Abstract
Medical IoT is a collection of devices and applications that are connected to healthcare systems via the Internet. Wearable devices and body sensors are used to track individuals’ medical conditions. The collected data is processed, analyzed, and stored in the cloud platforms to provide healthcare services. The data does not only include personal information like users’ identity and location but also consists of sensitive information such as mental status, drug addiction, sexual orientation, and genetics. Therefore, preserving an individual’s privacy remains a huge challenge for IoT service providers. The existing techniques significantly reduce the originality of data which affects the application’s efficiency. Therefore, in this paper, we propose the idea of using blockchains and smart contract to preserve privacy while obtaining data usability.
You have full access to this open access chapter, Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
Medical Internet-of-Things (MIoT) refers to the wide range of IoT sensors, devices and applications that are specifically designed for the healthcare industry. According to the latest forecast, MIoT’s worth is estimated to rise to \(\$534.3\) Billion by 2025 [1]. Remote healthcare monitoring, mobile health, tracked indigestible sensors, and remote clinical trials are few of the successful MIoT use-cases. MIoT is envisioned to improve the safety and health of the general public by monitoring and transmitting real-time data about individuals. It also allows healthcare to be provided in a distributed manner where patients and their doctors no longer need to be present in an office to monitor vital health data.
The system architecture of MIoT consists of four layers including, body area network layer, connectivity layer, data layer and service layer as shown in Fig. 1 shows. Lightweight wearables are worn and attached on individual’s body to collect information about their physical conditions and health status. This data is gathered in real-time which is further transmitted, processed, analysed and stored in centralized servers. It should be noted that the data collected by the sensors may include very sensitive data such as genetics, sexual functioning, drug addictions and patient’s location. Therefore, patients’ privacy should be preserved in all cases. The subscribers of MIoT applications should be in control of their personal data. They should be aware of what data is being collected, where it is being stored, how it is processed and who is able to access or share it.
General Data Protection Regulation (GDPR) has introduced a penalty of $20 million over violating individuals’ rights related to their personal information. Therefore, recently there is a lot of ongoing research to provide privacy protection for data collected by IoT devices. The three prominent solutions include homomorphic encryption [2], anonymization [3] and differential privacy [4]. However, these solutions introduce time delay and reduce the originality of the data. Furthermore, the existing methods have narrow application scope as they are applicable only to a specific scenario or process. Therefore, a holistic privacy preservation technique for MIot applications that has minimum processing delay and maintains data originality remains a great challenge.
Blockchain can be introduced as a digital decentralized ledger that allows users to exchange data in distributed manner [5]. Blockchain facilitates users to exchange digital transactions without relying on a third parties. It facilitates various security features, such as integrity, confidentiality, accountability, and audit-ability [6]. In this paper we have propose a novel technique to preserve privacy of MIoT data using block chains and smart contract. The model allows patients to encrypt their medical data before uploading to the cloud server. The hash of each data packet is used as the index to locate data packets from cloud server. Theses hashes are securely stored in the smart contract. Further it also facilitates patients to execute their access policy by storing them in their smart contracts.
The rest of the paper is structured as follows: Firstly, the existing privacy preservation techniques are described in Sect. 2 highlighting their limitations and drawbacks. Secondly, the importance of privacy preservation is described in Sect. 3. Thirdly, Sect. 4 presents the privacy preservation framework using blockchains and smart contracts. Lastly, we offer our conclusions and recommendations for future work in Sect. 5.
2 Privacy Preservation Techniques
In this section, we present the three most widely used privacy preservation techniques available in literature, namely: encryption, anonymisation and differential privacy. Table 1 provides a summary of their benefits and limitations.
2.1 Homomorphic Encryption
Homomorphic encryption facilitates personal data sharing without worrying about data leakage [2]. This is ensured by facilitating computations to be executed directly on encrypted data. Although homomorphic techniques are considered as a powerful tool to secure and protect user privacy, these techniques are computationally very expensive as they have a very high latency rate. Homomorphic encryption usually takes 2–5 s per operation [2]. Therefore, these techniques need to improve their efficiency, before being used in IoT environments. Moreover, they are also prone to data inference attacks which involves the recovery of key used for encryption.
2.2 Anonymization
Anonymization and Pseudonmizaiton techniques are used disconnects data identifiers from data records. After applying these techniques the data such as names, gender, or identification numbers are no more related to the data subject. Different techniques such as k-anonymization, l-diversity and t-closeness [3], are used in literature for guaranteeing privacy preservation. However, these techniques have two major drawbacks. Firstly, they are vulnerable to de-anonymization attacks where data anonymization process is traced to reveal personal information. Secondly, these techniques limit the usability of the data as the anonymized data can no longer be used to derive value as compared to the original data.
2.3 Differential Privacy
Differential privacy is a computational technique based on the perturbation approach. It is implemented by adding noise to the data in order to preserve privacy. By doing this no user can access the real data except their owners [4]. Based on the sensitivity of their personal data the users can control the amount of noise they want to insert into their data. However, differential privacy strategy in some cases cause inaccuracy. Increasing the amount of noise impacts data precision. The data distribution can be deduced using statistical inference attacks.
