The traditional centralized storage of traditional electronic medical records (EMRs) faces problems like data leakage, data loss, and EMR misplacement. The current protection measures for patients’ privacy in EMRs cannot withstand the fast-developing password cracking technologies and frequency cyberattacks. This paper intends to innovate the information sharing and privacy protection of electronic nursing records (ENRs) management system. Specifically, the signature interception technology was introduced to EMRs, the different phases of certificateless signature interception scheme were depicted, and the validation procedures of the scheme were designed. Then, the six phases of ENR information sharing protocol based on alliance blockchain were described in detail. Finally, an end-to-end memory neural network was constructed for ENR classification. The proposed management scheme was proved effective through experiments.

1. Introduction

With the development of medical technology, major hospitals have begun to record patients’ personal health information in electronic medical records (EMRs) and connect the EMRs to the Internet. The EMRs store a lot of private information about patients’ personal health, such as diagnosis and medication, and face a high risk of information leakage. Traditionally, the EMRs are stored in a centralized manner. The centralized storage makes it hard to share patients’ personal health information and increases the proneness to cyberattacks. The resulting problems include data leakage, data loss, and EMR misplacement [13]. A series of security threats arise for EMR information. Therefore, the security of EMR usage is an urgent problem to be solved in the sharing and storage of medical information. In recent years, blockchain and cloud storage gradually enter the medical field. Many EMR storage systems no longer give patients the full control of health information [4, 5]. However, there are still some malicious behaviors in cloud servers, and the security management of EMRs in cloud storage poses an urgent problem to be solved.

Traditional EMR sharing platforms lack effective privacy protection schemes [68]. Xanthidis and Xanthidou [9] designed an error-correcting code hash function and constructed an anonymization algorithm for privacy protection, which effectively controls the access rights of other users, while ensuring the safe sharing of data between patients and doctors. Ma et al. [10] proposed an authentication mechanism and authorized access mechanism for the users who make access requests and effectively solved the patients’ control of EMR data and the authorized access to EMR data.

EMRs need to be shared and transmitted in different formats from traditional structured data, because they contain lots of contents about the health and privacy of patients [1113]. Responding to the classification and protection requirements of privacy-sensitive information in EMRs, Blondon and Ehrler [14] proposed a recognition and classification algorithm for medical terms that represent patient health-sensitive information in EMR texts and performed selective encryption and confidential search of the recognized words. Kim et al. [15] constructed an EMR management system based on the browser/server (B/S) architecture. The system realizes various functions: batch entry of massive medical records, multicondition query of complex EMRs, standard full-text query, and classified statistical analysis on EMRs of different years and types, providing support to the information sharing of EMRs.

The design of the consensus mechanism is the key to ensure the security of medical data in the EMR management system [1618]. Kawser and Nyeem [19] proposed a dynamic mode Byzantine fault-tolerant (DMBFT) consensus mechanism, which applies aggregate signatures to the consensus process and optimizes the single mode of the consensus mechanism to a dynamic mode. In this way, the efficiency of signature verification is effectively improved.

The previous studies have presented solutions to the access control, storage system design, and information sharing from different angles [2026]. However, their protection measures for patient privacy cannot cope with the fast-developing password cracking technologies and frequent cyberattacks. To solve the problems, this paper takes electronic nursing records (ENRs), which involves many people, for example, and tries to innovate the information sharing and privacy protection of ENR management system. The main contents of this research are as follows: (1)The signature interception technology was introduced to EMRs, the different phases of certificateless signature interception scheme were depicted, and the validation procedures of the scheme were designed.(2)The six phases of ENR information sharing protocol based on alliance blockchain were described in detail.(3)An end-to-end memory neural network was constructed for ENR classification, which satisfies the classified protection of private information in the records. The proposed management scheme was proved effective through experiments.

2. Certificateless Signature Interception Scheme for ENRs

As an important part of medical big data, EMRs involve a lot of private information of patients, which should be protected according to laws. Compared with EMRs, ENRs involve a lot of people, including the responsible doctors, as well as the responsible nurses in different shifts. To conceal the sensitive parts of EMRs and protect the privacy of patients (e.g., basic information, type of disease, and state of disease), this paper applies the signature interception scheme to the information confirmation in the ENR scenario in Figure 1, laying the basis for blockchain-based ENR information sharing and security management.

