Skip to main content

Towards design and implementation of security and privacy framework for Internet of Medical Things (IoMT) by leveraging blockchain and IPFS technology


The Internet of Medical Things (IoMT) is the next frontier in the digital revolution and it leverages IoT in the healthcare domain. The underlying technology has changed the current healthcare system by collecting real-time data of patients and providing a patient motioning system. But IoMT also presents a big challenge for data storage management, security, and privacy due to cloud-based storage. Today, this large volume of IoMT generated medical data is stored in the centralized storage system. However, centralization of patient sensitive information leads to a single point of failure, privacy, and security concern. To address these issues, we propose a smart contracts enabled consortium blockchain network. We integrated interplanetary file systems (IPFS) cluster node where smart contracts are deployed at the initial stage for authentication of patient’s and medical devices, the same cluster layer is also proposed as a distributed data storage layer for device-generated data after authentication and these data are securely transmitted over the consortium blockchain. The IPFS cluster node ensures the security and authentication of the devices and it also provides secure storage management in IoMT enabled healthcare system. The consortium network enables the privacy of data owing to hash-based storage in a block of IoMT enabled healthcare network.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24
Fig. 25
Fig. 26


  1. 1.

    Statista Research Department, “Internet of things—number of connected devices worldwide 2015–2025,” Nov 27, 2016, [Online; accessed 11-May-2020].

  2. 2.

    Kotronis C, Routis I, Politi E, Nikolaidou M, Dimitrakopoulos G, Anagnostopoulos D, Amira A, Bensaali F, Djelouat H (2019) Evaluating Internet of Medical Things (IOMT)-based systems from a human-centric perspective. Internet of Things 8:100125

  3. 3.

    Digiteum, “Internet of medical things and medical software development,” 2020, [Online; accessed 5-June-2020].

  4. 4.

    Patel N (2017) Internet of things in healthcare: applications, benefits, and challenges,” Internet: Accessed 21 March 2019

  5. 5.

    deloitte, Medtech and the internet of medical things. 2018, [Online accessed 09-May-2020]. [Online].

  6. 6.

    Hofdijk J, Séroussi B, Lovis C, Sieverink F, Ehrler F, Ugon A (2016) Transforming healthcare with the internet of things. In: Proceedings of the EFMI Special Topic Conference 2016

  7. 7.

    Rodrigues JJ, Segundo DR, Junqueira HA, Sabino MH, Prince RM, Al-Muhtadi J, De Albuquerque VHC (2018) Enabling technologies for the internet of health things. IEEE Access 6:13129–13141

  8. 8.

    Alsubaei F, Abuhussein A, Shiva S (2017) Security and privacy in the internet of medical things: taxonomy and risk assessment. In: 2017 IEEE 42nd Conference on Local Computer Networks Workshops (LCN Workshops). IEEE, pp 112–120

  9. 9.

    Khalid U, Asim M, Baker T, Hung PC, Tariq MA, Rafferty L (2020) A decentralized lightweight blockchain-based authentication mechanism for IoT systems. Cluster Comput 1–21

  10. 10.

    Sun W, Cai Z, Li Y, Liu F, Fang S, Wang G (2018) Security and privacy in the medical internet of things: a review. Secur Commun Netw 2018

  11. 11.

    Fan S, Song L, Sang C (2019) Research on privacy protection in IoT system based on blockchain. In: International Conference on Smart Blockchain. Springer, pp. 1–10

  12. 12.

    Farouk A, Alahmadi A, Ghose S, Mashatan A (2020) Blockchain platform for industrial healthcare: vision and future opportunities. Comput Commun

  13. 13.

    Aileni RM, Suciu G (2020) IoMT: a blockchain perspective. In: Decentralised internet of things. Springer, Berlin, pp 199–215

  14. 14.

    Banerjee M, Lee J, Choo K-KR (2018) A blockchain future for internet of things security: a position paper. Digital Commun Netw 4(3):149–160

    Article  Google Scholar 

  15. 15.

    Aloqaily M, Al Ridhawi I, Salameh HB, Jararweh Y (2019) Data and service management in densely crowded environments: challenges, opportunities, and recent developments. IEEE Commun Mag 57(4):81–87

    Article  Google Scholar 

  16. 16.

    Laplante PA, Kassab M, Laplante NL, Voas JM (2017) Building caring healthcare systems in the internet of things. IEEE Syst J 12(3):3030–3037

    Article  Google Scholar 

  17. 17.

    Al-Turjman F, Nawaz MH, Ulusar UD (2019) Intelligence in the internet of medical things era: a systematic review of current and future trends. Comput Commun

  18. 18.

