ABSTRACT– IoT or the Internet of Things is considered as a powerful rising domain, which is associated with the various type of embedded devices or sensors. This sensors or embedded devices have the capability of connecting themselves and exchange the information over the internet. The use of the IoT devices are increasing day by day and the data provided by this devices are also critical. For this reason, it is very essential to have certain security constraints, which would be helping in the securing of the data along with special authentication schemes, which are not associated with the consumption of the high computing as well as the energy resources. This paper would be mainly discussing about the IoT healthcare usage. A literature review has been conducted in this report regarding the usage of the IoT in healthcare besides this the report also discusses about the past and the present works done with the IoT in healthcare. 1.INTRODUCTION(15MARKS) Internet of things or the IoT can be considered as one of the most common research topic. The growt of this technology has been greatly favored by the various type of advancements that has occurred in the field of electronics, IPv6 and the wireless networks [1]. The use of IoT has greatly increased and it is being used in various environments, which includes the homes, healthcare, and many more. Besides this various type of approached have been proposed which can be used for eth purpose of controlling the IoT devices. The major concern regarding the use of the IoT includes the various type of security issues. The security concerns are to be kept in the highest priority and should be first topic for the research [2]. The interest of body wearable is increasing day by day which is acting as a powerful tool for different application of healthcareandalsothedifferentdevices.DifferentIoT devices areavailable which arecurrently being used for variouspurposeswhichmainlyincludesthepersonal healthcare, awareness regarding various activities and fitness. 2.BACKGROUND/LITERATUREREVIEW Various researchers have been associated with proposing new techniques of clinical application of the IoT technology. Thistechnologyhasgreatlyhelpedinremotehealthcare monitoring along with functionalities for long-term recording of the health statues [3]. It has been seen that most of the remote health care frameworks, which has been proposed, consists ofthreetiersand this includesthe body sensor network tier, communication and networking tier and lastly the processing and the analyzing nodes. The first tier or the body sensor network tier mainly includes the various wearable sensors, which works like as the unit for data acquisition. The second tier or the communication and the networking and the services are associated with the collection of the data from the sensors and then forward the data to the next tier [4][5]. The last tier, which is associated with the processing and analyzing of the nodes [6][7]. Mostoftheresearchershavebeenfacingacertain challenges. The main challenges which the researcher are facing while proposing new authentication mechanism but alsowhileproposingnewauthenticationmechanismthat would be responsible for supporting the different kinds of IoT devices[8].Theauthenticationstandardsthatthesmart phones are having would be applicable for the smart devices as well. By smart devices, we mainly mean the smart watches, smart thermostat and many more [9]. The researchers have been capable of proposing two main device identity security solutions, this mainly includes the Physicalprotectionsolution,andthecryptographybased authentication solution [10]. The main purpose of designing the physical protection approach is for protecting the device from being damaged or attacked at the level of the physical layerand this is mainly done applicationof the various physical concepts [11]. Along with this, the cryptography based authentication approach is mainly designed by making use of the IoT Based RFID in the field of security. Besides thisitalsoconsistsofvariousfeaturesanddifferent algorithms has been proposed which are based upon the IoT RFID [12]. There exists limited number of resources in the IoT devices and all this are connected to the resources. This ultimately makes the devices vulnerable to various kind of risks and the devices become vulnerable to this attack [13]. In order to guaranteethesecurityandalsotoidentifytheidentities authenticationisneededandthiswouldbehelpingin preventing the attackers and other type of malicious attacks [14]. High resources are required for the processing in the traditional authentication methods. Besides this, the IoT is also considered as a constraint resource environment, which is having a limited number of resources. Along with this, a lightweight authentication approach assisted by the robust security features which is generally required for preserving the energy and to fit the processing capabilities [15][16]. Some of the latest authentication approach have been used for the purpose of providing a secure communication. The approaches have been associated with the use of the HTTP protocol in order to authenticate the communication suffer [17]. In addition, this is done from the high overhead, which is resulted from the usage of the HTTP protocol. This HTTP protocols are not at all optimized for the IoT environment, whicharehavinglimitedresources.Whereastheother approaches are associated with the usage of the AES in order to encrypt the communication [18]. The AES is associated with the usage of the long encryption keys along with the complex calculations which are ultimately resulting in the high consumption of the power and are also not fitted for the requirements of the IoT energy resources which are restricted [19]. 2.1Related work Various types of authentication has been proposed for the purpose of providing the authentication that is required by the
