Bilinear mapping is the technique or method applied for the authentication phase. The suggested authentication approach is analyzed by BAN logic, storage overhead, and cost of computing. The three steps of secure authentication for Medi-block are a start-up, registration, and authentication [3]. This concept of the method is a pairing concept to the elliptic curve. Bilinear denotes that h1, h2 goes to G, and a, b goes to Z_p. The Bilinear formula is given in Eq. (1): (1)e (ha1,hb2)=(h1,h2)∗a∗b

As blockchain has storage memory constraints, hospitals store their records as cypher text, hashes, abstracts, and cloud storage locations in consortium chains’ central nodes. L symbolizes a cloud storage location where medical records are stored; M is the hash of every hospital. In order to be sent to the blockchain network, L would constantly be encrypted with the hospital public key. Below is a flow diagram that illustrates each of the steps involved. Medical records from each hospital are used as input; the output is the trading results of the data from those records.

Stage 1: Produce the corresponding Epubkey {Mac| |H(M)||L}.

A smart city is a digital system that is intelligent and efficient. By digitizing all data, smart cities can manage it. CSPs are connected via a blockchain to ensure user data’s integrity and facilitate data access via Transactions [22]. CSP stores user information on the blockchain using the Secret Sharing algorithm, significantly improving the security of existing centralized systems [23]. The suggested method enhanced security and privacy through security analysis and increased transaction speed and data storage efficiency over prior studies [7]. The blockchain-empowered secret sharing for the smart city concept is shown in Fig. 2.

The challenges in secret sharing have difficulty restoring data if the scattered data’s components do not capture enough data to meet the threshold. In some previous research, blockchain and secret sharing were utilized to create a P2P electronic cash system that permitted centralized financial systems to be transacted P2P via third parties. This study can help mitigate the security weakness of a centralized network, as numerous nodes share the same blocks. Using the blockchain, data blocks can be separated from each other, preventing them from staying altered between blocks and preventing block contents from being amended arbitrarily. As a result, data integrity can be confirmed between dispersed nodes without the involvement of a third party.

There is a proposed biometric identity-based hybrid signcryption (BIOIBHSC) scheme for access control in wireless body area networks (WBAN). This scheme used to build public keys and streamlines vital generation [24]. This also combines two mechanisms: biometric identity-based signcryption tag-key encapsulation mechanism (BIO-IBSCTK) and data encapsulation mechanism (DEM) to attain confidentiality, integrity, authenticity, and anonymity non-repudiation in data sharing. In this proposed scheme, they use bilinear pairings and fuzzy extractor methods. Fig. 3 shows an example of a healthcare system model using an access control scheme.

Another access control mechanism has been introduced to ensure healthcare information security and confidentiality. This mechanism is called the La-grange-interpolation-driven access control mechanism (LIDACM). This LIDACM strictly controls privacy settings and access authority and prevents unauthorized users from accessing personal health records on the cloud. Hence, this simultaneously increases the hacking difficulties of databases and stealing private health records and medical information [25]. Since this mechanism randomly generates a private key, it is not easy to analyze and increases the difficulties cyberattacks face. LIDACM ensures data security when multiple users are accessing it. Two components are used in LIDACM: when the user intends to retrieve medicinal data. The method utilizes A(x) to validate if an access request comes from an authorized user. Then B(y) is utilized to check the PHR (Personal Health Record) system if the file requested by the user is permitted to be accessed. Hence, an example of access control mechanisms for PHR based system is presented in Fig. 4.

Privacy-Preserving is the method of protecting confidentiality and privacy, and data sharing. This resolves traditional data sharing, which were P2P and centralized data sharing modes [12].

In proxy re-encryption, this method will ensure the confidentiality and integrity of the data, allowing the data to be only visible to the owner and the smart contract [11]. In this method, they proposed the Ethereum blockchain and Hyperledger Fabric blockchain. However, the Ethereum blockchain has a limitation where the delay time increases when multiple users’ request or retrieve the data, as shown in the proxy re-encryption architecture in Fig. 5. An intelligent contract is a well-known protocol that enables, verifies, and enforces the negotiation or fulfilment of a contract digitally. Unlike traditional contracts, which rely on counterparties’ reputations, smart contracts can be entered between untrusted, anonymous individuals. Contractual terms are automatically enforced and do not rely on any third party. On the other hand, smart contracts were not conceivable in many traditional systems because the participants maintained separate databases and lacked an appropriate trust model. Therefore, the ability to construct a trusted and shared database based on a blockchain has removed this constraint.

Another way for proxy re-encryption is Key-aggregate cryptosystems. This is an efficient way to enforce access control policies. This key aggregate proxy re-encryption (KAPRE) method secures data sharing on cloud storage [9]. Fig. 6 shows the suggested two variants of KAPRE by [9].

The Service-On-Chain concept was proposed to circumvent the restrictions associated with traditional data exchange methods. The central concept is SOC, data off the chain. By leveraging the blockchain’s smart contract mechanisms, each department’s data is extended to the blockchain-based on a service-oriented architecture [29], while sensitive data is maintained on the blockchain [12].

Off-Chain Privacy-Preserving: Off-chain data preservation can improve data security, reducing the danger of privacy leaks to a particular level. This will ensure data security in the event of a leak or an attack while also increasing shared data integrity and controllability [30]. To re-establish data’s trustworthiness and controllability, each government department saves original data in a local database, while data sharing is kept in the network file system (NFS) after privacy processing. To get pre-shared data, the service provider pre-screens the obtained data in line with applicable laws, rules, and policies. A metadata information file is produced and saved in the network file system based on the comprehensive information included in the pre-shared data (including information like “data size, data acquisition time, and data digest”). The service provider then packages it as a service and publishes it to the blockchain via the client, creating a service directory. The service provider can handle pre-shared data in various ways depending on the data. The process and data sharing will be saved on the network file system, and a data digest will be generated for authentication purposes through shared data. This off-chain data storage technique ensures the security of processed data and mitigates hazards associated with knowledge asymmetry throughout the data exchange process.

