Volume 21, Issue 3 (12-2024)
JSDP 2024, 21(3): 149-178 |
Back to browse issues page
Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:
Hassan Pour Askari A, Khatibi Bardsiri A, Mohammadi Ghanat Ghestani M. IoT privacy for the transmission of data in the field of health using blockchain. JSDP 2024; 21 (3) : 8
URL: http://jsdp.rcisp.ac.ir/article-1-1314-en.html
URL: http://jsdp.rcisp.ac.ir/article-1-1314-en.html
Assistant Professor, Department of Computer, Bardsir Branch, Islamic Azad University, Bardsir, Iran
Abstract: (415 Views)
Data transmission and storage through blockchain is something that many studies have suggested for various security issues. Due to the sensitivities in securing information from patients and medical professionals, the healthcare system has a favorable context for deploying a powerful blockchain system for privacy. Blockchain application in the healthcare system allows physicians to store patient records with high security and make them available to other hospitals and clinics as needed. Besides increasing data transmission and storage security, this reduces data management risks and expenses.
The present study emphasizes the confidentiality of healthcare data in the cloud-based Internet of Things (IoT) using blockchain and edge computing. Also this method uses SHA2 hashing and PKI encryption. Therefore, it can optimally provide data confidentiality in medical settings, especially for patients under care.
The system proposed in this study includes five parts: users, IoT devices, edge devices, security server, and cloud computing. The proposed method uses the Diffie – Hellman key exchange in the authentication process for anomality case to achieve the goal of essential security compliance. This method is a cryptographic (encryption) protocol allowing two people or two organizations to create a shared password key without the need for any prior acquaintance and exchange it through an insecure connection path. This study used data sensed by IoT network sensors with medical data for loading on IoT and cloud simulated networks. These data were related to monitoring patients with cardiovascular disease and were sampled on 300 patients. The research dataset belonged to the Cleveland Clinic Foundation for Heart Disease Dataset. The study simulation software was NS-2.35, which used C++ and TCL programming languages.
The research findings revealed that if there were no method for data encryption, much of the data would be exposed. This rate reaches 50% for 50 attackers. Encryption using the proposed method causes the percentage of data disclosed to be very slight, and it equals zero, even though attackers may guess the password or data. As network traffic grows, the throughput difference between blocking and non-blocking access methods increases. It suggests that by blocking the attacking nodes’ access, network traffic will not have a detrimental effect on attacking nodes by detecting and preventing their activity. However, if the access of these nodes is not blocked, the destructive impact is very high, and the network traffic will grow slightly. According to these results, in terms of SLA violation, the system is in a situation where even in case of an attack, there is no SLA violation and the efficiency is maintained. Also, the percentage of access to useful information by the hacker will be close to zero. By preventing the entry of malicious nodes, the throughput increases by about 30%. Some other advantages of this method are its high flexibility and comparability, robustness, and relatively low execution time and delay, which is caused by the use of cloud edge.
It is estimated that the improvement rate of the proposed method is more than 5% compared to other related approaches. In the design presented in this study, the processes are highly simplified, and there will be a relatively low processing overhead. At the same time, the steps meet all the requirements for cloud and IoT data centers in healthcare applications.
The present study emphasizes the confidentiality of healthcare data in the cloud-based Internet of Things (IoT) using blockchain and edge computing. Also this method uses SHA2 hashing and PKI encryption. Therefore, it can optimally provide data confidentiality in medical settings, especially for patients under care.
The system proposed in this study includes five parts: users, IoT devices, edge devices, security server, and cloud computing. The proposed method uses the Diffie – Hellman key exchange in the authentication process for anomality case to achieve the goal of essential security compliance. This method is a cryptographic (encryption) protocol allowing two people or two organizations to create a shared password key without the need for any prior acquaintance and exchange it through an insecure connection path. This study used data sensed by IoT network sensors with medical data for loading on IoT and cloud simulated networks. These data were related to monitoring patients with cardiovascular disease and were sampled on 300 patients. The research dataset belonged to the Cleveland Clinic Foundation for Heart Disease Dataset. The study simulation software was NS-2.35, which used C++ and TCL programming languages.