IoT devices [20]. An enhances mutual authentication model was proposed by [18] for the IoT environment. Besides this, they were also associated with providing a some suggestions regarding the improvement of the algorithm associated with authenticating the RFID authenticationprotocol, which is based upon the challenge response present in the distributed database environment. This ultimately resulted in making the proposed architecture much more suitable for the IoT control system environment [21]. Three main steps are included in this approach and this includes theadd backup device for eachterminaldevicesusedforcontrolling,addmonitor devices to follow and monitor terminal devices and finally add apushinalarmmechanismforalarmingforanyfailed authentication process. WhereasaTwo-PhaseAuthenticationProtocolwas proposed by [22] for the Wireless Sensor Network present in the Distributed IoT application. This protocol can be stated as the certificate based authentication approach. The two phase authentication is associated allowing both the IoT devices as wellasthecontrolstationinordertoauthenticateand recognize each other. Besides this a secure connection was also established and the transfer of the data was done in a secure way. They were also associated with using the protocol supports resources limitation of the sensor nodes and had also considered the network scalability and heterogeneity. Besides this the CA or the Certificate authority was used for the purposeofissuingthecertificates.Onceacertificateis received then the existing nodes would be capable of moving and changing their location. The CA would also be helping in thevalidationoftheidentityofthesensorsand communicating with the other entities present at the network. Before initializing a connection the team members need to connect to the CA first in order to confirm the identity of the destination. The approach has also been considered as an end- to-end application layer authentication approach and is also dependent on the other security features present at the lower layer. A light weight mutual authentication schema was proposed by [23] in order to validate the identities in the IoT devices which are associated with participating in the environment before participating in the network. Along with this they also proposed a decreased communication overhead. They were alsoassociatedwithchoosingaConstrainedApplication Protocol (CoAP) as a under layer protocol in order to provide communication that exists between the various IoT devices. The process of authentication has been completed by making use of the 128-bit AES or the Advanced Encryption Standard. After this an identification of the client and the server is done at the first step. Followed by this is the providing of different resourcestotheclientswhicharebaseduponcertain conditions that are determined according to the request. The transmission of the condition specific data is associated with minimizing the number of transmitted packets. The ultimate result is the reduction of the energy consumption and the computation. A secure authentication schema for the IoT was proposed by the [24] which was mainly dependent on the ECC or the EllipticalCurveCryptographybasedalgorithmwhichis associated with supporting the security solutions which are better. This happens when it is compared with the other type of PKC or the Public Key cryptography algorithm due to the small size of the keys [25]. Besides this the authentication protocol is used by the EEC for the embedded devices which in turn makes use of the HTTP protocol. By making use of the cookies of the HTTP authentication of the smart devices are done and this a novel approach. All these devices needs to be configuredby making useoftheTCP/IP. TheProposed Authentication Protocol was designed for the purpose of using the HTTP cookies which are to be implemented in order to fit theembeddeddeviceswhicharehavingtheconstrain environment and are controlled by the cloud servers. Three phases are included in the proposed protocol and the phase includesthephaseofregistration,phaseofthepre- computation and the phase of login. The phase of registration mainlyincludestheembeddeddeviceswhichregisters themselves with the cloud servers and this in turn is associated with sending back of the cookies that are generally stored in the embedded devices. Whereas in the pre-computational and theloginphasethedeviceshavebeenassociatedwith connecting with the server and they need to send a request for login [26]. Lastly, in the authentication phase the embedded devicesaswellthecloudservershavetomutually authenticate themselves by making use of the EEC