More Like this

1. Secure Architecture for Inter-Healthcare Electronic Health Records Exchange

   https://doi.org/10.1109/IEMTRONICS51293.2020.9216336  

   Ajayi, Oluwaseyi; Abouali, Meryem; Saadawi, Tarek (September 2020, IEEE International IOT, Electronics and Mechatronics Conference (IEMTRONICS))

   null (Ed.)

   The increase in cyberattacks against the healthcare system, notably Electronic Health Records (EHRs) breaches, has cost the healthcare providers more in recent years. This situation is predicted to increase in the coming years as the healthcare systems are proposing a consortium EHRs repository. Due to this reason, it is crucial to deploy solutions that can ensure the security of shared health records. More specifically, maintaining the integrity and consistency of shared EHRs becomes pertinent. In this on-going research, we propose a blockchain-based solution that facilitates a scalable and secured inter-healthcare EHRs exchange. These healthcare systems maintain their records on individual private blockchain networks, and the blockchains interact to exchange patient health history based on request. The proposed solution verifies the integrity and consistency of requests and replies from other healthcare systems. It presents them in a standard format that can be easily understood by different healthcare nodes. The verification steps guard against malicious activities on both stored and in transit EHRs from insider and outsider threat actors. We evaluate the security analysis against frequently encounter outsider and insider threats within a healthcare system. The preliminary result shows that the architecture can detect and prevent threat actors from uploading compromising EHRs into the network and prevents unauthorized retrieval of patient's information. 

   more » « less
2. PUFchain 3.0: Hardware-Assisted Distributed Ledger for Robust Authentication in Healthcare Cyber–Physical Systems

   https://doi.org/10.3390/s24030938  

   Bathalapalli, Venkata K.; Mohanty, Saraju P.; Kougianos, Elias; Iyer, Vasanth; Rout, Bibhudutta (February 2024, Sensors)

   This article presents a novel hardware-assisted distributed ledger-based solution for simultaneous device and data security in smart healthcare. This article presents a novel architecture that integrates PUF, blockchain, and Tangle for Security-by-Design (SbD) of healthcare cyber–physical systems (H-CPSs). Healthcare systems around the world have undergone massive technological transformation and have seen growing adoption with the advancement of Internet-of-Medical Things (IoMT). The technological transformation of healthcare systems to telemedicine, e-health, connected health, and remote health is being made possible with the sophisticated integration of IoMT with machine learning, big data, artificial intelligence (AI), and other technologies. As healthcare systems are becoming more accessible and advanced, security and privacy have become pivotal for the smooth integration and functioning of various systems in H-CPSs. In this work, we present a novel approach that integrates PUF with IOTA Tangle and blockchain and works by storing the PUF keys of a patient’s Body Area Network (BAN) inside blockchain to access, store, and share globally. Each patient has a network of smart wearables and a gateway to obtain the physiological sensor data securely. To facilitate communication among various stakeholders in healthcare systems, IOTA Tangle’s Masked Authentication Messaging (MAM) communication protocol has been used, which securely enables patients to communicate, share, and store data on Tangle. The MAM channel works in the restricted mode in the proposed architecture, which can be accessed using the patient’s gateway PUF key. Furthermore, the successful verification of PUF enables patients to securely send and share physiological sensor data from various wearable and implantable medical devices embedded with PUF. Finally, healthcare system entities like physicians, hospital admin networks, and remote monitoring systems can securely establish communication with patients using MAM and retrieve the patient’s BAN PUF keys from the blockchain securely. Our experimental analysis shows that the proposed approach successfully integrates three security primitives, PUF, blockchain, and Tangle, providing decentralized access control and security in H-CPS with minimal energy requirements, data storage, and response time. 

   more » « less
3. Detecting Insider attacks in Blockchain Networks

   Ajayi, O.; Saadawi, T. (November 2021, IEEE 2021 International Symposium on Networks, Computers and Communications: Trust, Security, and Privacy (ISNCC- 2021 TSP)

   null (Ed.)

