Blockchain-Based Secure and Efficient Scheme for Medical Data

Internet of Things (IoT) fog nodes are distributed near end-user devices to mitigate the impacts of low delay, position awareness, and spatial spread, which aren't permitted by numerous IoT apps. Fog computing (FC) also speeds up reaction times by decreasing the quantity of data sent to the cloud. Despite these advantages, FC still has a lot of work to do to fulfill security and privacy standards. The constraints of the FC resources are the cause of these difficulties. In reality, FC could raise fresh concerns about privacy and security. Although the Fog security and privacy problems have been covered in several articles recently, most of these studies just touched the surface of these difficulties. This paper provides a unique solution for the authentication of data by using hyperledger fabric. The fog layer store data transferred by the IoT layer and calculate the hash value. These hash values are now stored in hyperledger fabric for authentication purposes. The proposed model results compared with lewako’s and Fan’s scheme and found that the proposed model has 25.00 % less encryption time, 09.3 % less decryption time, 17.48 % less storage overhead, and 23.38 % less computation cost as compared to Fan’s scheme.


Introduction
Medical Big Data (BD) are the more crucial historical documents that the patient will use to make the subsequent diagnoses and treatments. Cross-institutional medical data sharing has become a popular area of study to tackle the problem of data islands in the established healthcare delivery system. To enable cross-institutional medical data sharing between the traditional independent healthcare delivery system, blockchain (BC) technology has recently been used to create a distributed environment [39], [40]. Over the decennary, Cloud Computin (CC) has evolved as an efficient platform for fulfilling the needs of end consumers for cloud data servers to fulfill their demands [1]. In the last few years, there has been a significant rise in demand for IoT-based linked devices and apps. Examples include smartphones, gadgets, Google Glass, etc. [2]. Abbasi and Shah predict that by 2020, there may be 50 billion Internet-connected gadgets (each individual will have, on average, 6.58 connected devices), and by 2025, there may be 500 billion [3]. IoT devices offer a wealth of capabilities, including connectivity, and the creation of additional functionality is frequently driven by data. These IoT devices generate enormous 1 EAI Endorsed Transactions on Scalable Information Systems Online First

EAI Endorsed Transactions on Scalable Information Systems
Research Article amounts of heterogeneous data that must be evaluated, necessitating enormous amounts of storage space, computational power, and network bandwidth. Additionally, a lot of IoT applications need high-speed or real-time analysis. According to [5], the Fog system can be defined as • It will be situated at the network's edge.
• It's own networking, computer, and storage services; • Provides hardware and software deployment options that are affordable, adaptable, and portable.
A fog system differs from CC in several ways. The following list provides details on some of the more well-known [6][7][8].
• A FC will have lesser computational resources than a CC. • They can process data produced by a variety of gadgets; • Depending on the area, they can be both widely and sparingly dispersed; • It is feasible to construct a Fog system using lowend hardware.

Motivation
BC is a new and advanced technology to secure near or far digital data. Most customers use online transactions for their daily life needs, which leads to an exponential amount of digital data. Motivated by BC technology, propose a new variety of security for end-user data.

Contribution
The contribution of the paper is folded by the following points.
i. Data

Background
One of the most common noxious technologies today, BC is opening the mode for new financial and industrial applications [11]. Conceptually, it is made up of a collection of records, or blocks, where the information is kept and encrypted to provide privacy and security. Additionally, unlike previous technologies, BC is a decentralized network in which all users have full authority to peer-to-peer (P2P) monitor all network transactions [12]. Based on their fields of application, BC platforms can be divided into three categories: public, private, and hybrid BCs [13]. A public BC is open to all members of the network and does not have a single proprietor. As an example of a decentralized public BC, Bitcoin makes the consensus procedure reachable to all network users. On the other hand, private BC has access restrictions that limit who can read from and write to the BC. In hybrid BCs, only a small set of users have access to the public ledger. The consensus process is governed by rules that have been agreed upon by all stakeholders governing control and access over the BC in this somewhat decentralized environment. Table 1 provides a comparative  Analysis of different BC platform and Table 2 provide an abbreviation used in a Comparative Analysis of different BC platform.  Applications that use FC in real-time demand a faster connection and a better response than those that can tolerate delays [10]. Additionally, these applications need to check for available resources. Resource management is a significant challenge in FC due to the latency-sensitive and resourceconstrained behavior of fog applications. Fig. 2

