Privacy Preservation and Access Control for Sharing Electronic Health Records Using Blockchain Technology

Sharing of Electronic Health Records (EHRs) is of significant importance in health care. Lately, a cloud-based electronic health record sharing scheme has been used extensively to share patient records among various healthcare organizations. However, clou d centralization may compromise patients’ privacy and security. Due to the special features of blockchain, it is important to see this technology as a promising solution to resolve these issues. This article proposes a privacy-preserving, secure EHR sharing and access control framework based on blockchain technology. The proposal aims to implement EHR blockchain technology and ensure that electronic records are stored safely by specifying user access permissions. We emulate the cryptographic primitives and use smart contracts to describe the relationships between the EHR owner and EHR user through the proposed system on the Ethereum blockchain. We assess the proposal results based on encryption and decryption time and the costs of the smart contract. The encryption and decryption times are proportional to the size of the EHR, which varies from 128 KB to 128 MB. When it comes to encryption, the smallest EHR takes 0.0012 s to encrypt, while the largest EHR, which is 128 MB, takes 1.4149 s. On the other hand, a 128 KB EHR takes 0.0013 s to decrypt, whereas a 128 MB EHR requires 1.6284 s. As a result, performance evaluation and security analysis confirm that the proposal is secure for practical application.


Introduction
An electronic health record (EHR) is a compilation of an individual's health-related information, including personal information, medical images, medical conditions and medications. EHR sharing will help both patients and medical institutions in a few ways (HIMSS, 2006). Firstly, data sharing can facilitate medical research. Secondly, it would be better for multiple healthcare institutions to cooperate, such as physicians obtaining patients' medical histories and medical service coverage in a foreign country. Thirdly, regulations and standards can be established and reinforced to promote healthy EHR sharing, offer more trust among various medical institutions, provide more patient care and strengthen medical science.
However, the trend of cloud storage of EHRs and all these great benefits also poses security challenges that prevent the implementation of cloud e-health applications (Abukhousa et al., 2012). EHRs have been more widely available, although use has been limited due to security concerns (Sauermann et al., 2013). Some technological obstacles remain that impede EHR sharing and render it complicated in several ways. Thus, one of the most significant challenges in healthcare systems is secure sharing of medical data. The sharing mode raises a lot of privacy and security issues that could thwart its widespread adoption (Boumezbeur and Zarour, 2018). Such data are sensitive, making patients and medical organizations reluctant to share them because they need protection against unauthorized access. Security issues include the secure sharing of EHRs among patients and other healthcare services in cloud environments. Unauthorized individuals can obtain malicious access to EHRs without patient authorization, undermining data privacy, security and integrity of cloud-based e-health systems. In addition, patients may have difficulty monitoring and maintaining their cloud-based health records shared by healthcare providers. Therefore, it is important to suggest appropriate access control solutions for sharing EHRs among cloud environments.
Recently, the use of blockchain services to enhance medical and e-health services has become a growing development. Satoshi Nakamoto initially brought blockchains to the globe in the form of the popular cryptocurrency Bitcoin (Shuaib et al., 2014). It is a decentralized architecture. It consists of an open and distributed ledger that records all transactions between two parties in an efficient, verifiable and permanent way (Rajput et al., 2019). It contains individual entries in the form of interconnected blocks organized in a single list known as a chain. After authentication by a network of interconnected validating nodes, each transaction is appended to the blockchain (Siddiqui et al., 2020a;Siddiqui et al., 2020b). Unlike traditional databases, the blockchain enables members in a distributed network to exchange electronic currency without requiring a centralized, trusted third party (Agbo et al., 2019;Hardin and Kotz, 2019). It relies on validators (typically miners) to operate as third parties and decentralize transaction validation (Hölbl et al., 2018).
