{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,17]],"date-time":"2026-04-17T16:27:59Z","timestamp":1776443279606,"version":"3.51.2"},"reference-count":44,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2022,7,29]],"date-time":"2022-07-29T00:00:00Z","timestamp":1659052800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,7,29]],"date-time":"2022-07-29T00:00:00Z","timestamp":1659052800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100008975","name":"Universitat de Les Illes Balears","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100008975","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Inf. Secur."],"published-print":{"date-parts":[[2022,10]]},"abstract":"Abstract<\/jats:title>As a result of the declaration of the COVID-19 pandemic, several proposals of blockchain-based solutions for digital COVID-19 certificates have been presented. Considering that health data have high privacy requirements, a health data management system must fulfil several strict privacy and security requirements. On the one hand, confidentiality of the medical data must be assured, being the data owner (the patient) the actor that maintain control over the privacy of their certificates. On the other hand, the entities involved in the generation and validation of certificates must be supervised by a regulatory authority. This set of requirements are generally not achieved together in previous proposals. Moreover, it is required that a digital COVID-19 certificate management protocol provides an easy verification process and also strongly avoid the risk of forgery. In this paper we present the design and implementation of a protocol to manage digital COVID-19 certificates where individual users decide how to share their private data in a hierarchical system. In order to achieve this, we put together two different technologies: the use of a proxy re-encryption (PRE) service in conjunction with a blockchain-based protocol. Additionally, our protocol introduces an authority to control and regulate the centers that can generate digital COVID-19 certificates and offers two kinds of validation of certificates for registered and non-registered verification entities. Therefore, the paper achieves all the requirements, that is, data sovereignty, high privacy, forgery avoidance, regulation of entities, security and easy verification.<\/jats:p>","DOI":"10.1007\/s10207-022-00598-3","type":"journal-article","created":{"date-parts":[[2022,7,29]],"date-time":"2022-07-29T07:06:27Z","timestamp":1659078387000},"page":"1069-1090","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":24,"title":["Highly private blockchain-based management system for digital COVID-19 certificates"],"prefix":"10.1007","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3699-8522","authenticated-orcid":false,"given":"Rosa","family":"Peric\u00e0s-Gornals","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1241-9805","authenticated-orcid":false,"given":"Maci\u00e0","family":"Mut-Puigserver","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5308-9633","authenticated-orcid":false,"given":"M. Magdalena","family":"Payeras-Capell\u00e0","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,7,29]]},"reference":[{"key":"598_CR1","unstructured":"COVID-19 to Plunge Global Economy into Worst Recession since World War II, 08 June 2020 (Online). https:\/\/www.worldbank.org\/en\/news\/press-release\/2020\/06\/08\/covid-19-to-plunge-global-economy-into-worst-recession-since-world-war-ii"},{"key":"598_CR2","unstructured":"A Subdued Recovery, with Damage to Undo, 05 January 2021 (Online). https:\/\/www.worldbank.org\/en\/news\/feature\/2021\/01\/05\/global-economic-prospects"},{"key":"598_CR3","unstructured":"EU Digital COVID Certificate (Online). https:\/\/ec.europa.eu\/info\/live-work-travel-eu\/coronavirus-response\/safe-covid-19-vaccines-europeans\/eu-digital-covid-certificate"},{"key":"598_CR4","unstructured":"Martin, N.: Germany sees increase in fake vaccination certificates, Deutsche Welle, November 27, 2021. https:\/\/www.dw.com\/en\/germany-sees-increase-in-fake-vaccination-certificates\/a-59954734"},{"key":"598_CR5","unstructured":"AP, French authorities open 400 investigations into fake COVID-19 health passes, Euronews, December 13, 2021 (Online). https:\/\/www.euronews.com\/2021\/12\/13\/french-authorities-open-400-investigations-into-fake-covid-19-health-passes#"},{"key":"598_CR6","unstructured":"Nikolov, K., Trkanjec, Z.: Fake COVID passports flourish in southeastern Europe, December 1, 2021 (Online). https:\/\/www.euractiv.com\/section\/health-consumers\/news\/fake-covid-passports-flourish-in-southeastern-europe\/"},{"key":"598_CR7","doi-asserted-by":"publisher","first-page":"61 656","DOI":"10.1109\/ACCESS.2019.2916503","volume":"7","author":"H Jin","year":"2019","unstructured":"Jin, H., Luo, Y., Li, P., Mathew, J.: A review of secure and privacy-preserving medical data sharing. IEEE Access 7, 61 656-61 669 (2019)","journal-title":"IEEE Access"},{"key":"598_CR8","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1016\/j.comnet.2022.108766","volume":"205","author":"R Mukta","year":"2022","unstructured":"Mukta, R., Paik, H., Qinghua, L., Kanhere, S.S.: A survey of data minimisation techniques in blockchain-based healthcare. Comput. Netw. 205, 108\u2013766 (2022). https:\/\/doi.org\/10.1016\/j.comnet.2022.108766","journal-title":"Comput. Netw."},{"key":"598_CR9","doi-asserted-by":"publisher","unstructured":"Yaqoob, I., Salah, K., Jayaraman, R., et al.: Blockchain for healthcare data management: opportunities, challenges, and future recommendations. Neural Comput. Appl. (2021). https:\/\/doi.org\/10.1007\/s00521-020-05519-w","DOI":"10.1007\/s00521-020-05519-w"},{"key":"598_CR10","doi-asserted-by":"publisher","first-page":"104399","DOI":"10.1016\/j.ijmedinf.2021.104399","volume":"148","author":"RW Ahmad","year":"2021","unstructured":"Ahmad, R.W., Salah, K., Jayaraman, R., Yaqoob, I., Ellahham, S., Omar, M.: The role of blockchain technology in telehealth and telemedicine. Int. J. Med. Inform. 148, 104399 (2021)","journal-title":"Int. J. Med. Inform."},{"key":"598_CR11","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/s10916-018-0982-x","volume":"42","author":"KN Griggs","year":"2018","unstructured":"Griggs, K.N., Ossipova, O., Kohlios, C.P., et al.: Healthcare blockchain system using smart contracts for secure automated remote patient monitoring. J. Med. Syst. 42, 130 (2018). https:\/\/doi.org\/10.1007\/s10916-018-0982-x","journal-title":"J. Med. Syst."},{"key":"598_CR12","doi-asserted-by":"publisher","first-page":"193","DOI":"10.1016\/j.jnca.2017.03.005","volume":"87","author":"D Nu\u00f1ez","year":"2017","unstructured":"Nu\u00f1ez, D., Agudo, I., Lopez, J.: Proxy re-encryption: analysis of constructions and its application to secure access delegation. J. Netw. Comput. Appl. 87, 193\u2013209 (2017)","journal-title":"J. Netw. Comput. Appl."},{"issue":"5","key":"598_CR13","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/s10916-020-01577-8","volume":"44","author":"MC Chang","year":"2020","unstructured":"Chang, M.C., Donghwi, P.: 2020 How can blockchain help people in the event of pandemics such as the COVID-19? J. Med. Syst. 44(5), 102\u201316 (2020). https:\/\/doi.org\/10.1007\/s10916-020-01577-8","journal-title":"J. Med. Syst."