ArticlePDF Available

Decentralized secure storage of medical records using Blockchain and IPFS: A comparative analysis with future directions

  • Dr. SPM Internation Institute of Information Technology, Naya raipur


Most of the hospitals store their patient's data locally and some even do not have any backup storage. This poses a real threat of data loss or data corruption. Although many hospitals are migrating to cloud storage, the clouds have their own threat vectors. Recently, various health care providers were hit by ransomware and Distributed Denial of Service attacks during the COVID‐19 outbreak. Due to these attacks, many emergency services were halted, affecting hundreds of thousands without any healthcare. Another problem with these traditional database practices is that they often misplace or mix the patient's data, which, needless to say, have severe complications. Many researchers are working on IPFS and Blockchain technology to improve the storage of medical records. This article presents a detailed study of the IPFS and Blockchain based healthcare secure storage solutions. It analyzes the existing solutions and their architecture, which will further facilitate the future research and development of emerging IPFS and Blockchain technologies.
Received: 17 December 2020 Revised: 10 March 2021 Accepted: 22 March 2021
DOI: 10.1002/spy2.162
Decentralized secure storage of medical records using
Blockchain and IPFS: A comparative analysis with
future directions
Shivansh Kumar Aman Kumar Bharti Ruhul Amin
DR SPM International Institute of
Information Technology, Raipur,
Chattisgarh, India
Ruhul Amin, DR SPM International
Institute of Information Technology,
Raipur, Chattisgarh, India.
Most of the hospitals store their patient’s data locally and some even do not
have any backup storage. This poses a real threat of data loss or data corrup-
tion. Although many hospitals are migrating to cloud storage, the clouds have
their own threat vectors. Recently, various health care providers were hit by
ransomware and Distributed Denial of Service attacks during the COVID-19
outbreak. Due to these attacks, many emergency services were halted, affect-
ing hundreds of thousands without any healthcare. Another problem with these
traditional database practices is that they often misplace or mix the patient’s
data, which, needless to say, have severe complications. Many researchers are
working on IPFS and Blockchain technology to improve the storage of medical
records. This article presents a detailed study of the IPFS and Blockchain based
healthcare secure storage solutions. It analyzes the existing solutions and their
architecture, which will further facilitate the future research and development
of emerging IPFS and Blockchain technologies.
Blockchain, decentralized, IPFS, secure storage, smart-contract
In the year 2020, the number of cyber-attacks has increased exponentially. While the world is fighting COVID-19, the dig-
ital space is also under a cyber-pandemic. Interestingly, these attacks are targeting healthcare institutions, as they are the
busiest in the COVID-19 outbreak, and even the smallest mistake from the employees of these institutions can compro-
mise the whole infrastructure. It is referred to as a cyber-pandemic because these attacks are causing damages in billions
of dollars and affecting millions of people around the world. These attacks can cause serious damage to society as many
health care institutes cannot operate after/during a cyberattack, rendering the whole institution useless, and devoiding
needy patients of their healthcare needs. If analyzed thoroughly, it is not only the operations of hospitals that are affected,
but most. However, patients’ sensitive medical data are at stake, as hospitals store the data related to the appointment,
reports, medical history, and prescriptions along with other vital information regarding the patient. Currently, 67% of the
large hospitals use the Storage Area Networks for their data storage. SAN is very efficient as it provides low latency and is a
secure option to store data but this solution is also centralized and is vulnerable to cyberattacks. External Storage Devices
are used by 62% of the hospitals and include storage on hard disks, SSDs, and so on. This option is not viable as often
proper data encryption mechanisms are missing and any failure may cause permanent loss of data. A network-attached
Security Privacy. 2021;e162. © 2021 John Wiley & Sons, Ltd. 1of16
2of16 KUMAR  .
storage system (NAS) is used by 45% of the hospitals, as it is mostly used to integrate multiple servers and makes it eas-
ier to retrieve data and recovery of lost data across the network. Twenty-six percentage of the hospital are outsourcing
their storage to third-party vendors, which can be costly, and the methods used by them for data storage vary from ven-
dor to vendor. Cloud computing is used by 24% of the hospitals, which deploy hybrid cloud models and have a proper
IT department to configure the cloud infrastructure. Needless to say, all of these storage solutions are operating in a cen-
tralized or distributed manner, so implementing decentralization will exponentially increase the security and reliability
of these systems. As data are stored by the hospitals in a centralized manner, they are sometimes even stored by ignor-
ing the guidelines provided by HIPAA. This poses a significant threat as at any point of failure in the security perimeter
there will not be any other measure to contain the damage and theft of sensitive medical data. This can be countered
by a strict policy access control system, but that is also missing most of the time. These data should be available to the
hospitals at any point of time. In the case of cyberattacks, most healthcare providers often lose these data to ransomware
or the data are not accessible due to Distributed Denial of Service (DDoS) attacks. Also, data theft and leakage through
third-party vendors that provide data management and storage services are prevalent too. All the medical data are stored
in a centralized manner in the institutions, and it is getting riskier as a centralized infrastructure is more vulnerable com-
pared to a distributed one. That is why migration toward distributed databases/systems is becoming essential, and recent
technological advancements are indicating some very promising solutions.
In a Denial of Service (DoS) attack, the attackers target resource consumption of the victim, and they try to overwhelm
the victim’s infrastructure with elevated number of processes, requests, and bandwidth usage. This attack can be executed
in wired (in-network) or wireless mode (web access). The attackers’ goal is to keep the resource busy so that the system
cannot be used to its intended purpose or even crash the system with such huge load. A variant of the attack is DDoS
attack; in this, a swarm of attacking machines are used to exhaust the victim’s computing and communication resources
as in DoS one attacking node was used. DDoS are more brutal and severe than the DoS attacks because the malicious
requests to the victim come from different machines and origins, and most of the time botnets are used for DDoS attacks.
Botnets are networks of the machines infected by a virus, which turns them into a bot and these bots follow the commands
sent by the controlling node.1DDoS or DoS attacks do not usually last long but cause a lot of instant damage.
In the case of a ransomware attack, they can last long. In a ransomware attack, the attacker is able to run a malware
on the victim’s system, and then that malware encrypts all the data present on the system and the network of which the
system is part of. Then, they demand a ransom from the victim in exchange of the decryption key. If the ransom is not
paid, the data can be lost forever.
Third party data breach happens when the data management service provider is hit by a cyberattack and the organi-
zation is unable to retrieve the data, or their sensitive data are leaked through the compromised systems of the service
provider. This can cause a lot of damage and permanent data loss.
But even if they take all the precautions and measures, these organizations are still prone to Social Engineering attacks.
Humans are considered as the most weak link in the whole infrastructure, as they are the ones who operate on these
system, Social Engineering is the psychological manipulation of a victim to performing certain actions or divulging con-
fidential information. The most common Social Engineering attacks are the phishing attacks, where the victim is tricked
into divulging confidential information either through genuine looking replica sites or through specially curated emails.
There are various incidents of different attacks on health care Institutions mentioned in Table 1 along with their
specifications, date of the incident, victim, and impact.
In January 2020, a clinical genomics diagnostics vendor, named Ambry Genetics, got affected by a massive email hack
from January 22 to January 24, 2020, which resulted in compromised data of 232772 patients; spear phishing campaigns
are one of the major attack vectors of hackers as hospitals do not have proper infrastructure or staff training for dealing
with phishing attacks. In March 2020, 39 public hospital’s servers were hit by a massive DDoS attack during the health
crisis, and the fact is that the hospital’s worth is billion euros, which gives employment to more than 1 lakh people.
Nowadays, it is very easy to perform a small-scale DDoS attack and affect millions of patients as hospitals do not have
proper security mechanism and they also do not have the proper IT infrastructure to handle large number of traffic. In
June 2020, The Elite Emergency Physicians faced a massive security incident involving disposal of patient records as well
as records from its Elkhart Emergency. It was found that the files that third-party vendor were handling, which were
used for secure data storage for a number of healthcare entities, had disposed files of 550000 patients. In July 2020, The
Florida Orthopaedic Institute (FOI) faced a ransomware attack, which breached the data of about 640 000 patients. Major
patient’s data were encrypted and hospitals were hit by a major loss. Ransomware attacks nowadays are in trend and it
can easily wipe out or make the data inaccessible in a matter of minutes. In September 2020, The Duesseldorf University
KUMAR  . 3of16
TABLE 1 Recent attacks on hospitals
Attack Month/year Attack name Attack specification Victim Attack impact
January 2020 Email Phishing A clinical genomics diagnostics vendor,
named Ambry Genetics, got affected
by a massive email hack from
January 22 to January 24, 2020,
which result in compromised data of
232 772 patients.
Ambry Genetics Data Breach of 232 772
March 2020 DDoS Attack Many hospitals in Paris got affected by a
denial of service attack in the middle
of a health pandemic, This attack has
denied internet access to different
services for more than an hour.
