Recent Advances in Security and Privacy for Wireless Sensor Networks 2016View this Special Issue
Research Article | Open Access
Jin-Xin Hu, Chin-Ling Chen, Chun-Long Fan, Kun-hao Wang, "An Intelligent and Secure Health Monitoring Scheme Using IoT Sensor Based on Cloud Computing", Journal of Sensors, vol. 2017, Article ID 3734764, 11 pages, 2017. https://doi.org/10.1155/2017/3734764
An Intelligent and Secure Health Monitoring Scheme Using IoT Sensor Based on Cloud Computing
Internet of Things (IoT) is the network of physical objects where information and communication technology connect multiple embedded devices to the Internet for collecting and exchanging data. An important advancement is the ability to connect such devices to large resource pools such as cloud. The integration of embedded devices and cloud servers offers wide applicability of IoT to many areas of our life. With the aging population increasing every day, embedded devices with cloud server can provide the elderly with more flexible service without the need to visit hospitals. Despite the advantages of the sensor-cloud model, it still has various security threats. Therefore, the design and integration of security issues, like authentication and data confidentiality for ensuring the elderly’s privacy, need to be taken into consideration. In this paper, an intelligent and secure health monitoring scheme using IoT sensor based on cloud computing and cryptography is proposed. The proposed scheme achieves authentication and provides essential security requirements.
With the rapid development of the Internet of Things (IoT), medical sensors, and Internet applications, online medical service has become possible in recent years. It is noteworthy that the number of elders with chronic disease is increasing every year. An aging society refers to a population structure model in which the aging population reaches or exceeds a certain proportion. According to the UN’s traditional standard a region is regarded as an aging society when people over 60 years old account for 10% of the total population, while the new standard is people over 65 years old representing 7% of the total population. Between 2015 and 2050, the proportion of the world’s population over 60 years will nearly double, from 12% to 22% . An aging society means low fertility, aging population structure, and social security system lag. In the meantime, the health of the elderly has become a highlighted social issue. While more and more elders need long-term care, they also want to remain independent and active and reside in their own homes for as long as possible. Due to the lack of medical resources, they cannot be treated appropriately. The hospitals are filling up with an aging population, recovery groups and high risk groups. Continuous monitoring of critical vital signs of patients is a key process in hospitals. Today, this is usually performed via different cabled sensors attached to the patient and connected to bedside monitors . The limitation here is that the elders are tied to bedside devices. Consequently, it has become feasible and necessary to perform personal diagnoses of medical diseases with the measurement repository without visiting hospitals . With the increasing availability of medical sensors and IoT devices for personal use, this situation opens up a new application area for body sensor networks.
Wireless sensor networks (WSNs) are an emerging technology that possesses a huge potential to play an important role in many applications . The rapid growth in physiological sensors, low-power integrated circuits, and wireless communication has enabled a new generation of wireless sensor networks, now used for purposes such as monitoring traffic, crops, infrastructure, and health. The body area network field is an interdisciplinary area which could allow inexpensive and continuous health monitoring with real-time updates of medical records via the Internet .
However, with the presence of sensor networks, many challenges have emerged in terms of flexibility, scalability, and heterogeneous information services. The integration of WSN with cloud provides greater flexibility, unlimited resources, immense processing power, and the ability to provide quick response to the user . Cloud computing provides scientists with a completely new model for utilizing the computing infrastructure. Computer resources and storage resources and applications can be dynamically provisioned (and integrated within the existing infrastructure) on a pay-per-use basis . To provide more suitable and convenient network services, cloud computing has become even more flexible for personal use. Since the cloud is a broad collection of services, organizations can choose where, when, and how they use cloud computing . There are different types of cloud computing services commonly referred to as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Many studies [3, 9] pointed out that cloud computing services are clearly the future trend. Cloud computing services are provided through a browser to access online programming applications, software, and data . Cloud providers have to adhere to security and privacy policies to ensure their users’ data remain confidential and secure .
Moreover, since the number of smart phones is estimated to reach 1 billion, traditional phones started to be gradually eliminated in 2015. The rapid development of smart phones and the related technology means that mobile computing is no longer the priority; we should also focus on reducing the computation cost and communication cost to achieve the optimal efficiency. Despite the agreement and certification of parties to browse medical information, the public still has concerns about the electronic medical record (EMR) system because of the information security issues, such as hacking, information transfer time, and long-term data management problems.