},{"key":"598_CR14","doi-asserted-by":"crossref","unstructured":"Azaria, A., Ekblaw, A., Vieira, T., Lippman, A.: MedRec: using blockchain for medical data access and permission management. In: 2016 2nd International Conference on Open and Big Data (OBD), pp. 25\u201330 (2016)","DOI":"10.1109\/OBD.2016.11"},{"key":"598_CR15","doi-asserted-by":"publisher","first-page":"102950","DOI":"10.1016\/j.jnca.2020.102950","volume":"178","author":"M Sookhak","year":"2021","unstructured":"Sookhak, M., Jabbarpour, M.R., Safa, N.S., Yu, F.R.: Blockchain and smart contract for access control in healthcare: a survey, issues and challenges, and open issues. J. Netw. Comput. Appl. 178, 102950 (2021)","journal-title":"J. Netw. Comput. Appl."},{"key":"598_CR16","unstructured":"Angelopoulos, C.M., Katos, V.: DHP framework: Digital health passports using blockchain. Use case on international tourism during the COVID-19 pandemic, 2020. arXiv:2005.08922(Online). https:\/\/arxiv.org\/abs\/2005.08922"},{"key":"598_CR17","doi-asserted-by":"publisher","first-page":"6132","DOI":"10.3390\/app11136132","volume":"11","author":"AB Haque","year":"2021","unstructured":"Haque, A.B., Naqvi, B., Islam, A.K.M.N., Hyrynsalmi, S.: Towards a GDPRCompliant blockchain-based COVID vaccination passport. Appl. Sci. 11, 6132 (2021). https:\/\/doi.org\/10.3390\/app11136132","journal-title":"Appl. Sci."},{"key":"598_CR18","doi-asserted-by":"publisher","unstructured":"Odoom, J., Soglo, R.S., Danso, S.A., Xiaofang, H.: A privacy-preserving Covid-19 updatable test result and vaccination provenance based on blockchain and smart contract. In: 2019 International Conference on Mechatronics, Remote Sensing, Information Systems and Industrial Information Technologies (ICMRSISIIT), pp. 1\u20136 (2019). https:\/\/doi.org\/10.1109\/ICMRSISIIT46373.2020.9405872","DOI":"10.1109\/ICMRSISIIT46373.2020.9405872"},{"key":"598_CR19","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1109\/OJEMB.2020.2999214","volume":"1","author":"M Eisenstadt","year":"2020","unstructured":"Eisenstadt, M., Ramachandran, M., Chowdhury, N., Third, A., Domingue, J.: Covid-19 antibody test\/vaccination certification: there\u2019s an app for that. IEEE Open J. Eng. Med. Biol. 1, 148\u2013155 (2020)","journal-title":"IEEE Open J. Eng. Med. Biol."},{"key":"598_CR20","doi-asserted-by":"publisher","first-page":"222 093","DOI":"10.1109\/ACCESS.2020.3043350","volume":"8","author":"H R Hasan","year":"2020","unstructured":"Hasan, H. R., Salah, K., Jayaraman, R., Arshad, J., Yaqoob, I., Omar, M., Ellahham, S.: Blockchain-based solution for covid-19 digital medical passports and immunity certificates. IEEE Access 8, 222 093-222 108 (2020)","journal-title":"IEEE Access"},{"key":"598_CR21","doi-asserted-by":"publisher","DOI":"10.1002\/spe.2983","author":"A Abid","year":"2021","unstructured":"Abid, A., Cheikhrouhou, S., Kallel, S., Jmaiel, M.: NovidChain: blockchain-based privacy-preserving platform for COVID-19 test\/vaccine certificates. Softw. Pract. Exp. (2021). https:\/\/doi.org\/10.1002\/spe.2983","journal-title":"Softw. Pract. Exp."},{"key":"598_CR22","doi-asserted-by":"crossref","unstructured":"Mut-Puigserver, M., Payeras-Capell\u00e0, M., Cabot-Nadal, M.: Blockchain-Based Fair Certified Notifications, Data Privacy Management, Cryptocurrencies and blockchain Technology, LNCS 11025, pp. 20\u201337. Springer (2018)","DOI":"10.1007\/978-3-030-00305-0_2"},{"key":"598_CR23","doi-asserted-by":"crossref","unstructured":"Mut-Puigserver, M., Cabot-Nadal, M.A., Payeras-Capell\u00e0, M.: Removing the trusted third party in a confidential multiparty registered eDelivery protocol using blockchain. In: IEEE Access (2020)","DOI":"10.1109\/ACCESS.2020.3000558"},{"key":"598_CR24","doi-asserted-by":"publisher","first-page":"95825","DOI":"10.1109\/ACCESS.2019.2929101","volume":"7","author":"M Payeras-Capell\u00e0","year":"2019","unstructured":"Payeras-Capell\u00e0, M., Mut-Puigserver, M., Cabot-Nadal, M.A.: Blockchain-based system for multiparty electronic registered delivery services. IEEE Access 7, 95825\u201395843 (2019)","journal-title":"IEEE Access"},{"key":"598_CR25","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.iot.2018.05.002","volume":"1\u20132","author":"M