Cx-CP-ABE: Context-aware attribute-based access control schema and blockchain technology to ensure scalable and efficient health data privacy

Nowadays, advancements in health technology have characterized modern illness diagnosis methods in the global healthcare system. The World Health Organization (WHO) has received a large number of respiratory disease patients in recent years, resulting in billions of personal health records (PHRs) being created and transmitted via cloud with the aim of taking precautions and restricting the disease. The transmission of PHR through Internet has generated significant security and privacy concerns for the global health care system. Furthermore, the potential change in the patient's health situation at any time needs immediate and secure healthcare access. For robust authentication and optimal confidentiality, it is necessary to reinforce the access control policies. As a result, various security schemes have been developed but lack efficiency while deploying cloud-based e-health applications, where the cloud providers are honest but curious and may obtain sensitive data without the consent of users. In this article, we present a new security scheme for e-health mobile applications based on hybrid cipher text-policy attribute access control, blockchain, and context-awareness (Cx-CP-ABE). The approach is based on reinforcing security policies pertaining to the continuous evolution of the patient's state and context changes and the improvement of the patient's data confidentiality. The proposed security scheme has been evaluated under various patient contexts, and its performance has been measured in terms of sensitivity, number of health attributes, and execution time.