Secure Framework for Internet of Things Based e-Health System

Secure Framework for Internet of Things Based e-Health System

Adil Bashir (Department of Electronics and Communication Engineering, National Institute of Technology Srinagar., Srinagar, India) and Ajaz Hussain Mir (Department of Electronics and Communication Engineering, National Institute of Technology Srinagar., Srinagar, India)
Copyright: © 2019 |Pages: 14
DOI: 10.4018/IJEHMC.2019100102

Abstract

Internet of Things (IoT) is the emerging technology finding applications in a wide range of fields that include smart homes, intelligent transportation, e-health, supply chain management. Among IoT applications, e-health is one of the most promising application in which smart devices capable of monitoring physiological parameters of patients are implanted in or around their bodies which automatically sense and transmit collected data to medical consultants. However, security issues for electronic patient records (EPR) in-transit hinder the usage of IoT in e-health systems. Among these issues, EPR confidentiality and entity authentication are major concerns. In this article, confidentiality of EPR and its secure transmission over network is focused mainly. A security framework is proposed where-in smart devices encrypt sensed physiological data with Light-Weight Encryption Algorithm and Advanced Encryption Standard cryptographic algorithms. The security framework and the designed protocol provides better security and are energy efficient as presented in the evaluation section.
Article Preview
Top

1. Introduction

Internet of Things (IoT) is a novel technology rapidly gaining popularity in the current era that emerges from embedded system, sensor technology and wireless communication. IoT is the interconnection of physical things that are equipped with sensing, actuating and communication technologies that enable objects to sense environmental or physiological phenomenon, collect data and share it with other objects and take actions of their own or prompt humans to take actions. The rapid growth of IoT (Andreev et al., 2012; Atzori et al., 2010) and its capability to provide enormous services in diverse areas such as industry, education, e-health, defense and social life, have made it the burgeoning technology. It is projected that trillions of objects will be connected to internet during next five years (Adiga et al., 2012). IoT will result in $1.7 trillion in value added to the global economy in 2019 (Greenough, 2014). Scientific communities like IETF (Internet Engineering Task Force) and IEEE (Institute of Electrical and Electronics Engineers) are working actively to develop standards and protocols for IoT and recently they have come up with a protocol stack for IoT shown in Figure 1 (Granjal et al., 2015).

Figure 1.

IoT protocol stack

IJEHMC.2019100102.f01

Each layer in the stack has protocols to govern the communication related tasks, for instance, at the application layer, protocols utilized for message transmissions are Constrained Application Protocol (CoAP) (Bormann et al., 2012), Message Queue Telemetry Transport (MQTT) (D’Locke, 2010), Advanced Message Queuing Protocol (AMQP) (Standard OASIS, 2012), Extensible Messaging and Presence Protocol (XMPP) (P. Saint Andre, 2011), etc.

Among the IoT applications, e-health is considered as one of the most promising applications for in-home observing and treating patients remotely. E-health defined as the combination of health science and information technology plays an important role to cater significant health benefits to individuals (Colesca and Dobrica, 2009). Miniature nodes equipped with sensing capabilities are implanted in or around patient’s body in order to monitor his/her health parameters. These parameters are transmitted to medical consultants for treatment and to cloud for storage and analysis purposes (Chiuchisan et al., 2014). Extensive research employing Internet of Things in e-health has recently been stated (Chiuchisan and Geman, 2014). Population aging and increase of survival chances from disabling ailment needs continuous observation of patients which antedates emergency circumstances, thereby provisioning the quick and effective involvement of health teams (Dohr et al., 2010). IoT presents inconspicuous and cost-effective solution to e-health applications, however IoT deployment in e-health paradigm is hindered if security and privacy concerns for Electronic Patient Records (EPR) are not addressed properly. (Li et al., 2010; Tim et al., 2010) demonstrated that IoT based e-health is more vulnerable to security attacks as compared to other IoT applications. Since, health related data is private in nature and any leakage in the confidentiality of health data deters patients from adopting e-health solutions. For example, most of the people would not want their medical details like pregnancy stages or other confidential health details be known to general public. Therefore, strong care needs to be taken against securing EPR from network attacks, viz. eavesdropping and data modification. Such attacks can cause incorrect medical treatments or even defer an emergency situation. Therefore, it is important to implement security protocols to overcome these attacks.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2020): 3 Released, 1 Forthcoming
Volume 10: 4 Issues (2019)
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing