An Enhanced Authorization Protocol in Blockchain for Personal Health Information Management System

Blockchain and cloud-edge computing paradigms have gradually evolved as a profitable alternative for managing patient data in clinical Internet-of-Things (IoT) devices. Various studies are presented to secure medical records in IoT devices using blockchain schemes. Amongst, eHealthChain is developed to handle medical records obtained from clinical IoT systems. It utilizes Hyperledger Fabric as a blockchain policy to accumulate private medical records. The client's medical record is collected by utilizing the OAuth 2.0 protocol that guarantees the client's authority. Besides, a Message Queuing Telemetry Transport (MQTT) protocol is applied to communicate within an IoT platform. The reliability of the medical data is guaranteed by a consensus method called Kafka. However, the standard OAuth 2.0 protocol neglects the client security problem. Though MQTT offers many-to-many transmissions, the restricted sleep time of devices related to the fixed query waiting is ineffective for resource-constrained networks. Hence, the major contributions of this article are: (i) to develop an Enhanced OAuth (EOAuth) 2.0-based protocol which solves the client security problem and (ii) to utilize a protocol called Constrained Application Protocol (CoAP) for reliable transmission. It reduces the user verification time by obtaining more trusted clients according to their trust level. Also, a certified security service is employed to get the client’s input securely and conduct the cryptographic processes. Finally, the implementation findings exhibit that the EOAuth and CoAP achieve higher efficiency than the standard protocols. Index Terms – Blockchain, Cloud-Edge Computing, IoT Networks, eHealthChain, OAuth 2.0, MQTT, Consensus, CoAP, Kafka.