The field of medicine, both in the world and in Ukraine, has high risks and stakes, is characterized by the high cost of medical errors and the high dynamics of the course of diseases, insufficient information for doctors to make decisions under strict time constraints, therefore it needs constant changes through informatization and automation of routine processes, support medical decision-making. Exactly information technologies and clinical decision support systems will help minimize the likelihood of medical errors and provide effective care regardless of the burden on doctors. Information technology and clinical decision support systems are a key factor in the success of medical research and health care industry [1][2][3][4][5].
But when using medical information technologies and clinical decision support systems, the security of medical information and medical data should be taken seriously. The exchange of medical information and data, in accordance with the law on medical confidentiality, requires increased security requirements from medical organizations. Information and data used by health information technology and clinical decision support systems may be vulnerable to leakage and falsification during transmission, storage, and exchange. If medical information is stolen, deleted or distorted, it can pose a serious threat to the patient's life and health. Unauthorized access to patient medical records lead to a patient privacy's breach. Currently, in the used medical information technologies and clinical decision support systems, there is often a lack of transparency and the ability to check permission to access medical information, consent to make changes to medical information.
Therefore, the protection of the confidentiality of medical information and the safe medical data storage are decisive factors for the choice of medical information technologies and clinical decision support systems. It is blockchain technology that can help in the safe management of medical information and data, in ensuring the trust of the medical community, scientists and pharmacists in medical information technology and clinical decision support systems, as well as in improving the quality of healthcare data management.
Blockchain is a chain of blocks, each of which contains certain information that can be viewed, but cannot be changed by any user [6]. The new block refers to previous block, thus creating a chaineach block is connected to previous and next block. The rigid connection of blocks excludes the possibility of inserting any data between two other blocks and/or changing the block [7].
A series of events must occur before a block of new information is written to the chain. First of all is verification. Unlike classic transactions, transactions in the blockchain are approved by a computer network of thousands and even millions of machines around the world. Second, after verification, the information is sent to block with the time, date, digital signature of both parties and amount. And, finally, the block receives a unique identification code, as well as the hash of the previous added to the chain packet. Only after such hashing block with new information can be added to blockchain [8].
In this way, the blockchain is protected from unauthorized changes, and this is one of its main advantagesimmutability. Since the possibility of hacking by attackers is eliminated, a reliable transaction ledger is created that network participants can trust. The key to the security of the technology is that all network users are notified of any changes [9].
By joining the blockchain network, the user can be sure that he will always receive reliable and timely information, and that his private blockchain records are only accessible to the network members he chooses. A transaction requires the agreement of all participants on the accuracy of the data, and records about all verified transactions are immutableno one, not even a system administrator, can delete a transaction [10].
So, blockchain is changing the way of storage and share of medical information by decentralizing medical information, increasing the security, efficiency and transparency of information sharing. Ensuring secure management of medical information based on blockchain technologies is currently an actual task for Ukraine.
Let's conduct the state-of-the-art on known blockchain-based systems for secure management of medical information. We are interested in whether the known blockchain-based systems provide an evaluation of the medical information's sufficiency (such as the presence of all the necessary information elements for entering information into the blockchain) before its entering into the blockchaincriterion 1, whether they perform the entering information into the blockchaincriterion 2, or whether they perform the obtaining information from blockchaincriterion 3, whether they allow to evaluate the reputation of a health care institution (as a blockchain miner)criterion 4.
The results of the state-of-the-art on known blockchain-based systems for secure management of medical information are presented in Table 1.