Related works
Lin et al. [16] introduced a unique access control mechanism for protecting cloud data privacy. This strategy encompasses three steps: user registration, data generation, and data access.
At each level, consumers can select between direct and indirect interaction with the cloud service provider. However, several issues are not addressed in this study. On the one hand, more efforts should be made to enable a more complicated trust architecture that addresses circumstances 4 EAI Endorsed Transactions on Scalable Information Systems Online First such as a malevolent TTP attempting to divulge users' information. On the other hand, our continuing research will investigate tradeoffs between cloud service quality and privacy protection, some of which may be supplementary to PriGuarder. To ensure patients' privacy, Seol et al. [17] presented an EHR cloud. EHR model conducts partial encryption and employs electronic signatures. Liu et al. [18] suggested a role-based access management architecture for specific users' permission-assigning requests based on certain roles. An optimum authorization route is defined in this study. Automatic authorization procedures for collaborative multidomain RBAC models will be the subject of future study. Chatterjee et al. [19] allowed identity identification for users and provided specific services for approved users. Future work will entail implementing and testing the proposed method in a real-world setting. By offering anticipatory offloading, Zhang et al. [20] investigated how complexity may be reduced. The optimization happened in the area that makes decisions. Liu et al. [21] aimed to use the benefits of edge computing, such as computation offloading and content caching, to reduce the computational cost of BC. The performance of BC systems was assessed in this study. The findings demonstrated that leveraging idle edge computing resources might significantly improve the efficiency of BC deployments. Other research [22,23] found comparable results, arguing that dumping workload via edge computing was superior when the governance system was effective. Li et al. [24] proposed an energy BC, a safe energy trading system that addresses security issues while eliminating the use of trusted mediators, using the consortium BC technique. Kang et al. [25] approved consortium BC to secure the security of electricity transactions. A BC system's network nodes might be formed from a variety of edge devices. Sharma et al. [26] showed that using BC in fog/edge computing might result in safe energy transfers due to the benefit of BC approaches in protecting anonymity. Another research [27] presented a use case for combining edge computing and BC to provide a secure electric car cloud. Recent research [28] indicated that centralized computing (cloud data center) was no longer the best option for some smart grid applications due to the possibility of energy loss and delay time from different electric devices and widely dispersed geographic embedded systems. Stolfo et al. [29] provide an alternative strategy for protecting data stored in the cloud by utilizing offensive decoy technology. Chen et al. [30] proposed CP-ABE method. The problem that Hur's system can't withstand collusion attack is solved by the proposed technique, which utilizes DH tree to revoke characteristics statelessly for the first time. Additionally, combines two granular revocation techniques and offloads difficult processes to fog nodes to improve performance on more resource-constrained devices. For vehicular fogs, Fan et al. [31] suggest a revocable datasharing method. To implement data access control in a vehicular network system, develop a novel CP-ABE method with effective decryption. More work should be put into promoting a more intricate trust framework. Trade-offs between privacy protection and cloud service features [17] attribute-based access control using XML Use XML encryption and XML digital signature Real-world use of the prototype model and quantitative performance analysis.
[18] Intelligent planning theory Authorization routes are supported by PGAO for external review.
Automated authorization techniques for a multidomain collaborative RBAC model [19] identity identification for users and provided specific services for approved users Implementing and testing the proposed method in a real-world setting [29] Offensive Decoy Technology Monitoring data access patterns through user behavior profiling can help identify if and when a malevolent insider improperly accesses someone's Cloud service documents.
Only valid for social media and networking sites.
[30] CP-ABE scheme Data secrecy, forward and backward multi-authority will be improved. Different broadcasting techniques will be used to assess the proposed BC-based DMM.
The distributed solution for security with BC has been the subject of a lot of writing in recent years. Simple summaries and comparisons are provided in Table 4. A MediBchain was introduced by Al et al. [17], which can assist users in encrypting and storing their EMRs. The requirement for the user to transmit his passcode when sharing his EMRs with other users is a drawback of MediBchain. To improve the powers of access control and compatibility for EMRs based on smart contracts, a distributed privacy-preserving system, Dagher et al. [18] employed the Ethereum-based BC. Wang et al. [19] suggested parallel healthcare systems baes on BCpowered, in which they employ a synthetic system to maintain patients' electronic medical records, computational experiments to choose treatment plans, and parallel execution to reach a decision. BC technology was used by Xu et al. [20] to create a platform that allows users to freely access their EMRs and choose the doctor they want from among several medical facilities. For healthcare 4.0 applications, Tanwar et al. [21] took advantage of an EMRs administration system based on BC technology. They also enhanced data access with an access control policy algorithm. A secure healthcare record management system based on a hybrid of private and consortium BCs was suggested by Rahoof et al. [22] and has the potential to reduce storage requirements while increasing scalability. A HealthBlock using BC technology for managing medical data was presented by Zaabar et al. [23]. Chenthara et al. [43] proposed HealthChain, a novel blockchain-based smart contract system for eReferral in healthcare. It utilizes blockchain technology to improve transparency, security, and efficiency in the referral process.
Chenthara et al. [44] presented HealthChain, a framework for the privacy preservation of electronic health records using blockchain technology. It aims to enhance data privacy and security while ensuring the accessibility and integrity of healthcare records. You et al. [45] introduced a knowledge graph-empowered online learning framework for access control decision-making. The framework utilizes a knowledge graph to improve the accuracy and adaptability of access control systems. You et al. [46] proposed a minority class-boosted framework for adaptive access control decision-making. The framework addresses the challenge of imbalanced data in access control and employs machine learning techniques to improve decision-making accuracy. Wang and Sun [47] presented a trust-involved access control mechanism for collaborative open social networks. The mechanism aims to enhance security and privacy in social networks by considering trust relationships between users in the access control process.
In summary, we found that all previous models faced threats from scalability, interoperability issues, and privacy and security measures in blockchain-based healthcare record management systems. the proposed technique utilizes a decentralized and distributed ledger blockchain system to address scalability and interoperability issues. This approach ensures transparency and prevents tampering by intruders. Additionally, authorized personnel can access data from distributed blockchains installed on different fog layers.

