. 3972–3981. [Google Scholar]
Search | Papers | Storage Location | Blockchain-Type | Off-Chain Storage | Encryption | Identity Management Type | Access Control Governance | Access Control Policy | NDAC logic | Access Granting Mechanism | Access Security Mechanism | Additional Storage Security |
---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Li et al. 2018 [18] | Hybrid | public | centralized | hybrid | encrypted key exchange | public key encryption | hybrid encryption | ||||
1 | Zhang and Lin 2018 [19] | on-chain | private + consortium | decentralized | asymmetric | Data Owner | Hybrid | rule-based | search trapdoor exchange | public key encryption | asymmetric encryption | |
1 | Hawig et al., 2019, App.1 [20] | on-chain | public | symmetric | Data Owner | DAC | encrypted key exchange | public key encryption | symmetric encryption | |||
1 | Hawig et al., 2019, App.2 [20] | off-chain | public | distributed | symmetric | decentralized | Data Owner | DAC | encrypted key exchange | public key encryption | symmetric encryption | |
1 | Liu et al., 2018 [21] | off-chain | consortium | centralized | asymmetric | Data Owner | DAC | encrypted file location reference exchange | CP-ABE | symmetric encryption | ||
1 | Azaria et al., 2016 [22] | off-chain | private | decentralized | decentralized (DTI) | Data Owner | DAC | file exchange, query string | ||||
1 | Zhang, White et al., 2018 [23] | off-chain | private | decentralized | asymmetric | decentralized | Data Owner | DAC | encrypted file location | public key encryption | asymmetric encryption | |
1 | Xiao et al., 2018 [24] | off-chain | private | decentralized | symmetric | decentralized | Data Owner | NDAC | role-based | encrypted file sharing, file location reference exchange, key exchange | symmetric encryption | |
1 | Chang et al., 2018 [25] | off-chain | public + consortium | decentralized | decentralized (DTI) | Data Owner | Hybrid | rule-based | encryption n/s | |||
1 | Wang et al., 2019 [26] | off-chain | consortium | centralized | asymmetric | centralized | Data Owner | DAC | encrypted file sharing | proxy re-encryption | asymmetric encryption | |
1 | Dagher et al., 2018 [27] | off-chain | consortium | decentralized | hybrid | decentralized (SSI) | Shared | Hybrid | rule-based | encrypted key exchange, encrypted file location reference exchange | public key encryption, proxy re-encryption | symmetric encryption |
1 | Nguyen et al., 2019 [28] | off-chain | private | distributed | asymmetric | centralized | Data Owner | DAC | file sharing | asymmetric encryption | ||
1 | Hanley and Tewari, 2018 [29] | off-chain | private | decentralized | decentralized (DTI) | Data Owner | DAC | |||||
1 | Daraghmi et al., 2019 [30] | off-chain | consortium | decentralized | hybrid | decentralized (DTI) | Data Owner | Hybrid | rule-based | encrypted file location reference exchange | public key encryption, proxy re-encryption | symmetric encryption |
1 | Thwin and Vasupongayya, 2018 [31] | off-chain | private | centralized | asymmetric | centralized | Data Owner | DAC | encrypted file exchange | proxy re-encryption | asymmetric encryption | |
1 | Theodouli et al., 2018 [32] | off-chain | consortium | centralized | centralized | Data Owner | DAC | file location | ||||
1 | Zaghloul et al., 2019 [33] | off-chain | public | centralized | hybrid | decentralized (DTI) | Shared | NDAC | rule-based | encrypted file exchange | CP-ABE | symmetric encryption |
1 | Zheng et al., 2018 [34] | off-chain | public | symmetric | System | NDAC | rule-based | encrypted key exchange | public key encryption | symmetric encryption | ||
1 | Zhou, Li, and Zhao, 2019 [35] | off-chain | public + consortium | distributed | hybrid | decentralized | Data Owner | DAC | encrypted file exchange, encrypted key exchange | public key encryption, proxy re-encryption | asymmetric encryption |
Search | Papers | Storage Location | Blockchain-Type | Off-chain Storage | Encryption | Identity Management Type | Access Control Governance | Access Control Policy | NDAC logic | Access Granting Mechanism | Access Security Mechanism | Additional Storage Security |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2 | Lee et al. 2022 [36] | off-chain | private | centralized | hybrid | Data Owner | DAC | encrypted file exchange/encrypted key exchange | public key encryption | symmetric encryption | ||
2 | Zhang et al., 2022 [37] | off-chain | consortium | centralized | hybrid | Data Owner | NDAC | rule-based | encrypted file exchange | CP-ABE | symmetric encryption | |
2 | Cao, Sun et al., 2021 [38] | off-chain | public + consortium | distributed | decentralized (DTI) | Shared | Hybrid | rule-based | ||||
2 | Hu, Li et al., 2022 [39] | off-chain | decentralized | decentralized (DTI) | Data Owner | NDAC | role-based | query string exchange | ||||
2 | Y. Wang, M. He, 2021 [40] | off-chain | private + consortium | centralized | decentralized (DTI) | Data Owner | DAC | encryption n/s | ||||
2 | Jayasinghe, Shiranthaka et al. [41] | asymmetric | decentralized (DTI) | NDAC | role-based/rule-based | password protected file exchange | public key encryption + password protection | password protection | ||||
