Context: The digitalization of the healthcare sector faces significant challenges due to the diverse represen-tation of data and their distribution across various hospitals. Moreover, security is a key concern as health-care-related data are subject to the legal obligations of General Data Protection Regulation (GDPR) and similar data protection legislation. Standardization efforts like Health Level Seven (HL7) have been implemented to enhance data interoperability. However, authentication still remains a critical issue with significant challenges. Aim: This research aims to improve and strengthen the authentication process by introducing a novel architecture for decentralized authentication. Additionally, it proposes a new approach to decentralized data manage-ment, which is crucial for handling sensitive medical data efficiently. Methodology: The proposed architecture adopts a user-centric approach, utilizing Self-Sovereign Identity (SSI). It introduced a new non-fungible token (NFT) type called soulbound token (SBT) in the medical con-text, which will facilitate user authentication across different hospitals, effectively creating a federation of interconnected institutions. Results: The implementation of the proposed architecture demonstrated a significant reduction in authentication time across multiple hospitals. The use of SBT ensured secure and seamless user authentication, en-hancing overall system interoperability and data security. The decentralized approach also mitigated the risks associated with centralized authentication servers. Conclusion: This study successfully presents a novel decentralized authentication architecture for the health-care domain, leveraging SSI and SBTs. This approach accelerates the authentication process and enhances data security and interoperability among hospitals. Future research should explore the scalability of this architecture and its application in other sectors requiring stringent data security measures.
Soulbound Tokens: Enabler for Privacy-Aware and Decentralized Authentication Mechanism in Medical Data Storage
Boi, Biagio;Cirillo, Franco
;De Santis, Marco;Esposito, Christian
2024
Abstract
Context: The digitalization of the healthcare sector faces significant challenges due to the diverse represen-tation of data and their distribution across various hospitals. Moreover, security is a key concern as health-care-related data are subject to the legal obligations of General Data Protection Regulation (GDPR) and similar data protection legislation. Standardization efforts like Health Level Seven (HL7) have been implemented to enhance data interoperability. However, authentication still remains a critical issue with significant challenges. Aim: This research aims to improve and strengthen the authentication process by introducing a novel architecture for decentralized authentication. Additionally, it proposes a new approach to decentralized data manage-ment, which is crucial for handling sensitive medical data efficiently. Methodology: The proposed architecture adopts a user-centric approach, utilizing Self-Sovereign Identity (SSI). It introduced a new non-fungible token (NFT) type called soulbound token (SBT) in the medical con-text, which will facilitate user authentication across different hospitals, effectively creating a federation of interconnected institutions. Results: The implementation of the proposed architecture demonstrated a significant reduction in authentication time across multiple hospitals. The use of SBT ensured secure and seamless user authentication, en-hancing overall system interoperability and data security. The decentralized approach also mitigated the risks associated with centralized authentication servers. Conclusion: This study successfully presents a novel decentralized authentication architecture for the health-care domain, leveraging SSI and SBTs. This approach accelerates the authentication process and enhances data security and interoperability among hospitals. Future research should explore the scalability of this architecture and its application in other sectors requiring stringent data security measures.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