Paris Hospitals Billion euros worth hospital,
which gives employment to
more than 1 lakh people
through 39 public hospitals
located in Paris region were
June 2020 Third Party Data Breach In month June, A report has been filed
that third-party vendor Central Files,
which is used for secure data storage
for a number of healthcare entities,
had disposed some files of the
Elkhart Emergency
Data disposed by third party
vendor of 550 000 patients
July 2020 Ransomware Attack The Florida Orthopaedic Institute (FOI)
faced a ransomware attack, which
breached the data of about 640 000
Florida Orthopaedic
Institute (FOI)
Data breach of about 640 000
September 2020 Ransomware Attack The Duesseldorf University Clinic’s
systems have been attacked with
Ransomware, The hacker used
widely used commercial add-on
software to encrypt the data.
Duesseldorf University
30 servers data were
encrypted and 1 patient
September 2020 Ransomware Attack The UHS Health services have been
attacked with Ryuk Ransomware,
UHS Health care have to shut down
its Healthcare facilities due to attack
UHS Universal Health
Services systems
400 healthcare facilities in the
US and UK have been
affected, and four patients
have died
4of16 KUMAR  .
Clinic’s systems were attacked with Ransomware. The hacker used widely used commercial software to encrypt the data.
Data of 30 servers were encrypted and one woman died. This was the first death reported due to a cyberattack in 2020.
According to Security magazine, there is a 75% increase in reports of ransomware attacks on healthcare entities. It
covers the IT security traits of healthcare entities, including hospitals, health systems, doctor’s offices, consultants, and so
on. Email security is one of the major issues found in these attacks. In a report of Interpol, Interpol’s Cybercrime Threat
Response team at its Cyber Fusion Centre has found a notable surge in the number of attempted ransomware attacks
against different organizations. Cybercriminals are using advanced ransomware to make medical services and hospitals
digitally hostage.
1.1 Major Contribution of this Article
The major contributions of this article are listed below.
We have rigorously surveyed on Blockchain and IPFS enabled secure storage of medical records and presented in the
article. Moreover, we have analyzed the existing published works and highlighted the shortcoming of each work.
We have made a comparison table to know about the state-of-the-art and presented in the article. Furthermore, we
have discussed some open research challenges.
1.2 Road Map of this article
We have started this work by highlighting the introductory part in Section 1 followed by the background study of this work
in Section 2. Section 3 discusses and highlights the literature review with comparisons. We have mentioned some com-
parative studies in Section 4, followed by some open research challenge problems in Section 5, and concluding remarks
in Section 6.
2.1 Blockchain Technology
As the name suggests, Blockchain is made up of record blocks that are linked together using cryptography. Each block
consists of a cryptographic hash of the previous block, a timestamp, and transactional data. So, basically Blockchain is
one big digital, public ledger to store transactions. Blockchain is used in cryptocurrencies as a distributed public ledger.
Basically, the Blockchain stores all the transactional data of the cryptocurrency and it can be verified by the public. Some
major security advantages of using Blockchain technology are the integrity of the transactions, strong authentication,
and immutability of data. Blockchain works on decentralized infrastructure, hence it is more reliable as there is no single
point of failure in the model. Also, decentralization enables direct peer-to-peer transactions without the need of third
party exchanges or middlemen, thus eliminating the extra fee and charges.
In 2008, an article, titled “Bitcoin - A Peer to Peer Electronic Cash System”,2was posted to a mailing list discus-
sion on cryptography. The post was authored by someone with the username Satoshi Nakamoto, his real identity still
remains unknown. Finally, in 2009, Bitcoin was made available to the public for usage and mining. Bitcoin encouraged
many other cryptocurrencies to emerge, and the most notable was Ethereum. While Bitcoin was designed to decentralize
online banking, Ethereum was designed to decentralize the traditional client-server based computer systems. In 2013, a
research article was published by Vitalik Burterin. In 2015, Ethereum was released to the public by a company Ethereum
Switzerland GmbH.
Blockchain is a distributed database maintained by the nodes in the Blockchain network. Block records a number
of transactions in a data structure. The size of data stored in a block varies in different Blockchains. A lot of computing
power is used in block generation, in which a set of complex mathematical problems should be solved. So, the node
generated block is rewarded with the coin specific to the Blockchain, like Bitcoin in the case of the Bitcoin Blockchain.
The newly generated block is added to the Blockchain, so the size of the Blockchain keeps on increasing. Also, people can
join the Blockchain network by adding a node to it. Every node has the same copy of the whole public ledger. Each party
KUMAR  . 5of16
with a fully synced node with the Blockchain can transfer assets to other peers, and this transfer is recorded in the block
in the Blockchain, which is then updated to every node in the Blockchain and is immutable. To identify the users for
authentication purposes, digital signatures are used. All the blocks in the Blockchain are linked to each other in a logical
manner with the help of a special data structure (Merkel Tree). When one party has to perform a transaction, the hash
of the previous block, timestamp, public key of the receiver party, and the digital signature of the sender party’s node are
stored in the block’s header and then are permanently written to the Blockchain. The whole transaction is handled by the
Blockchain software and only digital signatures are used for identification and authentication, resulting in full anonymity
to the real-life identity.
2.2 IPFS Technology
Inter-Planetary File System (IPFS) is a peer-to-peer hypermedia protocol. This is a whole new protocol specifically
designed for storing versioned file data in a decentralized manner. The research article titled “IPFS—Content Addressed,
Versioned, P2P File System (DRAFT 3)” was published by Juan Benet; in this article, he discussed the problem faced in
using the de-facto HTTP protocol in data distribution and proposed the IPFS protocol.3Distributed Hash Table (DHT) is
a distributed system that provides access to the key-value store. The store is distributed over the nodes that are present
in the network, which helps the system to get good performance and scalability. All the nodes in IPFS have a specific
NodeId, which is the hash of its public key. The nodes store objects in their local storage, and these objects represent files
and other data structured in IPFS. Every node maintains a DHT that is used to search the network address of the other
peer, which can serve a specific task. DHT lets us discover the peers across the network.
Content addressing is used in IPFS; whenever a file is added in the system, the file is divided into chunks of 256-k
bytes. These chunks have some object data and links, all placed in a MerkelDAG. One single hash is returned from the
system, which is called base CID, and that hash is used to retrieve the file from the IPFS. This hash generation also ensures
the de-duplication in the network as the same hash will be generated from a file, if it is pushed to the IPFS again and even
a single change in the file will change the whole Base CID hash.
IPFS is not only a peer-to-peer file-sharing system, it also has other aspects to it. One such useful technology is IPNS
(Inter-Planetary Name Server), which is a distributed alternative to the centralized DNS systems. When any website is
hosted on the IPFS, users can access it by using the hash returned by the IPFS network. This hash is used to visit an
IPFS-hosted website through gateway. The problem occurs when the website developer changes or modifies the
source code of the website, as the files stored in IPFS are immutable, the developer cannot change the already pushed file.
So, the developer would need to add the whole website to the IPFS once again, and doing this will change the content hash
of the site. This will cause a lot of problems, where the site owner would have to change the mentioned URL every time
any change is made to the website. Also, it is not possible to learn the content hash by the users of the site. This problem
is solved by IPNS, with IPNS we can create an address that will be in a readable form as well as easier to memorize just
like domain names. In IPNS, a name is the hash of the Public Key. It has some information about the hash and a new
record can be published at any time. IPNS is a global namespace based on Public Key Infrastructure (PKI),4which lets
users to follow the public key’s route peer, providing us encryption and authentication. It can be easily cooperated with
mapping DNS entries, Onion, or bit addresses to the IPNS addresses.
2.3 Ethereum Smart Contracts
“Ethereum is a decentralized system that runs smart contracts.” These contracts run on the “Ethereum Virtual Machine,”
which is a distributed network made up of the devices running on Ethereum nodes.5
It is a decentralized system, which means one can start up and run an Ethereum node by themselves and the peo-
ple who want to run smart contracts have to pay the owners of the nodes in Ether, which is a cryptocurrency token
of Ethereum in exchange for the computing power.6Smart contracts are contracts that run on the Ethereum Virtual
Machines. The smart contracts are executed automatically when the requirements mentioned in the contract are met. A
smart contract automatically enforces a contract between the parties, with a credible public ledger without any interfer-
ence of anyone.7Smart contracts can be implemented to store information and for programming some event depending
on some condition. They are used to provide features to the users and can be used by the developers in creative ways in
programming functionality.
6of16 KUMAR  .
Blockchains are cryptographic decentralized ledgers presently used in peer-to-peer networks, which work independent
of any third party such as bank or authentication server. The records or transactions are kept in the blocks and they can
only be modified by the authorized users such that other nodes can notice and validate the change. The validated blocks
are chained together. Owing to the properties that Blockchains are used independently of any network and they bear
cryptographic significance, researchers consider them in their solutions for securely storing the IPFS hashes. This article
mainly reviews major works associated with Healthcare8data storage using Blockchain technology.
On the other hand, IPFS also plays a major role in storing the data in the distributed databases, which are vital for
peer-to-peer storage and hypermedia sharing method. It provides a content-address after the file is added to the IPFS,9
which is used to retrieve the data. So, instead of using location-based address, we use content-based address.
