A Secure and Privacy-Preserving Data Collection (SPDC) Framework for IoT Applications
Autor: | Tahani Aljohani, Ning Zhang |
---|---|
Rok vydání: | 2020 |
Předmět: |
050101 languages & linguistics
Data collection Remote patient monitoring Computer science business.industry 05 social sciences Wearable computer 02 engineering and technology Service provider Inference attack Computer security computer.software_genre Encryption Upload 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing 0501 psychology and cognitive sciences business Mobile device computer |
Zdroj: | Critical Information Infrastructures Security ISBN: 9783030582944 CRITIS |
DOI: | 10.1007/978-3-030-58295-1_7 |
Popis: | Mobile patient monitoring systems monitor and treat chronic diseases by collecting health data from wearable sensors through mobile devices carried out by patients. In the future, these systems may be hosted by a third-party service provider. This would open a number of security and ID privacy issues. One of these issues is the inference attack. This attack allows a single service provider from inferring the patient’s identity by collecting a number of contextual information about the patient such as the pattern of interaction with the service provider. Thus a security and ID privacy mechanisms must be deployed. In this paper, we propose a framework called Secure and Privacy-Preserving Data Collection (SPDC) that allows the patient to encrypt the data and then upload the encrypted data on different service providers rather than one while allowing an anonymous linkage for the patient’s data which are scattered across different service providers. In this framework, each patient is allowed to select the service providers involved in the data collection, assigns one as the home while the others consider foreign. The patient uses the foreign to upload data while the home is responsible for anonymously collecting the patient’s data from multiple foreign service providers and deliver them to the healthcare provider. This framework also shows a novel mechanism to conduct anonymous authentication across different distributed service provides. The framework has been analyzed against the specified design requirements and security threats. |
Databáze: | OpenAIRE |
Externí odkaz: |