Abstract
Access control is a crucial part of a system's security, restricting what actions users can perform on resources. Therefore, access control is a core component when dealing with eHealth data and resources, discriminating which is available for a certain party. We consider that current systems that attempt to assure the share of policies between facilities are prone to system's and network's faults and do not assure the integrity of policies life-cycle. By approaching this problem with a blockchain where the operations are stored as transactions, we can ensure that the different facilities have knowledge about all the parts that can act over the eHealth resources while maintaining integrity, auditability, and authenticity.

Abstract
The Internet of Things is progressively getting broader, evolving its scope while creating new markets and adding more to the existing ones. However, both generation and analysis of large amounts of data, which are integral to this concept, may require the proper protection and privacy-awareness of some sensitive information. In order to control the access to this data, allowing devices to verify the reliability of their own interactions with other endpoints of the network is a crucial step to ensure this required safeness. Through the implementation of a blockchain-based Public Key Infrastructure connected to the Keybase platform, it is possible to achieve a simple protocol that binds devices’ public keys to their owner accounts, which are respectively supported by identity proofs. The records of this blockchain represent digital signatures performed by this Keybase users on their respective devices’ public keys, claiming their ownership. Resorting to this distributed and decentralized PKI, any device is able to autonomously verify the entity in control of a certain node of the network and prevent future interactions with unverified parties. © 2020, Springer Nature Switzerland AG.

Abstract

Abstract

Abstract

Abstract