Researchers are working in IPFS and Blockchain domains mainly to utilize the traceability and immutability of
Blockchain and secure distributed storage of IPFS to secure the Healthcare data:
Taras Fil atov10 proposed a solution named “Dappros” as shown in Figure 1, in which they are providing decentralized
encrypted patient data storage based on IPFS ensuring protection against server failure. This system contains a unified
patient medical record database, and the database is distributed across multiple hospitals or different geographical loca-
tions of the same hospital institutional network, which is made up of private immutable Blockchain. And it helps to trace
any reflected data change of update to the auditors. It supports large files, and data can be synced just like BitTorrent and
so on. As it is not based on a central architecture, loss of any server or workstation does not mean the loss of any patient
data, as long as there are other nodes left in the network running the IPFS database. It also provides a multi-signature
access lock that is powered by Blockchain smart contracts where a patient’s data cannot be accessed or unlocked (as data
stored in the IPFS is in encrypted form) until unless both private keys of the patient and the health care network are
present. Thus, the main advantage of this solution is that it gives patients the power to secure their data by their private
key, and it also supports large file storage like X-ray scans, fMRI scans, and more to be stored in the database, and there
is no need to send patient’s record or a scan over insecure channels or restrict such access. Instead, the Blockchain and
IPFS powered distributed file storage system automatically syncs all data between all nodes in the network, meaning each
workstation has access to the same “data lake”. But, this Solution has also some shortcomings: (a) There is no process
shared that how the network of the hospital is created, that is, how hospitals and healthcare entities are registering or join-
ing the network. (b) There is only a private key mentioned but there is no information of which cryptography technique
that we are using to create a private key. (c) It is not mentioned how data are formatted to store in the IPFS database.
Randhir et al11 proposed an architecture in which a consortium network is fabricated by registering different health-
care providers and A POI (proof of identity) is given to them as well as Registration ID, which is shown in Figure 2. After
that, the healthcare entity uploads patients’ healthcare reports using a web application. Then, the local miners validate
the transaction using the Proof of work approach. The verified transaction then gets stored into IPFS distributed file stor-
age, and the address of the content, which is a hash, is received by the IPFS network, and then the hash is Stored in the
Blockchain network. The transaction can only be accessed by those entities who are part of the network and one can reg-
ister themselves using the peer registration process. The advantage of this process is that data are only shared between the
consortium network entities, which is made by registering entities using the peer registration process. Another advantage
is that local miners are verifying the transaction, which provides robust techniques to save the network from false data
or malicious acts. Off-chain and On-chain storage is provided, in which off-storage store the content hash of the report.
Where On-chain storage is used to store the IPFS content hash of the original healthcare report, and it contains proof of
the existence to maintain the integrity the timestamp from the machine internal clock, diagnostic report hash, patient
detail hash, and subsequent block hash are present in that. It is observed that as the report size increases the access time
also increases.11 As there are many advantages, there are also many imperfections: (a) as provided in the article, it takes
more time to download than upload, which can be very crucial in emergency cases. (b) No proof is provided on how many
kinds of data this system can support. (c) No data are provided on the security of the web interface.
Weiquan Ni et al12 proposed an architecture named “Healchain” in which there are three layers, namely user layer,
Blockchain layer, and the storage layer. In the user layer, various kinds of healthcare data are discovered and gathered by
many wearable devices like a wrist band, smart gloves, smartwatches, smart rings, and smart clothes and sent through
base station and wifi access point to specified servers acting as consortium Blockchain nodes. Data like Heart rate, walk-
ing distance, blood pressure, and many more are sent through wifi access point to CBN’s. In the Blockchain, layer miners
cooperate to verify the integrity of the data and authenticity of corresponding users by examining authentication infor-
mation. The authentication information contains digital signatures signed into healthcare data, digital certificates, public
KUMAR  . 7of16
FIGURE 1 Dappros proposed
structure from Reference 10
keys of users, and so on. When authentic healthcare data are verified, the data are stored into IPFS12 Storage layer, IPFS
is introduced as an off-chain layer, and the Healthcare data are stored in the IPFS, and the hash entry is recorded in the
Blockchain. The advantages of this system are that they provide proper authentication of data using different authen-
tication processes. It collects real-time data, which are very good for patient predictive health analysis. They have also
provided Data processing and Optimization in the mining process technique. Though it is a well-organized architecture,
it also has some shortcomings: (a) There is no focus on the security of wifi access point to save patients from MITM attack.
(b) There are no data provided on how an entity is registering itself in the consortium network. (c) As the number of
CBN’s are less in this system, the number of miners will also be very less, so when userbase increases, there will be delay
and issue with data verification.
Gururaj et al13 also proposed an architecture with similar kinds of technology, such as IPFS, Symmetric key cryptog-
raphy, Asymmetric key cryptography, Blockchain, BigChainDB (Database with Blockchain properties). When the process
starts, the application generates an RSA key pair for everyone in the network, that is, the patients, the doctors, and more
declare their identity. The participants keep the private key safely and make the public key public. After that, any health-
care entity that is present in the network generates the data and encrypts the data using a random AES key (symmetric
encryption algorithm), AES encrypts the medical report using the random key, and generates an encrypted file. To decrypt
this file, a random generated (16 bits) key is used. But there is a problem that whoever has that random key can decrypt
the encrypted data, so to rectify this, the key is encrypted using RSA crypto-system. The encrypted data are pushed into
IPFS and the encrypted key is published to public. If patients have to access their data they can retrieve it using the IPFS
hash but only after decrypting the AES key meant for the patient. To decrypt it, the patient must use his own private key
to obtain the random generated key used in encryption. This gives patient control to allow whether the doctor can access
their data or not. The patient encrypts the AES key using a random key and RSA encrypts with the doctor’s public key.
Then, the patient adds it to the block so that the doctor can access the data. The doctor whose public key has been used,
only he can decrypt the AES key, using his private key and then decrypt the report. The only access to the block provided to
the doctor is which block contains that patient’s report.13 Another advantage is that patients also have the power to delete
the record by adding approved: False flag to the block. This system also allows some emergency data to be vital during
emergencies. At the creation of the block, instead of one, we can encrypt the data with two keys. In the source code, we
can declare an emergency public key, or we can do it in some other ways too. And to make sure that emergency address is
not misused, we can use an Ethereum address with a significant amount, which has private key that is encrypted. Some
of the shortcomings of this system are as follows: (a) there are no data provided that how the network is created and how
8of16 KUMAR  .
FIGURE 2 Distributed Off-chain Storage of Patient Reports in Healthcare System using IPFS and Blockchain from Reference 11
the Health care entities are registering themselves in the network. (b) No technique is provided, if a private key is lost,
about how one can retrieve the data. (c) If a patient gets hacked, the hacker can delete or do anything with the data, and
no proper mechanism is provided for that too.
Rajesh et al14 proposed a Telesurgery solution named “AaYusH” as shown in Figure 3 in which they used 5G-enabled
Tactile Internet (TI) to deliver real-time, ultra-responsive surgical services to the remote area with high accuracy and
precision. Present-day Telesurgery solutions have security, privacy, latency, and high cost of storing data in the Blockchain.
So they proposed a solution using Ethereum Smart Contracts and IPFS technology. The ESC is used to ensure security
and privacy issues and IPFS is used to solve the storage cost issue. The advantage of using this system is that all that are
wasted in heavy paperwork and communication between the surgeon, patients, and caretakers are saved by using ESC.
As these contracts are self-executable, self-enforceable, immutable, and all the parties involved cannot deny the contract
as it functions over Ethereum Blockchain, it provides a more optimal and evident way in agreements. Another advantage
is that it uses IPFS to store the data, which ensures the de-duplication and more secure storage, and also provide faster
access to all the authorized parties. During surgery, there should not be any delay in the surgeon’s commands and the
robot’s actions as it can cause severe damage to the patient. To rectify this delay AaYusH team used 5G-enabled Tactile
Internet. This system also has some shortcomings: (a) This solution is not supported for private Blockchains, which can be
a problem for some institutions. (b) Also, they have included a vulnerability report but it is only applicable to the solidity
smart contract and not the whole infrastructure.
Raghavendra et al15 proposed a system, which is mainly divided into four layers, User-layer, Query-layer,
Data-structuring controlling-layer, and Blockchain network IPFS-storage layer. User layer includes the patient, the physi-
cian, and healthcare medical-insurance companies who can store or retrieve the data. The next layer is the query layer,
which provides user’s address and private key after registering themselves in the network. The information-query layer
has a collection of the database structures for accessing, storing, passing/forwarding, or answering the system queries.
