Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain

Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain

The advent of miniaturized mobile devices with wireless communication capability and integrated with biosensors has revolutionized healthcare systems. The devices can be used by individuals as wearable accessories to collect health data regularly. This type of medical assistance supported by mobile...

Full description

Bibliographic Details
Main Authors: Antonio Emerson Barros Tomaz, Jose Claudio Do Nascimento, Abdelhakim Senhaji Hafid, Jose Neuman De Souza
Format: Article
Language:English
Published: IEEE 2020-01-01
Series:IEEE Access
Subjects:
Authentication
blockchain
resource-limited devices
Internet of Things
mobile health
privacy-preserving
Online Access:https://ieeexplore.ieee.org/document/9252935/
id doaj-c3d5c38db5434471b5adab0740d141b9
record_format Article
spelling doaj-c3d5c38db5434471b5adab0740d141b92021-03-30T04:11:10ZengIEEEIEEE Access2169-35362020-01-01820444120445810.1109/ACCESS.2020.30368119252935Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and BlockchainAntonio Emerson Barros Tomaz0https://orcid.org/0000-0002-8513-3659Jose Claudio Do Nascimento1https://orcid.org/0000-0002-4897-5750Abdelhakim Senhaji Hafid2https://orcid.org/0000-0001-8597-7344Jose Neuman De Souza3https://orcid.org/0000-0002-2980-8877Computer Science Department, Federal University of Ceara, Fortaleza, BrazilElectric Engineering Department - Campus Sobral, Federal University of Ceara, Sobral, BrazilNetwork Research Laboratory, Universitéde Montréal, Montreal, QC, CanadaComputer Science Department, Federal University of Ceara, Fortaleza, BrazilThe advent of miniaturized mobile devices with wireless communication capability and integrated with biosensors has revolutionized healthcare systems. The devices can be used by individuals as wearable accessories to collect health data regularly. This type of medical assistance supported by mobile devices to monitor patients and offer health services remotely is known as mobile health (mHealth). Although mHealth provides many benefits and has become popular, it can pose severe privacy risks. Many features in mHealth are managed through a smartphone. Thus, one of the most worrying issues involves communication between the monitoring devices and the smartphone. When communication uses Bluetooth, it is standard for a device to be paired with the smartphone; but generally, it is not exclusively associated with a specific mHealth app. This characteristic can allow a data theft attack by a malicious app or fake data injection by an illegitimate device. To address this issue, we present an authentication scheme based on Non-Interactive Zero-Knowledge Proof that is lightweight enough to run on mHealth devices with minimal resources. Our scheme ensures that legitimate devices interact exclusively with the official mHealth application. To ensure the patient's privacy-preserving throughout the system, we address the issues of storing, managing, and sharing data using blockchain. Since there is no privacy in the standard blockchain, we present a scheme in which the health data transmitted, stored, or shared are protected by Attribute-Based Encryption. The outcome is a system with fine-grained access control, entirely managed by the patient, and an end-to-end privacy guarantee.https://ieeexplore.ieee.org/document/9252935/Authenticationblockchainresource-limited devicesInternet of Thingsmobile healthprivacy-preserving
collection DOAJ
language English
format Article
sources DOAJ
author Antonio Emerson Barros Tomaz
Jose Claudio Do Nascimento
Abdelhakim Senhaji Hafid
Jose Neuman De Souza
spellingShingle Antonio Emerson Barros Tomaz
Jose Claudio Do Nascimento
Abdelhakim Senhaji Hafid
Jose Neuman De Souza
Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain
IEEE Access
Authentication
blockchain
resource-limited devices
Internet of Things
mobile health
privacy-preserving
author_facet Antonio Emerson Barros Tomaz
Jose Claudio Do Nascimento
Abdelhakim Senhaji Hafid
Jose Neuman De Souza
author_sort Antonio Emerson Barros Tomaz
title Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain
title_short Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain
title_full Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain
title_fullStr Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain
title_full_unstemmed Preserving Privacy in Mobile Health Systems Using Non-Interactive Zero-Knowledge Proof and Blockchain
title_sort preserving privacy in mobile health systems using non-interactive zero-knowledge proof and blockchain
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2020-01-01
description The advent of miniaturized mobile devices with wireless communication capability and integrated with biosensors has revolutionized healthcare systems. The devices can be used by individuals as wearable accessories to collect health data regularly. This type of medical assistance supported by mobile devices to monitor patients and offer health services remotely is known as mobile health (mHealth). Although mHealth provides many benefits and has become popular, it can pose severe privacy risks. Many features in mHealth are managed through a smartphone. Thus, one of the most worrying issues involves communication between the monitoring devices and the smartphone. When communication uses Bluetooth, it is standard for a device to be paired with the smartphone; but generally, it is not exclusively associated with a specific mHealth app. This characteristic can allow a data theft attack by a malicious app or fake data injection by an illegitimate device. To address this issue, we present an authentication scheme based on Non-Interactive Zero-Knowledge Proof that is lightweight enough to run on mHealth devices with minimal resources. Our scheme ensures that legitimate devices interact exclusively with the official mHealth application. To ensure the patient's privacy-preserving throughout the system, we address the issues of storing, managing, and sharing data using blockchain. Since there is no privacy in the standard blockchain, we present a scheme in which the health data transmitted, stored, or shared are protected by Attribute-Based Encryption. The outcome is a system with fine-grained access control, entirely managed by the patient, and an end-to-end privacy guarantee.
topic Authentication
blockchain
resource-limited devices
Internet of Things
mobile health
privacy-preserving
url https://ieeexplore.ieee.org/document/9252935/
work_keys_str_mv AT antonioemersonbarrostomaz preservingprivacyinmobilehealthsystemsusingnoninteractivezeroknowledgeproofandblockchain
AT joseclaudiodonascimento preservingprivacyinmobilehealthsystemsusingnoninteractivezeroknowledgeproofandblockchain
AT abdelhakimsenhajihafid preservingprivacyinmobilehealthsystemsusingnoninteractivezeroknowledgeproofandblockchain
AT joseneumandesouza preservingprivacyinmobilehealthsystemsusingnoninteractivezeroknowledgeproofandblockchain
_version_ 1724182237940809728

Similar Items