2.1. Phase Description

Based on the certificateless public key cryptosystem, this paper designs an efficient certificateless signature interception scheme, which consists of eight phases:Phase 1: management system initialization. Let STi be the serial number STi of identity authentication for patient Vi. The management system can be initialized in the following steps:Step 1: the key generation center randomly selects an l-bit prime number , creating a set {G, R/G, H1, O}, where G is a finite field; R/G is an elliptic curve on G; H1 is the additive group; is the order; O is the generator.Step 2: randomly select eC as the primary key, and compute the public key of the system by formula OSPK = e·O.Step 3: select five independent collision-proof hash functions F0, F1, F2, F3 and F4:Step 4: the key generation center publicizes system parameter SP = {G, R/G, H1, O, OSPK, F0, F1, F2, F3, F4}, and stores it secretly to prevent anyone from illegally acquiring the master key e.Phase 2: setting secret value. Select a random number aiC as the secret value of Vi. Make Oi = aiO the public key of Vi, and transmit it to the key generation center.Phase 3: partial generation of keys. This phase mainly includes the following two steps:Step 1: the key generation center randomly selects siC , and computes part of the public key Si=siOStep 2: the key generation center computes f0 = F0 (STi, Si, Oi), and ci=si+s·h0i, and secretly transmits part of the private key Ci = (ci, Si) to patient ViPhase 4: setting private key. Upon receiving the iCi from the key generation center, patient Vi firstly verifies the equation ci·O = Si + F0(STi, Si, Oi)OSPK. If the equation holds, Vi configures the entire private key PRi = (Ci, ai). If the equation does not hold, terminate the algorithm.Phase 5: setting public key. Patient Vi configures his/her entire public key GRi = (Si, Oi).Phase 6: signature generation. To sign his/her name on ENR information N = {nl, n2,…,nm}, patient Vi needs to go through the following four steps:Step 1: first, calculate the hash value fi1 = F1(ni||CIA) of each subsegment ni (i∈[l, nm]) in N of the content interception and access (CIA) structure. Then, cascade fi1 subsegments by the serial number i from 1 to m, producing the hashed value N'=F2·(F1 (n1||CIA)·F1 (n2||CIA),…,F1 (nm||CIA)).Step 2: randomly select biC , and compute Bi = biO.Step 3: compute i=F3 (N′, STi, Bi, Si), and τi=F4 (N′, STi, Bi, Oi).Step 4: compute εi = bi − (τi·ai + i·ci) mod. If εi = 0, return to Step 1; otherwise, generate the global signature εG = (CIA, εi, Bi).Phase 7: signature interception. The interceptor should intercept the global signature εG after the signature passes the validity test. Through signature generation, compute the total hashed value N′, hash value i=F3 (N′, STi, Bi, Si), and τi=F4(N′, STi, Bi, Oi). Next, verify if εiO = Bi-τi·Oi-i(Si + F0(STi, Si, Oi)OSPK) holds. If not, terminate the operation; if yes, move on to the following operations:Step 1: intercept subset SUBCIA(N) according to the CIA structure.Step 2: generate the intercepted information N = {} based on N = {nl, n2,…,nm} and SUBCIA(). For each intercepted subsegment i ∈ SUBCIA(), make  = ni; for each un-intercepted subsegment, replace it with  = F1(ni||CIA).Step 3: segment signature εI = (CIA, SUBCIA(), εi, Bi) for .Phase 8: signature verification. The verifier should verify the intercepted signature εI in the following three steps:Step 1: judge if CIA belongs to SUBCIA(). If not, terminate the algorithm; if yes, move on to the next operation.Step 2: restore the total hash value N′ from the segmented subset SUBCIA() and segmented information . If i belongs to SUBCIA(), then restore with hash value F1(ni||CIA), where ni = ; otherwise, keep the original location . After that compute N'=F2·(F1(n1||CIA)·F1(n2||CIA),…,F1(nm||CIA)).Step 3: calculate =F3(N′, STi, Bi, Si) and τi=F4(N′, STi, Bi, Oi) by interceptable signature generation algorithm, and check if εiO = Bi-τiOi −  (Si + F0(STi, Si, Oi)OSPK) is valid. If yes, εI is valid; otherwise, εI is invalid.

2.2. Scheme Verification

This paper verifies the correctness of the proposed certificateless signature interception scheme. The first is to ensure the consistency between the hashed value N′ produced in signature generation and the value N′ restored in signature verification. Each subsegment of signature generation information N can be replaced by

Each subsegment of signature verification information can be restored by

Formulas (2) and (3) show that the subsegment values of both N and are F1(ni||CIA). Therefore, signature verification and signature generation should have the same total hashed value N’.