The Database queries may request to access data from the database infrastructure. The query layer acts as an interface
with the network participants. The client communicates with the query-layer for data. The query system is responsible for
handling the requests of the format, which the data structuring and other layers might need. The requester sends a query
that is processed by the query method, and the output is a value (data requested) of the relevant query. The Query sys-
tem’s final function is to give a reply to the requester according to the made request.15 The Data structuring control-layer
does some calculations that tracks all actions carried out on the data. For data structuring reporting, algorithm models are
implemented on the updated data, which help in secure storage in database. The control-layer has control over the data,
KUMAR  . 9of16
FIGURE 3 Aayush 4.0: Proposed System
without informing the patient, their data will not be shared to outsiders. Lastly, the Blockchain-Network IPFS-storage
layer’s responsibility is to store data and the hashes in secure and distributed manner. The way it works is that all the
transactions that took place on data are stored in the Blockchain and data are stored on the IPFS, and the IPFS hash with
database index is also stored in the Blockchain for fast data retrieval. When data are pushed into IPFS, it gets divided
into 256 bits each, and hashes are produced with SHA-256. This hash is base58 encoded and can be used to retrieve the
data from the IPFS network. As the system is divided into different layers, it provides a secure and robust infrastructure,
enabling only registered user to make data queries. Mechanisms are in place to counter unauthorized access and data
theft. If anyone wants to read the data, they must register themselves to the network and are provided with an address
and private key for the transactions. The data reader can read data if the owner permits it through the smart contract. In
case of any modification, the IPFS hash is changed and the new hash is stored with transaction. Some of the shortcomings
of this system are that (a) This architecture is proposed for single hospital, which can affect the scalability of the system
(b) No mechanism is provided for the case of emergencies.
Ahed et al16 proposed a solution for providing remote diagnostics and prescription through Telemedicine, as standard
healthcare institutions are not present there. Also, due to technological advancements, telemedicine can be provided at
a cheaper rate and patients can be benefitted from high-quality diagnostics. But there are many security risks like data
breach, fraud, incorrect diagnosis, and prescription. So, they have proposed a Blockchain-based framework that can solve
the above-stated problems. They used Ethereum Smart Contracts to develop a transparent and immutable telemedicine
system. The added benefit is that the ESC will regulate the operations between all parties that are part of the contract and
will keep the patient informed about the transactions. After the diagnosis, the data are stored in the IPFS network and
the hash returned from the IPFS is stored in the ESC, which will keep the hashes secure in the Ethereum Blockchain as
Blockchain entries are immutable. The advantages are that no middleman is allowed in the whole process, so money and
time are saved. Also, as the model uses the IPFS for data storage, they are saving a lot of money as compared to storing
data in the Blockchain itself. But it also has some shortcomings: (a) No mention of how can the patient share his/her
record to the other doctor or institution. (b) As the solution is tailored for a single institution, scalability is not possible.
Randhir et al17 proposed a model in which there is an incorporation of on-chain and off-chain storage models, which
are Blockchain and IPFS, especially for Covid-19 patients’ reports. In the proposed model, on-chain network is used to
provide immutability and keeps the privacy of patients, and the off-chain network storage is used to store the reports and
provide content hash addresses. The model is distributed in three modules, such as report upload, process of mining, and
report storage. Health care providers upload the report using web users. Then, the mining process is used to verify the
transaction and maintain consistency, and lastly, the reports are uploaded into IPFS and the content hash is retrieved.
10 of 16 KUMAR  .
The main advantages of this model are that the covid-19 reports are first validated using the similarity of perceptual hash
with existing reports and if the similarity is less than 50. The report is validated for storage, which is a very good step to
increase the scalability of the Blockchain as validation will help the model from de-duplication uploads. The authors have
also discussed POI of the peers, which is very important for the security of the network as if every peer in the network is
getting a unique POI, and then it is very hard for any malicious peer to do any harm. Some of the major shortcomings of
this proposed model are as follows: (a) less number of peers in the CBN can result in less number of miners, so when the
data increase in large amounts, one can face delay in verification of transactions. (b) There is no module for providing
how reports are going to be retrieved for patients, insurance companies, as well as during emergency scenarios. (c) There
is no discussion on how this system is going to tackle insider attacks among peers in the CBN.
Sabyasachi et al18 proposed a system in which the integration of IOT, Blockchain, and ML to provide anomaly detection
in the behavior of the health data of the patients. In this framework, IOT is used to intercept and fetch the data generated
by the wearable devices and biosensor. After that, the Blockchain system is utilized to store and maintain the data in the
form of multiple transactions; furthermore, the Blockchain also provides pseudo-anonymity and immutability to provide
validation of the patient data. After that, the machine learning model is used for anomaly detection as well as to forecast
certain synopsis through the data provided. The main advantages of this framework are that it uses ML for anomaly
detection, which can help health care providers to monitor their patients from far. All the necessary items like pharmacy,
imagery, prescription, and so on are also being provided at one place. Some major outcomes that this model has are that
(a) the fetched data are not processed in real time using ML, so anomaly detection can be late before emergencies. (b) In
this model, there are two types of Blockchains used, personal Health Blockchain and External Record Blockchain, where
one is used to store personal data fetched by the IOT devices and the other is used to store data like pharmacy, prescription,
imagery, and so on, as we know storing data in Blockchain is very costly and not scalable, so this model might fail. (c)
Increase in the number of patients can affect the working model of this framework as the cost for data storage and data
access will increase rapidly.
Ammar et al19 proposed an architecture that utilizes Multi-Party Authorization for accessing the IPFS address of the
data stored. Data Owner (DO) uploads the data for sharing and agrees with access requirements posed by the Multi-Party
Authority (MPA) and registers the address of the data (hash of the data). After encrypting the data using a symmetric key
algorithm and sending it to IPFS along with the other key encrypted by the public key of a shared wallet between MPA and
DO using multi-signature. Also, the DO creates a smart contract that contains the hash of all the data. At last, DO creates
a re-encryption key from the public key of the Data Requester (DR) and its private key to send to the proxy servers. Then,
the DR contacts the smart contract, asking for access to the encrypted data uploaded by DO. After validating the request,
an access token is issued from the smart contract for the suitable proxy to receive the data. After downloading the data
from the proxy, the encrypted symmetric key and the hash of the file are downloaded. The DR decrypts the symmetric key
along with data using its private key and then finally decrypting the data with that decrypted symmetric key. MPA acts as
a co-owner, which is included in each step of the access control mechanism. MPA manages access to the shared wallet to
prevent malicious acts using the multi-signature technology. The proxy re-encryption servers/oracles (three servers) are
used for encryption as it is a compute-intensive task. These oracles are used to fetch data and execute complex functions.
They serve as a medium to share data between DO and DR. A reputation system is managed by smart contracts. The
reputation of a proxy server fluctuates based on the response to the queries of the smart contract, like if most proxy servers
give the same hash while others give different, and then the reputation of the proxy server with different hash value goes
down. The major shortcoming in this proposed system is that there are multiple cycles of encryption-decryption while
transferring the data from one person to another, hence increasing the cost of operations.
Although many researchers are working with Blockchain and IPFS in the Healthcare domain, these cutting-edge tech-
nologies can also be used in many other domains with the same specification of secure data storage and many more things.
One such domain is the Insurance domain, where there are always various unfair events. Sometimes insurance compa-
nies maliciously do not want to compensate for damaging and sometimes clients try to maliciously scam the insurance
company, to achieve fairness in the system.
Jin Sun et al20 model, which has five entities, Blockchain, IPFS, Fog Nodes, Insurance Company system, and clients.
All the clients have to register themselves first in the insurance company system and buy some insurance. After that, they
get their public and private key-pair, and the staff stores the insurance record for future claim.20 The insurance record is
first signed by the staff then some keywords are extracted for index generation for the file and are saved onto the insurance
company systems. To increase the efficiency, outsourcing of the record to the fog node is done after encryption. The fog
node sends encrypted record to the staff. The record returned by the fog node is signed by the staff and is uploaded to the
IPFS, and an IPFS hash is returned by the IPFS network and is broadcasted by the staff to the Blockchain by a transaction
KUMAR  . 11 of 16
and the block ID is obtained. For client verification, the staff sends the ID to the client, after the client has obtained the
transaction ID, they check the hash points to the correct record on the IPFS, if the record is found a transaction is made by
the client on the Blockchain. The data storage is completed till this step. When the insurance claim is needed, the client
has to make a claim request to the insurance company. The smart system device of the company matches the index and
sends a token containing a hash value. Through the hash address, the client can download the insurance record and sends
it to the fog node for decryption. After some negotiations with the staff about the insurance plan, the record is updated.
Tables 2 and 3 contain a comparative analysis of the 10 proposed models, using Blockchain and IPFS.
The analysis considers the four parameters (a) to (d) for the comparison among these proposed solutions. The parame-
ters are as follows: (a) Technology used, what types of technologies are used by the researchers in their proposed solutions
to solve the problem; (b) Cost-Effective, whether the solution would be cost-effective to implement in the real world; (c)
Complexity, how complex is the solution is to deploy or operate; and (d) Implementation, what details are provided for
implementing the solution.
In a broader overview, all the solutions are using IPFS and Blockchain technologies. They are using the Blockchain
to authenticate and authorize the involved parties by using ESC, and IPFS is used to store huge amount of patient data.
But some researchers have used some extra technologies to make the solution more practical and real-world relevance.
