Department of Information and Communication Technology, Manipal Institute of Technology, Manipal Academy of Higher Education, Manipal, Karnataka, 576104, India.
Department of Information and Communication Technology, Manipal Institute of Technology, Manipal Academy of Higher Education, Manipal, Karnataka, 576104, India.
Comput Biol Med. 2023 Dec;167:107702. doi: 10.1016/j.compbiomed.2023.107702. Epub 2023 Nov 13.
In response to the evolving landscape of digital technology in healthcare, this study addresses the multifaceted challenges pertaining to identity and data privacy. The core of our key recovery-enabled framework revolves around the establishment of a robust identity verification system, leveraging the World Wide Web Consortium(W3C) standard for verifiable credentials(VC) and a test blockchain network. The approach leverages cryptographic proofs embedded within credentials issued by various entities to securely validate the legitimacy of identities. To ensure standardized identity establishment, the roles and responsibilities of entities align with the UK digital identity and attribute trust framework, resulting in a cohesive verification process. Embracing self-sovereign identity (SSI), encrypted credentials are stored within the owner's device, empowering individuals with data control while prioritizing privacy and security. Furthermore, the work introduces an algorithm that places paramount importance on owner-centricity, trustworthiness, and privacy-aware handling of SSI credentials, subjected to threat modeling through the Owasp Dragon tool. A key recovery algorithm, a key component of our Recovery-Enabled Framework, empowers users to regain credentials using a trustee-based recovery system with a memorized PIN, eliminating the need for third-party reliance. Furthermore, a trust score, a crucial component of the framework, assesses the conformity of verified credentials with stated standards, boosting trust in established identities. Leveraging the modularity of Hyperledger Fabric, the work utilizes smart contracts to impose context-aware attribute-based policies, ensuring controlled access, traceability, and auditability, consequently strengthening security. Through comprehensive development, refinement, and rigorous testing, the prototype emerges as a potent tool for enhancing security within the Digital Health Ecosystem. It equips organizations with the means to navigate this digital landscape while inspiring trust among stakeholders, significantly contributing to the resilience of identity in the digital health ecosystem.
针对医疗保健领域数字技术的不断发展,本研究解决了与身份和数据隐私相关的多方面挑战。我们的关键恢复功能框架的核心围绕着建立一个强大的身份验证系统展开,利用万维网联盟(W3C)可验证证书(VC)标准和一个测试区块链网络。该方法利用各种实体颁发的证书中嵌入的加密证明,安全验证身份的合法性。为了确保标准化的身份建立,实体的角色和责任与英国数字身份和属性信任框架保持一致,从而形成一个连贯的验证过程。通过采用自我主权身份(SSI),加密证书存储在所有者的设备中,使个人能够控制数据,同时优先考虑隐私和安全。此外,本工作引入了一种算法,该算法高度重视以所有者为中心、可信赖性以及对 SSI 证书的隐私意识处理,通过 Owasp Dragon 工具进行威胁建模。关键恢复算法是我们的恢复功能框架的一个关键组成部分,它使用基于受托人的恢复系统和记忆 PIN 来授权用户恢复凭证,从而无需依赖第三方。此外,信任评分是框架的一个关键组成部分,它评估经过验证的证书与既定标准的一致性,从而增强对已建立身份的信任。利用 Hyperledger Fabric 的模块化,本工作使用智能合约来实施基于上下文的属性策略,确保可控访问、可追溯性和可审计性,从而增强安全性。通过全面的开发、改进和严格的测试,原型成为增强数字健康生态系统安全性的有力工具。它为组织提供了在这个数字环境中导航的手段,同时在利益相关者中激发信任,为数字健康生态系统中的身份弹性做出了重大贡献。
