scholarly journals Security and Privacy of Patient Information in Medical Systems Based on Blockchain Technology

2021 ◽  
Vol 17 (2s) ◽  
pp. 1-17
Author(s):  
Hongjiao Wu ◽  
Ashutosh Dhar Dwivedi ◽  
Gautam Srivastava
Keyword(s):  
Access Control ◽  
Private Information ◽  
Control Process ◽  
Transmission Efficiency ◽  
Information Storage ◽  
Security And Privacy ◽  
Medical Systems ◽  
Bandwidth Utilization ◽  
Maximum Information ◽  
Blockchain Technology

The essence of “blockchain” is a shared database in which information stored is un-falsifiable, traceable, open, and transparent. Therefore, to improve the security of private information in medical systems, this article uses blockchain technology to design a method to protect private information in medical systems and effectively realize anti-theft control of private information. First, the Patient-oriented Privacy Preserving Access Control model is introduced into the access control process of private information in medical systems. Next, a private information storage platform is built by using blockchain technology, and information transmission is realized using standard cryptographic algorithms. In this process, file authorization contracts are also used to guarantee the security of private information and further prevent theft of medical private information. Our simulation results show that the storage response time of this method is kept below 1,000 ms, and the maximum information throughput rate reaches 550 kbit/s, which indicates that this method has strong performance in information storage and transmission efficiency. Moreover, the reliability and bandwidth utilization of data transmission across domains is higher, so the method has higher information security control performance and superior overall performance.

scholarly journals Reliable Task Management Based on a Smart Contract for Runtime Verification of Sensing and Actuating Tasks in IoT Environments

Sensors ◽  
2020 ◽  
Vol 20 (4) ◽  
pp. 1207 ◽  
Author(s):  
Lei Hang ◽  
Do-Hyeun Kim
Keyword(s):  
Access Control ◽  
Comprehensive Evaluation ◽  
Runtime Verification ◽  
Security And Privacy ◽  
Raspberry Pi ◽  
Task Management ◽  
Business Logic ◽  
Blockchain Technology ◽  
Smart Contract ◽  
Networking Technologies

With the gradual popularization of Internet-of-Things (IoT) applications and the development of wireless networking technologies, the use of heterogeneous devices and runtime verification of task fulfillment with different constraints are required in real-world IoT scenarios. As far as IoT systems are concerned, most of them are built on centralized architectures, which reveal various assailable points in data security and privacy threats. Hence, this paper aims to investigate these issues by delegating the responsibility of a verification monitor from a centralized architecture to a decentralized manner using blockchain technology. We present a smart contract-based task management scheme to provide runtime verification of device behaviors and allows trustworthy access control to these devices. The business logic of the proposed system is specified by the smart contract, which automates all time-consuming processes cryptographically and correctly. The usability of the proposed solution is further demonstrated by implementing a prototype application in which the Hyperledger Fabric is utilized to implement the business logic for runtime verification and access control with one desktop and one Raspberry Pi. A comprehensive evaluation experiment is conducted, and the results indicate the effectiveness and efficiency of the proposed system.

scholarly journals From Conventional to State-of-the-Art IoT Access Control Models

Electronics ◽  
2020 ◽  
Vol 9 (10) ◽  
pp. 1693
Author(s):  
Ahmad Kamran Malik ◽  
Naina Emmanuel ◽  
Sidra Zafar ◽  
Hasan Ali Khattak ◽  
Basit Raza ◽  
...  
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Social Networking ◽  
Private Information ◽  
Online Social Networks ◽  
Security And Privacy ◽  
Accurate Information ◽  
Access Control Models ◽  
Control Models ◽  
Macro Scale

The advent in Online Social Networks (OSN) and Internet of Things (IoT) has created a new world of collaboration and communication between people and devices. The domain of internet of things uses billions of devices (ranging from tiny sensors to macro scale devices) that continuously produce and exchange huge amounts of data with people and applications. Similarly, more than a billion people are connected through social networking sites to collaborate and share their knowledge. The applications of IoT such as smart health, smart city, social networking, video surveillance and vehicular communication are quickly evolving people’s daily lives. These applications provide accurate, information-rich and personalized services to the users. However, providing personalized information comes at the cost of accessing private information of users such as their location, social relationship details, health information and daily activities. When the information is accessible online, there is always a chance that it can be used maliciously by unauthorized entities. Therefore, an effective access control mechanism must be employed to ensure the security and privacy of entities using OSN and IoT services. Access control refers to a process which can restrict user’s access to data and resources. It enforces access rules to grant authorized users an access to resources and prevent others. This survey examines the increasing literature on access control for traditional models in general, and for OSN and IoT in specific. Challenges and problems related to access control mechanisms are explored to facilitate the adoption of access control solutions in OSN and IoT scenarios. The survey provides a review of the requirements for access control enforcement, discusses several security issues in access control, and elaborates underlying principles and limitations of famous access control models. We evaluate the feasibility of current access control models for OSN and IoT and provide the future development direction of access control for the same.

