Page 346 - Special Topic Session (STS) - Volume 4
P. 346
STS1080 Asma A. et al.
different levels of control to diverse range of users. This is only possible with
a permissioned framework like Hyperledger fabric. Unlike Ethereum,
Hyperledger allows nodes to have different roles within the blockchain. Nodes
can be restricted on read, create, update and delete rights. Even though
“delete” rights are offered to different nodes, no data is deleted on Fabric. A
delete on Hyperledger is a transaction which simply marks certain data as
“deleted”. Moreover, we have used Hyperledger composer which is a
development toolset to develop business networks. Hyperledger Composer
has a UI for configuring, testing and deploying the business networks called
“Playground” which is the main tool being used for implementation.
Playground allows developers to simulate business networks by utilising assets
(goods or services that are stored in the blockchain); participants (members of
the blockchain) and transactions (methods which participants interact with
assets). In order to discover whether blockchain should be adopted in the
industry, it must solve the key issues related to security, regulation compliance,
scalability and flexibility. In term of security, the blockchain platform must be
able to implement integrity, confidentiality and availability of the data. In order
to test whether the healthcare industry can utilise blockchain; the business
network must take steps to comply with the GDPR as much as possible.
1.5. Test approach and scenario
Hyperledger composer offers 3 different types of tests for blockchain
applications: interactive test, automated unit tests and automated system
tests. This business network will be using interactive tests to assess whether
the scenarios could be implemented into blockchain. As well as scenarios,
interactive tests will be used to check validation, verification, permissions and
the overall performance of the blockchain..
To test the blockchain environment, the following scenarios have been
designed:
Scenario 1- Basic scenario : This scenario tests the different access
control between a standard user and specified member of the blockchain
(patients, medical institutions or medical practitioners). Specified member will
be able to view data on the blockchain whereas a standard user will have no
access. Further to this, this scenario will confirm the use of a strong hashing
function and the concept of a shared ledger. The patient and the medical
practitioner should have a copy of the same transaction.
Scenario 2 - Permissioned Scenario: This scenario tests the level of
permissions utilised on Hyperledger regarding create, read, update and delete
operations. The goal of this scenario is to explore whether Hyperledger’s
permissions could be used to restrict different types of participants to ensure
an extra layer of security and minimise the number of security threats.
Scenario 3 - Purging data Scenario: To be GDPR/HIPPA compliant
patients must have complete control over their EHRs, this includes both giving
335 | I S I W S C 2 0 1 9