Secure and Privacy Preserving Data Aggregation Scheme for IoT Based Healthcare SystemSoufiene

Secure and Privacy Preserving Data Aggregation Scheme for IoT Based Healthcare SystemSoufiene Ben Othman1*, Abdullah Ali Bahattab2, Abdelbasset Trad1 and Habib Youssef1*PRINCE Laboratory Research, ISITcom, Hammam Sousse, University of Sousse, Tunisia2Computer Technology Department, College of Telecomm and Electronics, Jeddah, Saudi Arabia*Corresponding author: [email protected] Internet of Things (IoT) connects various kinds of intelligent objects and devices using the internet to collect and exchange data. The IoT has a variety of application domains, including health care. In the healthcare application, these smart objects can be body sensors allowing the continuous monitoring of vital signs of patients.Usually, the size of data collection in IoT is large that makes it essential to eliminate redundant data, minimize the number of transmissions, and improve the energy consumption. Therefore, data aggregation plays a crucial role in decreasing energy consumption by significantly reducing the overhead associated with communication.However, in healthcare system using IoT, the heterogeneity of technologies, the large number of devices and systems, and the different types of users and roles create important challenges. Therefore, a lot of threats, attacks and vulnerability are occurred in wireless surroundings because of their limited resources such as small memory and low computation capability. However, the security and privacy of health data are very important aspects and have major challenges.This paper proposes a novel secure data aggregation scheme based on homomorphic primitives in IoT based healthcare systems, called “Secure and Privacy Preserving Data Aggregation Scheme for IoT Based Healthcare System” (SPPDA). The scheme adopts a homomorphic encryption to protect data privacy and combines it with homomorphic MAC to check the data integrity. The security analysis and experimental results show that our proposed scheme guarantees consumers privacy, messages authenticity, and integrity, with lightweight communication overhead and computation.Keywords: Internet of Things, Healthcare, Data Aggregation, Security, Homomorphic Encryption.1. Introduction The Internet of Things (IoT) is a novel paradigm that is rapidly gaining ground in the scenario of modern wireless telecommunications. The basic idea of this concept is that the pervasive presence around us of a variety of things or objects – such as Radio-Frequency IDentification (RFID) tags, sensors, actuators, mobile phones, …etc., that through unique addressing schemes, are able to interact with each other and cooperate with their neighbors to reach common goals [1].The IoT will foster the development of applications in many different domains, such as home automation, industrial automation, medical aids, mobile healthcare, elderly assistance, intelligent energy management and smart grids, automotive, traffic management, and many others [4]. These applications will make use of the potentially enormous amount and variety of data generated by such objects to provide new services to citizens, companies, and public administrations [3]. The interested reader is referred to [1-5] for a deeper understanding of the IoT. Many are the benefits provided by the IoT technologies to the healthcare domain and the resulting applications can be grouped mostly into: tracking of objects and people (staff and patients); identification and authentication of people; automatic data collection and sensing [5]. Figure 1 shows the typical structure of health care monitoring system using IoT. The sensors are deployed in the human body to monitor the parameters like temperature, heart rate, blood pressure and so on. The values read from the sensors are transmitted to the server and the doctors can access these data from the server. Hence, healthcare remote monitoring solutions could potentially lower medical costs across the country.The IoT Based Healthcare Systems is extremely vulnerable to attacks for several reasons. First, often its components spend most of the time unattended; and thus, it is easy to physically attack them. Second, most of the communications are wireless, which makes eavesdropping extremely simple. Finally, most of the IoT components are characterized by low capabilities in terms of both energy and computing resources and thus, they cannot implement complex schemes supporting security.All the data transmitted in health-care applications should be authenticated and secure against malicious modification. For example, an attacker might forge a fake emergency call and make it distributed in the network to degrade the network performance. In addition, privacy is also a primary concern from customers point of view, as health data is highly relevant to users themselves, for example, the ECG can reflect people’s some specific behaviors, such as sleeping, having meals etc. As a result, the reveal of such health data might violate user’s privacy.Data aggregation as an efficient technique for data collection processing in which data are processed and aggregated within the network, is fit for the IoT since sensor nodes are resource-limited and energy-constrained [4]. This technique leads to several benefits, such as energy savings, which are crucial for constrained environments, such as low-power and loss networks [5]. The data aggregation scheme also faces many security challenges. For example, sensors are usually deployed in remote and hostile environments; thus, sensor nodes are prone to node compromise attacks, and security issues, such as data confidentiality and integrity, are extremely important. To solve the problems mentioned above, in this paper, we propose a novel secure data aggregation scheme based on homomorphic primitives, called Secure and Privacy Preserving Data Aggregation (SPPDA) designed to reduce the requirements of existing security protocols, in order to be supported by resource-constrained devices. SPPDA uses additive homomorphic encryption to encrypt the complex number formed by raw data and privacy factor so that it can aggregate the data without any decryption. By this approach, we can reduce computational overhead and delays. Moreover, compared with related work, SPPDA has lower calculation, less traffic, higher accuracy and verifiable completeness.The remainder of this paper is organized as follows: The related works are investigated