    Hathaliya JJ, Tanwar S (2020) An exhaustive survey on security and privacy issues in healthcare 4.0. Comput Commun 153:311–335

  19. 19.

    Mahmoud R, Yousuf T, Aloul F, Zualkernan I (2015) Internet of things (IoT) security: current status, challenges and prospective measures. In: 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST). IEEE 2015, pp 336–341

  20. 20.

    Aman MN, Chua KC, Sikdar B (2017) Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet of Things J 4(5):1327–1340

    Article  Google Scholar 

  21. 21.

    He D, Ye R, Chan S, Guizani M, Xu Y (2018) Privacy in the internet of things for smart healthcare. IEEE Commun Mag 56(4):38–44

    Article  Google Scholar 

  22. 22.

    Tewari A, Gupta B (2018) Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework. Future Gener Comput Syst 108:909–920

  23. 23.

    Yaacoub J-PA, Noura M, Noura HN, Salman O, Yaacoub E, Couturier R, Chehab A (2020) Securing internet of medical things systems: limitations, issues and recommendations. Future Gene Comput Syst 105:581–606

    Article  Google Scholar 

  24. 24.

    Abie H, Balasingham I (2012) Risk-based adaptive security for smart IoT in ehealth. In: Proceedings of the 7th International Conference on Body area Networks, pp 269–275

  25. 25.

    Savola RM, Savolainen P, Evesti A, Abie H, Sihvonen M (2015) Risk-driven security metrics development for an e-health IoT application. In: Information security for South Africa (ISSA). IEEE 2015, pp 1–6

  26. 26.

    Russell B, Garlati C, Lingenfelter D (2015) Security guidance for early adopters of the internet of things (IoT). White paper, Cloud Security Alliance

  27. 27.

    OWASP T, list 2013: Top\_10\_2013-Top\_10, 10

  28. 28.

    Alsubaei F, Abuhussein A, Shandilya V, Shiva S (2019) Iomt-saf: Internet of medical things security assessment framework. Internet of Things 8:100123

    Article  Google Scholar 

  29. 29.

    Islam SR, Kwak D, Kabir MH, Hossain M, Kwak K-S (2015) The internet of things for health care: a comprehensive survey. IEEE Access 3:678–708

    Article  Google Scholar 

  30. 30.

    Blowers M, Iribarne J, Colbert E, Kott A (2016) The future internet of things and security of its control systems. arXiv preprint arXiv:1610.01953

  31. 31.

    Mohsin M, Sardar MU, Hasan O, Anwar Z (2017) Iotriskanalyzer: a probabilistic model checking based framework for formal risk analytics of the internet of things. IEEE Access 5:5494–5505

    Article  Google Scholar 

  32. 32.

    Park KC, Shin D-H (2017) Security assessment framework for IoT service. Telecommun Syst 64(1):193–209

    Article  Google Scholar 

  33. 33.

    Perera C, McCormick C, Bandara AK, Price BA, Nuseibeh B (2016) Privacy-by-design framework for assessing internet of things applications and platforms. In: Proceedings of the 6th International Conference on the Internet of Things, pp 83–92

  34. 34.

    McMahon E, Williams R, El M, Samtani S, Patton M, Chen H (2017) Assessing medical device vulnerabilities on the internet of things. In: 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, pp 176–178

  35. 35.

    Zhang B, Zou Z, Liu M (2011) Evaluation on security system of internet of things based on fuzzy-AHP method. in 2011 International Conference on E-Business and E-Government (ICEE). IEEE, pp 1–5

  36. 36.

    Darwish S, Nouretdinov I, Wolthusen SD (2017) Towards composable threat assessment for medical IoT (MIOT). Proc Comput Sci 113:627–632

    Article  Google Scholar 

  37. 37.

    Alsubaei F, Abuhussein A, Shiva S (2018) A framework for ranking IOMT solutions based on measuring security and privacy. In: Proceedings of the Future Technologies Conference. Springer, Berlin, pp 205–224

  38. 38.

    Zhou J, Cao Z, Dong X, Lin X (2015) Ppdm: a privacy-preserving protocol for cloud-assisted e-healthcare systems. IEEE J Sel Top Signal Process 9(7):1332–1344

    Article  Google Scholar 

  39. 39.

    Ziglari H, Negini A (2017) Evaluating cloud deployment models based on security in EHR system. In: 2017 International Conference on Engineering and Technology (ICET). IEEE, pp 1–6

  40. 40.

    Sanz-Requena R, Mañas-García A, Cabrera-Ayala JL, García-Martí G (2015) A cloud-based radiological portal for the patients: It contributing to position the patient as the central axis of the 21st century healthcare cycles. In: IEEE/ACM 1st international workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity. IEEE 2015, pp 54–57

  41. 41.