Due to blockchain's immutability and use of cryptographic functions for secure communication, blockchain is well suited for accurate EHR information sharing (Gordon and Catalini, 2018;Catalini and Gans, 2020). This technology can change the healthcare system in different fields, such as secure exchange of EHRs and data access control among different medical institutions to improve privacy and data protection (Mayar et al., 2020). It offers a potential future data sharing approach that could enable collaborative clinical decision making in telemedicine and precision medicine (Cheng et al., 2018). Blockchain implementation could also create a new paradigm for exchanging health information (HIE) by making EHRs more effective and secure. It will also provide promising solutions to promote treatment delivery and thus revolutionize the healthcare system. Therefore, various blockchain companies such as HealthNautica (HealthNautica, 2022), Factom (FACTOM, 2022), Capital One (Capitalone, 2022) and Gem (Gem, 2022) are collaborating to preserve medical data using blockchain technologies. Besides, many implementations of health data management systems, such as those reported by Qin et al. (2021), Zhang and Lin (2018), Pournaghi et al. (2020), Li et al. (2018) and Alam et al. (2021), are emerging. Each application provides various solutions for various conditions. This article proposes a privacy-preserving EHR sharing scheme focused on cloud storage and blockchain technology. Indeed, cryptography is important in securing and maintaining a user's personal information.
In the proposal, the original EHRs are uploaded in an encrypted form to a cloud, and only signature and encryption keys are reserved in the blockchain. Secure data sharing could be achieved via smart contracts that manage the access control of users. Patients should have full control of their own EHRs when adopting the new system, and users or care providers may make practical use of the data without disclosing patient privacy. The main contributions of this paper are summarized as follows: • A blockchain-based cryptographic and access control scheme for sharing EHRs is proposed using Ethereum smart contracts. • The proposed scheme uses symmetric and asymmetric algorithms to encrypt EHR and secret keys for ensuring confidentiality and privacy. • The smart contract used in the proposed scheme is intended to manage users' access control. It ensures that the data owner has full control over who has access to their health record. • We analyse the proposal performance with cloud computing usability tests provided by the Google Storage Platform (GSP) and Ethereum blockchain using Solidity to implement the smart contract. The results show that the suggested framework is feasible.
The remainder of this paper is organized as follows. Section 2 brings an overview of related works. Section 3 describes the system architecture, system workflow and the smart contract. The performance and discussion of the proposal are presented in Section 4. Finally, Section 5 concludes the paper. Li et al. (2018) proposed a new data preservation system (DPS) based on blockchain as a secure storage solution, ensuring that the stored data are primitive and verifiable while maintaining user privacy. The DPS used data storage mechanisms and cryptographic algorithms to achieve security. An access control model using blockchain for PHRs was proposed by Thwin and Vasupongayya (2019). The authors used proxy re-encryption as access control and other cryptographic techniques to preserve confidentiality. They stored the encrypted records in a cloud while the metadata was stored in the blockchain. In this model, the data sharing process is dependent on an intermediary, the proxy server responsible for re-encryption. Thus, the proxy server is in charge of the encryption keys and other information required for the authentication process. Wang et al. (2018) proposed a secure EHR system built on blockchain technology and a cryptosystem mechanism to enable fine-grained access control and guarantee the authentication and confidentiality of cloud-stored EHR medical data. They proposed a new cryptographic primitive called hybrid attribute/identity-based encryption and signature (C-AB/IB-ES). The ABE and IBE are used to encrypt the medical data, while the IBS is used to implement digital signatures.

