Security and Privacy in IoT-Cloud-Based e-Health Systems—A Comprehensive Review

Privacy-Centric AI and IoT Solutions for Smart Rural Farm Monitoring and Control

The integration of artificial intelligence (AI) and the Internet of Things (IoT) in agriculture has significantly transformed rural farming. However, the adoption of these technologies has also introduced privacy and security concerns, particularly unauthorized breaches and cyber-attacks on data collected from IoT devices and sensitive information. The present study addresses these concerns by developing a comprehensive framework that provides practical, privacy-centric AI and IoT solutions for monitoring smart rural farms. This is performed by designing a framework that includes a three-phase protocol that secures data exchange between the User, the IoT Sensor Layer, and the Central Server. In the proposed protocol, the Central Server is responsible for establishing a secure communication channel by verifying the legitimacy of the IoT Sensor devices and the User and securing the data using rigorous cryptographic techniques. The proposed protocol is also validated using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. The formal security analysis confirms the robustness of the protocol and its suitability for real-time applications in AI and IoT-enabled smart rural farms, demonstrating resistance against various attacks and enhanced performance metrics, including a computation time of 0.04 s for 11 messages and a detailed search where 119 nodes were visited at a depth of 12 plies in a mere search time of 0.28 s.

Towards reliable IoT communication and robust security: investigating trusted schemes in the internet of medical things using blockchain

The Internet of Things (IoT) is evolving in various sectors such as industries, healthcare, smart homes, and societies. Billions and trillions of IoT devices are used in e-health systems, known as the Internet of Medical Things (IoMT), to improve communication processes in the network. Scientists and researchers have proposed various methods and schemes to ensure automatic monitoring, communication, diagnosis, and even operating on patients at a distance. Several researchers have proposed security schemes and approaches to identify the legitimacy of intelligent systems involved in maintaining records in the network. However, existing schemes have their own performance issues, including delay, storage efficiency, costs, and others. This paper proposes trusted schemes that combine mean and subjective logic aggregation methods to compute the trust of each communicating device in the network. Additionally, the network maintains a blockchain of legitimate devices to oversee the trusted devices in the network. The proposed mechanism is further verified and analyzed using various security metrics, such as reliability, trust, delay, beliefs, and disbeliefs, in comparison to existing schemes.

Privacy-preserving artificial intelligence in healthcare: Techniques and applications

There has been an increasing interest in translating artificial intelligence (AI) research into clinically-validated applications to improve the performance, capacity, and efficacy of healthcare services. Despite substantial research worldwide, very few AI-based applications have successfully made it to clinics. Key barriers to the widespread adoption of clinically validated AI applications include non-standardized medical records, limited availability of curated datasets, and stringent legal/ethical requirements to preserve patients' privacy. Therefore, there is a pressing need to improvise new data-sharing methods in the age of AI that preserve patient privacy while developing AI-based healthcare applications. In the literature, significant attention has been devoted to developing privacy-preserving techniques and overcoming the issues hampering AI adoption in an actual clinical environment. To this end, this study summarizes the state-of-the-art approaches for preserving privacy in AI-based healthcare applications. Prominent privacy-preserving techniques such as Federated Learning and Hybrid Techniques are elaborated along with potential privacy attacks, security challenges, and future directions.

Cybersecurity Risk Management Framework for Blockchain Identity Management Systems in Health IoT

Blockchain (BC) has recently paved the way for developing Decentralized Identity Management (IdM) systems for different information systems. Researchers widely use it to develop decentralized IdM systems for the Health Internet of Things (HIoT). HIoT is considered a vulnerable system that produces and processes sensitive data. BC-based IdM systems have the potential to be more secure and privacy-aware than centralized IdM systems. However, many studies have shown potential security risks to using BC. A Systematic Literature Review (SLR) conducted by the authors on BC-based IdM systems in HIoT systems showed a lack of comprehensive security and risk management frameworks for BC-based IdM systems in HIoT. Conducting a further SLR focusing on risk management and supplemented by Grey Literature (GL), in this paper, a security taxonomy, security framework, and cybersecurity risk management framework for the HIoT BC-IdM systems are identified and proposed. The cybersecurity risk management framework will significantly assist developers, researchers, and organizations in developing a secure BC-based IdM to ensure HIoT users' data privacy and security.