Known blockchain-based systems for secure management of medical information Known blockchain-based systems Criteria for the known blockchain-based systems 1 2 3 4 The cloud architecture of blockchain-based intelligent agents based on convolutional neural networks for increasing the indicators of medical data [11] no yes yes no
A system in which the blockchain consortium is the middleware and the medical facilities are the nodes of the platform [12] no yes no yes Three-level medical data management system based on blockchain technologies [13] no yes yes no Architecture of medical data access control based on blockchain [14] no yes no no Scheme for sharing electronic medical records based on hybrid blockchain architecture [15] no yes yes no DynamiChain network service for the healthcare industry [16] no yes yes no SPChain blockchain network for supporting the patients and medical institutions [17] no yes yes no Methodology and information technology of evaluating the sufficiency of information [18][19][20] yes no no no
Ontology-based intelligent agent for determination of sufficiency of information [21,22] yes no no no HerBChain -a blockchain-based informative platform for herbal products' assurance and control [23] no yes yes no Blockchain-based auditable access control system for IoT environments' private data security [24] no yes yes no Blockchain-based medical prescription system [25] no yes yes no HapiChain: A Blockchain-based framework for patient-centric telemedicine [26] no yes yes yes MedBlock: blockchain-based information management system for handling the patients' information [27] no yes yes no Blockchain-based distributed democratized electronic medical record sharing platform [28] no yes yes no Blockchain-supported architectural framework for control of health personal data security [29] no yes yes no Blockchain-based architecture for the international health record exchange platform [30] no yes yes no
Blockchain-based e-Health framework for processing the patient medical records [31] no yes yes yes HealthChain: secure blockchain-based system for healthcare data management [32] no yes yes yes MEXchange: a privacy-preserving framework for exchange of health information using the blockchain [33] no yes yes no
IoT-based and blockchain-based management system for medication adherence [34] no yes yes no ACTION-EHR: blockchain-based patient-centric management system for electronic health record data [35] no yes yes no
MedChain: system for management of medical records access and permissions using the blokchain [36] no yes yes yes Blockchain-based FHIRChain architecture using digital health identities to authenticate participants [37] no yes yes no eHealthChain: blockchain-based management system for personal health information and health data from medical IoT devices and its applications [38] no yes yes no Blockchain-based communication system for healthcare domain using patient-centric approach [39] no yes yes no SmartMedChain: blockchain-based smart framework for healthcare domain [40] no yes yes yes Blockchain-based healthcare system using artificial intelligence [41] no yes yes no Blockchain-based counterfeit medicine authentication system [42] no yes yes no Blockchain-based methods of management of medical data [2] yes yes yes no
Decision support system for medical field considering legal grounds [1,3] yes no no no
The state-of-the-art on analyzed blockchain-based systems for secure management of medical information, conducted in this chapter, showed that none of the analyzed solutions satisfies all 4 combined necessary criteria. Therefore, the design and implementation of a blockchain-based system for the secure management of medical information, which would satisfy all the necessary criteria at the same time, is the goal of our study.
For solving the complex problems, multi-agent systems are often used, which consist of a set of agents that perform separate functions and interact with other agents. Multi-agent system is a system formed by several interacting agents. Multi-agent systems are used to solve problems that are difficult or impossible to solve with a single agent or a monolithic system. Agents of a multi-agent system must have the following important characteristics: autonomyagents, at least partially, are independent; limited representation (view) -none of the agents has an idea about the entire system, or the system is too complex for the knowledge about it to be of practical use to the agent; decentralizationthere are no agents managing the entire system. The agents of a multi-agent system exchange the acquired knowledge, obeying the established rules of "communication" (protocols) in the system.
The advantages of multi-agent systems are the relative simplicity of developing individual agents, interoperability, which allows adding new agents to the system as needed (including those developed by independent developers), high adaptability.
Since the designed blockchain-based system for secure management of medical information must solve three independent problems (evaluating the medical information's sufficiency, entering the information in blockchain and obtaining the information from blockchain, and evaluating the reputation of the health care institution), which are difficult to solve with a monolithic system. When solving them, information and data will be exchanged. That is, there will be interaction, it was decided to develop the blockchain-based system for secure management of medical information as a multi-agent systemagents of such system (for evaluating the medical information's sufficiency, for entering the information in blockchain and obtaining the information from blockchain, and for evaluating the reputation of the health care institution) are independent, autonomy and decentralized, and have limited representation.
The structure of the blockchain-based multi-agent system for secure management of medical information is presented in Fig. 1.
So, our blockchain-based multi-agent system for secure management of medical information consists of 3 agents. The work begins with the fact that blocks of medical information, which consist of records, each of which, in turn, consists of the 3 elements -"type of information" (analyses, fingerprints, etc.), "time of information (when the information was obtained), quality of information (the validity period and relevance of information) are entered into the cloud environment. Before recording any medical information in the blockchain, the medical information must be assessed for its sufficiencyfor this purpose, it is submitted to the input of the agent for evaluating the medical information's sufficiency. Such an agent analyzes each of the N records of each block for the presence in each record of the elements "type of information", "time of information", "quality of information", and also counts the number of available elements in the block. Based on the received data, the calculation of the quantitative assessment of the medical information's sufficiency in the block is performedby dividing the number of available elements in the block by 3*N. If the medical information's sufficiency assessment for the block is 1, then the information in the block is enough and it can be entered into the appropriate blockchain block, otherwise, if the medical information's sufficiency assessment for the block is less than 1, then the information in the block is not enough, so it is necessary to add the medical information and repeat verification of its sufficiency.