in section 2. Network model and design goals are presented in section 3. In Section 4, we describe in detail the solution, followed by the security analysis and performance evaluation in sections 5and 6, respectively. Finally, section 7 concludes the paper. Figure.1. IoT-based healthcare monitoring architecture [3].2. Related workSecurity was one of the important factors must be considered for IoT-based healthcare systems development. Hence, research into security and defense mechanisms has been going on for quite some time. In this section, we describe the popular research projects about secure data aggregation of IoT-based healthcare applications.In [14], Zhang et al. present a scheme named PHDA, which is a priority based health data aggregation scheme. It is used to improve the aggregation efficiency among different types of health data. According to different data priorities, the adjustable forwarding strategies can be selected to forward the user’s health data to the cloud servers with the reasonable communication overheads. In addition, PHDA can resist the forgery attacks and achieve the desirable delivery ratio with reasonable communication costs and lower delay for the data in different priorities. At the same time, it reduces the communication overheads. However, their scheme was not fault tolerant in the case of users or cloud servers may fail and it does not resist differential attacks either. In [15], Song Han et al. present an efficient and privacy-aware data aggregation, called PPM-HDA. PPM-HDA addresses the need for a fault tolerant cloud based framework to manage the user’s sensitive health data in a large scale network. Both the temporal and spatial health data statistical aggregation is taken into account. Also the PPM HDA mechanism can not only preserve differential privacy for additive aggregations, such as summation and variance aggregations, but also non additive aggregations, such as min/max, median, percentile and histogram. The additive aggregation function uses Boneh-Goh-Nissim cryptosystem which is a public key encryption scheme to protect the user’s privacy. The PPM-HDA scheme guarantees that the remaining uncompromised cloud servers can decrypt the aggregated data contributed by the health care sensors. The prefix membership verification scheme is used to reduce the computation overhead by changing the question of verifying whether a datum belongs to range of data into few questions of verifying whether a numerical value is equal. In [16], Chen et al. propose a scheme named PDAFT, which supports fault tolerance and privacy-preserving data aggregation. PDAFT takes advantage of homomorphic Paillier Encryption technique to encrypt private user data so that it can prevent the control center from knowing personal user data while acquiring the aggregated data. In addition, a strong adversary who aims to breach user privacy can reveal nothing even though he has already compromised a few servers at the control center. Moreover, PDAFT also supports both spatial and temporal aggregation and it supports fault tolerant. Furthermore, it reduces the communication overhead.In [17], Li et al. present an efficient and privacy-aware data aggregation, called EPADA, which studies how an untrusted aggregator can obtain desired statistics without knowing individual user’s private data. In EPADA, the authors utilize a novel key management technique and an additive homomorphic encryption to support large plaintext space. In addition, EPADA can also support min aggregate of time-series data, which needs only one round of communication between user and aggregator. However, their scheme cannot support fault tolerant. Although their min aggregate protocol can be easily extended to max aggregate protocol, it is difficult to support the other non-additive aggregate statistics, such as median and percentile.We have also proposed a priority-based compressed data aggregation scheme with integrity preservation to improve the aggregation efficiency of different types of health data named “PCDA” in [18]. We use compressed sensing as a sampling procedure to reduce the communication overhead and minimize power consumption. Then, the compressed data are encrypted, and integrity is protected by a cryptographic hash algorithm to preserve data integrity. Finally, according to different data priorities, we apply an aggregation function and then send the data for diagnosis. Besides analysing the security of the PCDA, this paper has also reported evaluation results of PCDA using an experimental network of medical sensors. We believe that our results show great promise for PCDA in terms of security, energy efficiency and communication overhead.Chen et al. [19] propose a scheme called MuDA. It supports variance aggregation and one-way ANOVA aggregation with differential privacy. In addition, differential privacy is adopted to resist differential attacks that most data aggregation schemes may suffer and it just introduces acceptable noise. Furthermore, MuDA deceases the communication overhead of a popular aggregation scheme. However, their scheme does not consider the non-additive aggregation, for example min/max, median, percentile, histogram, etc. Furthermore, their scheme does not support temporal aggregation and it cannot support fault tolerant in the case of users or cloud servers may fail.Another approach to ensure the confidentiality of the health-data outsourced to the cloud environment is proposed by Tong et al. [21]. The approach allows efficient searching on the encrypted data by using the Searchable Symmetric Encryption (SSE). To avoid the key wear-out, the approach frequently updates the keys. To enforce the auditability of the health data, the authors combined the threshold control signature with the ABE. Instead of delegating access control to individuals, a role based access control is introduced to grant access in emergency situations where the trusted authorities can verify the signatures. Moreover, to ensure the unlinkability of the portions of health information the key management is performed through a pseudorandom generator. Furthermore, the presented scheme also preserves the search pattern privacy, anonymity, and keyword privacy. However, the approach may be deficient in terms of dynamic access policy specification to grant role based access due to complex access structure.A hybrid approach to preserve the privacy of health-data shared in the cloud is presented by Yang et