Public auditing with privacy protection in a multi-user model of cloud-assisted body sensor networks.

Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users' medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs' applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs' deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.N/

TechNews digests: Jan - Nov 2009

TechNews is a technology, news and analysis service aimed at anyone in the education sector keen to stay informed about technology developments, trends and issues. TechNews focuses on emerging technologies and other technology news. TechNews service : digests september 2004 till May 2010 Analysis pieces and News combined publish every 2 to 3 month

Will SDN be part of 5G?

For many, this is no longer a valid question and the case is considered settled with SDN/NFV (Software Defined Networking/Network Function Virtualization) providing the inevitable innovation enablers solving many outstanding management issues regarding 5G. However, given the monumental task of softwarization of radio access network (RAN) while 5G is just around the corner and some companies have started unveiling their 5G equipment already, the concern is very realistic that we may only see some point solutions involving SDN technology instead of a fully SDN-enabled RAN. This survey paper identifies all important obstacles in the way and looks at the state of the art of the relevant solutions. This survey is different from the previous surveys on SDN-based RAN as it focuses on the salient problems and discusses solutions proposed within and outside SDN literature. Our main focus is on fronthaul, backward compatibility, supposedly disruptive nature of SDN deployment, business cases and monetization of SDN related upgrades, latency of general purpose processors (GPP), and additional security vulnerabilities, softwarization brings along to the RAN. We have also provided a summary of the architectural developments in SDN-based RAN landscape as not all work can be covered under the focused issues. This paper provides a comprehensive survey on the state of the art of SDN-based RAN and clearly points out the gaps in the technology.Comment: 33 pages, 10 figure

A patient agent controlled customized blockchain based framework for internet of things

Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.Doctor of Philosoph

Secure Data Aggregation and Access Control in Cloud Assisted eHealth Care System

Recently electronic health (eHealth) care system has drawn a lot of attention from the research community and the industry to face the challenge of rapidly growing elderly population and ever rising health care spending. The health care sector is also driven by the need to reduce costs while simultaneously increasing the service of quality for patients, especially extending health care to patient's residence. Advances in wireless body area networks (WBANs) have made it possible to monitor patient's physiological signals (such as electrocardiogram (ECG), blood oxygen levels) and other health related information (such as physical activity levels) in a residential setting or a mobile setting. Integrating this technology with existing 3G or 4G wireless technologies permits real-time mobile and permanent monitoring of patients, even during their daily normal activities. In such a heterogeneous wireless environment, we can use Ad-hoc network instead of traditional infrastructure-based wireless networks that can reduces cost of deployment, enhances network performance, increases the overall network coverage area as well as reduces the service cost. However, secure communication with data integrity and confidentiality in this type of network is a very challenging task due to different wireless technologies and subscription from various service providers. In addition, instead of storing the PHI at local health-service provider, the recent advancement of cloud computing allows us to store all personal health information (PHI) at cloud-storage and ensures availability with reduce the capital and operational expenditures. However, they also bear new risks and raise challenges with respect to security and privacy aspects. Stored data confidentiality with patient-centric access control is considered as one of the biggest challenges raised by cloud-storage used in eHealth care system. To address these challenges, in this thesis, we first identify unique features of the eHealth care system with security and privacy consideration. We then propose a light weight secure data forwarding scheme for the WBNs environment. A hybrid approach, integrated with public and private key cryptography was adopted to ensure the effectiveness of the scheme. Due to critical and real-time nature of the health application, WBANs also need to provide acceptable Quality of Service(QoS) in order to provide an efficient, valuable and fully reliable assistance to patients. Taking QoS as an evaluation metric, we study packet scheduling schemes for realtime transmission in WBAN and classified real-time and non real-time traffic to minimize the waiting time of eHealth application's data traffic. Secondly, we propose an Agent-based Secure and Trustworthy packet-forwarding Protocol (ASTP) for a cooperative mobile social network. In a cooperative mobile social network environment patient equipped with WBANs forms an on-demand adhoc network and use multi-hop routing to enhance network performance, minimize the cost of deployment, increase the coverage area as well as reduce the overall service cost. We use Semi-agent-symmetric trust metric, considering neighbor nodes' previous and recent activities and incorporate with proper security tools that enhanced the overall performance. Renewable pseudo-identities are used to ensure patients' identity privacy. Security analysis and experimental results demonstrate that ASTP improves the average packet delivery ratio and maintains the require security and privacy at the cost of an acceptable communication delay. Considering patients living in rural area, thirdly we introduce a delay-tolerant secure long-term health care scheme, RuralCare, for collecting patient’s sensitive PHI by using conventional transportation vehicles (e.g., cars, buses) as relay nodes. These vehicles are expected to store, carry, and forward the PHI to the health-service-provider located mostly at the city area following an opportunistic routing. RuralCare improves network performance by providing incentive to the cooperative vehicles, and encompasses identity based cryptography to ensure security and privacy of the PHI during the routing period by using short digital signature and pseudo-identity. Network fairness and resistance to different possible attacks are also ensured by RCare. Extensive security and performance analyses demonstrate that RuralCare is able to achieve desired security requirements with effectiveness in terms of high delivery ratio. Finally, to store patients’ sensitive PHI at the cloud storage and ensure availability with reducing the capital and operational expenditures, we propose a patient-centric personal health information sharing and access control scheme (ESPAC). ESPAC relieves the health service provider’s (HSP) additional burden for PHI storage, management, and maintenance by incorporating cloud storage services to electronic Health (eHealth) care system. ESPAC adopts attribute based encryption and assigns different attributes to PHI access requesters based on their roles and relation to the patient. To ensure authenticated PHI access with minimum computation, we further enhance the proposed scheme ESPAC as M-ESPAC by introducing multi-parties proxy re-encryption protocol. Light weight partial and block PHI audits make the M-ESPAC efficient to ensure stored PHI integrity and availability. Extensive performance and security analyses demonstrate that proposed schemes are able to achieve desired security requirements with acceptable computation and storage costs. The research results of the thesis should be useful for the implementation of secure and privacy-preserving eHealth care system with patient centric access control of stored PHIs

Towards Security and Privacy in Networked Medical Devices and Electronic Healthcare Systems

E-health is a growing eld which utilizes wireless sensor networks to enable access to effective and efficient healthcare services and provide patient monitoring to enable early detection and treatment of health conditions. Due to the proliferation of e-health systems, security and privacy have become critical issues in preventing data falsification, unauthorized access to the system, or eavesdropping on sensitive health data. Furthermore, due to the intrinsic limitations of many wireless medical devices, including low power and limited computational resources, security and device performance can be difficult to balance. Therefore, many current networked medical devices operate without basic security services such as authentication, authorization, and encryption. In this work, we survey recent work on e-health security, including biometric approaches, proximity-based approaches, key management techniques, audit mechanisms, anomaly detection, external device methods, and lightweight encryption and key management protocols. We also survey the state-of-the art in e-health privacy, including techniques such as obfuscation, secret sharing, distributed data mining, authentication, access control, blockchain, anonymization, and cryptography. We then propose a comprehensive system model for e-health applications with consideration of battery capacity and computational ability of medical devices. A case study is presented to show that the proposed system model can support heterogeneous medical devices with varying power and resource constraints. The case study demonstrates that it is possible to signicantly reduce the overhead for security on power-constrained devices based on the proposed system model