If the information is enough and can be entered into the blockchain block, then the information is transferred to the agent for entering the information in blockchain and obtaining the information from blockchain. For entering information into the blockchain, it is anonymized and encrypted, keys are sent, and a message about entering information is generated. If not all instances of the register match, then a refusal to write information to the blockchain is generated, otherwise a decision is made about the possibility of adding medical information to the blockchain, after which the information is checked by validators, and a service transaction is generated. If not all information has passed the verification, then a refusal to write information to the blockchain is generated, otherwise the information is entered into the blockchain.
The agent for entering the information in blockchain and obtaining the information from blockchain is also responsible for issuing the information. If it is necessary to obtain information from the blockchain, then a request to the validators is generated, the request is added by the validators, and the validators notify the custodians that the keys should be provided. If permission is received, information is issued.
The third agent of the blockchain-based multi-agent system for secure management of medical information is the agent for evaluating the reputation of the health care institution. Reputation is an important indicator because blocks are recorded by verified validators who are moderators of the system. Exactly for determining such validators the reputation is valuable, because the blockchain chooses a validator, which will record the next block, based on exactly reputation (the better the reputation, the greater the chance of creating the next block). So, the scientific novelty of this paper is the developed blockchain-based multi-agent system for secure management of medical information, which evaluates the sufficiency of medical information before recording it in the blockchain (the agent for evaluating the sufficiency of medical information), entering the information in blockchain and obtaining the information from blockchain (the agent for entering the information in blockchain and obtaining the information from blockchain), evaluating the reputation of a health care institution as a blockchain miner (the agent for evaluating the reputation of a health care institution). Thus, the developed system satisfies all 4 specified necessary criteria in a complex.
Let's consider examples of the work of the proposed blockchain-based multi-agent system for secure management of medical information.
To implement the blockchain-based multi-agent system for secure management of medical information in the form of a web service, the PHP programming language and the Symfony framework with the MVC architecture were used.
For the first example, medical cards of the outpatients of the medical clinic of Ozerna microdistrict (Khmelnytskyi, Ukraine) were used. The medical information for the first example is divided into 10 blocks, each of which consists of 20 records. The work begins with the fact that blocks of medical information are entered into the cloud environment. Before recording any medical information in the blockchain, the medical information must be assessed for its sufficiencyfor this purpose, it is submitted to the input of the agent for evaluating the medical information's sufficiency. Such an agent analyzed each of the 20 records of each of the 10 blocks for the presence in each record of the elements "type of information", "time of information", "quality of information", and also counted the number of available elements in the block (so, each block consists of 60 elements). The result of the analysis and calculation performed by the agent is represented in Table 2 (rows 2 and 3).
Since the second, third, fourth, seventh, and ninth blocks have medical information's sufficiency assessment is 1, the information in these blocks is enough and it can be entered into the corresponding blocks of the blockchain. Since for the first, fifth, sixth, eighth, tenth blocks, the medical information's sufficiency assessment is less than 1, the information in these blocks is not enough, so it is necessary to add the medical information of these blocks and recheck its sufficiency.
After adding the corresponding five blocks with information, the information was again evaluated for its sufficiencyfor this purpose, it was again submitted to the input of the agent for evaluating the medical information's sufficiency. The result of such analysis is represented in Table 2 too (rows 4 and 5). Since the medical information's sufficiency assessment is 1 for the first, fifth, sixth, and tenth blocks, the information in these blocks is enough and it can be entered into the corresponding blocks of the blockchain. Since the medical information's sufficiency assessment for the fifth block is still less than 1, the information in this block is still enough, so it is necessary to add the medical information in this block and recheck its sufficiency.
After adding the corresponding block with information, the information was again evaluated for its sufficiencyfor this purpose, it was again submitted to the input of the agent for evaluating the medical information's sufficiency. The result of such analysis is represented in Table 2 too (rows 6 and 7). Since the assessment of the medical information's sufficiency for the eighth block is 1, the information in this block is enough and can be entered into the corresponding block of the blockchain.
The result of the analysis and calculation performed by the agent for evaluating the medical information's sufficiency for Example
So, now all 10 blocks of medical information are ready to be entered into the blockchain. The information is transferred to the agent for entering the information in blockchain and obtaining the information from blockchain. For enter information into the blockchain, it is anonymized and encrypted, keys are sent, and a message about entering information is generated. Since all instances of the register match, a decision was made about the possibility of adding medical information to the blockchain, after which the information was checked by validators, and a service transaction was generated. Since all the information passed the check, the information was entered into the blockchain.
