DAMFSD: A decentralized authorization model with flexible and secure delegation

During the digital age of healthcare, it is crucial to utilize medical data scattered across different healthcare institutions to improve diagnostic precision and customize treatment strategies. A common solution to achieve this is establishing an authorization service that facilitates secure sharing of medical data and promotes interoperability among various healthcare institutions. However, there is a risk of a single point of failure because the majority of authorization systems in use rely on a central trusted service. This paper proposes DAMFSD, a decentralized authorization model with flexible and secure permissions delegation for medical data sharing. Specifically, patients can transfer their permissions to reliable institutions or individuals for flexible management and delegation while they retain control and monitor their permissions. We use cryptographic techniques for secure and fine-grained delegation and smart contracts to enable decentralized and flexible delegation. Finally, we performed a security analysis to demonstrate DAMFSD's feasibility and conducted a performance evaluation on the permissioned blockchain to show its applicability.