A novel architecture for tamper proof electronic health record management system using blockchain wrapper

In this paper, we present a novel architecture of blockchain-based tamper-proof electronic health record (EHR) management system. Recording electronic health data in cloud-based storage systems always pose a threat to information security. Intruders can delete or tamper EHR of patients, giving benefits to insurance companies or hiding medical malpractices (e.g. misdiagnosis and delayed diagnosis). A tamper-proof EHR management system is required that would essentially solve such issues. The blockchain is an emerging technology that can be adapted to develop a tamper-proof data management system. However, establishing a new blockchain based system replacing the existing system is expensive. In our proposed architecture, we introduce a wrapper layer integration mechanism, named as the blockchain handshaker, between the existing cloud-based EHR management system and public blockchain network to develop a tamper-proof health record management system. We implement a prototype to provide evidence on the feasibility of the proposed concept. - 2019 Association for Computing Machinery.Scopu

Cross-Referencing Method for Scalable Public Blockchain

We previously proposed a cross-referencing method for enabling multiple peer-to-peer network domains to manage their own public blockchains and periodically exchanging the state of the latest fixed block in the blockchain with hysteresis signatures among all the domains via an upper network layer. In this study, we evaluated the effectiveness of our method from three theoretical viewpoints: decentralization, scalability, and tamper resistance. We show that the performance of the entire system can be improved because transactions and blocks are distributed only inside the domain. We argue that the transaction processing capacity will increase to 56,000 transactions per second, which is as much as that of a VISA credit card system. The capacity is also evaluated by multiplying the number of domains by the average reduction in transaction-processing time due to the increase in block size and reduction in the block-generation-time interval by domain partition. For tamper resistance, each domain has evidence of the hysteresis signatures of the other domains in the blockchain. We introduce two types of tamper-resistance-improvement ratios as evaluation measures of tamper resistance for a blockchain and theoretically explain how tamper resistance is improved using our cross-referencing method. With our method, tamper resistance improves as the number of domains increases. The proposed system of 1,000 domains are 3-10 times more tamper-resistant than that of 100 domains, and the capacity is 10 times higher. We conclude that our method enables a more scalable and tamper-resistant public blockchain balanced with decentralization.Comment: (29 pages, 18 figures, Internet of Things 15 (2021) 100419

Towards Tamper-Evident Storage on Patterned Media

We propose a tamper-evident storage system based on probe storage with a patterned magnetic medium. This medium supports normal read/write operations by out-of-plane magnetisation of individual magnetic dots. We report on measurements showing that in principle the medium also supports a separate class of write-once operation that destroys the out-of-plane magnetisation property of the dots irreversibly by precise local heating. We discuss the main issues of designing a tamper-evident storage device and file system using the properties of the medium

Can't Touch This: unconditional tamper evidence from short keys

Storing data on an external server with information-theoretic security, while using a key shorter than the data itself, is impossible. As an alternative, we propose a scheme that achieves information-theoretically secure tamper evidence: The server is able to obtain information about the stored data, but not while staying undetected. Moreover, the client only needs to remember a key whose length is much shorter than the data. We provide a security proof for our scheme, based on an entropic uncertainty relation, similar to QKD proofs. Our scheme works if Alice is able to (reversibly) randomise the message to almost-uniformity with only a short key. By constructing an explicit attack we show that short-key unconditional tamper evidence cannot be achieved without this randomisability

Trends and uptake of new formulations of controlled-release oxycodone in Canada

Purpose: This study investigated the impact of changing availability of tamper‐deterrent and non‐tamper‐deterrent oxycodone on prescribing patterns of controlled‐release oxycodone across Canada. Methods: We conducted a population‐based, serial cross‐sectional study of controlled‐release oxycodone dispensing from community pharmacies across Canada between October 2007 and April 2016. We calculated rates of dispensing (tablets per 100 population) and reported the relative market share of generic non‐tamper‐deterrent controlled‐release oxycodone. All analyses were reported nationally and stratified by province. Results: After the introduction of a tamper‐deterrent formulation, the national rate of controlled‐release oxycodone dispensing fell by 44.6% (from 26.4 to 14.6 tablets per 100 population from February 2012 to April 2016). Between December 2012 and July 2013, there was moderate uptake of generic non‐tamper‐deterrent controlled‐release oxycodone (968 452 tablets; 16.0% in July 2013), which appeared to have little impact on the overall rate of controlled‐release oxycodone dispensing in Canada. However, the uptake of generic non‐tamper‐deterrent oxycodone varied considerably by province. By April 2016, 55.0% of all controlled‐release oxycodone tablets dispensed in Quebec were for the generic formulation. […

Towards compliant data retention with probe storage on patterned media

We describe how the compliance requirements for data retention from recent laws such as the US Sarbanes Oxley Act may be supported by a tamper-evident secure storage system based on probe storage with a patterned magnetic medium. This medium supports normal read/write operations by out-of-plane magnetisation of individual dots. We report on an experiment to show that in principle the medium also supports a separate class of write-once operation that destroys the out-of-plane magnetisation property of the dots irreversibly by precise local heating. The write-once operation can be used to support flexible data retention by tamper-evident writing and physical data deletion

Cloud-Based Secure Logger for Medical Devices

A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of medical device and patient information allows efficient forensic analysis in cases of adverse events or attacks on interoperable medical devices. A secure logger as such must meet requirements of confidentiality and integrity of message logs and provide tamper-detection and tamper-evidence. In this paper, we propose a design for such a cloud-based secure logger using the Intel Software Guard Extensions (SGX) and the Trusted Platform Module (TPM). The proposed logger receives medical device information from a dongle attached to a medical device. The logger relies on SGX, TPM and standard encryption to maintain a secure communication channel even on an untrusted network and operating system. We also show that the logger is resilient against different kinds of attacks such as Replay attacks, Injection attacks and Eavesdropping attacks