Decentralized Identity Management for E-Health Applications: State-of-the-Art and Guidance for Future Work
Keywords:blockchain and eHealth, blockchain identity management, blockchain in healthcare , blockchain open access journal, blockchain research, decentralized identity, decentralized identity for healthcare, virtual healthcare
Background: The increasing usage of various online services requires an efficient digital identity management approach. Unfortunately, the original Internet protocols were not designed with built-in identity management, which creates challenges related to privacy, security, and usability. Thereis an increasing concern regarding the management of these sensitive data in the society, who have access to it and where it is stored. Blockchain technology can, potentially offer a secure solution to address this problem, in a decentralized manner without any centralized authority. This is of importance for e-health services where the patient and the healthcare provider often are required toprove their identity. Blockchain technology can be utilized for creating digital identities and make themanagement of those identities easier, giving a higher degree of control to the user than what current solutions offer. It can be used for creating a digital identity on the blockchain, making it easier to manage for individuals and entities, giving them greater control over who has their personal in-formation and how they handle it, and it could be utilized to create a higher degree of trust andsecurity to e-health applications.
Objective The aim of this research work is to review the state-of-the- art regarding blockchain-based decentralized identity management for healthcare applications. Based on this summary, we provide a viewpoint on how blockchain-based decentralized identity frameworks couldbe utilized for virtualized healthcare applications.
Method This research has applied a scoping, semi-systematic review approach to summarize thestate-of-the-art. Included identity management systems were evaluated based on seven criteria:Autonomy, Authority, Availability, Approval, Confidentiality, Tenacity and Interoperability ResultsSeven blockchain-based identity management systems were included and evaluated in this work:These include solutions built with Ethereum, Hyperledger Indy, Hyperledger Fabric, Hedera andSovrin blockchains.
Conclusion Digital identity management is crucial for virtual healthcare. Decentralized identity management for healthcare purposes is currently being explored, both in academia and the private sector. More work is needed with the aim to improve the efficiency of current DIM solutions and to fully understand what technical frameworks are best suited for e-health applications.
Zhang P, Schmidt DC, White J, Lenz G. Blockchain technology use cases in healthcare. In: Raj P, Deka GC, editors. Advances in computers. Vol. 111. Elsevier; 2018, pp. 1–41.
Siyal AA, Junejo AZ, Zawish M, Ahmed K, Khalil A, Soursou G. Applications of blockchain technology in medicine and healthcare: challenges and future perspectives. Cryptography 2019; 3(1): 3. doi: 10.3390/cryptography3010003
Hasselgren A, Rensaa JAH, Kralevska K, Gligoroski D, Faxvaag A. Blockchain for increased trust in virtual health care: proof-of-concept study. J Med Internet Res 2021; 23(7): e28496. doi: 10.2196/28496
Biernacki P, Waldorf D. Snowball sampling: problems and techniques of chain referral sampling. Sociol Methods Res 1981; 10(2): 141–63. doi: 10.1177/004912418101000205
Bouras MA, Lu Q, Zhang F, Wan Y, Zhang T, Ning H. Distributed ledger technology for e-health identity privacy: state of the art and future perspective. Sensors 2020; 20(2): 483. doi: 10.3390/s20020483
Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. Bitcoin.org; 2017. Available from: https://bitcoin.org/bitcoin.pdf [cited 19 August 2021].
Hasselgren A, Kralevska K, Gligoroski D, Pedersen SA, Faxvaag A. Blockchain in healthcare and health sciences – a scoping review. Int J Med Inform 2020; 134: 104040. doi: 10.1016/j.ijmedinf.2019.104040
Weik MH. Computer Science and Communications Dictionary. Boston, MA; Springer US; 2001. doi: 10.1007/1-4020-0613-6_8580
Ellingsen J. Self-sovereign identity systems: opportunities and challenges. Master’s thesis, NTNU, 2019.
Hughes J, Maler E. Security Assertion Markup Language (SAML) v2.0 technical overview. OASIS SSTC Working Draft. 2005, pp. 29–38.
Sakimura N, Bradley D, de Mederiso B, Jones M, Jay E. Openid connect standard 1.0-draft 07. 2011.
Hardt D. The oauth 2.0 authorization framework. Tech. rep., RFC 6749, October 2012.
Mertens W, Rosemann M. Digital identity 3.0: the platform for the people. Working paper NO. 2. PWC Chair in Digital Economy. 2015. Avaiilable at: https://research.qut.edu.au/cde/wp-content/uploads/sites/279/2021/03/Digital-Identity-3.0-The-Platform-for-the-People.pdf
Satchell C, Shanks G, Howard S, Murphy J. Identity crisis: user perspectives on multiplicity and control in federated identity management. Behav Inf Technol 2011; 30(1): 51–62. doi: 10.1080/01449290801987292
Rose J, Rehse O, Rober B. The value of our digital identity. Boston Consulting Group; 2012. Available at: https://www.bcg.com/publications/2012/digital-economy-consumer-insight-value-of-our-digital-identity
de Marneffe P. Vice laws and self-sovereignty. Crim Law Philos 2013; 7(1): 29–41. doi: 10.1007/s11572-012-9157-x
Allen C. The path to self-sovereign identity. Available from: http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html [cited 20 October 2021].