al. [22]. The model uses cryptography and statistical analysis to ensure multi-level privacy. The medical datasets are partitioned vertically such that on each partition of the EMR, a different security level is implemented. The identifying attributes of the EMR, such as name, date of birth, and address are encrypted through the symmetric encryption. On the other hand, the portion of the EMR comprising of the clinical data and treatments history is stored as plain text. Because the data is partitioned, it is difficult for the adversary to link the information. Moreover, only the authorized recipients with appropriate authentication can merge the partitions through the decryptions keys and quasi identifiers. The data owners and the data recipients respectively ensure the integrity of the medical data locally and remotely. However, a limitation of the approach is that the data recipient, which in this case is a cloud provider, can act maliciously and disclose the information that can help linking the portions of medical records.3. System Model and design ObjectivesIn this section, we define the network model, the adversary model, and the design goals of the proposed schemes.3.1 Network ModelOur network model mainly consists of three entities, the Medical Devices (MD), the Smart Gateway (SW), and the Healthcare Institutions (HI), as shown in Fig.2.(i) Smart Gateway (SG): The Smart Gateway is used to collect the sensors-data before sending to the data healthcare service. As mentioned before, we exploit Smart gateways which support different communication protocols, act as a touching point between medical devices and Internet. The SG receives data from different sub-networks, performs protocol conversion, and provides other higher-level services. It acts as repository (local database) to temporarily store sensors’ and users’ information and provides intelligence at the edge of the network. (ii) Healthcare Institutions (HIs): HIs represent the organizations (i.e., certified hospital, medicine research center, health departments, etc.) that are interested in the statistical information of a large volume of health data.(iii) Medical Users (MU): Each user is equipped with body area sensors which monitors the personal health sensing data in a real time fashion and periodically uploads these health data to the HI via the user’s smartphone or PDA. Today, there is a long list of sensors or healthcare sensors that measure body temperature, blood pressure, heart pulse, ECG, respiratory rate, glucose level. Figure. 2. The proposed architecture for IoT-based healthcare.3.2 Security Requirements for healthcare IoT systemThe privacy of users’ medical information and the confidentiality of diagnosis model are crucial for the success of medical pre-diagnosis service. Security requirements for IoT-based healthcare solutions are similar to those in standard communications scenarios. Therefore, to guarantee the privacy of users’ medical information and the confidentiality of diagnosis model, the security requirements listed in Table 1 should be satisfied.Table.1. Major Security requirements for healthcare IoT system.Major Security Requirements DescriptionConfidentiality Confidentiality ensures the inaccessibility of medical information for unauthorized users. In addition, confidential messages resist revealing their content to eavesdroppers.Integrity Integrity ensures that received medical data are not altered in transit by an adversary. In addition, the integrity of stored data and content should not be compromised.Authentication Authentication enables an IoT health device to ensure the identity of the peer with which it is communicating.Freshness Data freshness basically implies that each data set is recent and ensures that no adversary replays old messages.Non-repudaition Non-repudiation indicates that a node cannot deny sending a message sent earlier.Availability Availability ensures the survivability of IoT healthcare services (either local or global/cloud services) to authorized parties when needed even under denial-of-service attacks.Data Access control In healthcare IoT systems, caregivers (i.e. doctors, pharmacists, nurses, etc.) are directly involved with patients’ physiological and medical data. Thus, a real-time rolebased access control needs to be available to restrict caregivers’ access based on their privileges.Patient consent Patients’ consents are always essential when caregivers decide to circulate their medical records to another healthcare sector/hospital in order to provide higher quality of healthcare.End-to-end security End-to-end security is one of the major requirements in healthcare IoT systems. This feature enables the end-points of a healthcare IoT system, that is caregivers and medical sensors, to securely communicate with each other beyond the independent network.3.3 Security challengesBecause IoT security requirements are not ensured by traditional security techniques, novel countermeasures are needed to address new challenges posed by the IoT. Challenges for secure IoT healthcare services is presented in table 3.Table.3. The security challenges for healthcare IoT system.Security challenges DescriptionComputational limitations IoT health devices are embedded with low-speed processors. The central processing unit (CPU) in such devices is not very powerful in terms of its speed. In addition, these devices are not designed to perform computationally expensive operations.Memory limitations Most IoT healthcare devices have low on-device memory. Such devices are activated using an embedded Operating System (OS), system software, and an application binary. Therefore, their memory may not be sufficient to execute complicated security protocols.Energy limitations A typical IoT healthcare network includes small health devices of limited battery power (e.g., body temperature ). Therefore, the energy constraint property of IoT health devices makes finding an energy-aware security solution challenging.Communications media In general, health devices are connected to both local and global networks through a wide range of wireless links such as Zigbee, Z-Wave, Bluetooth, Bluetooth Low Energy, WiFi, GSM, WiMax, and 3G/4G. Wireless channel characteristics of these networks make traditional wired security schemes less appropriate. Therefore, it is difficult to find a comprehensive security protocol that can treat both wired and wireless channel characteristics equally.4. Proposed SPPDA Solution