eHealth: A Survey of Architectures, Developments in mHealth, Security Concerns and Solutions

The ramifications of the COVID-19 pandemic have contributed in part to a recent upsurge in the study and development of eHealth systems. Although it is almost impossible to cover all aspects of eHealth in a single discussion, three critical areas have gained traction. These include the need for acceptable eHealth architectures, the development of mobile health (mHealth) technologies, and the need to address eHealth system security concerns. Existing survey articles lack a synthesis of the most recent advancements in the development of architectures, mHealth solutions, and innovative security measures, which are essential components of effective eHealth systems. Consequently, the present article aims at providing an encompassing survey of these three aspects towards the development of successful and efficient eHealth systems. Firstly, we discuss the most recent innovations in eHealth architectures, such as blockchain-, Internet of Things (IoT)-, and cloud-based architectures, focusing on their respective benefits and drawbacks while also providing an overview of how they might be implemented and used. Concerning mHealth and security, we focus on key developments in both areas while discussing other critical topics of importance for eHealth systems. We close with a discussion of the important research challenges and potential future directions as they pertain to architecture, mHealth, and security concerns. This survey gives a comprehensive overview, including the merits and limitations of several possible technologies for the development of eHealth systems. This endeavor offers researchers and developers a quick snapshot of the information necessary during the design and decision-making phases of the eHealth system development lifecycle. Furthermore, we conclude that building a unified architecture for eHealth systems would require combining several existing designs. It also points out that there are still a number of problems to be solved, so more research and investment are needed to develop and deploy functional eHealth systems.

An Efficient and Privacy-Preserving Scheme for Disease Prediction in Modern Healthcare Systems

With the Internet of Things (IoT), mobile healthcare applications can now offer a variety of dimensionalities and online services. Disease Prediction Systems (DPS) increase the speed and accuracy of diagnosis, improving the quality of healthcare services. However, privacy is garnering an increasing amount of attention these days, especially concerning personal healthcare data, which are sensitive. There are a variety of prevailing privacy preservation techniques for disease prediction that are rendered. Nonetheless, there is a chance of medical users being affected by numerous disparate diseases. Therefore, it is vital to consider multi-label instances, which might decrease the accuracy. Thus, this paper proposes an efficient privacy-preserving (PP) scheme for patient healthcare data collected from IoT devices aimed at disease prediction in the modern Health Care System (HCS). The proposed system utilizes the Log of Round value-based Elliptic Curve Cryptography (LR-ECC) to enhance the security level during data transfer after the initial authentication phase. The authorized healthcare staff can securely download the patient data on the hospital side. Utilizing the Herding Genetic Algorithm-based Deep Learning Neural Network (EHGA-DLNN) can test these data with the trained system to predict the diseases. The experimental results demonstrate that the proposed approach improves prediction accuracy, privacy, and security compared to the existing methods.

InteliRank: A Four-Pronged Agent for the Intelligent Ranking of Cloud Services Based on End-Users' Feedback

Cloud Computing (CC) provides a combination of technologies that allows the user to use the most resources in the least amount of time and with the least amount of money. CC semantics play a critical role in ranking heterogeneous data by using the properties of different cloud services and then achieving the optimal cloud service. Regardless of the efforts made to enable simple access to this CC innovation, in the presence of various organizations delivering comparative services at varying cost and execution levels, it is far more difficult to identify the ideal cloud service based on the user's requirements. In this research, we propose a Cloud-Services-Ranking Agent (CSRA) for analyzing cloud services using end-users' feedback, including Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Software as a Service (SaaS), based on ontology mapping and selecting the optimal service. The proposed CSRA possesses Machine-Learning (ML) techniques for ranking cloud services using parameters such as availability, security, reliability, and cost. Here, the Quality of Web Service (QWS) dataset is used, which has seven major cloud services categories, ranked from 0-6, to extract the required persuasive features through Sequential Minimal Optimization Regression (SMOreg). The classification outcomes through SMOreg are capable and demonstrate a general accuracy of around 98.71% in identifying optimum cloud services through the identified parameters. The main advantage of SMOreg is that the amount of memory required for SMO is linear. The findings show that our improved model in terms of precision outperforms prevailing techniques such as Multilayer Perceptron (MLP) and Linear Regression (LR).

