Blockchain-Based Hierarchical Access Control with Efficient Revocation in mHealth System

With the development of information technology, people can share their health records (PHRs) through the Internet and obtain rapid medical services, which makes mobile health become a promising field. PHRs are collected from wireless body area networks (WBANs) and will be shared with people in different fields through public channels, increasing the risk of leaking personal privacy. Ciphertext-policy attribute-based encryption (CP-ABE) is a popular solution for fine-grained access control, but most existing schemes cannot be directly applied to the WBANs with limited resources and dynamic changes in user roles. In this paper, to meet the requirement of the mHealth System, we propose blockchain-based hierarchical access control with efficient revocation in the mHealth system. We use the Extendable Hierarchical attribute-based encryption (EH-ABE), a file-related hierarchical access control scheme, to encrypt PHRs, which reduces the repetitive computation and storage overhead. The proposed scheme adds the function of offline/online encryption, which can greatly save the energy consumption of the sensors in the WBANs. In addition, this scheme can provide attribute-level user revocation and is proven to be IND-CCA secure.