Literature Review
HBasechainDB (Sahoo and Baruah, 2018) is a scalable blockchain framework leveraging the Hadoop database. It used the blockchain pipelining and federated consensus to create the blocks. The blockchain on top of this architecture contains all the necessary dependencies, but the blocks are maintained on the Hadoop database to increase the blockchain technology scalability. This study was beneficial in understanding that blockchain can be used with other scalable platforms to improve or overcome the scalability of this platform. It is also able to explore the data present on the blockchain.
Xia et al. (2017) proposed a blockchain-based data sharing (BBDS) scheme that offers access control policies associated with sensitive health data. The BBDS focused on identity-based authentication, which enhances the efficiency of the healthcare system. Besides, it used cryptographic techniques in a blockchain network to achieve security.

System Model
This section presents the architecture, the workflow and the implementation of the smart contract. Table  1 summarizes the basic notations used in this paper.

SK
Secret key

PuK
Public key

PrK
Private key

Message digest
SIG Signature

Electronic Health Record (EHR)
The Health Information Management Systems Society defines the EHR as a longitudinal electronic record of patient health information generated by one or more encounters in any care delivery setting (HIMSS, 2020). The EHR can create a complete record of clinical contact and assist with other tasks such as evidence-based decision support, quality monitoring and reporting. Any healthcare organization or doctor that a patient visit records the patient's information, including current health status and vital signs. It also contains previous treatments, current medications and other important personal information. This patient health record is very important for a doctor, and it is equally important that it be available online and immediately. It must also be updated and accessible when needed.
In the proposed scheme, the EHR data are divided into different parts illustrated in Figure 1, concerning the correlation of the information contained in each part as follows: • Personal information: Includes the patient's private information (EHR1).
• Contact information: Includes the patient's emergency contact information (EHR2).
• Patient demographics: Contains information about the population needed for research and marketing purposes (EHR3). • Administrative and billing data: Includes administrative information (EHR4).
• Laboratory report: Includes laboratory information and test results (EHR5).
• Medical information: Includes medical and medication information (EHR7).
• Insurance report: Contains information about the insurance company (EHR8).

System architecture
The overall architecture of the proposed privacy-preserving and access control scheme for sharing EHRs using blockchain technology (BAcP-EHR) is presented in Figure 2. The EHR data will be encrypted using the EHR owner's secret key and stored in cloud storage shared via a secure socket layer (SSL) to ensure confidentiality. Thus, the secret key is encrypted using a public key. The encryption key, as well as all necessary information, would then be stored on blockchain for an authentication process. The EHR would be available to the EHR owner or other users, including the healthcare providers. The proposed framework contains three layers, namely a data collecting layer, a data storing layer and a data sharing layer, and four entities: the EHR owner (EO), the EHR user (EU), cloud storage (CS) and blockchain (BC). The role of each entity is defined as follows: Data collecting layer: refers to the patient who visits doctors in hospitals or medical institutions for healthcare treatment. The patient obtains his/her electronic health records, including individual private health data generated after their interactions. The main entity in this layer is the EHR owner (EO): it is an entity (e.g., individual or organization) that owns the EHR data to be shared. In our scheme, the EO is primarily responsible for complete control of his/her EHR. He/she must establish an access control policy on his/her EHR and grant or refuse access permissions for his/her EHR data to others at will. Data storing layer: contains two entities: • Cloud storage (CS): The cloud stores encrypted EHRs uploaded by the owner.
• Blockchain (BC): The blockchain is an entity that stores the smart contracts, the EHR signature and encrypted keys.

Data sharing layer:
In this layer, the EHR user (EU) is an entity that can be an individual (e.g., patient, doctor) or an organization (e.g., hospital, health insurance company, medical research institute) that accesses the patient's EHRs for beneficial purposes.
The overall architecture of BAcP-EHR is presented as follows: • Step 1: Interactions between the patient and his or her doctor and specialist produce primary data. This information contains patient records, current issue information and other physiological information. • Step 2: The EHR owner uploads the ciphertext to the cloud storage and sends the encrypted keys and other information to the blockchain. • Step 3: The EHR user sends a request to the blockchain to access the EHR, retrieve the EHR and decrypt it.

Threat model and security goals
Cloud servers are semi-reliable in our suggested system. The electronic health record is subject to an attempt to decode the encrypted text. A malicious adversary may capture, alter or forge health records.
To deduce the plain text of the EHR, cloud and data requestors will consent. In the threat model, the security targets are as follows: • Data privacy: The owner's original EHR cannot be disclosed to illegal individuals.
• Data authenticity: Those accessing the data can check the authenticity of the patient's EHR.
• Data integrity: Patient EHRs can be stored secured against tampering.
• Data confidentiality: Patient EHRs are securely stored and kept hidden from unauthorized persons.
• Flexible access control: Patients can determine how to access their EHRs, and only authorized persons can access patient EHR. • Authentication: Before accessing EHR, users must be authenticated.

Scheme workflow
In this section, we explain in detail the workflow of the BAcP-EHR scheme. The proposal enables EHR owners to control their own EHRs. Based on cryptography techniques and blockchain technology, it performs privacy-preserving EHR sharing through the following steps. Figure 3 illustrates the proposed scheme in detail.

System setup:
To implement the BAcP-EHR scheme, users should register unique accounts and create their keys. First, a symmetric key (SK) 128 bits in length is generated for each EO. The SK is the output of the hash function (SHA-1) employed by the SUN provider's pseudo-random number generation (PRNG) algorithm termed SHA1PRNG. The hash function is used to generate a stream of random numbers. The SK of an advanced encryption standard (AES) is used to encrypt the EHR. Each user in the blockchain obtains key pairs (PuK, PrK) by hashing a random number (RN) utilizing the 256-bit SHA-1 hash function to complete data sharing transactions. The key pair of the Rivest-Shamir-Adleman (RSA) asymmetric key encryption was used to encrypt SK and sign the original EHR.