scholarly journals A Fine-Grained IoT Data Access Control Scheme Combining Attribute-Based Encryption and Blockchain

2021 ◽  
Vol 2021 ◽  
pp. 1-13
Author(s):  
Xiaofeng Lu ◽  
Songbing Fu ◽  
Cheng Jiang ◽  
Pietro Lio
Keyword(s):  
Access Control ◽  
Distributed Storage ◽  
Data Access ◽  
Security And Privacy ◽  
Privacy And Security ◽  
Fine Grained ◽  
Blockchain Technology ◽  
Data Access Control ◽  
Attribute Based Encryption ◽  
Control Scheme

IoT technology has been widely valued and applied, and the resulting massive IoT data brings many challenges to the traditional centralized data management, such as performance, privacy, and security challenges. This paper proposes an IoT data access control scheme that combines attribute-based encryption (ABE) and blockchain technology. Symmetric encryption and ABE algorithms are utilized to realize fine-grained access control and ensure the security and openness of IoT data. Moreover, blockchain technology is combined with distributed storage to solve the storage bottleneck of blockchain systems. Only the hash values of the data, the hash values of the ciphertext location, the access control policy, and other important information are stored on the blockchain. In this scheme, smart contract is used to implement access control. The results of experiments demonstrate that the proposed scheme can effectively protect the security and privacy of IoT data and realize the secure sharing of data.

scholarly journals Blockchain-Enabled Access Management System for Edge Computing

Electronics ◽  
2021 ◽  
Vol 10 (9) ◽  
pp. 1000
Author(s):  
Yong Zhu ◽  
Chao Huang ◽  
Zhihui Hu ◽  
Abdullah Al-Dhelaan ◽  
Mohammed Al-Dhelaan
Keyword(s):  
Access Control ◽  
Management System ◽  
Trusted Computing ◽  
Academic Research ◽  
Data Access ◽  
Edge Computing ◽  
Security And Privacy ◽  
Access Management ◽  
Blockchain Technology ◽  
Data Access Control

In the post-cloud era, edge computing is a new computing paradigm with data processed at the edge of the network, which can process the data close to the end-user in real time and offload the cloud task intelligently. Meanwhile, the decentralization, tamper-proof and anonymity of blockchain technology can provide a new trusted computing environment for edge computing. However, it does raise considerable concerns of security, privacy, fault-tolerance and so on. For example, identity authentication and access control rely on third parties, heterogeneous devices and different vendors in IoT, leading to security and privacy risks, etc. How to combine the advantages of the two has become the highlight of academic research, especially the issue of secure resource management. Comprehensive security and privacy involve all aspects of platform, data, application and access control. In. this paper, the architecture and behavior of an Access Management System (AMS) in a proof of concept (PoC) prototype are proposed with a Color Petri Net (CPN) model. The two domains of blockchain and edge computing are organically connected by interfaces and interactions. The simulation of operation, activity and role association proves the feasibility and effectiveness of the AMS. The instances of platform business access control, data access control, database services, IOT hub service are run on Advantech WISE-PaaS through User Account and Authentication (UAA). Finally, fine-grained and distributed access control can be realized with the help of a blockchain attribute. Namely, smart contracts are used to register, broadcast, and revoke access authorization, as well as to create specific transactions to define access control policies.

scholarly journals Blockchain Platforms and Access Control Classification for IoT Systems

Symmetry ◽  
2020 ◽  
Vol 12 (10) ◽  
pp. 1663
Author(s):  
Adam Ibrahim Abdi ◽  
Fathy Elbouraey Eassa ◽  
Kamal Jambi ◽  
Khalid Almarhabi ◽  
Abdullah Saad AL-Malaise AL-Ghamdi
Keyword(s):  
Access Control ◽  
Single Point ◽  
Security And Privacy ◽  
Future Research ◽  
Control Mechanisms ◽  
Privacy And Security ◽  
Security Issues ◽  
Massive Growth ◽  
Blockchain Technology ◽  
Comparison Table