Proposed Methodology
The proposed model uses hyperledger fabric to store the HV of data. HV is calculated by SHA256 algorithms. By using HV, the authenticity of data will be defined. Architecture and algorithms will be discussed in this section.

Hyperledger Fabric
Hyperledger Fabric, an open-source initiative that offers a modular BC foundation, has become the de facto standard for business BC systems. The open, modular framework uses plug-and-play components to support a range of use cases and is intended to serve as a foundation for developing business solutions and enterprise-grade apps. Together with 7 EAI Endorsed Transactions on Scalable Information Systems Online First more than 15,000 engineer contributors and more than 120,000 contributing companies, The unique consensus approach provided by Hyperledger Fabric enables efficiency at scale while upholding the needs of companies for data protection [14]. With the use of BC technology, apps may be created where many parties can record transactions directly without the requirement for a reliable central authority to guarantee that the transactions are valid. With the use of a peer-to-peer network, which gives each member access to a common ledger where the transactions are recorded, BC makes this possible. These exchanges are immutable and cryptographically provable by design. Three main elements make up BC technology: a distributed ledger, a consensus method, and smart contracts [15].

Proposed Model
Fog layer is a middle layer connecting the Cloud layer and end-user devices. FC is a form of distributed computing that links several "peripheral" devices to a cloud. To reduce bandwidth requirements and send processed data rather than raw data, FC aims to process as much data as possible utilizing computer units that are situated close to datagenerating sources. The fog layer is linked to the hyperledger fabric and the cloud layer, as shown in Figure 3; the fog layer sends data to the cloud layer and the HV of that data to the HF. The HV is now safe in HF due to the nature of immutability. At the time of computation, the Cloud layer calculates the HV of the data and compares it to the HV stored in the HF. If the HVs are the same, there is no eveteasing with the original data.   Step 1. Pre-processing plain text using Algorithm 3

Performance Evaluation
The proposed model presents an evaluation to access the performance in terms of flexibility analysis, and efficiency analysis (Storage Overhead, Communication Cost, and Computation Cost). Tabular and graphical visualization are shown in the experimental result section.

