users plays a very important role in any digital technology. In the e-health system, patient information is the most valuable resource. So, we need to be very careful in keeping data safe. The patient data can be divided into two kinds: general records and the critical personal information. General records do not require any good privacy like name, age, sex, height, weight, and color. But critical personal information needs special attention in terms of security and privacy [21]. Critical information includes genetic info data, allergy from some kind medicine, addiction to drugs, certain kinds of infections, color blindness data, fertility information, sexual orientation, and some others. This information needs to be encrypted before storing and sending it to the cloud.
Table 2.1 Security and privacy mechanism prosed in some papers.
Paper | Techniques | Domain | Characteristic |
[4] | Machine Learning | Smart Healthcare Health Decision | Support System |
[7] | Attribute Based-Encryption | Personal Healthcare | Encrypting Personal Healthcare Records |
[8] | Ciphertext Policy Attribute Based-Encryption | Wireless Network for Healthcare Sensors | Preserving integrity and confidentiality of health-related data |
[9] | Attribute Based-Encryption | Patient Data sharing | Resolving key escrow problem |
[10] | KMS | e-health systems | Lightweight end to end key management |
[11] | IoT sensors based on Cloud | Senior citizen health data management | Providing medical assistance to elder people |
[12] | Ciphertext Policy Attribute Based-Encryption | Encrypted cloud data | Resolving APKS problem in Cloud computing |
[13] | m2-ABKS | Encrypted e-health data | Authorized access of records and collusion attacks are addressed |
[14] | Laplace guided KR | Image Compression | Achieving high compression ratio with low computational cost |
[15] | PASStree | Matching of string | Providing good string matching without privacy hampering |
[16] | Authentication techniques | Patient Supervision | Promising patient’s privacy while preserving confidentiality of system |
[17] | Homomorphic Encryption | Privacy of Data | Preserving privacy of data generated by IoT devices |
There are some threats available related to security and privacy.
Fake Identity Attack: In this, attacker can create false identity of authorized persons in the system and can do certain things like changing the entries and deleting some important records; attackers can also downgrade the system performance by consuming system resources unnecessarily.
Data Tampering Attack: In this, attacker can tamper health-related data by changing, editing, manipulating, and destroying.
Spamming: In this attack, fake data of patients is created and flooded in the system which induces unnecessary entry in data tables which leads to inaccurate results.
Denial-of-Service Attack: In this, attacker creates a large number of fake packets to flood the network, and then, the system engages in fulfilling the request generated by the fake packets and denies the request generated by genuine packets. This results in poor system performance and uptime. Eavesdropping: In this, attackers take access of the communication channel and start snooping the packet traveling in that channel. If a very strong encryption technique is not applied, then it is very easy for attackers to read and understand those data.
Location Privacy: In this, attacker can gain live location access of the patient, generated form the wearable IoT devices attached to the patient or the mobile phone.
Usages Privacy: In this, attacker can gain usage information of the patient or the person involved in the healthcare to find the useful and predict some sensitive information.
2.5 Conclusion
Technological advancement in the healthcare industry is increasing rapidly, and a variety of wearable devices are available for gathering health-related patient data. Data gathered from these smart devices are very huge.
The high volume of important data invites attackers to steal and manipulate it. To maintain integrity, security and privacy of health-related data. In this paper we have discussed architecture of the next generation healthcare system with latest available IoT devices, use of fog computing for local processing and storing, then for pattern recognition sends it to the cloud. Here, deep learning and data mining are done on that data. There are many security privacy issues, and challenges are there that need to be addressed very carefully.
References
1. Sun, W., Cai, Z., Li, Y., Liu, F., Fang, S., Wang, G., Security and Privacy in the Medical Internet of Things: A Review. Secur. Commun. Netw., 2018, 9, 2018.
2. Zhang, H., Cai, Z., Liu, Q. et al., A survey on security-aware measurement in SDN. Secur. Commun. Netw., 2018, 2018. https://doi.org/10.1155/2018/2459154.
3. Han, S., Zhao, S., Li, Q., Ju, C.-H., Zhou, W., PPM-HDA: privacy-preserving and multifunctional health data aggregation with fault tolerance. IEEE Trans. Inf. Forensics Secur., 11, 9, 1940–1955, 2016.
4. Yin, H. et al., Smart Healthcare. Found. Trends R Electron. Des. Autom., 1, 1–67, 2018.
5. Abuwardih, L.A., Shatnawi, W., Aleroud, A., Privacy preserving data mining on published data in healthcare: A survey. 1–6, 2016. https://ieeexplore.ieee.org/document/7549444
6. Anwar, M., Joshi, J., Tan, J., Anytime anywhere access to secure privacy-aware healthcare services: Issues approaches and challenges. Health Policy Technol., 4, 4, 299–311, 2015.
7. Lounis, A., Hadjidj, A., Bouabdallah, A., Challal, Y., Secure medical architecture on the cloud using wireless sensor networks for emergency management, in: Proceedings of the 2013 IEEE 8th International Conference on Broadband, Wireless Computing, Communication and Applications, BWCCA 2013,