Abstract:
Web application uses a remote web server to stores its wide range of data. The data
could be financial records, news, stock prices, weather forecast or medical record of
patients. So, a web application is totally dependent on a remote potentially hostile web
server for the security of its data and query results. If an attacker gets control over the
web server, one cannot guarantee the integrity of data and query results. If an attacker
tampersthe critical data like stock prices or diagnostic medical records of patient present
on a web server that is to be used in decision making, it can cause some severe monetary
and health damages.
Although we cannot prevent the data from getting tampered, however, we can detect if
someone has illegally tampered it. Instead of being tamper resistant we have provided
an efficient and secure tamper evident solution to this problem. Our solution provides
strong evidence to data user (decision maker) that if data provided by the server is
tampered or not, even if the server is complete control of an attacker. Using blockchain
technology as a trust base, our practical solution guarantees the correctness and
freshness of data with minimum overhead. To check if the solution is practically
convenient, we have integrated our solution with remote medical web application and
evaluated its results. In a remote medical web application, a patient remotely uploads
its diagnostic data, and physician (decision maker) evaluates the patient uploaded data
and prescribe the medications accordingly. Our solution provides an efficient, secure
and strong proof to the decision maker or physician that if patient’s data is been illegally
tampered or not on compromised web server. The provided solution can be integrated
with any web application by adding minimal changes in the application’s existing
structure