The next is to verify the correctness of the equation. Since i=F3(N′, STi, Bi, Si), τi=F4(N′, STi, Bi, Oi), Bi = biO, Oi = aiO, Si = siO, and OSPK = eO, the equation can be verified through the following derivation:

The proposed certificateless signature interception scheme was proved correct through the above two steps.

3. Blockchain-Based Information Sharing and Privacy Protection

Figure 2 shows the structure of the ENR management system, which includes MMSAC, different types of users, cloud storage, consensus node, and blockchain ledger. Traditionally, the data sharing of ENR management system depends too much on the centralized mechanism. To solve the problem, this paper proposes an ENR information sharing protocol based on alliance blockchain. The protocol contains a total of six phases.Phase 1: system initialization. Similar to the preceding section, the system administrator needs to initialize the system in the following steps:Step 1: let be a large prime number. The system administrator chooses an elliptic curve on a finite field. The order formed by the points on the curve is denoted as , and the additive group with the generator O is denoted as H1.Step 2: the system administrator selects eC as the master key MK, and computes OSPK = e·O as the public key of the system.Step 3: the system administrator chooses hash functions F0, F1, F2, F3, and F4:Step 4: the system administrator publicizes system parameter SP = {G, R/G, H1, O, OSPK, F0, F1, F2, F3, F4}, and stores the master key e secretly.Phase 2: system registration. The system is registered in three steps:Step 1: the ENR creator registers at the system administrator:(a)The ENR creator (doctor or nurse) selects a random number acC as its secret value, computes Oc = ac`O, and transmits its identity STc and part of the public key Oc to the system administrator, as a preparatory work of registration.(b)Upon receiving the STc and Oc from the ENR creator, the system administrator randomly selects ecC , computes Sc = sc·Ofc = F0(STi, Si, Oi), and ci=si+e·fc, and securely transmits part of the private key CRc = (cc, Sc) to the ENR creator.(c)The ENR creator verifies if ccO=Sc + F0(STc, Sc, Oc)OSPK is valid. If yes, configure the private key PUc= (CRc, ac) and the public key GUc= (Sc, Oc).Step 2: the patient registers at the system administrator. The patient selects a random number aC , configures the private key PU=a, and computes the public key GU=aO. Then, he/she transmits his/her identity ST and public key GU to MMSAC via safe channels.Step 3: the patient registers at MMSAC. MMSAC authenticates the identity and role of the patient and issues a real-name registration certificate to the patient RNRC = (ST, GU, SIPU), where SIPU is the signature set by MMSAC for the public key ST of the patient, using its own private key. Figure 3 shows the registration flow of the ENR management system.Phase 3: ENR creation. This paper signs ENRs following the certificateless signature interception scheme. The ENR creator needs to execute the following operations:Step 1: compute the hash values F1(ni||CIA) of the ten subsegments ni(i∈ [1, 11]) of the patient (e.g., name, gender, age, contact number, identity card number, condition description, medical history, diagnosis, treatment and medication, imaging data, and nursing conditions). Then, cascade the ni subsegments by the serial number i from 1 to m, producing the hashed valueStep 2: randomly select bcC∗w, and compute Bc = bc`O.Step 3: compute i=F3(N′, STi, Bi, Si), and τi=F4(N′, STi, Bi, Oi).Step 4: compute εc = bc − (τc·ac + c·cc) mod . If εc = 0, return to Step 1; otherwise, generate the global signature εG = (CIA, εc, Bc).The ENR creator selects a random number lC∗w as his/her symmetric key SLc = l, and uses SLc = l to encrypt the original EMR N, identity information STc, hash value fN = F1(ni||CIA), the global signature εG of N, CIA, and timestamp τ. Then, the patient’s public key GUo is used to encrypt SLc. Finally, the patient will receive ciphertexts:Phase 4: ENR storage. After receiving the info from the ENR creator, the patient decrypts the ciphertext RGUo(Lc) with the private key PUo to obtain SLc. Then, the patient solves EMR information N based on SLc. Finally, the patient verifies the ENR signature. There are two specific steps in this phase:Step 1: compute fN∗ = F1(ni||CIA), and verify if fN∗ is consistent with fN. If yes, ENR N is highly secure and not tampered.Step 2: compute N′, c and τc through the signature generation operations in ENR creation phase, and verify if εcO = Bc − τcOc − c(Sc + F0(STc, Sc, Oc)OSPK) holds. If yes, global signature εG is the valid signature of the recognized doctor or nurse.If the signature fails one of the two steps, the patient will communicate with the doctor and nurse participating in nursing care. If the signature passes both steps, the patient will hide his/her sensitive information in his/her ENR, according to his/her use needs, and the CIA structure provided by the doctor and nurse.The huge amount of intercepted data, intercepted signatures, and hash values of ENRs are encrypted by formula (8) and then stored in the cloud:whereFigure 4 explains the creation and storage flow of ENR.Phase 5: ENR issuance. Let CT and τ be the position and timestamp of the encrypted ENR data of the patient being stored in the cloud, respectively. The cyphertexts of CT and τ and other transaction data TD (e.g., hash values and signatures) are attached to the deployed chain code, which contains the access control list (ACL) and algebraic logic function (ALF), and the chain code is then broadcasted across the network. Let TPoi be the patient’s alias for transaction, and let HD be the anonymous transaction certificate. The issuance process can be described bywhereIn the blockchain, each transaction initiated by a node carries a signature, which the node signs to verify the validity of the transaction. With the growing transaction volume, the consensus efficiency will be dragged down, if each transaction is verified one by one. To speed up transaction authentication, this paper applies the consensus algorithm in Figure 5 to consensus-making and adopts a more suitable aggregate signature scheme.Phase 6: ENR sharing. In a channel, if another user wants to access the ENR of patient O, the access control and effective sharing of the relevant data can be realized by calling the transaction chain code deployed by consensus node for patient O. This phase requires three operations:Step 1: the other user sends a nursing data access request AC, including the object ST, purpose VP, and visit time VT, to the management system:Step 2: after consensus node receives the access request, the chain code CCo verifies whether the identity ST of the requestor exists in the ACL preset by patient STo. If not, the requestor is not authenticated by the patient. Then, CCo refuse to execute any operation and send a rejection notice to the requestor. If yes, CCo will start to execute the corresponding ALF. First, compute the storage location index CT of the shareable metadata of patient O according to his/her alias private key PUTPo. Then, encrypt the CT based on the public key GU of the requestor V. Finally, return the ciphertext (13) to the requestor :Step 3: upon receiving the ciphertext, the requestor V decrypts the information with his/her private key, producing the storage location index CT of the ENR in the cloud, and further acquires the relevant data.Through ENT sharing, the requestor can obtain the data object CD by inputting the storage location index CT. To judge if the EMR of patient O is complete and effective, it is necessary to verify the consistency between fN∗ and fN in CD and then examine if fN∗ equals the hash value of the intercepted EMR N’. Figure 6 explains the flow of ENR sharing.