algorithm. Insteadofhavingsmallencryptionkeythishasbeen associated with increasing the size of the encrypted message in a significant way. Besides this the ECC algorithm is very much complex along with being difficult for implementation when compared with the other cryptographic algorithms and they also require much more processing resources. A Threshold Cryptography-based Group Authentication or the TCGA was proposed for the IoT in [27]. This model has been associated with providing an authenticity for the IoT devices which is mainly based upon the communication model of the group. Besides this the TCGA is also designed for the purpose of implementing it in the Wi-Fi environment. Besides this it is also associated with creating a secret channel or session keys for authenticating each group and this in turn can be used for the purpose of group applications. There exists a group head in each group and they are responsible for the generation of the keys and followed by the distribution of the new keys every time whenever a new member gets added for the purpose of preserving the leakage of the group keys. This group head is generally referred to as the group authority. There exists five main modules and this mainly includes the distribution of the keys, updating of the keys, generation of the group credits, authenticating the listener and decryption of the messages. Accordingto[28]SEAortheSecureandEfficient Authentication and Authorization Architecture for the IoT based healthcare was proposed by making use of the Smart Gateways.Thisarchitecturewasmainlybaseduponthe certificate-based DTLS handshake protocol. The following parts have been included in the Architecture and this mainly includes the medical sensors network which are associated
with the gathering of the information from the body of the patients or froma roomof thepatientwhich would be followed by helping in the process of treatment and medical diagnosis. The second component mainly includes the Smart e-HealthGatewaywhichisassociatedwithenablingthe various systems responsible for communication which would be acting as an immediate for the MSN and also for the internet. Lastly the third part includes the Back-end system which are associated with receiving, processing and storing of the information which are collected. New CoAP option was proposed by [29]. This CoAP is associated with working at the application layer which is associated with providing the ability of retrieving the data from devices. This data might include the metadata and the measurement of the sensors. This information are used by different real-time applications. However, sometimes it is a security requirement to not retrieve the raw communication data. However only the abstractions, which also includes the high level state of the observed entities. Additionally along with the nature of the resource constrained devices might be accesses by anyone by making use of the internet, reduction of theconsumptionofenergyalsoplaysavitalrole.The proposed option would be helping in reducing the messages numbers while observing the sensor resources and this would be resulting in the reduced consumption of the energy along with increasing the lifetime of the devices. The highest concern in the developing mainly includes the prevention of the exhaustion of the resources. This resources are responsible for the restriction of the nature of the IoT environmentdevicesandmainlyrequiresauthentication mechanisms whichwould be fitting the limitedmemory, processingandtheenergyoftheIoTdevices[30].The researchproposalisassociatedwithprovidingan authentication mechanism which is mainly dependent on the CoAP and the Elliptic Curve Cryptography or the ECC [30]. References: [1]Gope, P., & Hwang, T. (2016). BSN-Care: A secure IoT-based modern healthcaresystemusingbodysensornetwork.IEEESensors Journal,16(5), 1368-1376. [2]Manogaran, C. T. G., & Priyan, M. (2017). Centralized fog computing security platform for IoT and cloud in healthcare system.Exploring the convergence of big data and the internet of things, 141. [3]Fernandez, F., & Pallis, G. C. (2014, November). Opportunities and challenges of the Internet of Things for healthcare: Systems engineering perspective.InWirelessMobileCommunicationandHealthcare (Mobihealth), 2014 EAI 4th International Conference on(pp. 263-266). IEEE. [4]Farooq, M. U., Waseem, M., Mazhar, S., Khairi, A., & Kamal, T. (2015). A review on internet of things (IoT).International Journal of Computer Applications,113(1). [5]Atzori, L., Iera, A., & Morabito, G. (2010). The internet of things: A survey.Computer networks,54(15), 2787-2805. [6]Hassanalieragh, M., Page, A., Soyata, T., Sharma, G., Aktas, M., Mateos, G., ... & Andreescu, S. (2015, June). Health monitoring and management using Internet-of-Things (IoT) sensing with cloud-based processing:Opportunitiesandchallenges.InServicesComputing (SCC), 2015 IEEE International Conference on (pp. 285-292). IEEE. [7]Abie, H., & Balasingham, I. (2012, February). Risk-based adaptive securityforsmartIoTineHealth.InProceedingsofthe7th International Conference on Body Area Networks(pp. 269-275). ICST (InstituteforComputerSciences,Social-Informaticsand Telecommunications Engineering). [8]Bui, N., & Zorzi, M. (2011, October). Health care applications: a solution based on the internet of things. InProceedings of the 4th InternationalSymposiumonAppliedSciencesinBiomedicaland Communication Technologies(p. 131). ACM. [9]Zhao, K., & Ge, L. (2013, December). A survey on the internet of things security. InComputational Intelligence and Security (CIS), 2013 9th International Conference on(pp. 663-667). IEEE. [10]Azzawi, M. A., Hassan, R., & Bakar, K. A. A. (2016). A Review on Internet of Things (IoT) in Healthcare.International Journal of Applied Engineering Research,11(20), 10216-10221. [11]Govinda,K.,&Saravanaguru,R.