sensors
Article
Deep Learning Based Homomorphic Secure Search-Able
Encryption for Keyword Search in Blockchain Healthcare
System: A Novel Approach to Cryptography
Aitizaz Ali 1 , Muhammad Fermi Pasha 1 , Jehad Ali 2,3, * , Ong Huey Fang 1 , Mehedi Masud 4 ,
Anca Delia Jurcut 5 and Mohammed A. Alzain 6
1 Department of Software Systems and Cyber-Security, School of IT, Monash University, Jalan Lagoon Selatan,
Bandar Sunway, Subang Jaya 47500, Malaysia; aitizaz.ali@monash.edu (A.A.);
muhammad.fermipasha@monash.edu (M.F.P.); Ong.hueyfang@monash.edu (O.H.F.)
2 Department of Computer Engineering, Ajou University, Suwon 16499, Korea
3 Department of AI Convergence Network, Ajou University, Suwon 16499, Korea
4 Department of Computer Science, College of Computers and Information Technology, Taif University,
P.O. Box 11099, Taif 21944, Saudi Arabia; mmasud@tu.edu.sa
5 School of Computer Science, University College Dublin, Belfield 4, D04 V1W8 Dublin, Ireland;
anca.jurcut@ucd.ie
6 Department of Information Technology, College of Computers and Information Technology, Taif University,
P.O. Box 11099, Taif 21944, Saudi Arabia; m.alzain@tu.edu.sa
* Correspondence: jehadali@ajou.ac.kr
Abstract: Due to the value and importance of patient health records (PHR), security is the most
critical feature of encryption over the Internet. Users that perform keyword searches to gain access to
���������� the PHR stored in the database are more susceptible to security risks. Although a blockchain-based
�������
healthcare system can guarantee security, present schemes have several flaws. Existing techniques
Citation: Ali, A.; Pasha, M.F.; Ali, J.;
Fang, O.H.; Masud, M.; Jurcut, A.D.; have concentrated exclusively on data storage and have utilized blockchain as a storage database.
Alzain, M.A. Deep Learning Based In this research, we developed a unique deep-learning-based secure search-able blockchain as a
Homomorphic Secure Search-Able distributed database using homomorphic encryption to enable users to securely access data via
Encryption for Keyword Search in search. Our suggested study will increasingly include secure key revocation and update policies. An
Blockchain Healthcare System: A IoT dataset was used in this research to evaluate our suggested access control strategies and compare
Novel Approach to Cryptography. them to benchmark models. The proposed algorithms are implemented using smart contracts in the
Sensors 2022, 22, 528. https:// hyperledger tool. The suggested strategy is evaluated in comparison to existing ones. Our suggested
doi.org/10.3390/s22020528
approach significantly improves security, anonymity, and monitoring of user behavior, resulting in a
Academic Editor: Alessandra more efficient blockchain-based IoT system as compared to benchmark models.
Rizzardi
Keywords: security; blockchain; privacy; homomorphic encryption; deep learning; access control;
Received: 12 November 2021
smart contracts
Accepted: 29 December 2021
Published: 11 January 2022
Publisher’s Note: MDPI stays neutral
with regard to jurisdictional claims in 1. Introduction
published maps and institutional affil-
A patient health record (PHR) is the basic and important information related to a
iations.
patient’s history and related details. The digital healthcare system is considered as the
platform for transferring and receiving patient health records. However, the existing digital
healthcare systems rely on centralized servers, which are more prone to security breaches.
Copyright: © 2022 by the authors.
Hence, the simplest solution is to integrate the digital healthcare system to blockchain
Licensee MDPI, Basel, Switzerland.
technology due to its wide variety of applications and improved security. More importantly,
This article is an open access article
blockchain provides peer-to-peer (P2P) and decentralized network systems. In general,
distributed under the terms and blockchains can be classified into three different categories, namely, private, public, and
conditions of the Creative Commons consortium blockchains [1]. It is a permissioned and consortium managed blockchain,
Attribution (CC BY) license (https:// which means all peers are known to each other in the network. This provides trust and
creativecommons.org/licenses/by/ security to all the parties involved. Hyperledger fabric is not domain specific, and it
4.0/). supports Java, Go, Node.js, etc., for creating contracts and networks applications [2].
