JoWUA

Volume 16 - Issue 3

A Novel Hybrid Blockchain-ABAC Framework for Multi-Layered Access Control in Cloud-Based Healthcare Systems: Performance Optimization and Regulatory Compliance

B.J. Sunitha School of Computer Science and Engineering, Presidency University, Yelahanka, Bangalore, India.
sunithabj@presidencyuniversity.in 0009-0001-6198-1231
Dr. S. Saravana Kumar School of Computer Science and Engineering, Presidency University, Yelahanka, Bangalore, India.
saravanakumar.s@presidencyuniversity.in 0000-0001-5686-1000

DOI: 10.58346/JOWUA.2025.I3.011

Keywords: Blockchain Technology, ABAC, HDS, HER, Cloud Computing Security, MLAC, Smart Contracts, Ethereum Blockchain, AES Encryption, RSA Cryptography, HIPA, GDPR.

Abstract

Healthcare data management in cloud environments faces critical challenges in balancing security, privacy, operational efficiency, and regulatory compliance, as traditional access control mechanisms are inadequate for addressing the complex, multi-tenant, and dynamic nature of modern cloud infrastructures handling sensitive Electronic Health Records (EHRs). This paper introduces a novel hybrid framework that integrates Attribute-Based Access Control (ABAC) with Ethereum blockchain technology to establish a comprehensive multi-layered security architecture for cloud-based healthcare systems, combining advanced cryptographic techniques including double encryption using AES and RSA algorithms, Shamir's Secret Sharing for key management, smart contracts for automated policy enforcement, and multi-party computation protocols to ensure privacy preservation without compromising system performance. Extensive experimental evaluation conducted using 4,412 anonymized clinical records with 12 distinct attributes demonstrates exceptional efficiency with average record insertion time of 1.90 ms, retrieval time of 0.14 ms, blockchain mining time of 0.01 seconds, and hybrid architecture throughput of 562.94 records/second with 1.78 ms latency, significantly outperforming traditional centralized systems (337.17 rec/s, 2.97 ms) and pure blockchain implementations (3.37 rec/s, 296.98 ms). Security assessments reveal 100% operational reliability, 97.3% policy violation detection accuracy, 89% reduction in unauthorized access attempts, and comprehensive regulatory compliance with HIPAA (97%), GDPR (92%), ISO 27001 (94%), and SOC 2 (89%) standards, while maintaining optimized system resource utilization with CPU usage at 35.6%, memory at 48.0%, and network I/O at 34.1%. The framework addresses key limitations of existing approaches by providing seamless integration across multiple cloud layers, eliminating single points of failure, ensuring data immutability through distributed consensus mechanisms, maintaining comprehensive audit trails, and offering practical implications for healthcare organizations seeking secure, scalable, and compliant data sharing mechanisms in cloud-native environments, thereby contributing to the advancement of secure healthcare informatics by bridging the gap between theoretical access control models and practical implementation requirements in distributed cloud infrastructures.

Date

September 2025

Page Number

178-197