For the second example, laboratory data of visitors to the laboratory of the medical clinic of Ozerna microdistrict (Khmelnytskyi, Ukraine) were used. The medical information for the second example is divided into 7 blocks, each of which consists of 12 records. The work begins with the fact that blocks of medical information are entered into the cloud environment. Before recording any medical information in the blockchain, the medical information must be assessed for its sufficiencyfor this purpose, it is submitted to the input of the agent for evaluating the medical information's sufficiency. Such an agent analyzed each of the 12 records of each of the 7 blocks for the presence in each record of the elements "type of information", "time of information", "quality of information", and also counted the number of elements present in the block (so, each block consists of 36 elements). The result of the analysis and calculation performed by the agent is represented in Table 3 (rows 2 and 3).
Since for all seven blocks the quantitative assessments of the medical information's sufficiency are less than 1, the information in these blocks is not enough, so it is necessary to add the medical information of these blocks and recheck its sufficiency.
After adding the blocks with information, the information was again evaluated for its sufficiencyfor this purpose, it was again submitted to the input of the agent for evaluating the medical information's sufficiency. The result of such analysis is represented in Table 3 too (rows 4 and 5). Since the assessment of the medical information's sufficiency is 1 for the fourth, fifth, sixth and seventh blocks, the information in these blocks is enough and it can be entered into the corresponding blocks of the blockchain. Since for the first, second and third blocks, the assessment of the medical information's sufficiency is still less than 1, the information in these blocks is still enough, so it is necessary to add the medical information in these blocks and recheck its sufficiency. However, the health care institution, after analyzing the findings, decided to upload medical information to the blockchain without further adding.
The result of the analysis and calculation performed by the agent for evaluating the medical information's sufficiency for Example So, all 7 blocks of medical information were transferred to the agent for entering the information in blockchain and obtaining the information from blockchain. For entering information into the blockchain, it is anonymized and encrypted, keys are sent, and a message about entering information is generated. Since all instances of the register match, a decision was made about the possibility of adding medical information to the blockchain. Further, the information was checked by validators, and a service transaction was generated. Since not all information passed the verification, as a result, a refusal to write information to the blockchain was generated.
The aim of the considered examples is demonstration of the functioning of the proposed blockchain-based multi-agent system for secure management of medical information, and demonstration of the advantages of the proposed system. Accordingly, the considered examples showed that the proposed system can significantly increase the security of medical information management, medical information storage and medical information exchange, increase the protection of confidentiality of medical information, thereby increasing the trust of the medical community in medical information technologies and in clinical decision support systems.
As conducted in Chapter2 analysis showed, none of the analyzed solutions satisfies all 4 combined necessary criteria (evaluation of the medical information's sufficiency, entering information into the blockchain, obtaining information from blockchain, evaluation of the reputation of a health care institution (as a blockchain miner)). Instead we proposed solution, which satisfies all 4 specified necessary criteria in a complex: as the examples confirmed our system evaluates the sufficiency of medical information before recording it in the blockchain, entering the information in blockchain and obtaining the information from blockchain, evaluating the reputation of a health care institution as a blockchain miner.
Blockchain is changing the way of storage and share of medical information by increasing the security, efficiency and transparency of medical information sharing, decentralizing the medical information. Ensuring secure management of medical information on the basis of the blockchain technologies is an actual and currently task for Ukraine.
The state-of-the-art on known blockchain-based systems for secure management of medical information, conducted in this paper, showed that none of the analyzed solutions satisfies all 4 combined necessary criteria. Therefore, design and implementation of a blockchain-based system for the secure management of medical information, which would satisfy all the necessary criteria at the same time, is the goal of our study.
Since the designed blockchain-based system for secure management of medical information must perform four separate functions, when performing them, information and data will be exchanged, that is, there will be interaction, it was decided to develop the blockchain-based system for secure management of medical information as a multi-agent system.
So, the scientific novelty of this paper is the developed blockchain-based multi-agent system for secure management of medical information, which evaluates the sufficiency of medical information before recording it in the blockchain (the agent for evaluating the sufficiency of medical information), entering the information in blockchain and obtaining the information from blockchain (the agent for entering the information in blockchain and obtaining the information from blockchain), evaluating the reputation of a health care institution as a blockchain miner (the agent for evaluating the reputation of a health care institution). Thus, the developed system satisfies all 4 specified necessary criteria in a complex.
The considered examples of the work of proposed blockchain-based multi-agent system for secure management of medical information showed that the proposed system can significantly increase the security of medical information management, medical information storage and medical information exchange, increase the protection of confidentiality of medical information, thereby increasing the trust of the medical community in medical information technologies and in clinical decision support systems.