Sensors 2022, 22, 528. https://doi.org/10.3390/s22020528 https://www.mdpi.com/journal/sensors
,Sensors 2022, 22, 528 2 of 29
In industrial applications, healthcare is considered to be a vital field. In addition to a
classic medical diagnosis, patients’ body parameters, comprised of heart rate, blood sugar
level, electroencephalogram, and additional vital biomedical signals can be monitored by
integrating numerous medical sensing devices for diagnosis [3], as well as health quality
improvement. Medical diagnosis, biomedical research, and policy making sharing can
provide easiness in sharing and secure access. The Internet of Things (IoT) has been
proposed to enhance quality of the industries, break regional limitations to achieve remote
monitoring, perform autonomous production and deliver real-time information to the end
users. For instance, the healthcare industry can often take advantage of the IoT, where
industrial sensors and actuators are used as wearable devices to collect users’ physiological
data, such as blood pressure, electrocardiogram (ECG), temperature, and so on. These
physiological data are usually sent to the nearby devices or servers of the user to carry out
further data collection, aggregation, and then sent for diagnosis and input to a industrial
provider using an open channel, i.e., the Internet. However, due to the round-the-clock
networking of nodes in this IoT network, it is vulnerable to various security issues, such as
message tampering, eavesdropping, and denial of service (DoS) attacks. In the industrial
industry, this raises major security issues as the misuse of data can result in incorrect
diagnosis and can cause life-threatening scenarios for the patients under observation. For
instance, a clinician may want to access the medical records of a patient located in different
hospitals databases in order to decide for the best treatment of a patient. Moreover, this
market can bring a huge and positive impact on the economy. In a nutshell, the digital
healthcare systems’ data sharing and trust are key factors for success, and deficiency could
result in distrust among patients towards the e-healthcare market [4].
There exist several searchable encryption (SE) methods to provide solution to the prob-
lems as mentioned above, but they are not as efficient regarding flexibility and anonymity.
SE can be categorized into different types based on several parameters such as single write
(SW), multiple write (MW) single read (SR), and multiple read (MR) strategies. However, all
SE approaches are not as efficient when deploying to the cloud or server-based architecture
systems. One of the most promising and secure approaches to solve these issues is secure
searchable encryption (SSE), which enables the users to encrypt the data on their own side
without the involvement of a third party. Secure searchable encryption can be divided into
two groups named Asymmetric SSE and Symmetric SSE [4]. Our proposed extended secure
searchable encryption (ESSE) is based on the motivation from [5]. The authors proposed the
idea of Obvious cross Tag (OXT) searchable mechanism. The idea of OXT is to distribute all
master keys among the users in order to take more advantages of the protocol. The problem
with OXT is the key loss or collusion attack, which make it more prone to vulnerabilities.
Our proposed approach is more resilient to active collusion attack and key loss situations.
Moreover, our proposed method is flexible enough to be applied to different platform such
as social media, fog computing, and other IoT-based applications [6].
In this research paper we have proposed extended multi-user-extended SSE which
support the participants to query securely against desired keyword search in the distributed
ledger. The patient encrypts the data at the beginning and uploads it to the blockchain.
Our research method provides facility to the data owner once the data owner completed
the encryption, it will not be necessary to be involved in other processes until he or she
needs policy revocation or deletion.