The comparative analysis of all 10 proposed solutions are as follows: On the basis of (a) Technology Used (5), it has the
most number of technologies used in the solution as they are also trying to solve the network latency problems and pro-
viding the surgeons a well informative work environment to operate remotely with the help of Virtual Reality/Augmented
Reality. They are using 5G-Tactile Internet to eliminate any delay in the communication between the robot operating on
the patient and the surgeon controlling it remotely. Along with sensors, cameras, and 3-D modeling technologies, (1) and
(4) use almost the same basic technologies, such as IPFS and ESC. (2) It uses a Consortium Blockchain network and all the
IPFS hashes are stored in this Blockchain network. (3) This also uses the Consortium Blockchain network of the hospitals
and they are using the miners in the network to verify the data uploaded by the IoT devices, such as smartwatches, smart
blood sugar testers, and so on, to the healthcare institutions who can then predict any health issue of the user/patient by
analyzing the constant data flow. After verification, the data are stored in the IPFS and the hashes returned are stored in
the consortium Blockchain network. (6), (7), and (10) are also using just basic IPFS and ESC technology. (8) is utilizing
a consortium Blockchain network and all the IPFS hashes are stored in this Blockchain network to store the COVID-19
patient reports. (9) is using IoT, Blockchain, and also using Machine learning.
On the basis of (b) Cost-Effectiveness- (4), (6), and (7) are using just two technologies and the whole setup is just using
simple interfacing like web apps, and so on. So these three are cost-effective and will not cost a lot of money to set up. (1)
is not cost-effective as the Blockchain network it is using will take a lot of resources and would be more costly to build.
(2) and (8) are using a consortium Blockchain network, so it is also not very cost-effective as maintaining a Blockchain
network takes a huge amount of resources. (3) is also not cost-effective, as it is verifying the data uploaded by the smart
wearable devices using the miners in the Blockchain network. Mining is a very high computing process and the data
stream it is verifying is very huge, so it would be very costly. (5) is also not cost-effective as it is using 5G-Tactile Internet,
which is expensive (in present-day), and the AR, VR, sensors, and Robots will take the cost up. Only a few institutions
will be able to afford this. (9) is not cost-effective as it is using two different Blockchains, so the cost of accessing the
information is increased also ML models will contribute to further increase in operational cost. (10) is not cost-effective
as there are multiple cycles of encryption-decryption, which is very compute-heavy.
On the basis of (c) Complexity- (1) is of medium complexity as the storage part is simple and only the Blockchain
part is a bit difficult to setup. (2), (4),(7), and (8) have low complexity design as they are not using some sophisticated
technology. (3) has a very high complexity, because first, the smart wearable devices need to upload data to the consortium
nodes using access points near the. Then, the Blockchain miners verify the uploaded data, which is also a very complex
process. (5) is also highly complex as integrating all the 5G-Tactile Internet, Robots, AR, VR, and sensors is a very tough
job and any misconfiguration can lead to very unfortunate accidents with the patient. (6) is of medium complexity as it
has some access control system built-in. (9) is of medium complexity as they have also implemented Machine Learning
for anomaly detection. (10) is of high complexity as there are multiple encryption-decryption cycles during the operations.
On the basis of (d) Implementation- (1) No evidence was provided, that if the system is implemented or not. Only
a logical explanation is provided. (2) and (8) Implementation is done in Python environment and the proper results are
12 of 16 KUMAR  .
TABLE 2 Literature review
Ref. no. Paper title Proposed solutions Shortcomings
[10] Distributed storage of
permissioned—access healthcare
patient data using—IPFS and
He proposed a solution named Dappros in which. Patients’
database is distributed among hospitals for tracing, auditing
purpose, and data are saved on IPFS database. A multi-signature
access lock is provided for extra safety and give power to patients
to secure their data.
No evidence was provided about how
the network of hospital is built. No
mention of which cryptography is
used. No formatting of data.
[11] Distributed Off-chain Storage of
Patient—Diagnostic Reports in
Healthcare—using IPFS and
They proposed a simple architecture which is in three simple
parts:- first, Consortium Blockchain is built by registering
entities. Second, reports are uploaded using the web app and
validated by local miners. Third, Validated data get stored in the
IPFS database and the received content hash is stored in the
Blockchain network.
Data download speed is low which is
crucial in the case of emergency. No
data on how many kinds of data this
system supports. The security of web
applications is not taken into
[12] HealChain: A Decentralized
Data—Management System for
Mobile—Healthcare Using
Consortium Blockchain
A system is proposed named “HealChain” in which data are
collected from smart wearable devices and transmitted to CBN
using wifi AP, miners verify the data and store the data into IPFS
and the received hash entry is recorded into the CBN.
The security of Wifi AP is not taken into
consideration. No data provided how
an entity is registering themselves in
CBN. An increase in userbase can
delay the process of data verification.
[21] Decentralized Electronic Medical
They proposed a system in which the RSA key pair is generated for
everyone in the network. Then, data are encrypted using
random AES key and data are saved in the IPFS.
No evidence is provided on how the
network is created. No process
provided on if a private key is lost then
how to retrieve the data. If a patient
got hacked the hacker can delete or
do anything with the data, no proper
mechanism provided for that too.
[14] AaYusH: A Smart
Contract-Based—Telesurgery System
for Healthcare 4.0
They proposed a model for telesurgery, which can be divided into
three parts:- first, is they are using 5G-Tactile Internet for
surgery robots and other communications. Second, is Ethereum
Smart Contracts to reduce paperwork and IPFS to store data.
Third, is AR/VR, camera, 3D-modeling for the surgeons to be
fully informed about the patient’s state.
This system does not support private
Blockchain. Vulnerability report is
only applicable to the solidity smart
contract and not to the whole
infrastructure. Using this much of
bleeding-edge technology is also not
[15] Inter-Planetary File System
Enabled—Blockchain Solution For
Securing—Healthcare Records
They proposed a model with four layers- user, query, data, and
control layers. The user layer has patients, doctors, healthcare,
and insurance companies. The query layer gives addresses and
private keys to the registered users. The data layer deals with the
operations related to the database (IPFS +ESC). The control
layer gives control to the patient over the sharing of data.
Architecture is applicable to single
hospitals only. No mechanism is
provided in the case of emergencies.
KUMAR  . 13 of 16
TABLE 2 Continued
Ref. no. Paper title Proposed solutions Shortcomings
[16] Decentralized Telemedicine
Framework—for a Smart Healthcare
They proposed a telemedicine model to provide remote healthcare
and is using a simple infrastructure to store data in IPFS and
using ESC for evidence of involvement.
No process for patients to share data
among different entities. This system
is only for a single institution so it
can have scalability issues.
[17] A Secure and Distributed Framework
for sharing COVID-19 patient
Reports using Consortium
Blockchain and IPFS
They proposed a model to secure Covid-19 reports using a simple
infrastructure in which on-chain network (Blockchain) provide
privacy and off-chain network (IPFS) provide secure storage of
Covid-19 reports.
No process for patients to retrieve data.
Less miners can delay the process of
verification of transactions. The
security of web app is not considered
in this model.
[18] A Secure Healthcare System Design
Framework using Blockchain
They proposed a framework which has integration of IOT,
Blockchain, and ML Data are fetched through wearable devices
Blockchain is used to store and maintain the data, and ML is
used for anomaly detection in fetched data.
Data are not processed in real time two
types of Blockchain are used, which
make the framework less scalable.
Increase in patients can increase in
data storage and data access cost.
[19] Blockchain-Based Multi-Party
Authorization for Accessing IPFS
Encrypted Data
They proposed a system where multi-party Authorization for
accessing the IPFS address of the stored data.
Cost of operation is very high due to lots
of encryption-decryption
14 of 16 KUMAR  .
TABLE 3 Literature comparison table
no Paper title Technology used Cost-effective Complexity Implementation
[10] Distributed storage of
permissioned—access healthcare
patient data using—IPFS and
Blockchain, IPFS,
No Medium No evidence provided that
if the system is
implemented or not.
Only logical
explanation is provided.
[11] Distributed Off-chain Storage of
Patient—Diagnostic Reports in
Healthcare—System using IPFS and
Consortium Blockchain,
IPFS, Web App
No Low Implementation is done in
Python environment
and the proper results
are provided. Proper
algorithm is also
[12] HealChain: A Decentralized
Data—Management System for
Mobile—Healthcare Using
Consortium Blockchain
Consortium Blockchain,
IPFS, Wifi AP, Base
Station, Wearable
No High Algorithm is provided
using different
solutions. Performance
evaluation is also
[21] Decentralized Electronic Medical
Blockchain, IPFS,
Yes Low Only logical solution is
provided. Model is
provided. No
implementation is done.
[14] AaYusH: A Smart
Contract-Based—Telesurgery System
for Healthcare 4.0
Ethereum Smart contract,
5G Base Station, VR
Interface, Robotic arms,
Camera, 3D
video-monitor, IPFS
No High Implementation of smart
contract in Solidity
(Ethereum) is provided,
But no mention of how
different technologies
5G, VR, and Robotics
are interfacing with
each other.
[15] Inter-Planetary File System
Enabled—Blockchain Solution For
Securing—Healthcare Records
Web App, Blockchain,
Yes Medium Algorithm is provided and
system performance of
various parameters is
also provided.
[16] Decentralized Telemedicine
Framework—for a Smart Healthcare
Ethereum Smart Contract,
Yes Low Algorithms are provided
but the code is not
included, only logical
explanation is there.
