Privacy in Internet of Healthcare Things
Mohammad Wazid and Ashok Kumar Das
Introduction
The Internet of Things (IoT) has opened up numerous possibilities in the healthcare domain. The Internet of Healthcare Things (IoHT) is a specialized version of IoT that consists of uniquely identifiable healthcare devices connected to the Internet. It helps in the localization and gathering of real-time information. Furthermore, it provides remote or automatic management of resources. When connected to the Internet, the medical devices can collect important data that give extra insight into the symptoms and trends. It further enables remote care facilities, and generally provides patients additional control over their lives and treatment. The healthcare industry is now growing rapidly. As the healthcare services are costly than ever, the world’s population is ageing and the number of chronic diseases is going to increase day by day. The use of technology cannot stop people from ageing or getting affected by chronic diseases. However, it can at least make healthcare accessible and cheaper on the pocket. Health diagnosis absorbs the biggest share of the hospital bills. The use of technology can move the routines of medical checks from the hospital (i.e., from a hospital-centric approach to the home of the patient). In addition, IoHT helps to establish mutual hope as it permits the medical centres to operate more competently, and the patients to receive ameliorated treatment. With the use of IoHT methods, there are tremendous benefits that can improve the efficiency and quality of treatment, and also patients’ health accordingly [1].
Architectures Related to IoHT
In this section, we discuss the following possible architectures related to an IoHT communication environment.
Introduction
• Generic architecture of IoHT: A generic form of the IoHT communication environment is provided in Figure 5.1. It consists of different types of
smart healthcare devices, for example, smart pacemakers (implanted into the body of a patient) and smart wearable medical devices. These devices can monitor and send the data to the cloud servers for further processing, analysis and storage. The scenario also contains different types of users (i.e., doctor, laboratory staff, nursing staff and relative of a patient). The users are interested in accessing the health data (i.e., data of a patient). For such purposes, the users first have to follow the steps of a “user authentication and key agreement protocol” [2, 4-9] to access the data securely through the established session keys with the devices.
• Fog-based architecture of IoHT: The generic architecture of an IoHT communication environment discussed in Figure 5.1 has some limitations as it is not delay-efficient. For that purpose, another architecture has been proposed in Figure 5.2. It introduces another layer of servers (i.e., fog server) in between the end devices (i.e., smart healthcare devices) and the cloud servers. Each healthcare device is connected with the fog servers, and it can send the sensed and monitored data to their nearby fog servers. The fog servers are connected with the cloud servers as well as with different types of users (i.e., doctors, nurses and relatives of some patients). The data that are frequently needed by the users are then processed and stored at the fog servers. Therefore, users can access the data from the fog servers after completing the steps of the “user authentication and key agreement
![Fog-based architecture of IoHT (adapted from [3, 10])](/htm/img/14/2143/44.png)
FIGURE 5.2 Fog-based architecture of IoHT (adapted from [3, 10]).
process” through the established session keys. The data which are not frequently required can be stored in the cloud servers. In this architecture, different types of “mutual authentication and key agreement” mechanisms are essential. For example, a mutual authentication and key agreement between fog servers and cloud servers, fog servers and smart healthcare devices, and fog servers and users. In this current era of computing, such architecture is highly recommended as it is flexible and delay efficient [3, 6, 9-11].
Advantages of IoHT
IoHT has several advantages over traditional healthcare practices. Some of them are discussed below [1, 11, 12].
- • Real-time monitoring: Real-time monitoring through the connected smart healthcare devices can save lives in case of a medical emergency (for example, heart attack, asthma attack and diabetic shock). In real-time monitoring of the health condition, smart healthcare devices are connected to smartphone applications. These devices collect the health data of the patients and use the smartphone applications to transfer collected health data to the concerned medical practitioner (i.e., a cardiac surgeon). The health data of the concerned patient can be stored in the cloud server(s) which can be further shared with an authorized user (i.e., a doctor, the staff of an insurance company and laboratory staff), which provides them access to the collected healthcare data from anywhere at any time.
- • End-to-end connectivity: IoHT automates the whole healthcare process through “healthcare mobile methods” and “other use of advanced technologies.” It allows “machine-to-machine communication,” “interoperability,” “information exchange” and “data transfer” which make healthcare service delivery effective. It uses different communication protocols (i.e., Bluetooth, Wi-Fi and ZigBee), which change the way healthcare experts detect the presence of various diseases. The use of technology may cut down the treatment costs and unnecessary clinic visits along with the better utilization of the available resources which further helps in better healthcare planning.
