Abstract
Mobile patient monitoring systems monitor and treat chronic diseases by collecting health data from wearable sensors through mobile devices carried out by patients. In the future, these systems may be hosted by a third-party service provider. This would open a number of security and ID privacy issues. One of these issues is the inference attack. This attack allows a single service provider from inferring the patient’s identity by collecting a number of contextual information about the patient such as the pattern of interaction with the service provider. Thus a security and ID privacy mechanisms must be deployed. In this paper, we propose a framework called Secure and Privacy-Preserving Data Collection (SPDC) that allows the patient to encrypt the data and then upload the encrypted data on different service providers rather than one while allowing an anonymous linkage for the patient’s data which are scattered across different service providers. In this framework, each patient is allowed to select the service providers involved in the data collection, assigns one as the home while the others consider foreign. The patient uses the foreign to upload data while the home is responsible for anonymously collecting the patient’s data from multiple foreign service providers and deliver them to the healthcare provider. This framework also shows a novel mechanism to conduct anonymous authentication across different distributed service provides. The framework has been analyzed against the specified design requirements and security threats.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015)
Islam, S.R., Kwak, D., Kabir, M.H., Hossain, M., Kwak, K.-S.: The internet of things for health care: a comprehensive survey. IEEE Access 3, 678–708 (2015)
Paliwal, G., Kiwelekar, A.W.: A comparison of mobile patient monitoring systems. In: Huang, G., Liu, X., He, J., Klawonn, F., Yao, G. (eds.) HIS 2013. LNCS, vol. 7798, pp. 198–209. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37899-7_17
Pawar, P., Jones, V., Van Beijnum, B.-J.F., Hermens, H.: A framework for the comparison of mobile patient monitoring systems. J. Biomed. Inform. 45(3), 544–556 (2012)
Microsoft reporter: The NHS is about to take an ‘important’ step into the cloud, says microsoft, January 2018. https://news.microsoft.com/en-gb/2018/01/19/the-nhs-is-about-to-take-an-important-step-into-the-cloud-says-microsoft/
Kemp, R.: Legal aspects of cloud security. Comput. Law Secur. Rev. 34(4), 928–932 (2018)
Chen, M., Qian, Y., Chen, J., Hwang, K., Mao, S., Hu, L.: Privacy protection and intrusion avoidance for cloudlet-based medical data sharing. IEEE Trans. Cloud Comput. (2016)
Lounis, A., Hadjidj, A., Bouabdallah, A., Challal, Y.: Secure and scalable cloud-based architecture for e-health wireless sensor networks. In: 2012 21st International Conference on Computer Communications and Networks (ICCCN), pp. 1–7. IEEE (2012)
Layouni, M., Verslype, K., Sandıkkaya, M.T., De Decker, B., Vangheluwe, H.: Privacy-preserving telemonitoring for eHealth. In: Gudes, E., Vaidya, J. (eds.) DBSec 2009. LNCS, vol. 5645, pp. 95–110. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03007-9_7
Mtonga, K., Yang, H., Yoon, E.-J., Kim, H.: Identity-based privacy preservation framework over u-healthcare system. In: Park, J.J.J.H., Ng, J.K.-Y., Jeong, H.Y., Waluyo, B. (eds.) Multimedia and Ubiquitous Engineering. LNEE, vol. 240, pp. 203–210. Springer, Dordrecht (2013). https://doi.org/10.1007/978-94-007-6738-6_26
Gope, P., Hwang, T.: BSN-care: a secure IoT-based modern healthcare system using body sensor network. IEEE Sens. 16(5), 1368–1376 (2016)
Simplicio, M.A., Iwaya, L.H., Barros, B.M., Carvalho, T.C., Näslund, M.: SecourHealth: a delay-tolerant security framework for mobile health data collection. IEEE J. Biomed. Health Inform. 19(2), 761–772 (2014)
Marin, E., Mustafa, M.A., Singelée, D., Preneel, B.: A privacy-preserving remote healthcare system offering end-to-end security. In: Mitton, N., Loscri, V., Mouradian, A. (eds.) ADHOC-NOW 2016. LNCS, vol. 9724, pp. 237–250. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40509-4_17
Wang, G., Lu, R., Guan, Y.L.: Achieve privacy-preserving priority classification on patient health data in remote eHealthcare system. IEEE Access 7, 33 565–33 576 (2019)
Boussada, R., Hamdane, B., Elhdhili, M.E., Saidane, L.A.: Privacy-preserving aware data transmission for IoT-based e-health. Comput. Netw. 162, 106866 (2019)
Perez, B., Musolesi, M., Stringhini, G.: You are your metadata: identification and obfuscation of social media users using metadata information. In: Twelfth International AAAI Conference on Web and Social Media (2018)
Liang, X., Lu, R., Chen, L., Lin, X., Shen, X.: PEC: a privacy-preserving emergency call scheme for mobile healthcare social networks. J. Commun. Netw. 13(2), 102–112 (2011)
Lin, X., Lu, R., Shen, X., Nemoto, Y., Kato, N.: SAGE: a strong privacy-preserving scheme against global eavesdropping for eHealth systems. IEEE J. Sel. Areas Commun. 27(4), 365–378 (2009)
Wang, C.-H., Liao, M.-Z.: Security analysis and enhanced construction on ECDLP-based proxy blind signature scheme. Int. J. E-Educ. E-Bus. E-Manag. E-Learn. 4(1), 47 (2014)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Aljohani, T., Zhang, N. (2020). A Secure and Privacy-Preserving Data Collection (SPDC) Framework for IoT Applications. In: Rashid, A., Popov, P. (eds) Critical Information Infrastructures Security. CRITIS 2020. Lecture Notes in Computer Science(), vol 12332. Springer, Cham. https://doi.org/10.1007/978-3-030-58295-1_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-58295-1_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58294-4
Online ISBN: 978-3-030-58295-1
eBook Packages: Computer ScienceComputer Science (R0)