An Overview of Current Solutions for Privacy in the Internet of Things

As the Internet of Things (IoT) applications have been introduced into daily life, privacy issues have become significant concerns to users, network service providers, device producers, and related roles. This study provides a high-level introduction of current privacy-preserving solutions in IoT systems within the three phases of data collection, transmission, and storage. In these three phases, the following aspects were examined: (1). security protocols at the physical and data link layers; (2). network solutions; and (3). data storage and sharing approaches. Real-world implementations often involve more than one phase, and numerous technologies are combined to ensure privacy. Thus, an understanding of all phases and their technologies can be helpful for IoT research, design, development, and operation.

An Instrumented Apartment to Monitor Human Behavior: A Pilot Case Study in the NeuroTec Loft

For patients suffering from neurodegenerative disorders, the behavior and activities of daily living are an indicator of a change in health status, and home-monitoring over a prolonged period of time by unobtrusive sensors is a promising technology to foster independent living and maintain quality of life. The aim of this pilot case study was the development of a multi-sensor system in an apartment to unobtrusively monitor patients at home during the day and night. The developed system is based on unobtrusive sensors using basic technologies and gold-standard medical devices measuring physiological (e.g., mobile electrocardiogram), movement (e.g., motion tracking system), and environmental parameters (e.g., temperature). The system was evaluated during one session by a healthy 32-year-old male, and results showed that the sensor system measured accurately during the participant’s stay. Furthermore, the participant did not report any negative experiences. Overall, the multi-sensor system has great potential to bridge the gap between laboratories and older adults’ homes and thus for a deep and novel understanding of human behavioral and neurological disorders. Finally, this new understanding could be utilized to develop new algorithms and sensor systems to address problems and increase the quality of life of our aging society and patients with neurological disorders.

Technology to Assess and Treat Pain in Pediatric Rheumatology

Advancements in eHealth offer unique opportunities for assisting in and augmenting aspects of evidence-based pain evaluation and management with children and adolescents. In this article, we present an overview of some of the opportunities and challenges in pain eHealth for pediatric rheumatologists to consider while caring for children and adolescents seen in their practice.

Breaking Barriers in Emerging Biomedical Applications

The recent global COVID-19 pandemic has revealed that the current healthcare system in modern society can hardly cope with the increased number of patients. Part of the load can be alleviated by incorporating smart healthcare infrastructure in the current system to enable patient's remote monitoring and personalized treatment. Technological advances in communications and sensing devices have enabled the development of new, portable, and more power-efficient biomedical sensors, as well as innovative healthcare applications. Nevertheless, such applications require reliable, resilient, and secure networks. This paper aims to identify the communication requirements for mass deployment of such smart healthcare sensors by providing the overview of underlying Internet of Things (IoT) technologies. Moreover, it highlights the importance of information theory in understanding the limits and barriers in this emerging field. With this motivation, the paper indicates how data compression and entropy used in security algorithms may pave the way towards mass deployment of such IoT healthcare devices. Future medical practices and paradigms are also discussed.

Software architecture for pervasive critical health monitoring system using fog computing

Because of the existence of Covid-19 and its variants, health monitoring systems have become mandatory, particularly for critical patients such as neonates. However, the massive volume of real-time data generated by monitoring devices necessitates the use of efficient methods and approaches to respond promptly. A fog-based architecture for IoT healthcare systems tends to provide better services, but it also produces some issues that must be addressed. We present a bidirectional approach to improving real-time data transmission for health monitors by minimizing network latency and usage in this paper. To that end, a simplified approach for large-scale IoT health monitoring systems is devised, which provides a solution for IoT device selection of optimal fog nodes to reduce both communication and processing delays. Additionally, an improved dynamic approach for load balancing and task assignment is also suggested. Embedding the best practices from the IoT, Fog, and Cloud planes, our aim in this work is to offer software architecture for IoT-based healthcare systems to fulfill non-functional needs. 4 + 1 views are used to illustrate the proposed architecture.