Evernym. The world’s leading platform for verifiable credentials. Available from: https://www.evernym.com/ [cited 13 September 2021].
SertoID. Trust with control. Available from: https://www.serto.id/ [cited 13 September 2021].
ION. Layer 2 decentralized identifier network. Available from: https://identity.foundation/ion/ [cited 10 November 2021].
Satybaldy A, Nowostawski M, Ellingsen J. Self-sovereign identity systems. In: Friedewald M, Önen M, Lievens E, Krenn S, Fricker S, editors. IFIP International Summer School on Privacy and Identity Management. Springer; 2019, pp. 447–61.
López MA. Self-sovereign identity-the future of identity: self-sovereignity, digital wallets, and blockchain. Materials Today: Proceedings, 2019.
W3C Credential Community Group. Decentralized identifiers. Available from: https://www.w3.org/TR/did-core/ [cited 13 September 2021].
W3C. Verifiable credentials data model 1.0. Available from: https://www.w3.org/TR/vc-data-model/ [cited 20 June 2021].
DIF. Decentralized Identity Foundation. Available from: https://identity.foundation [cited 10 June 2021].
Iyengar R, CNN. Twitter accounts of Joe Biden, Barack Obama, Elon Musk, Bill Gates, and others apparently hacked. Available from: https://edition.cnn.com/2020/07/15/tech/twitter-hack-elon-musk-bill-gates/index.html [cited 15 July 2021].
Berghel H. Equifax and the latest round of identity theft roulette. Computer 2017; 50(12): 72–6. doi: 10.1109/MC.2017.4451227
Isaak J, Hanna MJ. User data privacy: Facebook, Cambridge Analytica, and privacy protection. Computer 2018; 51(8): 56–9. doi: 10.1109/MC.2018.3191268
Forbes. Understanding the first American financial data leak: how did it happen and what does it mean? Available from: https://bit.ly/3cmEKjJ [cited 12 May 2021].
Andersson T. The medical leadership challenge in healthcare is an identity challenge. Leadership in Health Services; 2015. Leadersh Health Serv (Bradf Engl). 2015;28(2):83–99. doi: 10.1108/LHS-04-2014-0032
Houtan B, Hafid AS, Makrakis D. A survey on blockchain-based self-sovereign patient identity in healthcare. IEEE Access 2020; 8: 90478–94. doi: 10.1109/ACCESS.2020.2994090
Khurshid A, Holan C, Cowley C, Alexander J, Harrell DT, Usman M, et al. Designing and testing a blockchain application for patient identity management in healthcare. JAMIA Open 2021; 4(3): 1–8. doi: 10.1093/jamiaopen/ooaa073
Mikula T, Jacobsen RH. Identity and access management with blockchain in electronic healthcare records. In: 2018 21st Euromicro conference on digital system design (DSD); 2018 Aug 29–31, Prague, Czech Republic. IEEE; 2018, pp. 699–706.
Sharma B, Halder R, Singh J. Blockchain-based interoperable healthcare using zero-knowledge proofs and proxy re-encryption. In: 2020 International Conference on COMmunication Systems & NETworkS (COMSNETS); 2020 January 7-11, Bengaluru, India. IEEE; 2020, pp. 1–6.
Javed IT, Alharbi F, Bellaj B, Margaria T, Crespi N, Qureshi KN. Health-id: A blockchain-based decentralized identity management for remote healthcare. Healthcare. 2021;9:712. https://doi.org/10.3390/healthcare9060712.
W3C. Peer did method specification. Available from: https://openssi.github.io/peer-did-method-spec/ [cited 20 June 2020].
Sovrin Foundation. Sovrin: a protocol and token for self- sovereign identity and decentralized trust. 2018. Available from: https://sovrin.org/wp-content/uploads/Sovrin-Protocol-and-Token-White-Paper.pdf [cited 10 November 2021].
Linux Foundation. Hyperledger Indy project. Available from: https://www.hyperledger.org/projects/hyperledger-indy [cited 10 June 2021].
Truu. Trusted digital passports for healthcare professionals. Available from: https://truu.id/ [cited 15 October 2021].
Mediblock. Own your health data. It’s rightfully yours. Available from: https://medibloc.com/en/ [cited 25 October 2021].
Mediblock. Medibloc techinical whitepaper. Available from: https://github.com/medibloc/whitepaper/blob/master/TechinicalWhitepaper_ENG.md/ [cited 25 October 2021].
Mediblock. Good Moonhwa Hospital. Available from: https://medium.com/medibloc/welcome-good-culture-hospital-44fb1cb1a327 [cited 24 October 2021].
Mediblock. Yongin Severance Hospital. Available from: https://medium.com/medibloc/welcome-yongin-severance-hospital-c01ac5d64129 [cited 24 October 2021].
Hedera. Hashgraph consensus algorithm. Available from: https://docs.hedera.com/guides/core-concepts/hashgraph-consensus-algorithms [cited 20 October 2021].
Hedera. Hedera hashgraph for data integrity & authenticity. Available from: https://hedera.com/hh_safe-health-systems-case-study_201130.pdf [cited 20 October 2021].
How to Cite
Copyright (c) 2022 Anton Hasselgren, Abylay Satybaldy, Mariusz Nowostawski
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Authors retain copyright of their work, with first publication rights granted to Blockchain in Healthcare Today (BHTY). Read the full Copyright Statement.