[17] A Secure and Distributed Framework
for sharing COVID-19 patient
Reports using Consortium
Blockchain and IPFS
Consortium Blockchain,
IPFS, Web App
No Low Algorithms are provided
logical explanation and
proper results are also
[18] A Secure Healthcare System Design
Framework using Blockchain
IOT, Blockchain, ML No Medium No algorithms are
provided only logical
explanation is provided.
[19] Blockchain-based Multi-Party
Authorization for Accessing IPFS
Encrypted Data
Ethereum Smart Contract,
IPFS, Cryptography
No High Proper algorithms are
provided as well as code
is also included, logical
explanation and results
are also there.
KUMAR  . 15 of 16
provided. The proper algorithm is also provided. (3) The algorithm is provided using different solutions. Performance
evaluation is also provided. (4) Only the Logical solution is provided, a model is provided, and no implementation is done.
(5) Implementation of smart contract in solidity (Ethereum) is provided, but no mention of how different technologies,
such as 5G, VR, Robotics, are interfacing with each other. (6) The algorithm is provided and system performance of various
parameters is also provided. (7) Algorithms are provided but the code is not included, and only the Logical Explanation is
there. (9) No Algorithms are provided, only logical explanation is provided. (10) Proper Algorithms are provided as well
as code is also included, Logical explanation and results are also there.
In most of the Healthcare data protection mechanisms using IPFS and Blockchain, it is evident that a lot of work is
required, and there is a long road ahead to be traveled by the researchers. Blockchain provides the necessary mechanism
for integrity, immutability, and reliability in the content address storage, providing proper authentication of data while
the IPFS stores the data in a distributed and secure environment. Though most of the researchers are using different
technologies in different scenarios, some are using it with IoT wearable devices and wifi access point to store and secure
real-time data, some are doing it using Consortium Blockchain to provide more robustness, some are also using it in a
telesurgery scenario, using different technologies like 5G,22 Virtual reality, Robotics, etc.
For prototype implementation and for logical model systems, adding different technology with IPFS and Blockchain
is the choice of many researchers. As Blockchain and IPFS are getting their place in implementation in different projects,
it is also bringing many challenges, working with Consortium Blockchain requires more energy consumption, and to
make it scalable it will take more resources and very few researchers have provided a mechanism that how the consortium
Blockchain is made, how different entities are registering themselves in the Blockchain. It is one of the main issues that
one can work to solve. Another issue is that no one has mentioned about insurance companies, which is a very crucial
entity in most cases in health care because 80% of patients have some kind of health insurance policy, so there should
be some mechanism that can help patients during their insurance claim. Some of the more major issues are the access
of data in emergency scenarios and how other parties, which are not part of the Consortium Blockchain, can get access
to data if needed, and one can also work on these factors. One more shortcoming in these models is insider attacks and
access control; very few researchers have talked about this in their research. Still, the most critical challenge is to make a
fully decentralized system and not only decentralized storage. If paid close attention, it is evident that there is some part of
centralization present, may be in the form of reaching out to users or in the collection of data, and so on. But for migrating
to a fully decentralized environment, the replacements of HTTP, DNS protocols would be necessary as these are the de
facto standard of sharing information and in domain name resolving. Surprisingly, the alternatives are already present,
IPFS and IPNS (InterPlanetary Name System) although they are still in the very initial state, still have the potential to shift
the current paradigm. Researchers can look into these alternatives to develop a solution that would be fully decentralized
in all its essence. Overall, Blockchain and IPFS are very prominent technologies, but to make them work to their full
extent, the researchers have to also improve the technology, which is going to be associated with them.
We thoroughly read some of the interesting and unique research articles, which are dealing with securing medical records
using IPFS and Blockchain. Different researchers are taking different approaches while solving this major issue of data
security in hospitals as we have recently seen heavy ransomware attacks on different hospitals across the globe. Many
models, implementations, and algorithms are provided by researchers, which are solving many issues but still the models
have some shortcomings that need to be addressed, one is cost-effectiveness, a system should be cost-effective as very less
hospital spend on their IT Budget, so we have to provide a cost-effective solution. Another thing is scalability, which is
very important because we are dealing with a large amount of hospitals and data globally. We need to think about energy
consumption and resource management too as it is also very important. Access of data during emergencies is also very
important and one needs to find a robust solution for that. Lastly, we have to address different cyberattacks like insider
attacks and more. Many researchers have already done some amazing jobs in solving this issue but there is still much
more work to be done.
16 of 16 KUMAR  .
The authors of this work wish to acknowledge DR SPM International Institute of Information Technology, Naya Raipur
for supporting to carry out this research work.
The authors declare no potential conflict of interests.
Data derived from public domain resources
Ruhul Amin
1. Wu X, et al. Secure personal health records sharing based on Blockchain and IPFS. Chinese Conference on Trusted Computing and
Information Security; 2019; Springer, Singapore.
2. Nakamoto S. Bitcoin: A peer-to-peer electronic cash system., 2008.
3. IPFS Documentation.
4. IPNS. what-is-interplanetary-naming-system-ipns-
5. Smart Contracts.
6. Buterin V. Ethereum: A Next-Generation Smart Contract and Decentralized Application Platform, 2014.
7. Wood G. Ethereum: a secure decentralized generalized transaction ledger.
8. Cyran MA. Blockchain as a foundation for sharing healthcare data. Blockchain in Healthcare Today. 2018;1:1-6.
9. Kumar R, TripathiR. Building an IPFS and Blockchain-based decentralized storage model for medical imaging. Advancements in Security
and Privacy Initiatives for Multimedia Images. IGI Global:19-40.
10. Taras Filatov.
11. Kumar R, Marchang N, Tripathi R Distributed off-chain storage of patient diagnostic reports in healthcare system using IPFS and
Blockchain; International Conference on COMmunication Systems & NETworkS (COMSNETS); 2020; Bengaluru, India; 1-5, https://doi.
12. Ni W. et al. HealChain: a decentralized data management system for Mobile healthcare using consortium Blockchain. 2019 Chinese
Control Conference (CCC); 2019; IEEE.
13. Decentralization of healthcare records.
14. Gupta R, Shukla A, Tanwar S. AaYusH: a smart contract-based telesurgery system for Healthcare 4.0. IEEE International Conference on
Communications Workshops (ICC Workshops); 2020; IEEE; 1-6
15. Marangappanavar RK, Kiran M. Inter-planetary file system enabled Blockchain solution for securing healthcare records. Third ISEA
Conference on Security and Privacy (ISEA-ISAP); 2020; IEEE.
16. Abugabah A, Nizam N, Alzubi AA. Decentralized telemedicine framework for a smart healthcare ecosystem. IEEE Access.
17. Kumar R, Tripathi R. A secure and distributed framework for sharing COVID-19 patient reports using consortium Blockchain and IPFS.
Sixth International Conference on Parallel, Distributed and Grid Computing (PDGC); 2020; IEEE.
18. Chakraborty S, Aich S, Kim H-C. A secure healthcare system design framework using blockchain technology. 21st International
Conference on Advanced Communication Technology (ICACT); 2019; IEEE.
19. Battah AA, Madine MM, Alzaabi H, Yaqoob I, Salah K, Jayaraman R. Blockchain-based multi-party authorization for accessing IPFS
encrypted data. IEEE Access. 2020;8:196813-196825.
20. Sun J, Yao X, Wang S, Wu Y. Non-repudiation storage and access control scheme of insurance data based on Blockchain in IPFS. IEEE
Access. 2020;8:155145-155155.
21. Kadam S, Motwani D. Blockchain Based e-Healthcare Record System. International Conference on Image Processing and Capsule
Networks; 2020; Springer, Cham.
22. Gupta R, et al. VAHAK: a Blockchain-based outdoor delivery scheme using UAV for healthcare 4.0 services. IEEE INFOCOM 2020-IEEE
Conference on Computer Communications Workshops (INFOCOM WKSHPS); 2020; IEEE.
How to cite this article: Kumar S, Bharti AK, Amin R. Decentralized secure storage of medical records using
Blockchain and IPFS: A comparative analysis with future directions. Security and Privacy. 2021;e162. https://doi.
... Each of these exchanges must be validated by a number of peers in order to be registered in this central repository and be considered a valid transaction. When being applied in edge storage, blockchain has two major flaws: it needs heavy computational power to perform the transaction validations and it requires a centralized database in order to store the chain of transactions [22]. These two characteristics are causing direct conflict with the decentralization and low resource demand requirements of edge storage services. ...
... Blockchain and P2P networks are widely used for this purpose because peer-to-peer networks seem the ideal candidate for edge storage solutions, if the drawbacks already mentioned can be tackled. In relevant experiments, the interaction between these two frameworks seems to provide an efficient solution to the edge storage problem because blockchain can cover almost all of the weaknesses that P2P networks possess without adding much overhead, both in read/write operations, the throughput, and the network traffic [22,[27][28][29]. The only drawback is that blockchain mechanisms require more redundancy than P2P, which requires more available disk space in the edge clusters that host these solutions, placing limitations on the network architecture options for IoT and fog networks. ...
