Decentralized security in blockchain-based digital health systems

None, None; None, None; None, None; None, None; None, None; None, None; None, None; None, None

Decentralized security in blockchain-based digital health systems

Self-sovereign identity, access control, and auditing with smart contracts

Journal Article (2025)

Author(s)

Yago de R. dos Santos (Universidade Federal Fluminense)

D. R. Rodrigues de Oliveira (Universidade Federal Fluminense)

Guilherme N.N. Nunes Nasseh Barbosa (Universidade Federal Fluminense)

Lucio Henrik A. Reis (Universidade Federal Fluminense)

Ana Carolina R. Mendes (Universidade Federal Fluminense)

M. Tuler de Oliveira (TU Delft - Information and Communication Technology)

Dianne S. V. Medeiros (Universidade Federal Fluminense)

Diogo M.F. Mattos (Universidade Federal Fluminense)

Research Group

Information and Communication Technology

DOI related publication

https://doi.org/10.1007/s10586-025-05669-3

Smart contracts Self-sovereign identity Access control mechanism

To reference this document use:

https://resolver.tudelft.nl/uuid:839bf962-3db1-4b62-8f08-ef4fe02129ea

More Info

expand_more

Publication Year

2025

Language

English

Research Group

Information and Communication Technology

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository as part of the Taverne amendment. More information about this copyright law amendment can be found at https://www.openaccess.nl. Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.@en

Issue number

15

Volume number

28

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

The expansion of Digital Health brings increasing data privacy and security challenges, mainly due to data collection by service providers and third parties. The decentralized approach of Self-Sovereign Identity emerges as a solution, offering users direct control over their data. This paper proposes the SmartMed system for controlling access to private medical data by attribute-based access control implemented on smart contracts. The paper investigates the performance limitations of the Ethereum, Besu, and Hyperledger Fabric blockchain platforms in controlling access to medical data. The proposal develops smart contracts to perform attribute-based access control and to store log records on the blockchain, highlighting the detailed performance analysis on both tested platforms. The results reveal the superiority of the Hyperledger Fabric platform over Ethereum and Besu, indicating a higher transaction throughput. Our proposal innovates by proposing a system based on smart contracts to guarantee the authenticity of medical data, complemented by the use of Keycloak in managing access to healthcare systems.

Files

S10586-025-05669-3.pdf

(pdf | 1.37 Mb)

License info not available

File under embargo until 09-04-2026