The research findings revealed that if there were no method for data encryption, much of the data would be exposed. This rate reaches 50% for 50 attackers. Encryption using the proposed method causes the percentage of data disclosed to be very slight, and it equals zero, even though attackers may guess the password or data. As network traffic grows, the throughput difference between blocking and non-blocking access methods increases. It suggests that by blocking the attacking nodes’ access, network traffic will not have a detrimental effect on attacking nodes by detecting and preventing their activity. However, if the access of these nodes is not blocked, the destructive impact is very high, and the network traffic will grow slightly. According to these results, in terms of SLA violation, the system is in a situation where even in case of an attack, there is no SLA violation and the efficiency is maintained. Also, the percentage of access to useful information by the hacker will be close to zero. By preventing the entry of malicious nodes, the throughput increases by about 30%. Some other advantages of this method are its high flexibility and comparability, robustness, and relatively low execution time and delay, which is caused by the use of cloud edge.
It is estimated that the improvement rate of the proposed method is more than 5% compared to other related approaches. In the design presented in this study, the processes are highly simplified, and there will be a relatively low processing overhead. At the same time, the steps meet all the requirements for cloud and IoT data centers in healthcare applications.
Article number: 8
Type of Study: Research |
Subject:
Paper
Received: 2022/05/31 | Accepted: 2024/06/1 | Published: 2025/01/17 | ePublished: 2025/01/17
Received: 2022/05/31 | Accepted: 2024/06/1 | Published: 2025/01/17 | ePublished: 2025/01/17
References
1. X. Wang, L. Bai, Q. Yang, L. Wang, and F. Jiang, "A dual privacy-preservation scheme for cloud-based eHealth systems," Journal of Information Security and Applications, vol. 47, pp. 132-138, 2019. [DOI:10.1016/j.jisa.2019.04.010]
2. M. A. Uddin, A. Stranieri, I. Gondal, and V. Balasubramanian, "Blockchain leveraged decentralized IoT eHealth framework," Internet of Things, vol. 9, p. 100159, 2020. [DOI:10.1016/j.iot.2020.100159]
3. R. Duan, M. R. Boland, Z. Liu, Y. Liu, H. H. Chang, H. Xu, H. Chu, et al., "Learning from electronic health records across multiple sites: A communication-efficient and privacy-preserving distributed algorithm," Journal of the American Medical Informatics Association, vol. 27, no. 3, pp. 376-385, 2020. [DOI:10.1093/jamia/ocz199] [PMID] []
4. A. Majeed, "Attribute-centric anonymization scheme for improving user privacy and utility of publishing e-health data," Journal of King Saud University-Computer and Information Sciences, vol. 31, no. 4, pp. 426-435, 2019. [DOI:10.1016/j.jksuci.2018.03.014]
5. A. Donawa, I. Orukari, and C. E. Baker, "Scaling blockchains to support electronic health record systems for hospitals," arXiv preprint arXiv:2001.05525, 2020.
6. A. Zhang and X. Lin, "Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain," Journal of Medical Systems, vol. 42, no. 8, p. 140, 2018. [DOI:10.1007/s10916-018-0995-5] [PMID]
7. A. Botta, W. De Donato, V. Persico, and A. Pescapé, "Integration of cloud computing and internet of things: A survey," Future Generation Computer Systems, vol. 56, pp. 684-700, 2016. [DOI:10.1016/j.future.2015.09.021]
8. C. Perera, A. Zaslavsky, P. Christen, and D. Georgakopoulos, "Sensing as a service model for smart cities supported by internet of things," Transactions on Emerging Telecommunications Technologies, vol. 25, no. 1, pp. 81-93, 2014. [DOI:10.1002/ett.2704]
9. A. Shahnaz, U. Qamar, and A. Khalid, "Using blockchain for electronic health records," IEEE Access, vol. 7, pp. 147782-147795, 2019. [DOI:10.1109/ACCESS.2019.2946373]
10. D. Gachet, M. de Buenaga, F. Aparicio, and V. Padrón, "Integrating internet of things and cloud computing for health services provisioning: The virtual cloud carer project," in 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 918-921. IEEE, 2012. [DOI:10.1109/IMIS.2012.25]
11. Y. Zhang, M. Qiu, C.-W. Tsai, M. M. Hassan, and A. Alamri, "Health-CPS: Healthcare cyber-physical system assisted by cloud and big data," IEEE Systems Journal, vol. 11, no. 1, pp. 88-95, 2015. [DOI:10.1109/JSYST.2015.2460747]
12. N. Alharbe, A. S. Atkins, and J. Champion, "Use of cloud computing with wireless sensor networks in an Internet of Things environment for a smart hospital network," in Proceedings of the Seventh International Conference on eHealth, Telemedicine, and Social Medicine, Lisbon, Portugal, pp. 22-27, 2015.
