BANGALOREUNIVERSITY,JNANABHARATHICAMPUS

APROJECTREPORT
ON

“ Blockchain-based privacy and security preserving

In electronic health: a systematic review ”

Submitted in the partialfulfillment of the requirement for the
award of degree of
Bachelor of ComputerApplications
Submitted byby
T.R.Akash

(206MSB7103)

Undertheguidance of
kalpana mam
AssistantProfessor

KLESociety’sDegreeCollege,Nagarbhavi,Bangalore-560072
2022-2023
 ABSTRACT

Electronic health record (EHR) has recorded the process of occurrence, development, and treatment of
diseases. So it has high medical value. Owing to the private and sensitive nature of medical data for patients,
the data sharing and privacy preservation are critical issues in EHR. Blockchain technology may be a
promising solution for the problems above since it holds the features of decentralization and tamper resistance.
In the paper, we propose a medical data sharing and protection scheme based on the hospital’s private
blockchain to improve the electronic health system of the hospital. Firstly, the scheme can satisfy various
security properties such as decentralization, openness, and tamper resistance. A reliable mechanism is created
for the doctors to store medical data or access the historical data of patients while meeting privacy
preservation. Furthermore, a symptoms-matching mechanism is given between patients. It allows patients who
get the same symptoms to conduct mutual authentication and create a session key for their future
communication about the illness. The proposed scheme is implemented by using PBC and OpenSSL libraries.
Finally, the security and performance evaluation of the proposed scheme is given.
CONTENTS
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

CHAPTER1
INTRODUCTION

WITH the development of computer and communication technology, EHR has become an
indispensable tool for medical services [1]. The system utilizes some electronic devices such as the
computer to deal with digital medical records, and it has the advantages of easy to use, stronger
timeliness, and low cost. EHR not only provides the most useful data for diagnosis and scientific
research but also it gives one kind of judgment basis for handling medical disputes. So, it has
attracted a wide range of attention including the government, the medical community, cybersecurity
department, and so on [2], [3]. Because the medical data is crucial for the diagnosis, and it is personal
and sensitive for patients. Thus, data sharing and privacy preservation issues are critical in EHR. The
medical data should be stored, managed, and accessed securely. Notably, the doctor usually needs to
know the medical history of the patient when he/she makes the diagnosis or treatment. However, the
patient can not professionally describe his/her medical history, which will affect the latest treatment.
Thus, in EHR, historical medical data generated by different doctors in different hospitals should be
capable of being securely and timely queried by a legitimate doctor with the patient’s consent, please
see [4]– [7] for more details. In recent years, the EHR system is markedly developed with the rise of
cloud computing. For example, in [8], authors first expounded the security requirements of the EHR
system based on cloud computing. Also, some suggestions are suggested to ensure the security of
medical data in the cloud. In [9], the attribute-based encryption is utilized to protect the data in the
cloud, and then the proposed EHR system is implemented in an android phone. In [10], Xhafa et al.
proposed an attribute-based EHR with privacy awareness in cloud computing. However, as
mentioned in [11], [12], these cloud-based schemes have some flaws. For example, they have a
dependency on the cloud provider. If some targeted attacks to cloud provider are carried out, then the
information leakage is likely to occur. Additionally, the server may suddenly stop if the cloud
providers would go bankrupt or be swallowed up by the larger companies. That is, the security of
EHR will be threatened. In 2008, the blockchain structure was proposed [13]. It can be viewed as a
distributed database and satisfies the features of decentralization, tamper resistance, and asymmetric
encryption. This technology can provide a reliable way to manage and store data. So it may be a
promising solution for EHR. At present, the blockchainbased researches for EHR have already started
BCA,KLESociety’sDegreeCollege 4
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

attracting attention from medicine. How to design an efficient and secure EHR system by using
blockchain is their core task.

BCA,KLESociety’sDegreeCollege 5
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

CHAPTER 2
LITERATURESURVEY

In 2015, a decentralized personal data management system was presented in [18]. It can ensure the
users own and manage their data. In the system, the blockchain is converted into an automatic
access control manager in the protocol without a trusted-third-party. In 2016, a decentralized
“MedRec” system based on blockchain was proposed to handle EHR [19]. MedRec has
contributed to the emergence of data economics. It also provides researchers with big data while
allowing patients and providers to choose to publish metadata.