   Blockchain technology has recently gained high popularity in data security, primarily to mitigate against data breach and manipulation. Since its inception in 2008, it has been applied in different areas mainly to maintain data integrity and consistency. Blockchain has been tailored to secure data due to its data immutability and distributive technology. Despite the high success rate in data security, the inability to identify compromised insider nodes is one of the significant problems encountered in blockchain architectures. A Blockchain network is made up of nodes that initiate, verify and validate transactions. If compromised, these nodes can manipulate submitted transactions, inject fake transactions, or retrieve unauthorized information that might eventually compromise the stored data's integrity and consistency. This paper proposes a novel method of detecting these compromised blockchain nodes using a server-side authentication process and thwart their activities before getting updated in the blockchain ledger. In evaluating the proposed system, we perform four common insider attacks, which fall under the following three categories: (1)Those attacks targeting the Blockchain to bring it down. (2) the attacks that attempt to inject fake data into the database. (3) The attacks that attempt to hijack or retrieve unauthorized data. We described how we implement the attacks and how our architecture detects them before they impact the network. Finally, we displayed the attack detection time for each attack and compared our approach with other existing methods. 

   more » « less
4. Blockchain-Enabled Communication Framework for Secure and Scalable Healthcare Data Processing

   https://doi.org/10.1109/SoutheastCon56624.2025.10971535  

   Das, Debashis; Landrum, La Chiara; Chatterjee, Pushpita; Ghosh, Uttam; Hussain, Sajid (March 2025, IEEE)

   The need for secure and efficient communication between connected devices continues to grow in healthcare systems within smart cities. Secure communication of healthcare data in Internet of Things (IoT) systems is critical to ensure patient privacy and data integrity. Problems with healthcare communication, like data breaches, integrity issues, scalability issues, and cyber threats, make it harder for people to trust doctors, cause costs to rise, stop people from using new technology, and put private data at risk. So, this paper presents a blockchain-based hybrid method for sending secure healthcare data that combines IoT systems with blockchain technology and high-tech encryption techniques like elliptic curve cryptography (ECC). The proposed method uses the public key of a smart contract to encrypt private data to protect its privacy. It also uses cryptographic hashing and digital signatures to make sure that the data is correct and real. The framework stores metadata (e.g., hashes and signatures) on-chain, and large data uses off-chain storage like IPFS to reduce costs and improve scalability. It also incorporates a mechanism to authenticate IoT devices and enable secure communication across heterogeneous networks. Moreover, this work bridges gaps in existing solutions by providing an end-to-end secure communication system for healthcare applications. It provides strong data security and efficient storage for a reliable and scalable way to handle healthcare data safely in IoT ecosystems. 

   more » « less
5. An Approach Towards the Security Management for Sensitive Medical Data in the IoMT Ecosystem

   https://doi.org/10.1145/3565287.3623388  

   Chatterjee, Pushpita; Das, Debashis; Banerjee, Sourav; Ghosh, Uttam; Mpembele, Armando B; Rogers, Tamara (October 2023, ACM)

   The Internet of Medical Things (IoMT) is a network of interconnected medical devices, wearables, and sensors integrated into healthcare systems. It enables real-time data collection and transmission using smart medical devices with trackers and sensors. IoMT offers various benefits to healthcare, including remote patient monitoring, improved precision, and personalized medicine, enhanced healthcare efficiency, cost savings, and advancements in telemedicine. However, with the increasing adoption of IoMT, securing sensitive medical data becomes crucial due to potential risks such as data privacy breaches, compromised health information integrity, and cybersecurity threats to patient information. It is necessary to consider existing security mechanisms and protocols and identify vulnerabilities. The main objectives of this paper aim to identify specific threats, analyze the effectiveness of security measures, and provide a solution to protect sensitive medical data. In this paper, we propose an innovative approach to enhance security management for sensitive medical data using blockchain technology and smart contracts within the IoMT ecosystem. The proposed system aims to provide a decentralized and tamper-resistant plat- form that ensures data integrity, confidentiality, and controlled access. By integrating blockchain into the IoMT infrastructure, healthcare organizations can significantly enhance the security and privacy of sensitive medical data. 

   more » « less