A Public Key Authentication and Privacy Preserving Model for Securing Healthcare System

Abstract

Over the last few years, the medical Internet of Things (IoMT) has experienced numerous security challenges related to the monitoring of patient healthcare data. In IoT centric healthcare framework, connected clinical devices are more prone to severe security menaces and attacks against other network devices. Current solutions can ensure the patient’s information during data transfer to some extent but cannot avoid some of the advanced cyber-attacks like data leakage, collision attacks, and data integrity. Thus, this paper proposes an efficient privacy-preserving and public-key authentication model for securing IoT-based healthcare systems. An efficient public-key authentication system with access policy-based confidentiality is used to preserve privacy. In this proposed model, the patients stay in their homes, and their health assistance will send the sensor data using a mobile healthcare application. First, the patient must be registered with the corresponding hospital using patient credentials on the hospital website or mobile application. After getting the unique login id and successful login, sensed data is encrypted using the proposed method and securely uploaded to the hospital cloud server by generating an access policy. Then, in the hospital, the corresponding doctor can download the secured patient data with high confidentiality using the same access policy generated while uploading the health data from the hospital cloud server. The results gained from the experiments demonstrate a superior performance of the proposed mechanism over the existing methodologies, and it is evidenced to be more secure and efficient.

KEYWORDS:

• Access policy
• Authentication
• Confidentiality
• Healthcare
• Internet of Things (IoT)
• Privacy-preserving

Additional information

Notes on contributors

Sarbjeet Singh

Sarbjeet Singh is assistant professor, Department of Electronics and Communication Engineering at Sant Longowal Institute of Engineering and Technology, Longowal, Deemed-to-be-University, India. He did his BE from Punjab Technical University, Jalandhar, India, and post-graduation from Thapar University, Patiala, India. His area of interest is IoT security and privacy and wireless sensor networks.

Dilip Kumar

Dilip Kumar received the ME degree from the Panjab University, Chandigarh, India, in 2003 and the PhD degree from the M M University, Mullana, India, in 2010. In 2005, he joined the C-DAC, Mohali, India as a design engineer. He joined as associate professor at SLIET, Longowal, India, in February 2014. His current research interests include embedded systems, wireless sensor networks. He has published more than 60 research chapters in reputed international journals and conferences. Currently, he was the recipient of the 2015 Premium Award for Best Chapter in IET Wireless Sensor Systems. Email: [email protected].