(2016).ReviewonIOT Technologies.InternationalJournalofAppliedEngineering Research,11(4), 2848-2853. [12]Mahalle, P., Babar, S., Prasad, N. R., & Prasad, R. (2010, July). Identity management framework towards internet of things (IoT): Roadmap and key challenges. InInternational Conference on Network Security and Applications(pp. 430-439). Springer, Berlin, Heidelberg. [13]Toma, I., Simperl, E., & Hench, G. (2009, June). A joint roadmap for semantic technologies and the internet of things. InProceedings of the Third STI Roadmapping Workshop, Crete, Greece(Vol. 1). [14]Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013). Internet of Things(IoT):Avision,architecturalelements,andfuture directions.Future generation computer systems,29(7), 1645-1660. [15]Madakam, S., Ramaswamy, R., & Tripathi, S. (2015). Internet of Things (IoT):Aliteraturereview.JournalofComputerand Communications,3(05), 164. [16]Suresh, P., Daniel, J. V., Parthasarathy, V., & Aswathy, R. H. (2014, November). A state of the art review on the Internet of Things (IoT) history, technology and fields of deployment. InScience Engineering and Management Research (ICSEMR), 2014 International Conference on(pp. 1-8). IEEE. [17]Zhang, Z. K., Cho, M. C. Y., Wang, C. W., Hsu, C. W., Chen, C. K., & Shieh, S. (2014, November). IoT security: ongoing challenges and research opportunities. InService-Oriented Computing and Applications (SOCA), 2014 IEEE 7th International Conference on(pp. 230-234). IEEE. [18]Khoo, B. (2011, October). RFID as an Enabler of the Internet of Things: Issues of Security and Privacy. InInternet of Things (iThings/CPSCom), 2011 International Conference on and 4th International Conference on Cyber, Physical and Social Computing(pp. 709-712). IEEE. [19]Suo, H., Wan, J., Zou, C., & Liu, J. (2012, March). Security in the internetofthings:areview.InComputerScienceandElectronics Engineering (ICCSEE), 2012 international conference on(Vol. 3, pp. 648-651). IEEE. [20]Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014). Security of theInternetofThings:perspectivesandchallenges.Wireless Networks,20(8), 2481-2501. [21]YANG, J. C., Hao, P. A. N. G., & ZHANG, X. (2013). Enhanced mutual authentication model of IoT.The Journal of China Universities of Posts and Telecommunications,20, 69-74. [22]Rhee, K., Kwak, J., Kim, S., & Won, D. (2005, April). Challenge- response based RFID authentication protocol for distributed database environment.InInternationalConferenceonSecurityinPervasive Computing(pp. 70-84). Springer, Berlin, Heidelberg. [23]Porambage, P., Schmitt, C., Kumar, P., Gurtov, A., & Ylianttila, M. (2014, April). Two-phase authentication protocol for wireless sensor networks in distributed IoT applications. InWireless Communications andNetworkingConference(WCNC),2014IEEE(pp.2728-2733). IEEE. [24]Jan, M. A., Nanda, P., He, X., Tan, Z., & Liu, R. P. (2014, September). A robust authentication scheme for observing resources in the internet of things environment. InTrust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on(pp. 205-211). IEEE. [25]Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for IoT and cloud servers.Pervasive and Mobile Computing,24, 210-223.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
[26]Batina,L.,Guajardo,J.,Kerins,T.,Mentens,N.,Tuyls,P.,& Verbauwhede, I. (2007, March). Public-key cryptography for RFID- tags. InPervasive Computing and Communications Workshops, 2007. PerCom Workshops' 07. Fifth Annual IEEE International Conference on(pp. 217-222). IEEE. [27]Liu, J., Xiao, Y., & Chen, C. P. (2012, June). Authentication and access control in the internet of things. InDistributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on(pp. 588-592). IEEE. [28]Mahalle, P. N., Prasad, N. R., & Prasad, R. (2014, May). Threshold cryptography-basedgroupauthentication(TCGA)schemeforthe internetofthings(IoT).InWirelessCommunications,Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), 2014 4th International Conference on(pp. 1-5). IEEE. [29]Moosavi, S. R., Gia, T. N., Rahmani, A. M., Nigussie, E., Virtanen, S., Isoaho,J.,&Tenhunen,H.(2015).SEA:asecureandefficient authentication and authorization architecture for IoT-based healthcare using smart gateways.Procedia Computer Science,52, 452-459. [30]Mietz, R., Abraham, P., & Romer, K. (2014, April). High-level states with CoAP: Giving meaning to raw sensor values to support IoT applications. InIntelligent Sensors, Sensor Networks and Information Processing(ISSNIP),2014IEEENinthInternationalConference on(pp. 1-6). IEEE. [31]Shelby,Z.,Hartke,K.,&Bormann,C.(2014).Theconstrained application protocol (CoAP). [32] Kapoor, V., Abraham, V. S., & Singh, R. (2008). Elliptic curve cryptography.Ubiquity,2008(May), 7.