As known for its flexibility and accessibility, cloud computing is a multi-functional
platform for data storage. However, data outsourced to the cloud might be considered
insecure because the data owner’s control over the data is limited, which potentially poses
more security issues. Similarly, security issues become the primary concern when it comes
to the healthcare industry. Most of the current healthcare data and patient records are stored
in the cloud, thus, dealing with medical records is a concern which is widely shared. Digital
health records including sensitive patient data are seen as some of the most valuable data,
however, it is also vulnerable due to the cloud-based platform, which gives the unethical
third parties more chances to access or steal the data due to the market value [7]. Although
, Sensors 2022, 22, 528 3 of 29
advancement has been made in access control schemes and frameworks, however, issues
still exist in the proposed schemes. These include the absence of measuring granularity in
authorizing [8], reliance on identity, and role or purpose-based access control schemes [9].
The existing access control system only relies on identity, or role-based and attribute-based
methods. Through a series of comparative analysis, it has been observed that the most
appropriate access control strategy among the existing solutions is ABE [10]. The Public-
Key encryption does not overcome the security aspects of the attribute-based encryption.
Consequently, in the proposed solution, we have used Attribute Based Signature (ABS),
since it guarantees anonymity as well as unforgeability to the signer [11,12]. The aim of our
proposed strategy is to secure the Personal Health Record (PHR) leveraging homomorphic
encryption and fine-grained access control without any security loss or threat. To achieve
our goals, we propose a novel protocol based on data sharing via combining two latest
attribute based cryptography schemes and homomorphic encryption with an ABAC model
using hyperledger fabric. Furthermore, we have provided a detailed comparison based
evaluation of our scheme with several state-of-the-art schemes. The critical difference of
the proposed scheme and the traditional the application of the computational trust-based
value. The advantages of trust evaluation includes:
1. Developing a novel lightweight consensus mechanism by combining with the BFT pro-
tocol;
2. Measuring the trustworthiness of the user and presumers before creating smart con-
tracts and before initiating interactions among several parties;
3. Moreover, it also helps in the accountability of the privacy and consent violation;
4. In addition, it helps to check the integrity before adding them to the genesis because
the existing ABAC and RBAC systems have low efficiency, and these are not based on
learning-based methods [13];
5. Finally, we achieve more efficiency and security.
Our proposed approach will examine the parameters chosen, including user behavior,
attributes, trust, unauthorized request, forbidden request, and range of specification. Users
will be divided into different categories based upon the trust value such very low, low,
unknown, moderate, high, and very high trusted users. A threshold value will be set, i.e., if
a user meets the threshold value and also meets the policy, then access will be granted.
In this section, we provide details and preliminaries in order to proof the application of
AI in blockchain and homomorphic encryption. Moreover, our proposed system provides
trust to several parties and individuals withing the consortium’s blockchain. Our main
motivation is to design a blockchain based secure searchable framework that uses deep
learning techniques in order to build a trust. Finally, our goal is to build a generic DL-based
secure searchable model that can support several different types of AI scenarios and dif-
ferent types of datasets. In order to obtain the scalability and reliability in cloud-based
healthcare data sharing schemes illustrated in [14], the schemes have been designed in the
literature by implementing the encryption and operation anonymization. Moreover, partic-
ipants are always curious to transfer their private and sensitive data to the cloud due to the
potential risks [15]. For example, the medical industry can also benefit from the industrial
IoT (IIoT), where industrial sensors and actuators are used as wearable devices to collect
users physiological data, such as blood pressure, electrocardiogram (ECG), temperature,
and so on. These physiological data are usually sent to the nearby devices or servers of
the user to carry out further data collection, aggregation, and then sent for diagnosis and
input to an industrial provider using an open channel, i.e., the Internet. However, due to
the round-the-clock networking of nodes in this IoT network, it is vulnerable to various
security issues, such as message tampering, eavesdropping, and denial of service (DoS)
attacks. In the industrial industry, this raises major security issues as the misuse of data can
result in the incorrect diagnosis and can cause life-threatening scenarios for the patients
under observation. Privacy issues are often related to compromising sensitive information
by using active and passive attacks. In active attacks, the adversary aims to obtain access,
infer, and/or alter private data. Recently, several research works related to data privacy