13. J. Zhou, T. Leppanen, E. Harjula, M. Ylianttila, T. Ojala, C. Yu, H. Jin, and L. T. Yang, "Cloudthings: A common architecture for integrating the internet of things with cloud computing," in Proceedings of the 2013 IEEE 17th International Conference on Computer Supported Cooperative Work in Design (CSCWD), pp. 651-657. IEEE, 2013. [DOI:10.1109/CSCWD.2013.6581037]
14. S. M. R. Islam, D. Kwak, M. H. Kabir, M. Hossain, and K.-S. Kwak, "The internet of things for health care: A comprehensive survey," IEEE Access, vol. 3, pp. 678-708, 2015. [DOI:10.1109/ACCESS.2015.2437951]
15. S. Nakamoto, Bitcoin: A peer-to-peer electronic cash system. Manubot, 2019.
16. F. Hussain and U. Qamar, "Identification and correction of misspelled drugs' names in electronic medical records (EMR)," in International Conference on Enterprise Information Systems, vol. 3, pp. 333-338. SCITEPRESS, 2016. [DOI:10.5220/0005911503330338] [PMID]
17. S. I. Goldberg, M. Shubina, A. Niemierko, and A. Turchin, "A weighty problem: Identification, characteristics and risk factors for errors in EMR data," in AMIA Annual Symposium Proceedings, vol. 2010, p. 251. American Medical Informatics Association, 2010.
18. E. A. Mohammed, B. H. Far, and C. Naugler, "Applications of the MapReduce programming framework to clinical big data analysis: Current landscape and future trends," BioData Mining, vol. 7, no. 1, pp. 1-23, 2014. [DOI:10.1186/1756-0381-7-22] [PMID] []
19. Y. Liang and A. Kelemen, "Big Data science and its applications in health and medical research: Challenges and opportunities," J Biom Biostat, vol. 7, no. 307, 2016. [DOI:10.4172/2155-6180.1000307]
20. W. J. Gordon and C. Catalini, "Blockchain technology for healthcare: Facilitating the transition to patient-driven interoperability," Computational and Structural Biotechnology Journal, vol. 16, pp. 224-230, 2018. [DOI:10.1016/j.csbj.2018.06.003] [PMID] []
21. L. Castaldo and V. Cinque, "Blockchain-based logging for the cross-border exchange of ehealth data in Europe," International ISCIS Security Workshop. Springer, Cham, 2018. [DOI:10.1007/978-3-319-95189-8_5]
22. D. C. Nguyen, et al., "Blockchain for secure EHRs sharing of mobile cloud based e-Health systems," IEEE Access, vol. 7, pp. 66792-66806, 2019. [DOI:10.1109/ACCESS.2019.2917555]
23. M. Qazi, D. Kulkarni, and M. Nagori, "Proof of authenticity-based electronic medical records storage on blockchain," in Smart Trends in Computing and Communications, Springer, Singapore, pp. 297-306, 2020. [DOI:10.1007/978-981-15-0077-0_31]
24. A. Zhang and X. Lin, "Towards secure and privacy-preserving data sharing in e-health systems via consortium blockchain," Journal of Medical Systems, vol. 42, no. 8, p. 140, 2018. [DOI:10.1007/s10916-018-0995-5] [PMID]
25. S. Tanwar, K. Parekh, and R. Evans, "Blockchain-based electronic healthcare record system for healthcare 4.0 applications," Journal of Information Security and Applications, vol. 50, p. 102407, 2020. [DOI:10.1016/j.jisa.2019.102407]
26. G. Tripathi, M. A. Ahad, and S. Paiva, "S2HS-A blockchain based approach for smart healthcare system," Healthcare, Elsevier, 2019. [DOI:10.1016/j.hjdsi.2019.100391] [PMID]