    Deshmukh P (2017) Design of cloud security in the EHR for Indian Healthcare Services. J King Saud Univ-Comput Inf Sci 29(3):281–287

    Google Scholar 

  42. 42.

    Liu W, Liu H, Wan Y, Kong H, Ning H (2016) The yoking-proof-based authentication protocol for cloud-assisted wearable devices. Personal Ubiquitous Comput 20(3):469–479

    Article  Google Scholar 

  43. 43.

    Sun Y, Lo FP-W, Lo B (2019) Security and privacy for the internet of medical things enabled healthcare systems: a survey. IEEE Access 7:183339–183355

    Article  Google Scholar 

  44. 44.

    Haoyu L, Jianxing L, Arunkumar N, Hussein AF, Jaber MM (2019) An IOMT cloud-based real time sleep apnea detection scheme by using the SPO2 estimation supported by heart rate variability. Future Gener Comput Syst 98:69–77

    Article  Google Scholar 

  45. 45.

    Qureshi F, Krishnan S (2018) Wearable hardware design for the internet of medical things (IOMT). Sensors 18(11):3812

    Article  Google Scholar 

  46. 46.

    Han T, Zhang L, Pirbhulal S, Wu W, de Albuquerque VHC (2019) A novel cluster head selection technique for edge-computing based IOMT systems. Comput Netw 158:114–122

    Article  Google Scholar 

  47. 47.

    Kumar R, Tripathi R (2020) Secure healthcare framework using blockchain and public key cryptography. In: Blockchain cybersecurity, trust and privacy. Springer, Berlin, pp 185–202

  48. 48.

    Goyal TK, Sahula V (2016) Lightweight security algorithm for low power IoT devices. In: 2016 International Conference on Advances in Computing, Communications and Informatics (ICACCI). IEEE, pp 1725–1729

  49. 49.

    Chakravorty R (2006) A programmable service architecture for mobile medical care. In: Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW’06). IEEE

  50. 50.

    Barua M, Liang X, Lu R, Shen X (2011) ESPAC: Enabling security and patient-centric access control for Ehealth in cloud computing. Int J Secur Netw 6(2–3):67–76

    Article  Google Scholar 

  51. 51.

    Sultan A, Mushtaq MA, Abubakar M (2019) IoT security issues via blockchain: a review paper. In: Proceedings of the 2019 International Conference on Blockchain Technology, pp 60–65

  52. 52.

    Fotiou N, Polyzos GC (2016) Decentralized name-based security for content distribution using blockchains. In: 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, pp 415–420

  53. 53.

    Reddy AG, Suresh D, Phaneendra K, Shin JS, Odelu V (2018) Provably secure pseudo-identity based device authentication for smart cities environment. Sustain Cities Soc 41:878–885

    Article  Google Scholar 

  54. 54.

    Lee KC, Lee H-H (2004) Network-based fire-detection system via controller area network for smart home automation. IEEE Trans Consum Electron 50(4):1093–1100

    Article  Google Scholar 

  55. 55.

    Hammi MT, Hammi B, Bellot P, Serhrouchni A (2018) Bubbles of trust: a decentralized blockchain-based authentication system for IoT. Comput Secur 78:126–142

    Article  Google Scholar 

  56. 56.

    Al-Turjman F (2019) Security in IoT-enabled Spaces. CRC Press, Boca Raton

    Book  Google Scholar 

  57. 57.

    Hassija V, Chamola V, Saxena V, Jain D, Goyal P, Sikdar B (2019) A survey on IoT security: application areas, security threats, and solution architectures. IEEE Access 7:82721–82743

    Article  Google Scholar 

  58. 58.

    Zhang J, Wang Z, Yang Z, Zhang Q (2017) Proximity based IoT device authentication. In: IEEE INFOCOM 2017-IEEE Conference on Computer Communications. IEEE, pp 1–9

  59. 59.

    Wu M, Wang K, Cai X, Guo S, Guo M, Rong C (2019) A comprehensive survey of blockchain: from theory to IoT applications and beyond. IEEE Internet Things J 6(5):8114–8154

    Article  Google Scholar 

Download references

Author information



Corresponding author

Correspondence to Randhir Kumar.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Kumar, R., Tripathi, R. Towards design and implementation of security and privacy framework for Internet of Medical Things (IoMT) by leveraging blockchain and IPFS technology. J Supercomput 77, 7916–7955 (2021).

Download citation


  • Blockchain
  • IoMT
  • IPFS
  • Smart contract