Daniel","year":"2018","unstructured":"Daniel, M., Occhiogrosso, B.: Blockchain mechanisms for IoT security. Internet of Things 1\u20132, 1\u201313 (2018). https:\/\/doi.org\/10.1016\/j.iot.2018.05.002","journal-title":"Internet of Things"},{"key":"598_CR26","unstructured":"Benet, J.: IPFS\u2014Content Addressed, Versioned, P2P File System (2014)"},{"key":"598_CR27","doi-asserted-by":"crossref","unstructured":"Politou, E., Alepis, E., Patsakis, C., Casino, F., Alazab, M.: Delegated content erasure in IPFS. Future Gener. Comput. Syst. 112, 956\u2013964 (2020)","DOI":"10.1016\/j.future.2020.06.037"},{"key":"598_CR28","doi-asserted-by":"publisher","unstructured":"Guidi, B., Michienzi, A., Ricci, L.: Data persistence in decentralized social applications: the IPFS approach. In: 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC), pp. 1\u20134 (2021). https:\/\/doi.org\/10.1109\/CCNC49032.2021.9369473","DOI":"10.1109\/CCNC49032.2021.9369473"},{"key":"598_CR29","doi-asserted-by":"publisher","unstructured":"Zheng, Q., Li, Y., Chen, P., Dong, X.: An innovative IPFS-based storage model for blockchain. IEEE\/WIC\/ACM International Conference on Web Intelligence (WI), pp. 704\u2013708 (2018). https:\/\/doi.org\/10.1109\/WI.2018.000-8","DOI":"10.1109\/WI.2018.000-8"},{"key":"598_CR30","doi-asserted-by":"publisher","first-page":"50125","DOI":"10.1109\/ACCESS.2022.3173162","volume":"10","author":"R Kakkar","year":"2022","unstructured":"Kakkar, R., et al.: PADaaV: blockchain-based parking price prediction scheme for sustainable traffic management. IEEE Access 10, 50125\u201350136 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3173162","journal-title":"IEEE Access"},{"key":"598_CR31","doi-asserted-by":"publisher","first-page":"17707","DOI":"10.1109\/ACCESS.2022.3149312","volume":"10","author":"HR Hasan","year":"2022","unstructured":"Hasan, H.R., Salah, K., Yaqoob, I., Jayaraman, R., Pesic, S., Omar, M.: Trustworthy IoT data streaming using blockchain and IPFS. IEEE Access 10, 17707\u201317721 (2022). https:\/\/doi.org\/10.1109\/ACCESS.2022.3149312","journal-title":"IEEE Access"},{"key":"598_CR32","doi-asserted-by":"publisher","first-page":"59389","DOI":"10.1109\/ACCESS.2020.2982964","volume":"8","author":"J Sun","year":"2020","unstructured":"Sun, J., Yao, X., Wang, S., Wu, Y.: Blockchain-based secure storage and access scheme for electronic medical records in IPFS. IEEE Access 8, 59389\u201359401 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.2982964","journal-title":"IEEE Access"},{"key":"598_CR33","doi-asserted-by":"publisher","unstructured":"Kumar, S., Bharti, A.K., Amin, R.: Decentralized secure storage of medical records using blockchain and IPFS: a comparative analysis with future directions. Secur. Privacy (2021). https:\/\/doi.org\/10.1002\/spy2.162","DOI":"10.1002\/spy2.162"},{"key":"598_CR34","doi-asserted-by":"publisher","DOI":"10.1016\/j.eij.2022.02.004","author":"A Kebira","year":"2022","unstructured":"Kebira, A., Ouail, O., Said Jai, A.: BlockMedCare: a healthcare system based on IoT, blockchain and IPFS for data management security. Egypt. Inform. J. (2022). https:\/\/doi.org\/10.1016\/j.eij.2022.02.004","journal-title":"Egypt. Inform. J."},{"issue":"1","key":"598_CR35","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/1127345.1127346","volume":"9","author":"G Ateniese","year":"2006","unstructured":"Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. (TISSEC) 9(1), 1\u201330 (2006)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"key":"598_CR36","doi-asserted-by":"crossref","unstructured":"Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (Ed.), Advances in Cryptology-EUROCRYPT\u201998, pp. 127\u2013144. Springer, Berlin (1998)","DOI":"10.1007\/BFb0054122"},{"key":"598_CR37","doi-asserted-by":"publisher","unstructured":"Chen, X., Liu, Y., Li, Y., Lin, C. : Threshold proxy re-encryption and its application in blockchain. In: Sun X., Pan Z., Bertino E. (Eds.) Cloud Computing and Security (ICCCS 2018), Lecture Notes in Computer Science, vol. 11066. