We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy

Check Writers' Offers

What's Your Topic?

Hire a Professional Writer Now

The input space is limited by 250 symbols

What's Your Deadline?

Choose 3 Hours or More.
2/4 steps

How Many Pages?

3/4 steps

Sign Up and Get Writers' Offers

"You must agree to out terms of services and privacy policy"
Get Offer

Privacy Protection And Confidentiality In Medical IoT

Paper type: Essay
Pages: 12 (2796 words)
Categories: Network Security, Technology
Downloads: 35
Views: 4


The central issue of any IoT device is its security in sharing data. Different methods have been proposed for sharing of data from an IoT device. The range of security in these methods are different. This paper is a comparative study of these security schemes to determine which scheme allows the fastest and most accurate output. Our nd-ings indicate that attribute matching functions decrease the usage of keys and leads to efficient key management.

Bloom filters helps in easy addition and searching of the attributes and solves the trouble of complete re-initialization of attributes during updation. Attribute matching functions also reduce the need of large number of keys and is based on hashing of attributes to a specified position that enhances the security. The authenticated people whose attributes matches with the specified condition can upload and retrieve medical les whereas non-matching attribute holders may be able to request, but could not download the medical les or have access to its contents.

Since medical world is booming and the associated technology is advancing formerly protection of the data from tampering and its sharing to various terminals need security-enhancing methods and procedures which adds on the relevance of this work.

Keywords: IOT Attribute Bloom Filter Confidentiality Privacy at-tributes.


The security of medical IOT is a project undertaken for enhancing privacy pre-serving efficiency of a smart medical terminal that stores vital information. Typically and commonly used encryption methods (e.g.: AES) does not provide a ne grained access. The public key approach does not have one to many relations so a large number of keys are required for security as the number of users increase and key management becomes di cult. Traditionally we use attribute matching functions to retrieve and protect data which does not exhibit much efficiency. In many cases all attributes have to be collected and fed into the terminal and to add new one complete re-initialization have to be done. There is a chance that may get decrypted as it passes to the terminals, if ciphertext not produced soon.

This proposed work focuses upon solutions to these problems. Here we use the modern attribute-based encryption to increase efficiency and privacy of data sharing, where the ciphertext is accompanied by a ne grained access control data structure. Here we use a set of attributes instead of keys. Users take partially decrypted data from terminals and the set of their matching attributes in the cipher helps to completely decrypt data which provides additional security. Bloom filters are used which is based on hashing that helps easy retrieval and security of data. Due to bloom filters, initially, you need not add every single attribute. Instead, you can add it at any stage without complete re-initialization unlike the old attribute matching function.

Medical data is increasing at an alarming rate and has really sensitive con-tents which needs secure mechanisms for transmission and processing. The work was initially implemented using AES but reached to a conclusion that the CP-ABE algorithm is much suited for the work and since there is involvement of storage and processing in cloud platform, Java was found to be suitable. The main focus was cast upon usage of attributes instead of keys that created confusions and problem of management. Matching of attributes were considered for granting and rejecting access.

Section I gives a general introduction to the area of research and the various motivations that led to the proposal. Section II and III discusses the brief literature survey done and the comparison of the existing methodologies. Section IV deals with the proposed idea. Section V illustrates the work ow of different modules. Section VI discusses the design diagrams. Section VII shows the expected result from the proposed idea. Section VIII and IX deals with the conclusion and idea of enhancement for the proposed solution.

Literature Survey

Security in the Internet of Things

Internet of Things (IOT) is a new network that uses wireless sensor connections and radiofrequency identification (RFID) to achieve overall perception of information, reliable transmission and smart processing through wireless network and technology. Therefore, the protection of privacy and security is a key feature of IOT[1]. This security concerns tag information (RFID), wireless communications information security, information security, privacy, and security processing.

Security Model for IoT

Proposed an integrated and interrelated security, trust, privacy prospect and selects a cube structure[3] as a modeling mechanism for IoT security, trust and privacy. The cube structure depicts security, confidence and privacy convergence. Privacy consists of privacy of the respondent, privacy, ethical, and laws of the owner. The security consists of licensing, identification and authentication. The trust foundation of IoT is the integrity, non-repudiation and availability. Beliefs, delegation, recommendation and reputation together.

IoT Device Security Based On Proxy Re-encryption

In this paper, they propose an IoT network environment in which information is collected and processed from dozens of sensor nodes. In this environment, through communication with the server, each node shares its information with nodes at different locations, which acts as an order to secure the scalable data. If the proxy re-encoding schemes are used as proposed, n re-encoding keys are created by each node and sent to the proxy server. The proposed protocol provides a structure through which a large number of different data can be accessed safely and efficiently, including user personal information that requires high confidentiality. The additional calculation compared to the polynomial equation.

