Authors:
Anthony Stell
;
Vedant Chauhan
and
Richard Sinnott
Affiliation:
School of Computing and Information Systems, University of Melbourne, Melbourne, Victoria, Australia
Keyword(s):
Adrenal Cancer Registry, Clinical Process Audit, Blockchain.
Abstract:
This paper describes the use of blockchain technology to ensure the integrity of data logs for a clinical registry, providing a technological means for a secure audit of that registry. The characteristics of a secure audit – tamper-resistance, verifiability, searchability and privacy – are described in their application to this registry, then an evaluation is performed detailing the use of blockchain to achieve these audit goals. The clinical registry tested – supporting ENSAT (the European Network for the Study of Adrenal Tumors) – is a production repository of clinical, phenotypic and genetic information about patients with adrenal cancer, a rare but often serious condition that affects approximately 1 in 600,000 of the world population. The registry is implemented using a standard n-tier web application, with a MySQL database back-end, and Java/JSP business logic and user interface. The information contributing to the full audit of data and usage of the registry, is captured in th
e application log-files, which are stored in two “mirrored” formats: ASCII text files compiled through the Java log4j project and in a MongoDB NoSQL database. Following a discussion of the relevant supporting features, the fully implemented solution – a private blockchain known as “ensatChain” – is evaluated for overall security, using the Microsoft “STRIDE” threat model.
(More)