In 2017, Xue et al. [20] designed a blockchain-based sharing model for medical data. The scheme
solves the problem of checking, saving, and synchronizing medical data among different medical
institutions by improving the consensus mechanism. But it has some disadvantages in data storage
since the scheme does not possess the ability of machine learning algorithm.

Xia et al. [21] designed a blockchainbased data sharing framework. It takes the advantages of
blockchain’s immutability and the built-in autonomy to address access control challenges related
to sensitive data stored in the cloud. At the same year,

Xia et al. [22] also proposed a system named MeDShare, which is based on blockchain and has
minimal data privacy risks. It is used to solve the problem of medical data sharing among
healthcare big data custodians (e.g., cloud service providers) in the untrusted environment. The
two schemes have the weaknesses of the cloud since they still need the assistance of the cloud.

In 2018, Yang et al. [23] presented a blockchain-based architecture for EHR. It prevents tampering
and misuse of EHR by keeping track of all events occurring in the database. Also, the system
introduces a new incentive mechanism to create new blocks in the blockchain.

In [24], a medical data storage system based on blockchain was proposed. The system not only can
guarantee the originality and verifiability of stored medical data but also can preserve the privacy
of patients.

BCA,KLESociety’sDegreeCollege 6
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

In [25], Zhang et al. proposed a medical data sharing scheme based on blockchain to improve the
diagnosis level. They utilize the private blockchain possessed by the hospital to store personal
health data of patients while the consortium blockchain is used to keep the security indexes.
Notably, authors have described the details of the scheme and implemented it on JUICE.
Nevertheless, it needs substantial computational and communication cost.

BCA,KLESociety’sDegreeCollege 7
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

CHAPTER3
EXISTING SYSTEM

Existing system

The widespread use of SQLIAs has led to development of several methods for the detection and prevention of

such attacks. Some of these methods can widely be seen e.g., in [14- 22]. Although, these solutions have

contributed immensely towards providing an understanding on how SQLIAs attacks do occur and addressed,

however despites these giant leaps, an ideal solution is far from been achieved. With the negative impact of

SQLIAs, several researchers in [23-29] have tried to address concerns arising from such attacks through

provision of techniques to serve as potential solutions. Despites the giant strides made in the detection and

prevention of SQLIAs.

Disadvantages of Existing System

Research on medical sharing schemes based on blockchain is still in its infancy at present. The
existing schemes have the following drawbacks:
(1) Most schemes only give the framework and don’t describe the specific details for implementation
(2) Although the details are given in some schemes, the cost of computation and communication is
high

BCA,KLESociety’sDegreeCollege 8
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

CHAPTER 4
PROPOSED SYSTEM

The motivation of this project is to design a medical data sharing scheme based on blockchain. It is
helpful to the storage, management, and sharing of the medical data. The scheme should satisfy the
security requirements in medical data sharing schemes. Also, it should have low computational and
communication cost.

Blockchain mainly solves the trust and security issues of transactions, and it is a kind of distributed
database combining data blocks in chronological order. Generally, the blockchain is divided into three
classes: private blockchain, consortium blockchain, and public blockchain.

The main features of the blockchain are as follows :

1) Decentralization: there is no central node, and each node is equal. Transaction records are done by
multiple nodes that distributed in different places, and each node records and keeps a complete
account. All nodes can supervise the transaction and jointly testify for it.

2) Tamper resistance: the Hash value of the previous block is contained in the latter block. If one of
the blocks is modified, then all the blocks after that will be recalculated. So the modification of the
database by a single node is invalid.

3) Openness: in addition to the private information of all parties involved in the transaction being
encrypted, the data of the blockchain are open to all. Anyone can query block data and develop
relevant applications through the public interface.

4) Autonomy: the blockchain adopts a consensual protocol (such as an open and transparent
algorithm), which enables all nodes in the system to freely and securely exchange data. So, it will not
be intervened by a human.

5) Anonymity: the exchange between nodes follows a fixed algorithm, so the counter party does not
need to make the other party trust it through public identity.

Advantages of proposed system

BCA,KLESociety’sDegreeCollege 9
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

1) A lightweight medical data sharing and protection model is proposed, which is based on
blockchain. Utilizing the proxy re-encryption technology, the model could make data sharing among
doctors from different hospitals. The stored medical information is very secure and could not be
easily tampered since they are stored in the blockchain.

2) An improved consensus mechanism is proposed by improving the traditional delegated proof of

stake. It is secure, reliable, and efficient.