... The InterPlanetary File System (IPFS), accessed on 5 July 2022, is a P2P-distributed file system, designed for storing versioned file data in a decentralized manner [22]. The IPFS has been built on top of the BitTorrent protocol [45] and the Kademlia DHT [46]. ...
Full-text available
Edge computing constitutes a promising paradigm of managing and processing the massive amounts of data generated by Internet of Things (IoT) devices. Data and computation are moved closer to the client, thus enabling latency- and bandwidth-sensitive applications. However, the distributed and heterogeneous nature of the edge as well as its limited resource capabilities pose several challenges in implementing or choosing an efficient edge-enabled storage system. Therefore, it is imperative for the research community to contribute to the clarification of the purposes and highlight the advantages and disadvantages of various edge-enabled storage systems. This work aspires to contribute toward this direction by presenting a performance analysis of three different storage systems, namely MinIO, BigchainDB, and the IPFS. We selected these three systems as they have been proven to be valid candidates for edge computing infrastructures. In addition, as the three evaluated systems belong to different types of storage, we evaluated a wide range of storage systems, increasing the variability of the results. The performance evaluation is performed using a set of resource utilization and Quality of Service (QoS) metrics. Each storage system is deployed and installed on a Raspberry Pi (small single-board computers), which serves as an edge device, able to optimize the overall efficiency with minimum power and minimum cost. The experimental results revealed that MinIO has the best overall performance regarding query response times, RAM consumption, disk IO time, and transaction rate. The results presented in this paper are intended for researchers in the field of edge computing and database systems.
... . It involves four types of smart contract Chaincodes, IPFS[31], encryption algorithms, etc. The specific definition of the events and functions of the four smart contract Chaincodes are described in Sections 3.2 and 3.3.ystems ...
Full-text available
With the rapid development of digital economics, a large number of data have been accumulated in the supply chain system, and data islands have appeared. Data sharing is an imperative way to unlock the data value of a supply chain system. A safe and effective access control mechanism for privacy-sensitive data is key in data sharing. At present, traditional access control mechanisms are static, single-factor control, and prone to a single point of failure. For dealing with these, a fine-grained access control (FGAC) framework for supply chain data sharing is proposed, based on the blockchain Hyperledger Fabric. It augments role-based access control (RBAC) by giving different attribute keywords to different types of users. This framework is implemented in smart contract Chaincodes and quantitatively verified by using the model-checking tool UPPAAL. The experiment results show that the FGAC framework enhances the efficiency and safety in the process of data sharing for the supply chain system, compared with the existing works.
... This is just one of the possible uses of the technology, blockchains are useful in several other industrial fields and for many other types of records that go far beyond financial transactions. They can be used for all information that needs to be recorded in an immutable way such as health data in medical records 15 , contracts, property transfers, purchase of goods and services, and much more. ...
Machine Learning may push research in precision medicine to unprecedented heights. To succeed, machine learning needs a large amount of data, often including personal data. Therefore, machine learning applied to precision medicine is on a cliff edge: if it does not learn to fly, it will deeply fall down. In this paper, we present Active Informed Consent (AIC) as a novel hybrid legal-technological tool to foster the gathering of a large amount of data for machine learning. We carefully analyzed the compliance of this technological tool to the legal intricacies protecting the privacy of European Citizens.
... A blockchain-based, fully decentralised multi-party authorisation solution has been proposed to provide a source of access or permission logs while maintaining immutability, auditability, and security [26]. This solution uses IPFS to store the data off-chain, and logs are maintained on a blockchain. ...
Full-text available
Smart healthcare systems provide user-centric medical services to patients based on col-lected information of patients inducing personal health information (PHI) and personal identifiableinformation (PII). The information (PII and PHI) flows into the smart healthcare system with orwithout any regulation and patient concern with the help of new information and communicationtechnologies (ICT). The use of ICT comes with the security and privacy issues of collected PII and PHIdata. The Europe Union has published the General Data Protection Regulation (GDPR) to regulate theflow of personal information. Towards this end, this paper proposes a blockchain-based data storageand sharing framework for a smart healthcare system that complies with the “Privacy by Design”rule of the GDPR. The personal information collected from patients is stored on off-chain storage(IPFS), and other information is stored on the blockchain ledger, which is visible to all participants.The smart contracts are designed to share the PII data with another participant based on prior per-mission of the data owner. The proposed framework also includes the deletion of PII and PHI in thesystem as per the “Right to be Forgotten” GDPR rule. Security and privacy analyses are performedfor the framework to demonstrate the security and privacy of data while sharing and at rest. Thecomparative performance analysis demonstrates the benefit of the proposed GDPR-compliant datastorage and sharing framework using blockchain. It is evident from the reported results that theproposed framework outperforms the state-of-the-art techniques in terms of performance metrics ina smart healthcare system.
... technology to store EMR data in an increasingly secure fashion [87]. These technological advances are of high importance and would go a long way into alleviating privacy and confidentiality concerns with having vast amounts of electronic, identifiable patient information. ...
Full-text available
The use of electronic medical records has rapidly been adopted world-wide, which has resulted in multiple new opportunities for cardiovascular research. These include the following: (1) the development and assessment of clinical decision tools, meant to increase quality of care; (2) harnessing data linkages to examine genetic, epidemiological, and pharmacological associations on an unprecedented scale; and (3) harnessing electronic medical records to facilitate the conduct of cardiovascular clinical trials. While these opportunities promise to revolutionize cardiovascular care and research, enthusiasm should be tempered while further assessment of true clinical utility has been undertaken. Graphical abstract
... There have been various incidents of security attacks on hospitals. The authors S Kumar et al. (Kumar, Bharti, and Amin 2021) have highlighted some of such attacks. For eg, an Email phishing attack on a diagnostics vendor of clinical genomics, named "Ambry Genetics", compromised the data of 232772 patients. ...
Full-text available
In this paper, the authors have amplified the concept that EHRs need to be patient-centric and patient-driven, that is the patient should be the real owner as well as the manager of his medical records. The authors propose patient-centric multichain healthcare record (PCMHR) that implements health records using smart contracts on ethereum blockchain and also utilizes the multichain framework - Polygon. PCMHR can concurrently implement blockchain functionality while addressing the concerns of interoperability among authorized hospitals and patient health information confidentiality that damages our healthcare system. The authors propose a solution to fully decentralize the current medical healthcare system by storing PCMHR on IPFS (InterPlanetary File System) to resolve the limitation of blockchain-based applications in scalability and high cost. The authors have depicted the cost and time analysis of transactions on the polygon framework to give a clear view of this multichain framework and its advantages over the ethereum blockchain.
The patient privacy is danger while medical records and data are transmitted or share beyond secure big data. This is because violations push them to the margins and they begin to avoid fully revealing their stages. This kind of stages contains negative impact in scientific investigate. To overcome this issue, Secure Block Chain System for Managing and Sharing Electronic Medical Records in Big Data Field is proposed. In this manuscript, a Cryptographic Hash Generator (CHG) technique based Secured and Trusted Data storage and transmission using Block Chain (BC) in Hadoop Distributed File System (HDFS). Initially, the Big data collected from the health care center is partitioned into sensitive and insensitive data. Block chain system utilizes an asymmetric cryptography for validating transactions authentication. Here, the user key is created through secured bitwise cryptographic hash generator (CHG) while there is required to fetch the newly record for usage. In block chain system, when a user seeking data from a healthcare application have forward a request to CHG. The message is send back to the user with a secret key for confirmation. The key can be decrypted or even denied access if only a valid user allows the user to link to this cluster. Only sensitive data were selected to the process of encryption for the process of encryption, this CHG technique employs the Discrete Shearlet Transform (DST) for encrypting the data, and the data’s are warehoused in the block chain to upgrade the level of security. And the insensitive data are put directly on the Hadoop Distributed File System. During the verification process, CHG is utilized for creating the request forward through the user. The operator creates the purpose of remote key to create the block (request) and signing the request using transaction private key, then forward to request queuing. To validate a request, the request from the queue is supplied first and an Improved Grey wolf Optimization algorithm (IGWO) is utilized to determine the optimal request that is fetch through the consensus node for initiating the process of validation. After accepting the user’s request, access is given to the user associated with input or requested data, then the verified request is set to broadcast. The proposed method is executed in JAVA and Hadoop platform. Experimental results show that the proposed BC-CHG-DST-IGWOA shows better performances of higher Efficiency 20.14%, 31.25%, 24.33%, 14.69%, lower time 16.12%, 15.09%, 21.36%, 46.26% compared with the existing methods, such as medical records managing and securing blockchain based system supported by genetic algorithm with discrete wavelet transform (BC-SMR-BD-GA-DWT), DQN-based optimization framework to secure shared blockchain systems (BC-SMR-BD-DQNSB), Hyper ledger blockchain enabled secure medical record management along deep learning-based diagnosis model (BC-SMR-BD-HBESDM-DLD), Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records system (BC-SMR-BD-MA-ABS) respectively.