Fuzzy Cognitive Scenario Mapping for Causes of Cybersecurity in Telehealth Services

Hospital organizations have adopted telehealth systems to expand their services to a portion of the Brazilian population with limited access to healthcare, mainly due to the geographical distance between their communities and hospitals. The importance and usage of those services have recently increased due to the COVID-19 state-level mobility interventions. These services work with sensitive and confidential data that contain medical records, medication prescriptions, and results of diagnostic processes. Understanding how cybersecurity impacts the development of telehealth strategies is crucial for creating secure systems for daily operations. In the application reported in this article, the Fuzzy Cognitive Maps (FCMs) translated the complexity of cybersecurity in telehealth services into intelligible and objective results in an expert-based cognitive map. The tool also allowed the construction of scenarios simulating the possible implications caused by common factors that affect telehealth systems. FCMs provide a better understanding of cybersecurity strategies using expert knowledge and scenario analysis, enabling the maturation of cybersecurity in telehealth services.

Enabling Security Services in Socially Assistive Robot Scenarios for Healthcare Applications

Today’s IoT deployments are highly complex, heterogeneous and constantly changing. This poses severe security challenges such as limited end-to-end security support, lack of cross-platform cross-vertical security interoperability as well as the lack of security services that can be readily applied by security practitioners and third party developers. Overall, these require scalable, decentralized and intelligent IoT security mechanisms and services which are addressed by the SecureIoT project. This paper presents the definition, implementation and validation of a SecureIoT-enabled socially assisted robots (SAR) usage scenario. The aim of the SAR scenario is to integrate and validate the SecureIoT services in the scope of personalized healthcare and ambient assistive living (AAL) scenarios, involving the integration of two AAL platforms, namely QTrobot (QT) and CloudCare2U (CC2U). This includes risk assessment of communications security, predictive analysis of security risks, implementing access control policies to enhance the security of solution, and auditing of the solution against security, safety and privacy guidelines and regulations. Future perspectives include the extension of this security paradigm by securing the integration of healthcare platforms with IoT solutions, such as Healthentia with QTRobot, by means of a system product assurance process for cyber-security in healthcare applications, through the PANACEA toolkit.

Internet of things in health: Requirements, issues, and gaps

BACKGROUND AND OBJECTIVES

The Internet of Things (IoT) paradigm has been extensively applied to several sectors in the last years, ranging from industry to smart cities. In the health domain, IoT makes possible new scenarios of healthcare delivery as well as collecting and processing health data in real time from sensors in order to make informed decisions. However, this domain is complex and presents several technological challenges. Despite the extensive literature about this topic, the application of IoT in healthcare scarcely covers requirements of this sector.

METHODS

A literature review from January 2010 to February 2021 was performed resulting in 12,108 articles. After filtering by title, abstract, and content, 86 were eligible and examined according to three requirement themes: data lifecycle; trust, security, and privacy; and human-related issues.

RESULTS

The analysis of the reviewed literature shows that most approaches consider IoT application in healthcare merely as in any other domain (industry, smart cities…), with no regard of the specific requirements of this domain.

CONCLUSIONS

Future efforts in this matter should be aligned with the specific requirements and needs of the health domain, so that exploiting the capabilities of the IoT paradigm may represent a meaningful step forward in the application of this technology in healthcare.