Data storing:
After generating all the keys, the EO encrypts the EHR using the SK to get the ciphertext CEHR, then encrypts his/her symmetric encryption key using the public key PuK to get the ciphertext key CK, as shown in Equations (1) -(2).

CEHR= EncEHR (EHRi
After that, he/she creates a hash of the encrypted EHR to be signed using Equation (3), where MD is the message digest. The private key is then used to sign the MD, and the encrypted hash is the digital signature (SIG). When the signature algorithm is completed, the EO sends the encryption EHR (CEHR) to the cloud storage, as described in Equation (4).

SIG = (MD, PrK)
Then, he/she sends both SIG and encrypted keys (CK) to the blockchain. Besides, he/she sends the access permissions to the smart contract as presented in 3.5 below. For example, all users' public keys are stored in the system database. If B (the owner) wants to share data with C (add C to the list of approved users), the SK will be re-encrypted with the public key of C. When C needs to access data, he/she can decrypt them using its private key. Because only C has access to C's private key, no one else can decrypt the data. The storage process is shown in Algorithm 1.

Data sharing:
The EHR owner predefines access rights in smart contracts, such as access privileges, access actions and access rights (e.g., read, write), to ensure the secure sharing of EHR.
The smart contract is activated immediately before the access condition is met, which will ensure the validity and fairness of the sharing of data to implement the corresponding procedure. The process of EHR sharing consists of the following two sections: A. Blockchain access: • EHR access request: The EU initiates a blockchain network EHR exchange request (Req) transaction. The access target (ID), access EHRi and PrK must be included in the request, as shown in Equation (5). The blockchain receives the transaction request and verifies the EU's identification. Only the EU is fair, and the transaction data will be stored in the blockchains.
• Execution of the smart contract: If the Req is valid, the SK will be decrypted using the EU's private key and sent to the user, as described in Equation (6).

SK= DecCK (CK, PrK)
B. Cloud storage EHR sharing: As seen in Algorithm 2, the EU will recover the EHRi from the cloud. Then, to achieve the integrity and authenticity of the EHR, the EU creates a hash of the encrypted EHR, MD2, as shown in Equation (7). Then, he/she uses the EO's public key to decrypt the SIG; the result of the decryption is shown in Equation (8).

MD2= H(CEHR)
DecSIG = (SIG, PK) If this decrypted MD matches MD2, the signature is correct, and the EU will decrypt the EHR and perform its access action, as described in Equation (9). If not, the user can inform the system that the data may have been changed.

Smart contract implementation
Smart contracts are reusable and modular pieces of code used to automate any task on the blockchain when certain circumstances are satisfied. The most well-known application of smart contracts is Ethereum. Smart contracts typically use the Solidity programming language, which may be used to program any operation a programmer needs to perform. Programmers can compile the appropriate operations using Ethereum Virtual Machine (EVM) bytecode after programming them (Shahnaz et al., 2019). Furthermore, after constructing them, they may be run and deployed on Ethereum. When the smart contract is implemented, the programmer's bytecode is recorded in the blockchain, and there is a storage address for it.
The smart contract is an important part of the proposal as it performs basic operations. The BAcP-EHR contract allows users access, performs CRUD operations on patients' EHRs and defines roles for gaining access to these features. The createUser function is one of the EO's CRUD operations, allowing a new user to be added to the system. UpdateUser is a function for updating a user's data in the system. After the EO deletes a user from the system using the DeleteUser function, the removeAclUser function revokes the user's network authorization. The addUserToAcl function is used by the EHR sharing layer to grant a user access to an EHR. The UpdateUserAcl method is used to change a user's network role. The DeletDoc method deletes the document from the system and its users and access. The BAcP-EHR smart contract code is given in Figure 4.

Performance
The performance of the proposed scheme is analysed by comparing it to the current works of Li et al. (2018), Thwin and Vasupongayya (2019), Wang et al. (2018), Sahoo and Baruah (2018), Khalaf et al. (2020) and Chen et al. (2019). All the works consist of several components, such that the tests are divided into three main categories: a cryptographic test, the costs of the smart contract and a security analysis.

