Identity resilience in the digital health ecosystem: A key recovery-enabled framework

Document Type

Article

Publication Title

Computers in Biology and Medicine

Abstract

In response to the evolving landscape of digital technology in healthcare, this study addresses the multifaceted challenges pertaining to identity and data privacy. The core of our key recovery-enabled framework revolves around the establishment of a robust identity verification system, leveraging the World Wide Web Consortium(W3C) standard for verifiable credentials(VC) and a test blockchain network. The approach leverages cryptographic proofs embedded within credentials issued by various entities to securely validate the legitimacy of identities. To ensure standardized identity establishment, the roles and responsibilities of entities align with the UK digital identity and attribute trust framework, resulting in a cohesive verification process. Embracing self-sovereign identity (SSI), encrypted credentials are stored within the owner's device, empowering individuals with data control while prioritizing privacy and security. Furthermore, the work introduces an algorithm that places paramount importance on owner-centricity, trustworthiness, and privacy-aware handling of SSI credentials, subjected to threat modeling through the Owasp Dragon tool. A key recovery algorithm, a key component of our Recovery-Enabled Framework, empowers users to regain credentials using a trustee-based recovery system with a memorized PIN, eliminating the need for third-party reliance. Furthermore, a trust score, a crucial component of the framework, assesses the conformity of verified credentials with stated standards, boosting trust in established identities. Leveraging the modularity of Hyperledger Fabric, the work utilizes smart contracts to impose context-aware attribute-based policies, ensuring controlled access, traceability, and auditability, consequently strengthening security. Through comprehensive development, refinement, and rigorous testing, the prototype emerges as a potent tool for enhancing security within the Digital Health Ecosystem. It equips organizations with the means to navigate this digital landscape while inspiring trust among stakeholders, significantly contributing to the resilience of identity in the digital health ecosystem.

DOI

10.1016/j.compbiomed.2023.107702

Publication Date

12-1-2023

This document is currently not available here.

Share

COinS