A Lightweight and Flexible Encryption Scheme to Protect Sensitive Data in Smart Building Scenarios

A Lightweight and Flexible Encryption Scheme for Protecting Sensitive Data in Smart Building Scenarios[4 ], this paper introduces an encryption scheme based on the lightness of symmetric cryptography and attribute-expressiveness based on encryption. This proposal combines the lightness and efficiency of symmetric key cryptography to protect data with the expressiveness and flexibility of the Ciphertext Policy Attribute-Based Encryption Scheme (CP-ABE) for distributing the appropriate symmetric keys. SymCpAbe provides a solution that is more efficient and flexible to protect sensitive data while maintaining scalability. To carry out these resources, it is not a mechanism for distributing CP-ABE encryption and decryption in various edge nodes-requiring cooperative cryptographic operations.

A Survey on Authentication Techniques for Internet of Things

Identification of a specific object in such a huge network of interconnected smart objects poses a fundamental task that influences all other system functions such as its governance, privacy features, access control, overall architecture. Traditional authentication methods like certificate-based are discussed. Most of traditional ones require complete change in protocols and cause key generation over-heads. Gateway, controller and central data store authentication architecture requires new hardware implementations. ID-based one was listed as the strongest one against various attacks. Overhead problems solved using access structure.

Identity-based authentication scheme for the Internet of Things

For addressing the heterogeneity in IOT devices and to integrate the wide rang-ing protocols of the network a common identity and authentication mechanism is necessary. Private and public keys of devices are not stored by Key Distribution Centre (KDC) and instead all the attributes / identities are stored. When a user log in and give their attributes it is checked with the stored attributes and only valid identification is permitted. Public key of a recipient is not needed in an identity-based encryption but can simply use identity for the purpose. Even the recipient need not hold the corresponding private key at the time when ciphertext is generated. Servers can be used for direct generation of the private key as their requirement and need not worry about public key distribution. The only thing required is a secure channel and an IBE server for private key transmission.

Authentication and Access Control in e-Health Systems in the Cloud

In this new environment, processing, storing, hosting and archiving data relating to e-Health systems without physical access and control increases the importance of authentication and access control issues. In our project access control structure is added with encrypted data into the cloud, which provides access only to authorized data owners and users. Achieves authentication and ne-grained access control

E-health care and hierarchical encryption

Based on de-duplication and hierarchical encryption, e-health care data sharing in the cloud. The e-healthcare system plays a major role in society. It monitors the health condition and helps provide adequate medical treatment. This system’s objective is to collect and store patient details and share health-related information. In this system, in terms of text and image, they send the PHI to the cloud, as well as other personal questions about their medical history. In cloud computing, the collected PHI should match physicians’ experience in judging the condition of the patient and, unfortunately, a series of security measures would be provided by delegating storage and computing to the untrusted entity. This is where duplication occurs. It is a technique for eliminating duplicate copies of data and has been widely used in cloud storage to reduce storage space and upload bandwidth.

Attribute-Based Encryption for Secure Sharing of E-Health Data.

Attribute-Based Encryption for Secure Sharing of E-Health Data. Cloud computing is a revolutionary computer paradigm that makes it possible to use a computer resources exibly, on-demand and at low cost. The reasons for security and protection problems arise because the health information of patients [2]. The active customers is stored on some cloud servers instead of under their own control. Various systems based on attribute-based encryption have been proposed to address security problems. In this paper, we use multi-party cloud computing systems to make health data safer. Where health data is encrypted using key policy and attributes. And the user with a specific attribute and key policy alone can decipher health data after veri cation by the “key distribution center” and the “secure data distributor.” In the medical eld, this technique can be used to securely store patient details and restrict access to an outsider. In order to secure the scalable data, the health data must be encrypted before outsourcing.

There are lots of methods for the data preserving in medical IoT. From the survey we analyzed that, for a group sharing the best choice is CP-ABE. Processing, storing, hosting and archiving data related to e-Health systems without physical access and control rises importance of authentication and access control issues in this new environment. In our project access control structure is added with encrypted data into the cloud, which provides access only to authorized data owners and users. It thus achieves authentication and ne-grained access control. Fine-grained authentication with access control. To decrease heavy computational and communication overhead on data owners, most of the process of authentication and access control is given to an AAM( authentication and access management).

Comparison of Existing Techniques

Confidentiality and privacy is important in the scenario of medical IOT.For a group sharing it is better to use Ciphertext based attribute-based encryption. It should ensure that only authorized people will get access data. Initially, algorithms like AES was implemented and checked, but is considered to be an old method that uses extra keys but with CP-ABE uses less number of keys.

Proposed Work

The main idea behind the work is to ensure a more secure and practical method for transmission and storage of medical data. Instead of using private and public keys preference was given to the usage of attributes. Single attributes are taken which involves designation of the person logging in. All registered members can log in and add con dential medical les in their respective accounts.

Person who wishes to retrieve these les can place a request for it from their respective account. Acceptance and rejection is done the request reciever and if by chance or accidentally request is permitted for an unauthenticated person, the le will be disabled for download. The security algorithm chosen is CP-ABE after checking upon AES method. CP-ABE is more suitable for works involving cloud platforms.