3 General Data Protection Regulation
Regulations and policies to protect personal data are required to protect the sensitive and private nature of data in MIoT applications. Many countries have started regulating data protection and privacy laws. In European Union GDPR is the set of latest regulation on data protection and privacy [7]. The GDPR contains provisions and requirements to protect individuals’ rights related to personal information. The organisations in breach of GDPR will have to pay a huge penalty. The GDPR revolves around eight fundamental rights that are given to individuals:
-
i.
The right to access: Allow users to request access to their personal data.
-
ii.
The right to be forgotten: Allow users to have their data deleted if they are no longer customers of the service provider.
-
iii.
The right to data portability: Allow users to move their data from one service provider to another.
-
iv.
The right to be informed: Allow users to remain informed about the data being gathered by service provider.
-
v.
The right to have information corrected: Allow users to have their data updated.
-
vi.
The right to restrict processing: Allow users to request that their data is not used for processing.
-
vii.
The right to object: Allow users to stop the processing of their data for direct marketing.
-
viii.
The right to be notified: Allow users to be informed within 72 h if their personal data is breached.
According to many security surveys [6, 8] conducted, there is a lack of researches in aforementioned privacy principles covered by GDPR. In literature privacy is generally confused with security, were secure solutions are often wrongly claimed to preserve privacy. Existing solutions mostly focus on security services such as integrity, confidentiality, authentication and access control. Privacy is generally under looked in processes of data collection, storage and retrieval. Therefore, there is an immediate requirement to have a effective privacy preservation solution suitable for MIoT applications.
In order to comply with the GDPR laws and regulations, a holistic privacy preservation solution is essential for MIot applications. Holistic privacy preservation covers three aspects of privacy protection including i) control over data, ii) enforcement and iii) anonymization. Control over data facilitates individual’s authority over their personal data. They should be aware of what data is being collected, where it is being stored, how it is processed and who is able to access or share it. Enforcement refers to the privacy policies specified on how personal data can be processed in a secure manner by the service providers. Whereas, anonymization refers to techniques that the information is stored processed or used without being able to identify the subject.
4 A Novel Privacy Preservation Technique
In this section, we propose a novel approach to preserve privacy in MIoT applications by using blockchain. In order to implement access control policy we use smart contracts. The aim of the proposed model is to enable the exchange of data between patient and medical services in a secure and privacy enabled manner. Privacy of patient data is ensured in three ways. Firstly, the patients are provided control over their data where they can choose what type of data is collected and select the appropriate cloud service provider where they wish to store it. Secondly, they can enforce their own access control policy which allows them to decide who can access their data at particular times. Thirdly, the data being stored in the cloud is anonymized and encrypted so that the cloud provider cannot misuse or process it.
For our proposed solution we introduce five entities namely patient, medical service, data server, blockchain and smart contract. Patient is the data owner who’s smart phone accumulate data from different wearables and generates data packets. Medical services on the other hand are the data consumers such as hospital, ambulance, doctor, medical practitioners and medical research center that require data from patient in order to provide their services. The data server is owned by cloud service provider which is responsible for storing data packets of patients. A consortium blockchain system is used where a multi signature scheme is applied to mine the block in the network. The block validation and consensus is controlled by a responsible trusted group. Smart contract consists of the access policy defined by the patient. The address of each smart contract is known by patient and is shared with medical services. The patient stored the hash of the data generated in the smart contract. Therefore, the smart contract have following four functions:
-
AddPolicy(): This function is called by the patient to add a new access control policy
-
UpdatePolicy(): This function allows to update the existing policy to a new policy.
-
SetHash(): This function is called by patient to upload the hash of data packets in the blockchain.
-
AccessControl(): This function is called by the medical services in order to access patients data.
The proposed model allows medical services to access patient’s data from the data cloud server in an privacy enabled manner. The proposed model is shown in Fig. 2. There are total of 12 steps to be followed which are listed as follows:
-
1.
Smart contract is published by the patient in the blockchain.
-
2.
Contract address of the deployed smart contract is returned to the patient.
-
3.
Data is collected from sensors and each data packet formed is encrypted.
-
4.
Hash of each data packed is created.
-
5.
The computed hash is attached to the corresponding encrypted data packet and uploaded to the data server.
-
6.
The computed hash of each data packet is also uploaded to patient’s smart contract.
-
7.
Medical service request access of patient’s data.
-
8.
Patient sends the contract address.
-
9.
Medical service calls the smart contract and gets all the hash of encrypted data as per mentioned policy.
-
10.
Medical service uses these hashes as identifiers to get encrypted data packets from the data server of patient.
-
11.
Patient sends the secret key to data consumer using the diffie-hellman agreement protocol.
-
12.
Medical service decrypt the data takes the hash and compare it with the received hash from service provider.
