Date of Publication
12-12-2022
Document Type
Bachelor's Thesis
Degree Name
Bachelor of Science in Computer Science major in Network and Information Security
Subject Categories
Computer Sciences | Databases and Information Systems
College
College of Computer Studies
Department/Unit
Computer Technology
Thesis Advisor
Katrina Ysabel Solomon
Defense Panel Chair
Marnel S. Peradilla
Defense Panel Member
Fritz Kevin S. Flores
Gregory G. Cu
Abstract/Summary
Electronic Health Records (EHRs) are faced with both confidentiality breach and accessibility problems. EHR systems with mediocre security can be vulnerable to malicious attacks that might lead to sensitive healthcare data being accessible to unauthorized users. In order to protect the privacy and confidentiality of EHRs against malicious attacks, existing state-of-the-art security mechanisms of EHR systems cause difficulty of access in the records of patients as well as in the sharing process among healthcare players and peers. Integrating blockchain technology into EHRs can improve both accessibility and security of the EHR. However, most public blockchain implementations have limitations when it comes to preserving the privacy and confidentiality of the medical data inside the EHR during data sharing. In this work, an Application Programming Interface (API) with secure sharing functionalities to an existing public blockchain framework as a means to strengthen the privacy and confidentiality of healthcare data upon sharing was developed. The API allows for user registrations with designated roles, record additions, and secure sharing of said records with other users. The study focused on a specific type of EHR, particularly immunization records, and implemented a blockchain-based on BHEEM, a blockchain-based framework for securing health records. Additionally, the study implemented a suitable cryptographic algorithm, AES on the implemented existing framework to strengthen privacy and confidentiality when sharing immunization records. The API was tested for its functionalities: access permission, record sharing, and record retrieval through the use of a client application on a web application wherein the researchers were able to conclude that the API functionalities are working as intended. Additionally, a simple application that utilizes the API was also tested for its security with the use of OWASP ZAP, which resulted in finding five alerts with varying degrees of risk levels. Overall, the developed API was able to utilize blockchain technology for healthcare and provide a secure way of sharing sensitive data by using a combination of access control permissions and cryptography. However, the use of blockchain technology has its disadvantages as well, particularly on the smart contract’s limitation on the number of variables allowed to be processed in a transaction limits the information that can be stored in the blockchain, and its immutability with erroneous inputs. The possibility of using databases alongside blockchain could be a better system implementation that harnesses the strengths of both technologies to create a better overall system.
Abstract Format
html
Language
English
Physical Description
105, 18 leaves
Keywords
Application program interfaces (Computer software); Medical records--Data processing; Information storage and retrieval systems--Medical records; Blockchain (Databases)
Recommended Citation
Javier, M. G., Lopez, E. B., & Marcelo, G. R. (2022). An API for secure sharing of immunization records in a public blockchain. Retrieved from https://animorepository.dlsu.edu.ph/etdb_comtech/13
Upload Full Text
wf_yes
Embargo Period
12-12-2023