Full-text available
Living in the Information Age, the power of data and correct statistical analysis has never been more prevalent. Academics, practitioners and many other professionals nowadays require an accurate application of quantitative methods. Though many branches are subject to a crisis of integrity, which is shown in improper use of statistical models, $p$-hacking, HARKing or failure to replicate results. We propose the use of a peer-to-peer education network, Quantinar, to spread quantitative analysis knowledge embedded with code in the form of Quantlets. The integration of blockchain technology makes Quantinar a decentralised autonomous organisation (DAO) that ensures fully transparent and reproducible scientific research.
While the blockchain technology continues making giant strides in both crypto currencies and everyday use cases, the cost of gas expenses keeps on skyrocketing with increase in its demand. The problems get compounded with the technological requirements surfacing with increasing volume of the immutable data storage, which itself is very expensive in terms of gas costs. We analyze the costs associated with blockchain storage in this paper, and present a comparative analysis of how the healthcare data storage on immutable media varies with on-chain and off-chain blockchain solutions.KeywordsGas costsImmutable data storesStorage costOff-chain and on-chain solutions
In recent times, a number of Internet of Things (IoT) related healthcare applications have been deployed for automating healthcare services and offering easy accessibility to patients. Several issues like security, fault-tolerant, and reliability have restricted the utilization of IoT services in real-time healthcare environments. To achieve security, blockchain technology can be utilized which offers effective interoperability of healthcare databases, ease of medical data access, device tracking, prescription database, hospital assets, etc. Therefore, this paper presents an optimal Elliptic curve cryptography-based encryption algorithm for a blockchain-enabled medical image transmission model, named OECC-BMIT. The presented OECC-BMIT model involves different stages of operations such as encryption, optimal key generation, blockchain-enabled data transmission, and decryption. Firstly, the OECC-BMIT model performs Elliptic curve cryptography (ECC) based encryption technique to securely transmit the medical images. In order to generate the optimal set of keys for the ECC technique, modified bat optimization (MBO) algorithm is applied. Then, the encrypted images undergo secure transmission via blockchain technology. The encrypted images are decrypted on the recipient side and the original medical image is reconstructed effectively. Extensive sets of experimentations were performed to highlight the goodness of the OECC-BMIT algorithm and the obtained results pointed out the improved outcome over the state of art methods in terms of different measures.
Full-text available
Multi-party authorization (MPA) typically involves multiple parties to control and grant access to shared data. MPA is used to solve the insider’s attack problem by ensuring that a single authority or party is not acting alone. Currently, almost all existing implementations of MPA are centralized and fall short in providing logs and events related to provenance of granting permissions in a trusted, secure, immutable, auditable, and decentralized manner. Moreover, for sharing data, proxy re-encryption algorithms are often used to give secure access to encrypted shared data. These schemes and algorithms are also centralized and cannot be trusted. In this paper, we propose a fully decentralized blockchain-based solution in which MPA is implemented using Ethereum smart contracts, and proxy re-encryption algorithms (which are computationally expensive) are implemented using multiple oracles to give access to encrypted shared data stored on a public and decentralized storage platform, such as the Interplanetary File Systems (IPFS). The smart contracts help to validate results based on the majority of encrypted results determined by the oracles. For this, we incorporate reputation mechanisms in the proposed smart contracts to rate the oracles based on their malicious and non-malicious behaviors. We present algorithms along with their full implementation, testing, and validation details. We evaluate the proposed system in terms of security, cost, and generalization to show its reliability and practicality. We make the smart contract source code publicly available on Github.
Full-text available
The healthcare sector is one of the most rapidly growing sectors globally. With the ever-growing technology, patient care, regulatory compliance, and digital transformation, there is an increased need for healthcare sectors to collaborate with all stakeholders – both within the healthcare ecosystem and in concurring industries. In recent times, telemedicine has proven to provide high quality, affordable, and predominantly adapted healthcare services. However, telemedicine suffers from several risks in implementation, such as data breach, restricted access across medical fraternity, incorrect diagnosis and prescription, fraud, and abuse. In this work, introduce blockchain-based framework that would unlock the future of the healthcare sector and improved services. Our proposed solution utilizing Ethereum smart contracts to develop a transparent, tamper-proof telemedicine healthcare framework, and ensure the integrity of sensitive patient data eliminating a central administrator. Moreover, the smart contract regulates the interaction between all the parties involved in the network and keeps the patient meticulously informed about the transactions in the network.
Full-text available
The insurance business plays a quite significant role in people’s lives, but in the process of claim settlement, there are still various frauds such that the insurance companies’ refusal to compensate or customers’ malicious fraud to obtain compensation. Therefore, it is very important to ensure fair and just claims. In this paper, by combining the blockchain technology and the ciphertext-policy attributebased encryption system, we build a scheme for secure storage and update for insurance records under the InterPlanetary File System (IPFS) storage environment in the insurance system. In this scheme, we use the fog node to outsource encryption of insurance records to improve the efficiency of the staff; In addition, we store encrypted insurance records on IPFS to ensure the security of the storage platform and avoid the single point failure of the centralized mechanism. In addition, we use the immutability of the blockchain to achieve the non-repudiation of both insurance companies and the client. The security proof shows that the proposed scheme can achieve selective security against selected keyword attacks. Our scheme is efficient and feasible under performance analysis and real data set experiments.
Currently, sharing and access of medical imaging is a significant element of present healthcare systems, but the existing infrastructure of medical image sharing depends on third-party approval. In this chapter, the authors have proposed a framework in order to provide a decentralized storage model for medical image sharing through IPFS and blockchain technology that remove the hurdle of third-party dependency. In the proposed model, the authors are sharing the imaging and communications in medicine (DICOM) medical images, which consist of various information related to disease, and hence, the framework can be utilized in the real-time application of the healthcare system. Moreover, the framework maintains the feature of immutability, privacy, and availability of information owing to the blockchain-based decentralized storage model. Furthermore, the authors have also discussed how the information can be accessed by the peers in the blockchain network with the help of consensus. To implement the framework, they have used the python ask and anaconda python.
Electronic Healthcare Record (EHR) is an electronic variant of patient’s health history, which is sustained by the system over a period, and can incorporate the entirety of the key authoritative clinical information which is significant to the users care under a particular framework supplier, contains socioeconomics, progress notes, hitches, medications, essential signs, past clinical history, vaccinations, and radiology reports. The use of an EHR is significant to make progress, just as to ensure an elevated level of sheltered and compelling degree of patient consideration framework. Patient records are fully monitored by hospitals rather than patients, which becomes complicated to seek clinical advice from various medical clinics. Patients face stringent need to concentrate on the subtleties of their human services and reestablish the executives of their clinical information This advanced system will account for interactions with this medical data in an auditable, transparent and secure way on EHR’s distributed ledger. By using a decentralized patient-centered approach users will be able to leverage their medical data. This system will use to improve care for individuals by setting the patient at the focal point of the advanced change of healthcare. The rapid advancement of blockchain innovation with smart contracts and IPFS storage improves the existing medicinal services, including clinical records just as patient-associated evidence. This advanced model provides high flexibility and EHRs availability for healthcare services.
Conference Paper
Telesurgery (TS) with 5G-enabled Tactile Internet (TI) has enormous potential to deliver real-time ultra-responsive surgical services remotely with high quality and accuracy. It is quite beneficial for the society in prospect to highly precise surgical diagnosis. However, the existing TS systems have security, privacy, latency, and blockchain (BC) storage cost issues, which restricts its applicability in surgical procedures across the world in near future. To mitigate the above-mentioned issues, in this paper, we propose an approach named as AaYusH (Ethereum smart contract (ESC) and IPFS-based TS system). The security and privacy issues in AaYusH can be resolved through ESC, whereas storage cost issues with Inter Planetary File System (IPFS) protocol. Moreover, we present a real-time SC written in Solidity and deployed in Truffle suite. We test the security bugs of AaYusH in MyThril open-source tool and detect no issues. Finally, we evaluate the performance of AaYusH in context to latency and data storage cost and it outperforms as compared to traditional telesurgery system.
Conference Paper
Unmanned aerial vehicle (UAV) is used in various smart applications, such as defense, civilian, and healthcare services. As data in these applications flow through an open channel, i.e., the Internet, so security and privacy always a challenging issue. Though many solutions exist for this problem in literature, but these solutions are not adequate to handle security, privacy, latency, and efficient real-time delivery of healthcare services remotely over the wireless communication channel. Moreover, the existing UAV systems have security, reliability, latency, and storage cost issues, which restricts their applicability shortly. Motivated from these facts, this paper proposes VAHAK, an Ethereum Blockchain (BC) based secure outdoor healthcare medical supplies using UAVs. VAHAK provides reliable communication between the UAVs and the entities in a decentralized manner, which ensures the early delivery of required medical supplies to the critical patients. In VAHAK, security, privacy, and reliability issues have been resolved using Ethereum smart contract (ESC), while storage cost issues are handled with IPFS protocol. The security vulnerabilities of the VAHAK are tested on MyThril open-source tool. VAHAK is efficient in terms of data storage cost as it uses the InterPlanetary File System (IPFS) for healthcare record storage and 5G-enabled Tactile Internet (TI) for communication, respectively. Finally, VAHAK performance evaluation demonstrates its effectiveness as compared to the traditional systems where it outperforms the existing schemes with respect to various performance evaluation metrics, such as scalability, latency, and network bandwidth.