2 | Lee et al. 2022 [42] | off-chain | consortium | distributed | asymmetric | decentralized (DTI) | Shared | NDAC | MAC | key exchange | proxy re-encryption | symmetric encryption |
2 | Zou, Lv et al., 2021 [43] | off-chain | public | decentralized | asymmetric | decentralized (DTI) | Data Owner | DAC | encrypted file exchange | proxy re-encryption | asymmetric encryption | |
2 | Nguyen, Pathirana et al., 2021 [44] | off-chain | private | distributed | symmetric | |||||||
2 | Boumezbeur et al., 2021 [45] | off-chain | centralized | hybrid | centralized | Data Owner | DAC | encrypted key exchange | public key encryption | symmetric encryption | ||
2 | Gupta, Rodrigues et al., 2022 [46] | off-chain | public | distributed | centralized | System | ||||||
2 | Lin, Wang et al., 2022 [47] | off-chain | consortium | decentralized | asymmetric | decentralized (SSI) | System | DAC | encrypted file exchange | proxy re-encryption | asymmetric encryption | |
2 | E. Zaghloul, T. Li et al., 2022 [48] | off-chain | public | distributed | hybrid | decentralized (DTI) | Data Owner | NDAC | MAC/rule-based | encrypted key exchange | CP-ABE | symmetric encryption |
2 | Sabu, Ramalingam et al., 2021 [49] | off-chain | public | distributed | centralized | Data Owner | DAC | one-time-password exchange |
Search | Papers | Storage Location | Blockchain-Type | Off-chain Storage | Encryption | Identity Management Type | Access Control Governance | Access Control Policy | NDAC logic | Access Granting Mechanism | Access Security Mechanism | Additional Storage Security |
---|---|---|---|---|---|---|---|---|---|---|---|---|
3 | Lee et al., 2020 [50] | off-chain | private | centralized | asymmetric | decentralized (SSI) | Data Owner | DAC | encrypted file exchange | public key encryption | asymmetric encryption | |
3 | Huang et al., 2020 [51] | off-chain | private | centralized | asymmetric | decentralized (SSI) | System | NDAC | role-based | encrypted file exchange | proxy re-encryption | asymmetric encryption |
3 | Zhao, Yu et al., 2022 [52] | off-chain | consortium | distributed | symmetric | decentralized (SSI) | Shared | Hybrid | role-based | key exchange | symmetric encryption | symmetric encryption |
3 | Li, Yue et al., 2021 [53] | Hybrid | consortium | distributed | symmetric | centralized | Shared | Hybrid | role-based | symmetric encryption | ||
3 | Ramesh, Mishra et al., 2023 [54] | off-chain | public | distributed | symmetric | centralized | symmetric encryption | |||||
3 | Qin, Jin et al., 2021 [55] | off-chain | consortium | centralized | asymmetric | centralized | Shared | DAC | search trapdoor exchange and encrypted file exchange | proxy-re encryption | asymmetric encryption | |
3 | Baldin, Chase et al., 2022 [56] | decentralized | federated | Shared | NDAC | rule-based | encryption n/s | |||||
3 | Lomotey, Kumi et al., 2022 [57] | off-chain | private | centralized | hybrid | centralized | Data Owner | Hybrid | rule-based | public key encryption | symmetric encryption | |
4 | Erler et al., 2023 [12] | off-chain | public + private | decentralized | decentralized (SSI) | DAC | token exchange and file location reference exchange | encryption n/s |
Use Case | Storage Location | Blockchain Type | Off-Chain Storage | Blockchain Features | Identity Management Type | AC-Governance (General) | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
On-Chain | Off-Chain | Hybrid | Public | Private | Consortium | Permissioned | Permissionless | Decentralized | Centralized | Distributed | Several Private Blockchains | Hook into Popular Blockchain | Centralized IdM | Federated IdM | DTI | SSI | User-Centric IdM | System | Data Owner | Shared | ||||||
UC 1 [10] | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||||||||||||||||||
UC 2 [12] | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |||||||||||||||||||
UC 3 [63] | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ||||||||||||||||||||
Use Case | AC-Governance (Research) | AC-Policy | NDAC logic | Access Security Mechanism | Storage Security Mechanism | |||||||||||||||||||||
System | Data Owner | Shared | DAC | Hybrid | NDAC | MAC | Role-Based | Rule-Based | Public Key Encryption | Symetric Encryption | Proxy Re-Encryption | Tokenization | Digital Signature | CP-ABE | Symetric Encryption | Hybrid Encryption | Asymetric Encryption | Password Protection | ||||||||
UC 1 [10] | ✓ | ✓ | ✓ | |||||||||||||||||||||||
UC 2 [12] | ✓ | ✓ | ✓ | ✓ | ||||||||||||||||||||||
UC 3 [63] | ✓ | ✓ | ✓ | ✓ |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Erler, C.; Bauer, A.-M.; Gauger, F.; Stork, W. Decision Model to Design Trust-Focused and Blockchain-Based Health Data Management Applications. Blockchains 2024, 2, 79-106. https://0-doi-org.brum.beds.ac.uk/10.3390/blockchains2020005
Erler C, Bauer A-M, Gauger F, Stork W. Decision Model to Design Trust-Focused and Blockchain-Based Health Data Management Applications. Blockchains. 2024; 2(2):79-106. https://0-doi-org.brum.beds.ac.uk/10.3390/blockchains2020005
Chicago/Turabian StyleErler, Christina, Ann-Marit Bauer, Friedrich Gauger, and Wilhelm Stork. 2024. "Decision Model to Design Trust-Focused and Blockchain-Based Health Data Management Applications" Blockchains 2, no. 2: 79-106. https://0-doi-org.brum.beds.ac.uk/10.3390/blockchains2020005