4. ENR Classification Based on End-to-End Memory Neural Network

This paper mainly deals with the information sharing and privacy protection of ENRs. Some ENRs involve multiple reviewers and signers. If these ENRs are classified reasonably, the ENR management system will be more efficient. To this end, this paper introduces an end-to-end memory neural network and selects the MemN2N architecture for the learning model. The network can accept semistructured and nonstructured data, including medical terms and medical texts and classify ENR information through correlation analysis.

The end-to-end memory neural network receives the basic information entry A = {a1, a2,…,am} of the ENR to be classified. Passing through word vector matrices Q and W, A can be transformed into an input memory unit (13) and an output memory unit (14):

Let X and Y be the number of medical terms and the dimension of the corresponding word vectors in the entire ENR dataset, respectively. Then, Q and W are XY-dimensional matrices obeying Gaussian distribution. During neural network training, the vector of each class approximates the effective representation of the medical terms in that class, along with the gradual update of gradient descent algorithm. In this process, the basic information of each ENR class being inputted can be expressed as a matrix of memory units.

For embedded representation of the ENR, a word vector matrix PX∗Y was defined, which also obeys Gaussian distribution. Every medical term in the ENR was mapped into a word vector. Then, the word vectors were added up directly into a sentence vector:

Based on the input memory unit {βi} of each ENR class and the embedded representation γ of the ENR, the correlation between each ENR class and ENR can be computed by the Softmax function:

The Softmax function can be defined as

The output memory unit {αi} corresponding to each ENR class was adopted to compute the weighted embedded representation of each ENR based on ωi:

Let E be the dimension of the word vector for each medical term, i.e., the dimension of the final vector for each ENR class; let Z be the number of labels in the ENR sample set. To obtain the class label of the current samples, it is necessary to map the class of each sample into a 1Z-dimensional vector, using the parameter matrix KE∗Z. The final class of ENR outputted by the network can be expressed as

Let b be the ground-truth label of the current ENR sample; let be the corresponding label outputted by the neural network. For ENR classification problem, this paper adopts binary cross entropy as the loss function of the network:

The neural network was trained by minimizing the loss. The gradient descent algorithm was adopted to update the weights and thresholds of the neural network.

