Reinforcing Health Record Access Control Systems Leveraging Blockchain for Role-Based Security

Abstract

Cloud computing provides efficient data storage and sharing with low-cost resource utilization, but security issues are still a major challenge, especially data confidentiality and access control. Conventional approaches depend on encrypting data prior to uploading it to the cloud, but dynamic group management and secure key distribution are still challenging problems. To overcome these issues, this study suggests a secure and decentralized data-sharing model using blockchain technology and Role-Based Access Control (RBAC) combined with Elliptic Curve Cryptography (ECC). The system supports effective key management so that encrypted data can be accessed by authorized users only without any direct intervention of the data owner. Hybrid cloud model is implemented, where sensitive role structures and user mappings are kept in a private cloud and encrypted data is handled in a public cloud, for better security and scalability. The suggested method guarantees smooth revocation of group members by updating group keys automatically without re-encrypting the initial data, thus eliminating unauthorized access. Blockchain technology is also utilized to offer tamper evidence and solve issues of data modification. This new combination of blockchain, ECC encryption, and RBAC provides strong data privacy, secure key distribution, and effective role-based access, and hence is a very secure and scalable solution for cloud-based data sharing.

Introduction

Cloud computing offers efficient data storage and sharing but faces significant security and privacy challenges, especially for sensitive data outsourced to cloud vendors. Traditional encryption methods struggle with dynamic group management and user revocation. This paper proposes a secure, efficient data-sharing framework integrating blockchain technology, Role-Based Access Control (RBAC), and Elliptic Curve Cryptography (ECC) to enhance cloud security.

Blockchain provides tamper resistance and decentralized control, eliminating single points of failure and increasing trust. RBAC enforces disciplined access by mapping users to roles, restricting data access to authorized users only. ECC offers a lightweight but strong encryption scheme suitable for cloud environments. The hybrid cloud model stores sensitive role and user information in a private cloud while public cloud manages encrypted data and access policies. The system supports dynamic user revocation by automatically updating group keys without re-encrypting data, ensuring seamless and secure access control.

The paper positions this integrated approach as a scalable, secure, and efficient solution that overcomes limitations of traditional cloud security models, providing a robust foundation for modern cloud applications.

The related work reviews several recent IoT and cloud security models using attribute-based and blockchain-enhanced access control, highlighting the growing trend toward decentralized, flexible, and privacy-preserving frameworks.

The background section notes limitations of current access control schemes, including high latency, centralized bottlenecks, and complex key management, motivating the proposed blockchain-based RBAC with ECC system.

Finally, experimental results demonstrate the system’s effectiveness in encryption efficiency, accurate access control, scalable user revocation, and overall security improvements in a simulated cloud environment.

Conclusion

This paper introduces a highly efficient and secure access control mechanism for cloud-based data sharing via integration of Role-Based Access Control (RBAC), Blockchain Technology, and Elliptic Curve Cryptography (ECC). The system proposed here guarantees access to sensitive information by authorized users with legitimate roles only, barring unauthorized access and unwanted modifications and ensuring privacy. Through the use of blockchain technology, the system allows a decentralized and tamper-resistant architecture for the control of access control policies, data integrity, and automated revocation of users. The RBAC security model increases security through mapping roles to users, enabling organizations to administer structured access control without any human interaction. The ECC encryption scheme, on the other hand, guarantees efficient and secure key exchange with less computational overhead but high security levels. The integration of time-based access permissions further enhances data protection by providing access only within pre-defined time limits. In general, the system under consideration outperforms existing access control models due to its scalability, decentralization, and security in cloud-based data sharing. The integration of RBAC, blockchain, and ECC not only enhances data confidentiality and integrity but also facilitates ease of user revocation and key management. This solution gives organizations a future-proof and solid solution to secure cloud storage and easily administer access control mechanisms.

References

[1] Bhatt, Smriti, Thanh Kim Pham, Maanak Gupta, James Benson, Jaehong Park, and Ravi Sandhu. \"Attribute-based access control for AWS internet of things and secure industries of the future.\" IEEE Access 9 (2021): 107200-107223. [2] Chaudhry, Shehzad Ashraf, Khalid Yahya, Fadi Al-Turjman, and Ming-Hour Yang. \"A secure and reliable device access control scheme for IoT based sensor cloud systems.\" IEEE Access 8 (2020): 139244-139254. [3] Yang, Qiliang, Mingrui Zhang, Yanwei Zhou, Tao Wang, Zhe Xia, and Bo Yang. \"A non-interactive attribute-based access control scheme by blockchain for IoT.\" Electronics 10, no. 15 (2021): 1855. [4] Hossein, Koosha Mohammad, Mohammad Esmaeil Esmaeili, Tooska Dargahi, Ahmad Khonsari, and Mauro Conti. \"BCHealth: A novel blockchain-based privacy-preserving architecture for IoT healthcare applications.\" Computer Communications 180 (2021): 31-47. [5] Banerjee, Soumya, Sandip Roy, Vanga Odelu, Ashok Kumar Das, Samiran Chattopadhyay, Joel JPC Rodrigues, and Youngho Park. \"Multi-authority CP-ABE-based user access control scheme with constant-size key and ciphertext for IoT deployment.\" Journal of Information Security and Applications 53 (2020): 102503. [6] Dammak, Maissa, Sidi-Mohammed Senouci, Mohamed Ayoub Messous, Mohamed Houcine Elhdhili, and Christophe Gransart. \"Decentralized lightweight group key management for dynamic access control in IoT environments.\" IEEE Transactions on Network and Service Management 17, no. 3 (2020): 1742-1757. [7] Pal, Shantanu, Tahiry Rabehaja, Michael Hitchens, Vijay Varadharajan, and Ambrose Hill. \"On the design of a flexible delegation model for the Internet of Things using blockchain.\" IEEE Transactions on Industrial Informatics 16, no. 5 (2019): 3521-3530. 8. Panda, Soumyashree S., Debasish Jena, Bhabendu Kumar Mohanta, Somula Ramasubbareddy, Mahmoud Daneshmand, and Amir H. Gandomi. \"Authentication and key management in distributed iot using blockchain technology.\" IEEE Internet of Things Journal 8, no. 16 (2021): 12947-12954. [8] Yang, Wenti, Zhitao Guan, Longfei Wu, Xiaojiang Du, and Mohsen Guizani. \"Secure data access control with fair accountability in smart grid data sharing: An edge blockchain approach.\" IEEE Internet of Things Journal 8, no. 10 (2020): 8632-8643. [9] Khan, Shahzad, Waseem Iqbal, Abdul Waheed, Gulzar Mehmood, Shawal Khan, Mahdi Zareei, and Rajesh Roshan Biswal. \"An efficient and secure revocation-enabled attribute-based access control for eHealth in smart society.\" Sensors 22, no. 1 (2022): 336.

Copyright

Copyright © 2025 M. Naveena. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.