Security and Privacy in Cloud-Based E-Health System

Cloud based healthcare computing have changed the face of healthcare in many ways. The main advantages of cloud computing in healthcare are scalability of the required service and the provision to upscale or downsize the data storge, collaborating Artificial Intelligence (AI) and machine learning. The current paper examined various research studies to explore the utilization of intelligent techniques in health systems and mainly focused into the security and privacy issues in the current technologies. Despite the various benefits related to cloud-computing applications for healthcare, there are different types of management, technology handling, security measures, and legal issues to be considered and addressed. The key focus of this paper is to address the increased demand for cloud computing and its definition, technologies widely used in healthcare, their problems and possibilities, and the way protection mechanisms are organized and prepared when the company chooses to implement the latest evolving service model. In this paper, we focused on a thorough review of current and existing literature on different approaches and mechanisms used in e-Health to deal with security and privacy issues. Some of these approaches have strengths and weaknesses. After selecting original articles, the literature review was carried out, and we identified several models adopted in their solutions. We arrived at the reviewed articles after comparing the models used.

Acceptance of criteria for health and driver scoring in the general public in Germany

Numerous health insurers offer bonus programmes that score customers’ health behaviour, and car insurers offer telematics tariffs that score driving behaviour. In many countries, however, only a minority of customers participate in these programmes. In a population-representative survey of private households in Germany (N = 2,215), we study the acceptance of the criteria (features) on which the scoring programmes are based: the features for driver scoring (speed, texting while driving, time of driving, area of driving, accelerating and braking behaviour, respectively) and for health scoring (walking distance per day, sleeping hours per night, alcohol consumption, weight, participation in recommended cancer screenings, smoking status). In a second step, we model participants’ acceptance of both programmes with regard to the underlying feature acceptance. We find that insurers in Germany rarely use the features which the participants consider to be the most relevant and justifiable, that is, smoking status for health scoring and smartphone use for driver scoring. Heuristic models (fast-and-frugal trees) show that programme acceptance depends on the acceptance of a few features. These models can help to understand customers’ preferences and to design scoring programmes that are based on scientific evidence regarding behaviours and factors associated with good health and safe driving and are thus more likely to be accepted.

Evaluating the E-Health Cloud Computing Systems Adoption in Taiwan's Healthcare Industry

Although the electronic health (e-health) cloud computing system is a promising innovation, its adoption in the healthcare industry has been slow. This study investigated the adoption of e-health cloud computing systems in the healthcare industry and considered security functions, management, cloud service delivery, and cloud software for e-health cloud computing systems. Although numerous studies have determined factors affecting e-health cloud computing systems, few comprehensive reviews of factors and their relations have been conducted. Therefore, this study investigated the relations between the factors affecting e-health cloud computing systems by using a multiple criteria decision-making technique, in which decision-making trial and evaluation laboratory (DEMATEL), DANP (DEMATEL-based Analytic Network Process), and modified VIKOR (VlseKriterijumska Optimizacija I Kompromisno Resenje) approaches were combined. The intended level of adoption of an e-health cloud computing system could be determined by using the proposed approach. The results of a case study performed on the Taiwanese healthcare industry indicated that the cloud management function must be primarily enhanced and that cost effectiveness is the most significant factor in the adoption of e-health cloud computing. This result is valuable for allocating resources to decrease performance gaps in the Taiwanese healthcare industry.

Health Monitoring System for Elderly Patients Using Intelligent Task Mapping Mechanism in Closed Loop Healthcare Environment

The ageing population’s problems directly impact countries’ socio-economic structure, as more resources are required to monitor the aged population’s health. The growth in human life expectancy is increasing due to medical technologies and nutritional science innovations. The Internet of Things (IoT) is the connectivity of physical objects called things to the Internet. IoT has a wide range of health monitoring applications based on biomedical sensing devices to monitor health conditions. This paper proposes elderly patients’ health monitoring architecture based on an intelligent task mapping approach for a closed-loop IoT healthcare environment. As a case study, a health monitoring system was developed based on the proposed architecture for elderly patients’ health monitoring in the home, ambulance, and hospital environment. The system detects and notifies deteriorating conditions to the authorities based on biomedical sensors for faster interventions. Wearable biomedical sensors are used for monitoring body temperature, heart rate, blood glucose level, and patient body position. Threshold and machine learning-based approaches were used to detect anomalies in the health sensing data. The proposed architecture’s performance analysis is evaluated in terms of round trip time, reliability, task drop rate, and latency performance metrics. Performance results show that the proposed architecture of the elderly patient health monitoring can provide reliable solutions for critical tasks in IoT environments.