5. Experiments and Results Analysis

After simulating different signature interception schemes, this paper records the runtime of each phase of these schemes in Figure 7. The bar graphs in Figure 7 visually compare the time consumptions of our scheme and the other three existing schemes in the phases of signature generation, signature interception, and signature verification. Our scheme had a small advantage over scheme [21] in signature generation and verification phases but achieved a marked superiority in signature interception phase and total time. Hence, the proposed certificateless signature interception scheme generally outperforms the contrastive schemes.

The throughput of a management system is generally measured by the transactions handled in each second. Figure 8 compares the time consumptions of one-by-one verification and aggregate verification. Aggregate verification consumed less than 10 s to handle 2,000 access requests. The throughput was 250–350 transactions per second. The multicenter structure of the selected alliance chain can realize the fast connection, rapid sync, and effective sharing between distributed ENR nodes, because the proposed alliance blockchain-based ENR information sharing protocol adopts the Fabric chain, which determines the node number and equipment configuration in advance. Besides, the selected consensus algorithm boasts a streamlined consensus process and a short response time. Capable of handling 5,000–10,000 transactions, the algorithm facilitates the dynamic expansion of ENR management system.

The performance of the proposed EMR information sharing scheme was compared with that of three existing information sharing schemes through comparative analysis. Scheme [21] adopts the delegated proof of stake (DPoS) consensus mechanism that alleviates the pressure on the main chain. This scheme is inferior in terms of system stability, the reliance on trustworthy third-parties, and patient control of ENR. Scheme [22] employs model chain to protect the privacy and ensure the safe storage of patient ENR information. But this scheme needs to bear some pressure of the main chain. Scheme [23] is defected in the safe storage of information. Meanwhile, our scheme effectively reduces the utilization rate of computer resources and guarantees system stability. The ENR accesses are restricted by the alliance blockchain and improved hash algorithm, laying the basis for privacy protection. Before storing the ENR, the anonymization algorithm for privacy protection is introduced to process the sensitive information in the ENR, which the patient wants to hide, thereby realizing safe storage. Table 1 compares the performance of different ENR information sharing schemes.

In our ENR information sharing scheme, the confirmation time of data block transaction was set to 10 min. On the consensus-making of blocks, this paper adopts the certificateless signature interception scheme. Therefore, the consensus algorithm needs no peer-to-peer communication between nodes. As a result, fewer consensus nodes are necessary. Since the consensus is reached between the patient and the doctor/nurse, the proposed EMR information sharing scheme saved more than 5 times the time in confirming data blocks, and transmitted data with 79.45% higher efficiency than the traditional blockchain (Figure 9). With the number of blocks to be confirmed, the confirmation times of our method and traditional blockchain were both on the rise. However, our method consumed less computing power and improved system throughput, due to the control of the number of nodes.

Furthermore, the original and improved consensus algorithms were compared through experiments. The improved algorithm is more suitable to ENR management system. Figure 10 shows the CPU occupancies of the adopted consensus mechanism. From the CPU occupancy curves, it can be observed that, with the elapse of time, the CPU occupancy of the improved consensus algorithm was much smaller than that of the original algorithm. Hence, our consensus algorithm can respond to access requests more rapidly.

6. Conclusions

This paper innovatively studies the information sharing and privacy protection of ENR management system. Specifically, the certificateless signature interception scheme was depicted phase by phase, and the validation procedures of the scheme were designed. Next, the six phases of ENR information sharing protocol based on alliance blockchain were described in detail. Afterwards, end-to-end memory neural network was constructed for ENR classification. The proposed management scheme was proved superior through experimental results on the runtime of each phase. Besides, the time consumption of one-by-one verification was compared with that of aggregate verification, suggesting that our consensus algorithm has a streamlined consensus process and supports the fast connection, rapid synchronization, and effectives haring between ENR nodes. In addition, our EMR information sharing scheme was compared with three existing information sharing schemes. The comparative analysis confirms the superiority of our scheme in functional completeness, computing power, and CPU occupancy.

Data Availability

The data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest

The authors declare that they have no conflicts of interest.