The Internet of Things paradigm is growing rapidly. In fact, controlling this massive growth of IoT globally raises new security and privacy issues. The traditional access control mechanisms provide security to IoT systems such as DAC (discretionary access control) and mandatory access control (MAC). However, these mechanisms are based on central authority management, which raises some issues such as absence of scalability, single point of failure, and lack of privacy. Recently, the decentralized and immutable nature of blockchain technology integrated with access control can help to overcome privacy and security issues in the IoT. This paper presents a review of different access control mechanisms in IoT systems. We present a comparison table of reviewed access control mechanisms. The mechanisms’ scalability, distribution, security, user-centric, privacy and policy enforcing are compared. In addition, we provide access control classifications. Finally, we highlight challenges and future research directions in developing decentralized access control mechanisms for IoT systems.

scholarly journals Efficient Privacy-Preserving Access Control Scheme in Electronic Health Records System

Sensors ◽  
2018 ◽  
Vol 18 (10) ◽  
pp. 3520 ◽  
Author(s):  
Yang Ming ◽  
Tingting Zhang
Keyword(s):  
Access Control ◽  
Electronic Health Records ◽  
Personal Information ◽  
Privacy Preserving ◽  
Security And Privacy ◽  
Medical Systems ◽  
Health Records ◽  
Access Policy ◽  
Diffie Hellman ◽  
Electronic Health

The sharing of electronic health records (EHR) in cloud servers is an increasingly important development that can improve the efficiency of medical systems. However, there are several concerns focusing on the issues of security and privacy in EHR system. The EHR data contains the EHR owner’s sensitive personal information, if these data are obtained by a malicious user, it will not only cause the leakage of patient’s privacy, but also affect the doctor’s diagnosis. It is a very challenging problem for the EHR owner fully controls over own EHR data as well as preserves the privacy of himself. In this paper, we propose a new privacy-preserving access control (PPAC) scheme for EHR. To achieve fine-grained access control of the EHR data, we utilize the attribute-based signcryption (ABSC) mechanism to signcrypt data based on the access policy for the linear secret sharing schemes. Employing the cuckoo filter to hide the access policy, it could protect the EHR owner’s privacy information. In addition, the security analysis shows that the proposed scheme is provably secure under the decisional bilinear Diffie-Hellman exponent assumption and the computational Diffie-Hellman exponent assumption in the standard model. Furthermore, the performance analysis indicates that the proposed scheme achieves low costs of communication and computation compared with the related schemes, meanwhile preserves the EHR owner’s privacy. Therefore, the proposed scheme is better suited to EHR system.

BC-BLPM: A multi-level security access control model based on blockchain technology

2021 ◽  
Vol 18 (2) ◽  
pp. 110-135
Author(s):  
Xiang Yu ◽  
Zhangxiang Shu ◽  
Qiang Li ◽  
Jun Huang
Keyword(s):  
Access Control ◽  
Control Model ◽  
Access Control Model ◽  
Model Based ◽  
Blockchain Technology ◽  
Multi Level

scholarly journals STHM: A Secured and Trusted Healthcare Monitoring Architecture Using SDN and Blockchain

Electronics ◽  
2021 ◽  
Vol 10 (15) ◽  
pp. 1787
Author(s):  
Ezedin Barka ◽  
Sofiane Dahmane ◽  
Chaker Abdelaziz Kerrache ◽  
Mohamad Khayat ◽  
Farag Sallabi
Keyword(s):  
Monitoring System ◽  
Trust Management ◽  
Software Defined Networking ◽  
The Elderly ◽  
Optimal Level ◽  
Security And Privacy ◽  
Patient Privacy ◽  
Security Technologies ◽  
Blockchain Technology ◽  
Healthcare Monitoring

Healthcare professionals and scholars have emphasized the need for IoT-based remote health monitoring services to track the health of the elderly. Such systems produce a large amount of data, necessitating the security and privacy of that data. On the other hand, Software Defined Networking (SDN) integration could be seen as a good solution to guarantee both flexibility and efficiency of the network which is even more important in the case of healthcare monitoring. Furthermore, Blockchain has recently been proposed as a game-changing tool that can be integrated into the Internet of Things (IoT) to have the optimal level of security and privacy. However, incorporating Blockchain into IoT networks, which rely heavily on patients’ health sensors, is extremely difficult. In this paper, a secure Healthcare Monitoring System (HMS) is proposed with a focus on trust management issues. The architecture seeks to protect multiple healthcare monitoring system components and preserves patient privacy by developing a security interface where separate security modules can be integrated to run side by side to ensure reliable HMS. The security framework architecture we propose takes advantage of the blockchain technology as a secure and timely information back-end. STHM is a proposal that uses Software-Defined Networking (SDN) as the communication medium that allows users to access SDN’s different functional and security technologies and services. Simulation results show that the use of Blockchain for the SDN-based healthcare monitoring can ensure the desired flexibility and security for a very lightweight additional overhead.

Sign in / Sign up

Export Citation Format

Share Document