This paper presents a hybrid blockchain-edge architecture for managing Electronic Health Records (EHRs) with attribute-based cryptographic mechanisms. The architecture introduces a novel attribute-based signature aggregation (ABSA) scheme and multi-authority attribute-based encryption (MA-ABE) integrated with Paillier homomorphic encryption (HE) to protect patients' anonymity and safeguard their EHRs. All the EHR activities and access control events are recorded permanently as blockchain transactions. We develop the ABSA module on Hyperledger Ursa cryptography library, MA-ABE module on OpenABE toolset, and blockchain network on Hyperledger Fabric. We measure the execution time of ABSA's signing and verification functions, MA-ABE with different access policies and homomorphic encryption schemes, and compare the results with other existing blockchain-based EHR systems. We validate the access activities and authentication events recorded in blockchain transactions and evaluate the transaction throughput and latency using Hyperledger Caliper. The results show that the performance meets real-world scenarios' requirements while safeguarding EHR and is robust against unauthorized retrievals.

翻译：本文提出一种混合区块链-边缘架构，用于管理电子健康记录（EHR），并融合了基于属性的密码机制。该架构引入了一种新型属性基签名聚合（ABSA）方案，以及集成Paillier同态加密（HE）的多权威属性基加密（MA-ABE），以保护患者匿名性并保障其电子健康记录安全。所有EHR操作及访问控制事件均作为区块链交易永久记录。我们在Hyperledger Ursa密码学库上开发ABSA模块，在OpenABE工具集上开发MA-ABE模块，并在Hyperledger Fabric上构建区块链网络。我们测量了ABSA签名与验证函数的执行时间，以及不同访问策略与同态加密方案下MA-ABE的性能，并将结果与现有其他基于区块链的EHR系统进行对比。我们验证了区块链交易中记录的访问活动与认证事件，并使用Hyperledger Caliper评估了交易吞吐量与延迟。结果表明，该架构在保障EHR安全的同时，能够满足实际场景的性能需求，并能有效抵御未经授权的数据检索攻击。