A Smart Biometric Identity Management Framework for Personalised IoT and Cloud Computing-Based Healthcare Services

This paper proposes a novel identity management framework for Internet of Things (IoT) and cloud computing-based personalized healthcare systems. The proposed framework uses multimodal encrypted biometric traits to perform authentication. It employs a combination of centralized and federated identity access techniques along with biometric based continuous authentication. The framework uses a fusion of electrocardiogram (ECG) and photoplethysmogram (PPG) signals when performing authentication. In addition to relying on the unique identification characteristics of the users' biometric traits, the security of the framework is empowered by the use of Homomorphic Encryption (HE). The use of HE allows patients' data to stay encrypted when being processed or analyzed in the cloud. Thus, providing not only a fast and reliable authentication mechanism, but also closing the door to many traditional security attacks. The framework's performance was evaluated and validated using a machine learning (ML) model that tested the framework using a dataset of 25 users in seating positions. Compared to using just ECG or PPG signals, the results of using the proposed fused-based biometric framework showed that it was successful in identifying and authenticating all 25 users with 100% accuracy. Hence, offering some significant improvements to the overall security and privacy of personalized healthcare systems.

Secure and Provenance Enhanced Internet of Health Things Framework: A Blockchain Managed Federated Learning Approach

Recent advancements in the Internet of Health Things (IoHT) have ushered in the wide adoption of IoT devices in our daily health management. For IoHT data to be acceptable by stakeholders, applications that incorporate the IoHT must have a provision for data provenance, in addition to the accuracy, security, integrity, and quality of data. To protect the privacy and security of IoHT data, federated learning (FL) and differential privacy (DP) have been proposed, where private IoHT data can be trained at the owner's premises. Recent advancements in hardware GPUs even allow the FL process within smartphone or edge devices having the IoHT attached to their edge nodes. Although some of the privacy concerns of IoHT data are addressed by FL, fully decentralized FL is still a challenge due to the lack of training capability at all federated nodes, the scarcity of high-quality training datasets, the provenance of training data, and the authentication required for each FL node. In this paper, we present a lightweight hybrid FL framework in which blockchain smart contracts manage the edge training plan, trust management, and authentication of participating federated nodes, the distribution of global or locally trained models, the reputation of edge nodes and their uploaded datasets or models. The framework also supports the full encryption of a dataset, the model training, and the inferencing process. Each federated edge node performs additive encryption, while the blockchain uses multiplicative encryption to aggregate the updated model parameters. To support the full privacy and anonymization of the IoHT data, the framework supports lightweight DP. This framework was tested with several deep learning applications designed for clinical trials with COVID-19 patients. We present here the detailed design, implementation, and test results, which demonstrate strong potential for wider adoption of IoHT-based health management in a secure way.

A Systematic Review on Cloud Storage Mechanisms Concerning e-Healthcare Systems

As the expenses of medical care administrations rise and medical services experts are becoming rare, it is up to medical services organizations and institutes to consider the implementation of medical Health Information Technology (HIT) innovation frameworks. HIT permits health associations to smooth out their considerable cycles and offer types of assistance in a more productive and financially savvy way. With the rise of Cloud Storage Computing (CSC), an enormous number of associations and undertakings have moved their healthcare data sources to distributed storage. As the information can be mentioned whenever universally, the accessibility of information becomes an urgent need. Nonetheless, outages in cloud storage essentially influence the accessibility level. Like the other basic variables of cloud storage (e.g., reliability quality, performance, security, and protection), availability also directly impacts the data in cloud storage for e-Healthcare systems. In this paper, we systematically review cloud storage mechanisms concerning the healthcare environment. Additionally, in this paper, the state-of-the-art cloud storage mechanisms are critically reviewed for e-Healthcare systems based on their characteristics. In short, this paper summarizes existing literature based on cloud storage and its impact on healthcare, and it likewise helps researchers, medical specialists, and organizations with a solid foundation for future studies in the healthcare environment.