Experimental setup
To test the performance of the proposed framework, we have implemented it on the Windows 10 system on an ADM Ryzen 3 2300 CPU @ 2 GHz, and 4.00 GB RAM using Java, and Solidity is the programming language of Ethereum smart contracts. Our application programming interfaces communicate with Ethereum as the blockchain technology and Google Cloud Platform Storage (GCP), which serves as the cloud storage server in our implementation. We conducted these experiments on public datasets downloaded from the US Department of Health and Human Services (HealthData.gov, 2022).

Experimental results
The proposed system was assessed for the following cases:

Encryption and decryption time
We first tested the time consumption of encryption and decryption of blockchain works for different sizes of EHRs. The times required for encryption and decryption process times of Thwin and Vasupongayya (2019), Wang et al. (2018) and BAcP-EHR are shown in Table 2. As seen in Figure 5, the encryption and decryption times of the BAcP-EHR scheme are proportional to the EHR size. As the EHR size increases, the encryption and decryption times also increase. Furthermore, it can also be seen in Figure 5 that when the size of the EHR is less than 128 MB, the time spent on the encryption and decryption process is less than 1 s. Even if the EHR size is expanded to 128 MB, the additional time spent is around 1s.
We compared the test findings in Figure 5 with the encrypting and decrypting time consumption in Thwin and Vasupongayya (2019) and Wang et al. (2018). The results of the comparison are shown in Figure 6 and Figure 7. The time consumed by the encryption and decryption process is less than in the other works. When the EHR is large, our encryption and decryption efficiencies are significantly higher than those of Thwin and Vasupongayya (2019) and Wang et al. (2018). The EHRs contain many large image files, such as X-rays and CT scans, and depending on these comparisons, our scheme is more suitable than previous health record encryption and decryption work.

Smart contract costs
The BAcP-EHR scheme uses Remix as the smart contract development tool, writes the smart contract using the Solidity language, and deploys the compiled contract in the Ethereum Rinkeby test network. We used Metamask and Etherscan to calculate the real gas costs for each function in the smart contract.
In the Ethereum blockchain, fees are the gas corresponding to the payment or value of the price needed for each successful transaction or execution of a contract. If a user does not have an account with a valid balance, he/she cannot perform any service and the transaction is considered invalid. Figures 8 and 9 show https://doi.org/10.18267/j.aip.176 117 respectively the deployment and costs of our proposed contract in Remix IDE and the Metamask software cryptocurrency wallet, as well as the block in the Ganache Ethereum. The smart contract cost results are presented in Table 3.  It is not difficult to conclude from the test results in Table 3 that our proposed contract requires fewer costs of deployment and invocation of other functions.

Discussion
Several authors have proposed blockchain-based healthcare systems to secure the sharing of healthcare data. Unlike Zhao et al. (2019), who encrypted all files and stored them on the blockchain, this article makes use of cloud storage technologies to relieve pressure on blockchain storage and meet real-world deployment requirements. Chen et al. (2019) developed a system in which the patient must provide a private key for the doctor to access data; however, the transmission mechanism cannot guarantee the confidentiality of the private key, and hostile nodes can access it.
Contrary to Qin et al. (2021) and Xia et al. (2017), we used a hybrid encryption approach to ensure better security and get the benefits of each encryption. The encryption keys used in our system are completely secure. Furthermore, the original EHR is encrypted before being sent to a cloud server. This allows a solution to the blockchain's limited storage capacity as well as a significant reduction in the risk of confidential information posed by original electronic health data being leaked.
Several proposed systems can meet the requirements for privacy and integrity, but not all of them can provide access control, which is a critical security goal in an EHR sharing system. Moreover, smart contracts are only used in a few proposed systems. In contrast to Qin et al. (2021), Khalaf et al. (2020), Li et al. (2018), Sahoo and Baruah (2018), Liang et al. (2017), Ramani et al. (2018) and Abunadi and Kumar (2021), our solution uses the smart contract to securely store the encryption key, preserve the EHR signature, verify authentication and manage the user's access control.
The system we offer protects the patient's privacy by allowing them to specify granular access controls to their EHR data using smart contracts. Furthermore, it is based on a decentralized network topology with a single point of failure. Unlike Li et al. (2018), Sahoo and Baruah (2018) and Chen et al. (2019), our solution relies on defined user roles to protect EHR data from security threats such as unauthorized access. As a result, malicious users will be unable to access EHR data. It also allows quick and secure access to EHR data based on the patient's preferences. It ensures the availability of EHR data elements without the need for third-party validation.
In terms of functions such as personal data security, access control and data integrity, our system outperforms these similar studies. Furthermore, it presents a feasible alternative for updating existing electronic healthcare systems, including hybrid encryption, encryption keys and smart contracts.