- • Healthcare data storage and analysis: The healthcare devices may send huge amounts of data in a short duration of time which are difficult to store and manage locally. This seems feasible through the use of powerful servers (i.e., cloud servers). Therefore, healthcare data storage and analysis are a tough task. However, a smart IoHT system can monitor and analyse the data in real-time and reduce the requirements of storing the data in the cloud servers. This further speeds up the decision-making process as it is essentially needed in critical health conditions. Moreover, it also provides alerts to the concerned medical staff in case of life-threatening circumstances.
- • Remote healthcare facilities: In case of an emergency, patients can communicate with the concerned medical staff (i.e., doctors), who may be located miles away, with the help of smartphone applications. With such mobile solutions, the medical staff instantly can check the patient’s health condition to identify his/her illness as quickly as possible. Furthermore, the doctors can prescribe medicines to the patients, which can be delivered to them through the connected medicine delivery partners. This process reduces the number of visits to the hospital and also cuts down the overall healthcare expenses.
Outline
The rest of this chapter is organized as follows. The important applications relevant to an IoHT environment are discussed in Section 5.2. The privacy issues in IoHT are discussed in Section 5.3. The threat model, security and privacy requirements and the associated attacks in IoHT are explained in Section 5.4. A comparative analysis of privacy-preserving security protocols related to the IoHT environment is also provided in Section 5.5. Finally, the chapter is concluded in Section 5.6.
Applications of IoHT
IoHT can be applied to provide different types of facilities related to the healthcare industry. Some of the potential applications of IoHT are highlighted below [1, 11-15].
Remote Monitoring of Patients
Sometimes patients have to be re-admitted to the hospital after medical treatment due to a lack of monitoring [8]. Emergency medical cases also cause challenges. Remote monitoring of a patient is possible through the involvement of IoT and associated technologies. For example, wearable healthcare devices can monitor the health of the patient throughout the whole day and accordingly notify the concerned doctor as the situation requires. It helps “underprivileged rural people” who do not have access to expert doctors. The proper guidance and on-time treatment of expert doctors can reduce the overall death rate in rural areas. Moreover, it also reduces the expenses of travel as well as hospitalization.
Hospital Operations Management
Sometimes it becomes very difficult for doctors to inspect multiple patients at the same time. It helps to provide quick responses to the patients from the concerned medical stafffs). This kind of problem can be resolved through the use of IoHT applications. The regular cost of medical equipment can be reduced by monitoring patients’ current conditions regularly. IoHT smart devices can be deployed in hospitals to check the expiry dates of equipment. Therefore, hospital authorities can be notified in case of outdated equipment. Moreover, doctors will be able to know the current locations of the required equipment within the required duration of time. IoHT smart devices and applications are then helpful to detect the cleanliness of the hospital and the working staff. Thus, it is clear that IoHT helps in the smooth overall management of hospital operations.
Treatment and Detection of Diseases
IoHT can be used in the treatment and detection of other diseases, such as diabetes, asthma, hearing impairment, cancer and many more. For the monitoring of diabetes patients, wearable devices or embedded body sensors are used. These devices can continuously monitor the level of blood sugar and alert in case of increased levels of blood sugar. This further reduces the risk of hyperglycaemia. Similarly, IoHT helps to reduce the cases of “asthma attacks.” Asthma can be controllable by the use of an inhaler. A patient can realize the symptoms of an asthma attack a half an hour to eight hours before. A smart sensor connected to the inhaler of the patient can alert the patient in case of some triggering factors (for example, air pollution) to prevent the asthma attack. Some techniques to apply IoHT in the detection of “breast cancer” can be also proposed. As we know it is the second most dangerous disease for women after “lung cancer.” The methodology behind the detection of breast cancer is the use of “ITbra” which is a kind of wearable device. It is effective as compared to other detection methods. This cloth detects variations in temperature through the seven embedded sensors on breast tissue and notifies healthcare staff of the condition of the patient [13].
Remote Surgery
IoHT applications are useful in performing remote surgery through robots/robotic arms [16]. The robot/robotic arm performs surgical operations inside the body of the patient under the supervision and instructions of the surgeon(s). This procedure helps the surgeon(s) to perform the surgery remotely with more precision and control. This further helps to save many lives, especially in case of war time or natural disaster.
Secure Drug Supply Chain Management
From the starting point (production of drugs) to the usage of drugs by the patients, the supply chain management can be compromised or misused. Thus, drug supply chain management is another problem of this domain which can be resolved through the deployment of IoHT smart devices [17]. To resolve the issue, “smart tags” can be attached to the drug bags. These devices help in the proper distribution and monitoring of the drugs, especially protecting against the “counterfeiting of the medicines” [18]. The concerned authorities use “radio frequency identification (RFID)” tags to protect the drug bags against counterfeiting. If somebody tries to duplicate or counterfeit a bag, such an incident can be detected easily using the deployed “anti-coun- terfeiting mechanism.” It is further helpful in providing quality medicine to patients.
