HAPPS: A hidden attribute and privilege-protection data sharing scheme with verifiability

Data is a key asset in our interconnected and smart city. Especially, in the context of healthcare, healthcare data can facilitate remote diagnosis and medical research. Because of the potentially sensitive nature of healthcare data, privacy is a key consideration for both individuals and organizations. We can broadly categorize privacy considerations into data privacy, attribute privacy, and privilege policy privacy. To support one or more notions of privacy, the potential of solutions, such as fine-grained access control [e.g., those based on attribute-based encryption (ABE)] and blockchain in realizing data sharing has been explored. However, these approaches generally only facilitate access control of data and the traceability of the sharing process, and do not protect the attribute and privilege policy privacy of users. Therefore, in this article, we implement HAPPS, a hidden attribute and privilege-protection data-sharing scheme with verifiability. The three key building blocks of HAPPS are zero-knowledge proof, blockchain, and distributed ABE (DABE). Specifically, in our approach, we propose a new data access control strategy (i.e., attribute-hidden zero-knowledge proof-at-ZKP) to hide user identity and attributes during the authorization process. Our scheme is embedded in the blockchain and built into the decentralized sharing platform to prevent central verifier counterfeiting and support auditing. To demonstrate utility, we prove that HAPPS ensures data, attribute, and privilege policy privacy. Findings of our evaluations implemented on Ethereum and using the data set from the healthcare cost and utilization project (HCUP), we demonstrate that our scheme can share sensitive healthcare records belonging to minors (e.g., children) without the at-ZKP incurring unrealistic cost.