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-00015-8_2","DOI":"10.1007\/978-3-030-00015-8_2"},{"key":"598_CR38","doi-asserted-by":"publisher","first-page":"1943","DOI":"10.1007\/s12652-020-02285-4","volume":"12","author":"G Pareek","year":"2021","unstructured":"Pareek, G., Purushothama, B.R.: TP-PRE: threshold progressive proxy re-encryption, its definitions, construction and applications. J. Ambient. Intell. Hum. Comput. 12, 1943\u20131965 (2021). https:\/\/doi.org\/10.1007\/s12652-020-02285-4","journal-title":"J. Ambient. Intell. Hum. Comput."},{"key":"598_CR39","doi-asserted-by":"publisher","first-page":"102917","DOI":"10.1016\/j.jnca.2020.102917","volume":"176","author":"A Manzoor","year":"2021","unstructured":"Manzoor, A., Braeken, A., Kanhere, S.S., Ylianttila, M., Liyanage, M.: Proxy re-encryption enabled secure and anonymous IoT data sharing platform based on blockchain. J. Netw. Comput. Appl. 176, 102917 (2021). https:\/\/doi.org\/10.1016\/j.jnca.2020.102917","journal-title":"J. Netw. Comput. Appl."},{"key":"598_CR40","doi-asserted-by":"publisher","unstructured":"Meena, D.K., Dwivedi, R., Shukla, S.: Preserving patient\u2019s privacy using proxy re-encryption in permissioned blockchain. In: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), pp. 450\u2013457 (2019). https:\/\/doi.org\/10.1109\/IOTSMS48152.2019.8939226","DOI":"10.1109\/IOTSMS48152.2019.8939226"},{"key":"598_CR41","doi-asserted-by":"publisher","unstructured":"Abe, M., Gennaro, R., Kurosawa, K., Shoup, V.: Tag-KEM\/DEM: a new framework for hybrid encryption and a new analysis of Kurosawa\u2013Desmedt KEM. In: Cramer, R. (Eds.) Advances in Cryptology - EUROCRYPT 2005 (EUROCRYPT 2005), Lecture Notes in Computer Science, vol. 3494. Springer, Berlin (2005). https:\/\/doi.org\/10.1007\/11426639_8","DOI":"10.1007\/11426639_8"},{"key":"598_CR42","unstructured":"Nu\u00f1ez, D.: UMBRAL: a threshold proxy re-encryption scheme (Online). https:\/\/github.com\/nucypher\/umbral-doc\/blob\/master\/umbral-doc.pdf"},{"key":"598_CR43","unstructured":"McGrew, D.: An interface and algorithms for authenticated encryption. Internet Requests for Comments, RFC Editor, RFC 5116 (2008) (Online). http:\/\/www.rfc-editor.org\/rfc\/rfc5116.txt"},{"key":"598_CR44","doi-asserted-by":"publisher","first-page":"65439","DOI":"10.1109\/ACCESS.2018.2876971","volume":"6","author":"HR Hasan","year":"2018","unstructured":"Hasan, H.R., Salah, K.: Proof of delivery of digital assets using blockchain and smart contracts. IEEE Access 6, 65439\u201365448 (2018). https:\/\/doi.org\/10.1109\/ACCESS.2018.2876971","journal-title":"IEEE Access"}],"container-title":["International Journal of Information Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-022-00598-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10207-022-00598-3\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10207-022-00598-3.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,23]],"date-time":"2022-09-23T15:50:58Z","timestamp":1663948258000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10207-022-00598-3"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,7,29]]},"references-count":44,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2022,10]]}},"alternative-id":["598"],"URL":"https:\/\/doi.org\/10.1007\/s10207-022-00598-3","relation":{},"ISSN":["1615-5262","1615-5270"],"issn-type":[{"value":"1615-5262","type":"print"},{"value":"1615-5270","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,7,29]]},"assertion":[{"value":"29 July 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}