3) We design a symptoms-matching mechanism for patients who register in different hospitals and
have the same disease symptoms. One session key could be set between the patients after they make
mutual authentication. The mechanism can help patients to communicate the disease information.

System Architecture

BCA,KLESociety’sDegreeCollege 10
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

CHAPTER 5
SYSTEMDESIGN

5.1 Requirement Analysis

HARDWARE REQUIREMENTS:

 System : Pentium IV 2.4 GHz.

 Hard Disk : 16 GB available hard disk space (32-bit) or 20 GB (64-bit)

 Monitor : 14’ Colour Monitor.

 Mouse : Optical Mouse.

 Ram : 4 GB.

SOFTWARE REQUIREMENTS:

 Operating system : Windows 7/8/9.

 Coding Language : Python IDE

 Front-End : Pycharm.

BCA,KLESociety’sDegreeCollege 11
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

 Back End : SqlLite

REFERNCES
[1] A K Jha, D Doolan, D Grandt, T Scott, and D W Bates, “The use of health information technology
in seven nations,” Int. J Med. Inform., vol.77, no.12, 2008, pp. 848–854.
[2] Y Guo and C Liang, “Blockchain application and outlook in the banking industry,” Financ. Innov.,
vol.2, no.24, 2016, pp. 1–12.
[3] Y Yuan and F Y Wang, “Blockchain: the state of the art and future trends,” Acta Automat. Sinica,
vol.42, no.4, 2016, pp. 481–494.
[4] B Shickel, P J Tighe, A Bihorac, and P Rashidi, “Deep EHR: a survey of recent advances in deep
learning techniques for electronic health record (EHR) analysis,” IEEE J Biomed Health, vol.22, no.5,
2018, pp. 1589– 1604.
[5] G S Birkhead, M Klompas, and N. R. Shah, “Uses of electronic health records for public health
surveillance to advance public health,” Annu. Rev. Publ. Health, vol.36, no.1, 2015, pp. 345–359.
[6] F G Li, Y N Han, and C H Jin, “Cost-effective and anonymous access control for wireless body
area networks,” IEEE Syst. J., vol.12, no.1, 2018, pp. 747–758.
[7] M M Hassan, K Lin, X Yue, and J Wan, “A multimedia healthcare data sharing approach through
cloud-based body area network,” Future Gener. Comp. Sy., vol.66, 2017, pp. 48–58.
[8] J J P C Rodrigues, I D L Torre, and G Ferna´ndez, and M L Coronado, “Analysis of the security
and privacy requirements of cloud-based electronic health records systems,” J Med. Internet Res.,
vol.15, no.8, 2013, pp. 418–426.
[9] M Preethi and R Balakrishnan, “Cloud enabled patient-centric EHR management system,” 2014
IEEE International Conference on Advanced Communications, Control and Computing Technologies,
Ramanathapuram, India, 2014, pp.1678-1680.
[10] F Xhafa, J L Feng, Y H Zhang, X F Chen, and J Li, “Privacy-aware attribute-based PHR sharing
with user accountability in cloud computing,” J Supercomput., vol.71, no.5, 2015, pp. 1607–1619.
[11] N Leavitt, “Is cloud computing really ready for prime time?,” Computer, vol.42, no.1, 2009, pp.
15–20.
BCA,KLESociety’sDegreeCollege 12
h Semantic Query-Featured Ensemble Learning Model for SQL-Injection Attack Detection

[12] N Sultan, “Making use of cloud computing for healthcare provision: opportunities and
challenges,” International Journal of Information Management, vol.34, no.2, 2014, pp. 177–184.
[13] S Nakamoto. “Bitcoin: a peer-to-peer electronic cash system,” 2008. [Online] Available:
http://bitcoin.org/bitcoin.pdf.
[14] C Lin, D B He, X Y Huang, K R Choo, and A V Vasilakos, “BSeIn: A blockchain-based secure
mutual authentication with fine-grained access control system for industry 4.0,” J Netw. Comput.
Appl., vol.116, no.15, 2018, pp. 42–52.
[15] M Mettler, “Blockchain technology in healthcare: the revolution starts here,” 2016 IEEE 18th
International Conference on e-Health Networking, Applications and Services (Healthcom), Munich,
Germany, 2016, pp.1-3.

BCA,KLESociety’sDegreeCollege 13