Experiment Configuration
Ethereum Client Geth and Ethereum Wallet running on Window based computer. The hardware configuration includes Intel i5-12400CPU@2.5 GHz, 10GB RAM, 64-bit OS, X64-based processor, and 1TB of HDD. Edge nodes ranging from 50 to 500 to simulate the scenario.

Experiment Result
The proposed model demonstrates the evaluation result generated from the experiment in terms of flexibility and efficiency analysis.

Flexibility Analysis
Concerning the type of access structure, the type of authority, security attacks, and revocation, the proposed model compares with prior multi-authority CPABE schemes in Table 5. We can infer from Table 4 that the proposed model is more adaptable than others. It is simple to see that Lewko's and our schemes are comparable in terms of adaptability. Consequently, we will contrast our plan with its in terms of storing expenses.  Encryption time concerning the number of authorities is compared with other models and it is found that the proposed model has less encryption time. Table 7 shows a comparative analysis of the encryption time of the proposed model with the other two models.

Efficiency Analysis
This section provides a comparative analysis of efficiency in terms of storage overhead, communication, and computation cost of the proposed model with lewako's and fan's scheme.

Storage Overhead
The proposed model's version keys for each characteristic serve as the authority's storing overhead. While Lewko's strategy on it involves additional storage costs because of the authority's private keys. Every visible attribute in the proposed model is used to calculate the storage overhead for each data proprietor. The size of each user's ciphertext and transformation keys determine the storage overhead for the cloud, so each user's storage overhead is just their private keys, which can be almost completely disregarded.

Communication Cost
The proposed model compares the communication cost with Lewako's and Fan's scheme as shown in Table 9. From the table, it is easy to say that the proposed model has high accuracy in terms of percentage. Blockchain-Based Secure and Efficient Scheme for Medical Data

Computation Cost
Computation cost comparison with edge nodes is shown in Table 10. The proposed model compares with the other two old models and analyzes that the proposed model has the lowest computation cost even if the number of edge nodes increased.

Result Summary
To minimize the security concerns in the BD storage process in the Cloud, the intended method is used. To demonstrate the effectiveness of the suggested combined technique, we contrasted its various outcomes with some of the currently used security techniques. To further minimize data and security overheads, the proposed technique provides improved efficiency. A comparison table of performance matrices is shown in Table 11.

Discussions
To lessen the security concerns in the BD storage operation in the Cloud, the intended approach is used. To demonstrate the effectiveness of the suggested technique, we contrasted its various outcomes with some of the currently used security techniques. Additionally, the suggested method provides improved compression effectiveness to lower data and security overheads. Figures 5-9 demonstrate that the suggested strategy outperforms existing approaches. The experimental findings thus show that the suggested system is superior to and safer than all other ones that are currently in use. We concluded that our suggested strategy meets all of our objectives because we got improved results using the two BD methods that are outlined in it.

Conclusion and Future Work
To guarantee data authenticity, we proposed a model which consists of 3 stages ie. IoT layer, Fog layer, and Cloud layer. The end user transfer data to the fog layer. Two operations perform at the fog layer, 1st one is Data directly transfer from Fog Layer to Cloud Layer, and the secondary HV is calculated at the Fog layer and transferred to the Hyperledger Fabric and HV is transferred from Hyperledger Fabric to Cloud Layer. In the end, Cloud Layer calculates the HV of data (data received from Fog Layer) and match it with the HV which is received from Hyperledger fabric. However, this model is tested only on a single user cluster and some issues are not addressed in this article. On the one hand, more work needs to be done to support a more intricate confidence paradigm. On the other hand, our continuing research will examine the trade-offs between data security and cloud service features.