Security analysis
This part demonstrates how the BAcP-EHR scheme effectively ensures security objectives compared to other works. The result of the comparison is presented in Table 4. '✓' and '✘' indicate whether the literature supports this function or not.
Confidentiality ensures that those who are not allowed to know do not share the content. In our scheme, patients' EHRs are encrypted and accessible only to authorized individuals. Data can only be obtained from the cloud server by the entity that obtains authorization, while details are in the EHR sharing subsection.
The blockchain account is anonymous and unlinkable from a true identity by exploiting the blockchain and smart contract encryption capability. Thus, the blockchain privacy can prevent public information from revealing the true identity of individuals. Our access control system ensures data privacy of individuals. Malicious access is blocked by the user identification capability and authorization in smart contracts, restricting access to our cloud servers from future attacks.
The integrity guarantees that patient information is exchanged between approved users without any modifications. The electronic health records are still encrypted in the proposal to prevent modification. Meanwhile, EHR users cannot change transactions signed in smart contracts for EHR sharing, and no individual can alter and modify the quality of transactions registered. Besides, every node (or service node for better efficiency in practice) has a copy of the blockchain data, so if a node connects with other nodes, a shift in a certain block will be easily detected. Most importantly, in our case, EHR users do not have the right to change or update the smart contract and access policies. Therefore, Merkle's root value would change if the EHR is changed, allowing the block content to change. Therefore, EHRs can be maintained securely and correctly by using the blockchain without being tampered with.
The patients must sign their EHR for authentication before adding the associated contracts to the blockchain. Data authenticity can be provided based on the signatures and the integrity provided by the blockchain.
To allow a user to access a patient's EHRs, the user sends the request to what he/she is interested in. If the user can access the data, it will be sent back with the requested EHRs that are encrypted, which ensures access control.
Chen et al.

Key features of BAcP-EHR
The key features of the suggested solution to ensure privacy and security of EHRs in the cloud are as follows: • The security and privacy of health data outsourced to a public cloud are enhanced by using existing security techniques, including asymmetric encryption (RSA), symmetric encryption (AES) and hash algorithms. • Data owners create security and privacy protection for their data before they are outsourced to the cloud. • The user's login is verified by the blockchain.
• Access control permissions and data integrity are attached to each health record independently of other records; only the data owners can define and manage these accesses.
• The cloud is used only to store encrypted EHRs, the cloud provider is not required to store or expose any information about the data. • The data owner is able to use a unique key to encrypt each EHR by securely attaching the key to the data, and authorized users can retrieve this key while applying secure access. • Only authorized users can verify the integrity and authenticity of medical records.
• The confidentiality and integrity of EHRs remain protected in the cloud environment from any internal or external security attack. • Any potential adversary who obtains a protected EHR cannot read or reveal its contents.
• The proposed solution is simple and does not require complicated operations.
• Implementation and evaluation of the proposed solution shows that it can be used practically and effectively.

Conclusion
A blockchain-based access control scheme for preserving privacy of electronic health records (EHR) scheme is proposed in this paper to achieve privacy, confidentiality, integrity and access control. The system uses the Ethereum blockchain technology and the cloud to ensure that electronic records are stored safely by specifying granular user access rules. First, we propose a framework for sharing the EHR among various entities focused on blockchain and cloud storage. In this paper, cloud storage stores the encrypted EHR while EHR signatures are stored on the Ethereum EHR blockchain. Then, the access controls for EHR are presented in the form of Ethereum blockchain smart contracts to ensure efficient access to EHRs in the system. Moreover, we use symmetric and asymmetric encryption to guarantee data confidentiality and achieve data sharing with privacy preservation. Furthermore, we implement the proposal for an Ethereum platform and evaluate the performance of the computation.
Our proposal can meet the defined security objectives according to the performance results, the security analysis and the security proof of the proposed scheme. As future work, we consider several possible extensions or improvements to our system. We are inclined to study a fraud detection system in healthcare based on the blockchain.