City Research Online

Abstract

In response to the evolving landscape of digital technology in healthcare, this study addresses the multifaceted challenges pertaining to identity and data privacy. The core of our key recovery-enabled framework revolves around the establishment of a robust identity verification system, leveraging the World Wide Web Consortium(W3C) standard for verifiable credentials(VC) and a test blockchain network. The approach leverages cryptographic proofs embedded within credentials issued by various entities to securely validate the legitimacy of identities. To ensure standardized identity establishment, the roles and responsibilities of entities align with the UK digital identity and attribute trust framework, resulting in a cohesive verification process. Embracing self-sovereign identity (SSI), encrypted credentials are stored within the owner's device, empowering individuals with data control while prioritizing privacy and security. Furthermore, the work introduces an algorithm that places paramount importance on owner-centricity, trustworthiness, and privacy-aware handling of SSI credentials, subjected to threat modeling through the Owasp Dragon tool. A key recovery algorithm, a key component of our Recovery-Enabled Framework, empowers users to regain credentials using a trustee-based recovery system with a memorized PIN, eliminating the need for third-party reliance. Furthermore, a trust score, a crucial component of the framework, assesses the conformity of verified credentials with stated standards, boosting trust in established identities. Leveraging the modularity of Hyperledger Fabric, the work utilizes smart contracts to impose context-aware attribute-based policies, ensuring controlled access, traceability, and auditability, consequently strengthening security. Through comprehensive development, refinement, and rigorous testing, the prototype emerges as a potent tool for enhancing security within the Digital Health Ecosystem. It equips organizations with the means to navigate this digital landscape while inspiring trust among stakeholders, significantly contributing to the resilience of identity in the digital health ecosystem.

Publication Type:	Article
Additional Information:	This article is available under the Creative Commons CC-BY-NC-ND license and permits non-commercial use of the work as published, without adaptation or alteration provided the work is fully attributed.
Publisher Keywords:	Trust, Healthcare, Security, Privacy, Attribute-based access control, Blockchain, Decentralized identity, Key recovery, Verifiable credentials
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science R Medicine > RA Public aspects of medicine T Technology > T Technology (General)
Departments:	School of Science & Technology > Engineering
SWORD Depositor:	Symplectic Administrator

Export

Downloads