27. E. Gorelik, "Cloud computing models," Doctoral dissertation, Massachusetts Institute of Technology, 2013.
28. C. Choi, J.-H. Park, M. Na, and S. Jo, "Low-latency 5G architectures for mission-critical Internet of Things (IoT) services," Information and Communications Magazine, vol. 32, no. 9, pp. 17-23, 2015.
29. H. Wu, K. Yue, C.-H. Hsu, Y. Zhao, B. Zhang, and G. Zhang, "Deviation-based neighborhood model for context-aware QoS prediction of cloud and IoT services," Future Generation Computer Systems, vol. 76, pp. 550-560, 2017. [DOI:10.1016/j.future.2016.10.015]
30. P. Bonte, F. Ongenae, F. De Backere, J. Schaballie, D. Arndt, S. Verstichel, E. Mannens, R. Van de Walle, and F. De Turck, "The MASSIF platform: A modular and semantic platform for the development of flexible IoT services," Knowledge and Information Systems, vol. 51, no. 1, pp. 89-126, 2017. [DOI:10.1007/s10115-016-0969-1]
31. T. D. Cao, H. H. Hoang, H. X. Huynh, B. M. Nguyen, T. V. Pham, Q. Tran-Minh, ... and H. L. Truong, "IoT services for solving critical problems in Vietnam: A research landscape and directions," IEEE Internet Computing, vol. 20, no. 5, pp. 76-81, 2016. [DOI:10.1109/MIC.2016.97]
32. G. Gang, Z. L., and J. Jun, "Internet of things security analysis," in Internet Technology and Applications (iTAP), 2011 International Conference on, pp. 1-4. IEEE, 2011. [DOI:10.1109/ITAP.2011.6006307] []
33. A. Whitmore, A. Agarwal, and L. Da Xu, "The Internet of Things-A survey of topics and trends," Information Systems Frontiers, pp. 1-14, 2014.
34. J. Guo, R. Chen, and J. J. P. Tsai, "A mobile cloud hierarchical trust management protocol for IoT systems," in Mobile Cloud Computing, Services, and Engineering (MobileCloud), 2017 5th IEEE International Conference on, IEEE, 2017. [DOI:10.1109/MobileCloud.2017.13]
35. Y. Liu, J. E. Fieldsend, and G. Min, "A framework of fog computing: Architecture, challenges, and optimization," IEEE Access, vol. 5, pp. 25445-25454, 2017. [DOI:10.1109/ACCESS.2017.2766923]
36. H. Kim and E. A. Lee, "Authentication and authorization for the Internet of Things," IT Professional, vol. 19, no. 5, pp. 27-33, 2017. [DOI:10.1109/MITP.2017.3680960]
37. M. Mahmud, et al., "A brain-inspired trust management model to assure security in a cloud based IoT framework for neuroscience applications," arXiv preprint arXiv:1801.03984, 2018. [DOI:10.1007/s12559-018-9543-3]
38. R. K. Behera, K. H. K. Reddy, and D. S. Roy, "Reliability modelling of service oriented Internet of Things," in 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO)(Trends and Future Directions), IEEE, 2015. [DOI:10.1109/ICRITO.2015.7359216] []
39. V. Kharchenko, et al., "Reliability and security issues for IoT-based smart business center: Architecture and Markov model," in 2016 Third International Conference on Mathematics and Computers in Sciences and in Industry (MCSI), IEEE, 2016. [DOI:10.1109/MCSI.2016.064]
40. V. Sharma, et al., "A consensus framework for reliability and mitigation of zero-day attacks in IoT," Security and Communication Networks, 2017. [DOI:10.1155/2017/4749085]
