부산대학교 도서관

The transition from patient-centered medical services to Health 5.0, which provides medical services to all customers using smart healthcare, has led to the use of the Internet of Things (IoT) for medical diagnosis and research based on the personal health records (PHRs) of service users. However, PHR contain sensitive personal information, which can cause privacy issues. Additionally, as emergencies may occur in real medical environments, multiauthority delegation must be considered. Although various methods are being studied for data sharing, they often do not meet the necessary security requirements in a real PHR sharing environment. In this study, we propose a system that uses key aggregate searchable encryption (KASE) to satisfy security requirements and leverages blockchain and smart contracts to improve data integrity, data audit records, and transparency. We also propose a method that ensures the data subject rights of PHR data owners when delegating multiple rights using attribute tokens. We conduct formal and informal security analyses to verify the robustness of the proposed system against potential adversarial attacks. Finally, a performance evaluation is conducted to verify the effectiveness of the proposed scheme.