The patient can upload access policy using smart contract function AddPolicy(). It can further update the policy by using AddPolicy() function. The patient smart phone collects data from MIoT devices and sensors. Each packet is identified as \(P_i\) where i is positive integers. Each data packet is encrypted using AES algorithm having a secret key \(K_p\) to produce cipher-text \(C_i\). The data packet \(P_i\) is hashed using SHA 256 algorithm to form the message digest \(h_i\). The \(h_i\) is attached to the corresponding \(C_i\) and uploaded to the cloud. The data cannot be misused as it is encrypted. Moreover it cannot be accessed by any unauthorized person as the hash of all data packets owned by the patient should be known. The mechanism also ensures Anonymization as it cannot be identified who the data packet belongs to. Only the authorized person who knows the hash can locate the data packets from data server. The \(H_i\) is also uploaded to the smart contract using the SetHash() function.
When the medical service provider wants to access user data it gets the smart contract address from the patient. Then it calls his/her smart contract published in the block chain using the function AccessControl(). According to the stated policy set by the patient the appropriate hashes of the data. These hashes can then be used by the medical service to located and extract encrypted packets from the data server. In order to decrypt the data packets the Symmetric key \(K_p\) is exchanged between patient and medical service using diffie-hellamn key exchange protocol is a safe and secure manner. Firstly it is used to decrypt the data packet then the plaintext hash is calculated and compared with the hash received from the blockchain. If they are same then it is ensured that the data is in its original form.
In our proposed solution the privacy is ensured by the following features:
-
Anonymity: Patient generates a hash of each data packet that is used as an identifier for downloading that data packet. Therefore, anonymization is achieved as each data packet stored in the cloud remains anonymous and cannot be linked to the patient unless the hashes of each packet is known.
-
Encrypted Data: The original data packets are encrypted and stored in the cloud server. In this way the limited storage capacity of blockchain is solved and any leakage of medical information is avoided. Symmetric encryption ensures the confidentiality whereas hashes stored ensures the integrity of data.
-
Access Control: Patients have complete control over their data. They can publish their own access control policy in their smart contract. Only authorized medical services can get access. The data access permissions for each patients are preset in their smart contracts.
-
Tamper proof: The hashes of data packets are reserved in a tamper-proof blockchain using smart contract, which cannot be modified. Each node has a copy of transaction record which facilitates single-point-of-failure in the network.
5 Conclusion
In this paper, we propose a novel blockchain-based privacy preservation solution for MIoT applications. The proposed mechanism allows the patients to have complete control over their own data. It further facilitates the data consumers to access patient’s data without risking their privacy. The model can be used to protect individuals’ rights associated with their personal data standardised by GDPR. In our proposed system, patients’ data collected by IoT sensors is packetised and encrypted before uploading to the cloud data server. The hash of data packet is used as the index to extract the data packet from the data server. The indexes are stored in tamper-proof smart contact over blockchains. The smart contract also contains the access control policy defined by the patient in order to protect their data from unauthorised access. As future work, we intend to work on defining the access control policy for MIoT in smart contracts.
References
Market Research Report: Internet of Things (IoT) in Healthcare Market Size, Share & Trends Analysis Report By Component, By Connectivity Technology, By End Use, By Application, And Segment Forecasts, 2019–2025. Technical report (March 2019)
Zhou, H., Wornell, G.: Efficient homomorphic encryption on integer vectors and its applications. In: Information Theory and Applications Workshop (ITA), vol. 2014, pp. 1–9 (2014)
Zigomitros, A., Casino, F., Solanas, A., Patsakis, C.: A survey on privacy properties for data publishing of relational data. IEEE Access 8, 51071–51099 (2020)
Hassan, M.U., Rehmani, M.H., Chen, J.: Differential privacy in blockhain technology: a futuristic approach. arXiv arXiv:1910.04316 (2020)
Belotti, M., Božiç, N., Pujolle, G., Secci, S.: A vademecum on blockchain technologies: when, which, and how. IEEE Commun. Surv. Tutor. 21(4), 3796–3838 (2019)
Cha, S., Hsu, T., Xiang, Y., Yeh, K.: Privacy enhancing technologies in the internet of things: perspectives and challenges. IEEE IoT J. 6(2), 2159–2187 (2019)
IT Governance Privacy Team: EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide - Second edition. IT Governance Publishing (2017). http://www.jstor.org/stable/j.ctt1trkk7x
Li, C., Palanisamy, B.: Privacy in internet of things: from principles to technologies. IEEE IoT J. 6(1), 488–505 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Alamri, B., Javed, I.T., Margaria, T. (2020). Preserving Patients’ Privacy in Medical IoT Using Blockchain. In: Katangur, A., Lin, SC., Wei, J., Yang, S., Zhang, LJ. (eds) Edge Computing – EDGE 2020. EDGE 2020. Lecture Notes in Computer Science(), vol 12407. Springer, Cham. https://doi.org/10.1007/978-3-030-59824-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-59824-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-59823-5
Online ISBN: 978-3-030-59824-2
eBook Packages: Computer ScienceComputer Science (R0)