The BlockChain to Privacy-preserving in SHaring sensItive hEaLth Data (BCPShield) is a framework blockchain-based to enhancing privacy on healthcare systems to share data between users. Besides, we are using differential privacy and K-anonymity to privacy-preserving, and the Hyperledger Fabric to build a blockchain network.
The modules are:
- Healthcare provider: to store and exchange data, also comunicate with blockchain and privacy module.
- Privacy: Apply privacy on data.
- Blockchain: Blockchain network based on Hyperledger Fabric 1.4.4, and Off-chain network through InterPlanetary File System (IPFS)
- User inferface: It is a module make by REST API to establish user, blockchain, Healthcare provider interaction. On the other hand, an interface that applications can connect and uses the framework.
The user are: patient, doctor, and researcher.
In short, the framework can enhance data sharing to research and contribute to reliability increase due to joining the blockchain and privacy mechanism.
For our proof of concept we use a Dicom object, which will be transferred between researchers. Dicom object is a representation blockchain imaging within blockchain database.
Dicom atributes:
- DicomID, PatientID, DocType, PatientFirstname, PatientLastname, PatientTelephone, PatientAddress, PatientAge, PatientBirth, PatientOrganization, PatientMothername, PatientReligion, PatientSex, PatientGender, PatientInsuranceplan, PatientWeigth, PatientHeigth, MachineModel, Timestamp.
For our proof of concept we use a Log object, which represents access log on any asset.
Log attributes:
- LogID, DocType, AssetToken, TypeAsset, HolderAsset, HproviderGet, Timestamp, WhoAccessed, AccessLevel.
For our proof of concept we use a request object that have aim to request an imaging from anyone patient or researcher.
Request attributes:
- RequestID, DocType, DataAmount, Timestamp, HolderRequested, UserRequest.
For our proof of concept we use a Shared Dicom object that have aim to represents a metadata within blockchain for shared asset.
Shared Dicom attributes:
- BatchID, DocType, IpfsReference, DicomShared, Holder, HolderAccepted, Timestamp, DataAmount, WhoAccessed.
- Objective: Insert dicom representation wihthin blockchain.
- Parameter: Dicom object.
- Return: bool.
- Objective: get Dicom object on blockchain.
- Parameter: DicomID.
- Return: Dicom object as Json.
- Objective: For patient share data with a doctor.
- Parameter: Patient ID, DoctorID, hashIPFS repository and DicomID files it want to share.
- Return: string hash for doctor to access data.
- Objective: For doctor gets patient's imaging.
- Parameter: string hash shared by the patient.
- Return: Dicom object anonymized with K-anonymity and IPFS Hash.
- Objective: For researcher to request an amount imaging for your research.
- Parameter: Amount data, researchID, and "PatientID.
- Return: RequestID.
- Objective: For patients or other researchers sharing your data (Observer that when request is activated this function to trigger).
- Parameter: holderID, requestID and IPFS Hash
- Return: string hash for researcher to access data.
- Objective: For researcher to get data requested.
- Parameter: string hash shared by the patient.
- Return: Dicom object anonymized with Differential Privacy and IPFS Hash.
- Objective: For network's administrator to audit logs when assets leakage.
- Parameter: token Hash inserted within metadata imaging.
- Return: Log object as Json.
- Step 0:
a) install docker engine and docker-compose
b) install golang
c) download hyperledger fabric binaries
d) node js version = 10.x and npm version >= 6.x
- Step 1:
a) You should use the folder hyperledger-network
b) In folder run the script ./byfn.sh generate to build credentials and keys for organization on Hyperledger Fabric
- Step 2:
a) To make a smart contract you might use an extension IBM blockchain platform on VSCode
b) With a smart contract made you should move the contract folder to folder chaincode
c) In file scripts/script.sh change variable CC_SRC_PATH to path your smart contract (For instance, CC_SRC_PATH="github.com/chaincode/imaging-contract")
- Step 3:
a) Before build a blockchain network, if you intent to make a different network you should change this files:
- crypto-config.yaml
- configtx.yaml
- docker-compose-ca.yaml
- docker-compose-couch.yaml
- docker-compose-cli.yaml
- ccp-generate.sh
- utils.sh
- script.sh)
- byfn.sh
b) To build our network you should run the command **byfn.sh up -s couchdb -a true -l golang -i 1.4.4**
c) The blokchain network is done
d) The API to interact with a blokchain can modify in the file [api-dicom/server/server.js](https://github.com/eriksonJAguiar/bcpshield-framework/tree/master/api-dicom/server)
e) Run the script [api-dicom/server/server.js](https://github.com/eriksonJAguiar/bcpshield-framework/tree/master/api-dicom/server/server.js) to make available the blockchain API for that communicate with other components. You might execute this command **node server.js**
- Step 4:
a) To build a Off-chain network using the IPFS framework we should following this tutorial IPFS Tutorial
b) The configuration has been made in a Linux machine from Google Cloud, but we can use any Linux machine. This machine was a master node on IPFS network
c) Run the script ipfs-cli-main.go using the command go run ipfs-cli-main.go. P.s. You should change the IPFS IP
- Step 5:
a) In Healthcare providers machines you may run components for observer, local database, and privacy methods
b) First, each machine should have installed Docker, golang, and python 3
c) Then, we can run the command to build Docker container for observer. In folder bcpshield-hprovider run the script .\init.sh
d) This script will be build a docker containers for obsever, MongoDB local, and privacy methods (K-anonymity and Differencial privacy)
- Erikson Júlio de Aguiar
- Jó Ueyama
This project was funded by São Paulo Research Foundation - FAPESP. However, all opinions, hypothesis, conclusions, or recommendations contains on this repository are responsibility the author and do not reflect FAPESP's vision.