41. C. Stergiou, et al., "Secure integration of IoT and cloud computing," Future Generation Computer Systems, vol. 78, pp. 964-975, 2018. [DOI:10.1016/j.future.2016.11.031]
42. I. Makhdoom, I. Zhou, M. Abolhasan, J. Lipman, and W. Ni, "PrivySharing: A blockchain-based framework for privacy-preserving and secure data sharing in smart cities," Computers & Security, vol. 88, p. 101653, 2020. [DOI:10.1016/j.cose.2019.101653]
43. H. Deng, Z. Qin, L. Sha, and H. Yin, "A flexible privacy-preserving data sharing scheme in cloud-assisted IoT," IEEE Internet of Things Journal, vol. 7, no. 12, pp. 11601-11611, 2020. [DOI:10.1109/JIOT.2020.2999350]
44. P. Tedeschi, K. E. Jeon, J. She, S. Wong, S. Bakiras, and R. Di Pietro, "Privacy-preserving and sustainable contact tracing using batteryless BLE beacons," arXiv preprint arXiv:2103.06221, 2021. [DOI:10.1109/MSEC.2021.3115497]
45. F. Firouzi, B. Farahani, M. Barzegari, and M. Daneshmand, "AI-driven data monetization: The other face of data in IoT-based smart and connected health," IEEE Internet of Things Journal, 2020.
46. R. Goyat, G. Kumar, R. Saha, M. Conti, M. K. Rai, R. Thomas, M. Alazab, and T. H.-K. Kim, "Blockchain-based data storage with privacy and authentication in Internet-of-Things," IEEE Internet of Things Journal, 2020.
47. A. Ali, et al., "HealthLock: Blockchain-based privacy preservation using homomorphic encryption in Internet of Things healthcare applications," Sensors, vol. 23, no. 15, p. 6762, 2023. [DOI:10.3390/s23156762] [PMID] []
48. S. Das and S. Namasudra, "Lightweight and efficient privacy-preserving mutual authentication scheme to secure Internet of Things-based smart healthcare," Transactions on Emerging Telecommunications Technologies, 2023, e4716. [DOI:10.1002/ett.4716]
49. H. N. Alsuqaih, et al., "An efficient privacy-preserving control mechanism based on blockchain for E-health applications," Alexandria Engineering Journal, vol. 73, pp. 159-172, 2023. [DOI:10.1016/j.aej.2023.04.037]
50. M. I. Ahmed and G. Kannan, "Secure and lightweight privacy-preserving Internet of Things integration for remote patient monitoring," Journal of King Saud University-Computer and Information Sciences, vol. 34, no. 9, pp. 6895-6908, 2022. [DOI:10.1016/j.jksuci.2021.07.016]
51. M. P. Mahmoudi-Nasr and K. H. Kimia, "A mutual authentication method for Internet of Things", Signal and Data Processing, vol. 19, no. 2, pp. 6, 2022. [Online]. Available: http://jsdp.rcisp.ac.ir/article-1-1134-fa.html [DOI:10.52547/jsdp.19.2.73]
52. [S. Azizi, M. Ashouri-Talouki, and H. Mala, "An efficient and secure frequent multiparty summation protocol", Signal and Data Processing, vol. 15, no. 4, pp. 31-40, 2019. [Online]. Available: http://jsdp.rcisp.ac.ir/article-1-649-fa.html [DOI:10.29252/jsdp.15.4.31]
53. A. Janosi, W. Steinbrunn, M. Pfisterer, and R. Detrano, "Heart Disease," UCI Machine Learning Repository [Online]. Available: https://archive.ics.uci.edu/dataset/45/heart+disease. [Accessed: Mar. 15, 2024].
Send email to the article author
| Rights and permissions | |
 |
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License. |