The medical data is proposed to be collected on a real-time basis from temperature and pulse sensors.ECG variations are also taken into account using potentiometer. Data collected from these hardwares are taken in as a CP-ABE le and then encryption is performed on it. On the occurence of tampering inside the cloud contents an alert notification is placed to inform the same.


The main focus of the project is to reduce the number of keys used as in other methods. Instead we use attributes to check the granting of access and to enhance security. Attributes used here is the designation of people or it can be any other factors assigned or selected, can be multiple in numbers which replaces the use of extra security keys for granting access.

The medical data sharing model involves entities like cloud server, attribute authority, data owner and data user. The cloud server is third party, which is used to store ciphertext and attribute bloom filter. The attributes are provided by attribute authority.

The scheme model involves these steps.

{ Initialization: This algorithm is executed by the authority attribute. Which takes a security parameter and generates output PK and MSK.PK is public key and MSK is Master Secret Key.

{ Key generation: Key generation is done using PK, MSK and user set S assignment that produces SK(secret key) as output for each user. : three encryption phases are created offine, online, and ABF.

Offine encryption: inputs the user’s public PK parameters and outputs an intermediate IT ciphertext.

Online Encryption: Sensors or smartphones are based on the public PK parameters, an intermediate ciphertext IT and the information m to be encrypted, as well as an access structure (M, ). Then output is a ciphertext CT.

ABF Build: The data owner takes an access structure (M, ) and generates the attribute of the bloom lter.

{ Decryption: ABFQuery and Dec have two subalgorithms.

ABFQuery: Inputs set S, ABF and PK attribution. The algorithm ABF-Query produces a reconstructed mapping attribute 0 = (rownum, att)S. The mapping shows the cascading of the corresponding row number of matrix M and all att level S attributes.

Dec: Inputs the SK, ciphertext CT and reconstructed mapping attribute 0, then returns message m if the access policy attributes can be fulfilled, otherwise the algorithm will be omitted.

In overall, the key is generated using the keygen values. The private key and the public key will be automatically generated for each user’s and is tied with the set of attributes which represents user’s permission. For encryption, both keys and attributes are provided so that security is enhanced.


Instead of using the public key approach which uses a large number of key pairs attributes were collected for each user which reduced the confusion and problems created by large number of keys. Extra level of security were ensured by applying online-offine encryption before installing the data to cloud. Access control structures were used to provide authentication. ABF Build were used to create attribute bloom filters which provided a particular position for storing the data by hashing and storing method. Hashing of attributes to a particular position enhanced the security of storage. With attribute bloom filters addition of new attribute at any stage of execution become easier and it does not require complete re-initialization of all the existing attributes when new ones are added.

Future Scope

The work has got a great relevance in the protection of vital medical information. Various encryption methods have been used at different stages for protecting the data. A modification can also be added, along with the medical images that were generated a video was tried to be compressed and encrypted

So that a person seeing the medical image cannot nd the presence of a vital data containing video inside it. This involves a higher level of protection of data.

Authors Suppressed Due to Excessive Length


Hui Suoa, Jiafu WanCaifeng ZouaPower :// Jianqi Liua Security in the Internet of Things International Conference on Computer Science and Electronics Engineering 2012

Sachin Babar, Parikshit Mahalle, Antonietta Stango, Neeli Prasad, and Ramjee Prasad Proposed Security Model and Threat Taxonomy for the Internet of Things (IoT) 2012

IoT device security based on proxy re-encryption “, Journal of Ambient Intelligence and Humanized Computing

A Lightweight and Flexible Encryption Scheme to Protect Sensitive Data in Smart Building Scenarios A lightweight and flexible encryption scheme to protect sensitive data in Smart Building scenarios “, 1Department of Information and Communication Engineering, University of Murcia, Murcia, Spain 2 FINCONS SpA, Bari, Italy

A Survey on Authentication Techniques for the Internet of Things: A Survey on Authentication Techniques for the Internet of Things/, July 2017

Identity-based authentication scheme for the Internet of Things 9-10 April 2016 Paper June 2016

Authentication and Access Control in e-Health Systems in the Cloud Paper 9-10 April 2016

E-health care and le hierarchical encryption: International conference on information, communication embedded systems (ICICES 2017)

Attribute-based encryption for secure sharing of E-health data: IOP Conf. Series: Materials Science and Engineering 263 (2017) 042030 doi:10.1088/1757-899X/263/4/042030

Cite this essay

Privacy Protection And Confidentiality In Medical IoT. (2019, Nov 20). Retrieved from https://studymoose.com/pdf-to-word-example-essay

How to Avoid Plagiarism
  • Use multiple resourses when assembling your essay
  • Use Plagiarism Checker to double check your essay
  • Get help from professional writers when not sure you can do it yourself
  • Do not copy and paste free to download essays
Get plagiarism free essay

Not Finding What You Need?

Search for essay samples now


Your Answer is very helpful for Us
Thank you a lot!