A blockchain is a collection of documents, referred to as blocks, that are connected together via cryptography [30]. They utilize the equivalency verification procedure in the proposed formal technique to determine whether two systems are equal to one another according to some theoretically specified equivalence. For example, formal equivalence checking takes two systems and an equivalence relation as inputs, precisely two systems s1 and s2 and an equivalence relation x, and asks, “Is the model of s1 equivalent to the model of s2 with regard to x?”. The solution to this question is conditional on the equivalence relation x that is being considered. The suggested approach is intended to undertake a distributed verification of data passing over the hospital network [14]. This technology has been used previously to detect manipulated areas in medical photographs. It employed a block-based method, dividing the picture into eight 8-pixel chunks that were not overlapping. After dividing each block into four 4-pixel subblocks, a 9-bit watermark is formed. The watermark information is then inserted in the first nine pixels of each of the four 4-pixel subblocks’ least significant bits (LSBs). The changed areas are detected during tamper detection using a three-level hierarchical technique. Additionally, this approach creates the joint photographic experts’ group (JPEG) bit string for the specified area of interest (ROI) and then segments it into fixed-length segments. The approach divides the medical picture into chunks and calculates the hash bits for each block, omitting the block with the ROI [14]. Table 2 summarizes the suggested methods in the literature and their limitations.

The research in [31] proposed proxy re-encryption without bilinear mapping or pairing because of its costly operation. The suggested approach is unidirectional, key optimal, collision-proof, non-transitive, proxy visible, offers original access, and meets the temporary condition. Another challenge in this proposed blockchain-based architecture method is the BAN logic method, which is inapplicable directly to the medical field [3]. They use blockchain and cloud storage concepts to offer a safe platform for exchanging electronic medical data records.

The secret-sharing method is disseminated and shared amongst n secret-keeping shareholders [32]. To reinstate secret T, the hidden parts of secret T preserved by n shareholders must be accumulated to the required level. Assume that such Secret Sharing is reinstated for nefarious reasons in the external cloud without erasing the original data at the user’s request. In such instances, public encryption may result in an offline Brute force Attack against the same domain or in security risks that gradually decrypt the encryption using increased computer capabilities. Secret Sharing, in which the original data T is disseminated, has trouble recovering data if the distributed data samples do not gather enough data to meet the restoration threshold. Another challenge in implementing this secret sharing method is that it is not efficient in protecting private data when running in real-time [7]. In the upcoming work, the author aims to conduct extensive research using smart city services to distribute sharing algorithms that can convey safe, efficient privacy data in real-time and offer benefits in various sophisticated smart city applications.

Access control is another method of protecting data privacy and confidentiality in data sharing. However, access control management and system compatibility are fundamental challenges that must be addressed [33]. For example, the smart contract is an access control method and one of the most critical components in Blockchain technology, where data owners can define access control policies [34]. If large organizations with many workers or users utilize this strategy, it will be costly and impose significant computational overhead on the blockchain. Additionally, such systems cannot support attribute revocation, which enables the data owner to withdraw permissions for a set of users simultaneously.

In privacy-preserving, we found the potential challenges. This Off-Chain Block-Chain Systems (OCBS) model is challenged regarding interoperability, integration, and data standardization. The use of industry data format standards, such as “HL7 Fast Healthcare Interoperability Resources or the IEEE P2418.6 standard for Framework of Distributed Ledger Technology Use in Healthcare and the Life and Social Sciences”. Another challenge found in the Genomic data reference model of maintaining privacy while maintaining accuracy is the primary challenge with this methodology, owing to the massive file size of Whole Genome Sequenced (WGS) data [1]. The genomics data reference pattern is the highly dynamic and extensible model available. Additionally, the genomics reference pattern is created with the flexibility to evolve over time in response to evolving regulatory guidelines on genomes data. The genomics data reference model was created to maximize data sharing and transfer mediated by individuals, which is required given the tremendous significance of genome data in advancing precision medicine and public health challenges.

In the proxy re-encryption method using Key-aggregate cryptosystems, prior to implementing a public-key cryptosystem for safe data sharing and access control, it is critical to examine the overall length of time required for end-users to access the data. We found a challenge where the delay time increases when multiple users request the data simultaneously. This might also slow the application’s performance in retrieving the required data [9].

An off-chain privacy-preserving service was proposed for the SOC approach [12]. This is good for protecting the privacy and confidentiality of the data [35]. However, some challenges need to be considered, and further research is necessary on building data-sharing architectures, diversified data, smart contracts, and operational security. The suggested Service-On-Chain architecture can serve as a model for implementing Blockchain technology in government data sharing. The following two areas will be the focus of future development. For off-chain privacy preservation, the optimal parameters of the universal privacy-preserving model may be investigated using game theory to strike a balance between data availability and privacy preservation. The author will also research ways to enhance and deploy the scheme method on popular consortium blockchain frameworks, such as FISCO BCOS and Hyperledger Fabric.

The formal method using the equivalence checking process is to perform a distributed verification of data passing over the hospital network. It is offered to safeguard critical information on hospital networks. The suggested method makes use of tools for formal verification. When a host requests access to magnetic resonance pictures, each host that requests the same resource does an integrity check. Thus, the suggested technique guarantees that an attacker does not alter the received information. However, the challenge we found is that it has not been deployed in a real hospital network, so we would not know the success of this method yet [14]. Table 3 presents the summary of the existing methods and their key challenges.