In recent years, many medical resources have been implemented for people seeking medical advice conveniently . In the literature , researchers combine mobile devices and body sensors but do not sufficiently discuss security issues. Security issues of IoT sensors and medical systems have always been a vital aspect part of active research. It is important to consider security solutions to guarantee data authenticity, freshness, replay protection, integrity, and confidentiality. Some research, such as [13–15], specifically address security issues with respect to healthcare applications. In 2014, Ben Othman et al. proposed an efficient solution for securing data transmission, which combines compressive sensing with encryption and integrity checking . In 2015, an ECC-based mutual authentication protocol for secure communication between embedded devices and cloud servers was presented in a paper by Kalra and Sood . In 2016, Lounis et al. proposed a new cloud-based architecture for medical wireless sensor networks which can ensure the security of medical data without patients/doctors interventions . However, these schemes still fail to ensure a patient’s privacy and nonrepudiation. In this paper, we propose an intelligent and secure monitoring scheme using IoT sensors based on cloud computing to protect the elders’ privacy.
The main problem here is that the elderly population is increasing every day and they should not be tied to their bed with monitoring machines, causing them inconvenience and entailing the waste of medical resources. On the other hand, the elderly with chronic conditions also have a high probability of suffering some acute diseases or episodes, such as heart attacks. Without the appropriate medical assistance, the consequences will be very serious. The EMR will be used in our scheme to provide more flexible and appropriate medical service. Due to the importance of the elders’ privacy, the proposed scheme should focus on the advantages offered by the characteristics of cloud computing and the security of the elders’ information.
The remainder of the paper is organized as follows: Section 2 describes the current approaches on the configuration of medical sensor networks. Section 3 introduces our scheme architecture for a wireless IoT sensor network and the set-up procedure. In Section 4, we analyze the security issues of our scheme and compare it with other schemes. Section 5 contains some conclusions and offers some ideas for future work.
2. The Proposed Scheme
In our scheme, each party should register at the key generation center which will issue a pair of public key and private key, to communicate with other parties. The user also gets the pregenerated key; it can be used to encrypt the private health information. The elders can use a mobile device to connect to the IoT medical sensor which can collect the biological data. Seven parties are involved in our scheme as follows.
(1) Elder (E). The aging population with chronic disease (e.g., heart disease, diabetes, and hypertension) wears the IoT medical sensor which can collect biological data.
(2) Cloud (C): Intelligent Data Storage. The elder can access the cloud service to upload/download the health information via authentication. It can provide smart applications and send private health reports to the elder at set periods of time. Once there is an emergency situation, the cloud will notify the hospital.
(3) Hospital (H). It is a hospital where the elder can get physical inspection and the report. Once the elder’s biological data are over a threshold, the hospital will notify the elder and dispatch an ambulance after it gets the cloud’s notification.
(4) Key Generation Center (KGC). The key generation center will issue a pair of public key and private key for the registered parties. The user’s pregenerated key and the time of the key’s generation are stored in the database.
(5) IoT Medical Sensor (MS). It is the collecting device of the elder’s biological data. The IoT medical sensor can also transfer the collected data to the mobile device via Bluetooth (Bluetooth 4.0) and the mobile device can transfer the data to the cloud.
(6) Mobile Device (MD). A portable computing device with a unique International Mobile Equipment Identity (IMEI) which can connect with the IoT medical sensor. It can locate the elder with Global Positioning System (GPS) when there is an emergency and get the reports for normal situation.
(7) Emergency Family Contacts (EFC). They are the elder’s family members.
The elder goes to the hospital for a health inspection and the report will be uploaded to the cloud. Every set period of time, the IoT medical sensor will collect the elder’s biological data and transfer them to the cloud via mobile device. The hospital and the cloud process authentication procedure. The scenarios are described in Figure 1.(1)The elder, the hospital, and the cloud must register at the key generation center in advance via secure channel.(2)The elder goes to hospital for a physical inspection.(3)The hospital uploads the elder’s physical inspection report to the cloud.(4)The IoT medical sensor gets the elder’s biological data via set periods of time and sends it to the mobile device.(5)The mobile device uploads the biological data to the cloud.(6)The cloud compares the data sent from the mobile device with the standard values stored in the database. Once there is an emergency, the cloud notifies the hospital and contacts the elder’s family in an acceptable time.(7)After the hospital gets the notification, it sends messages and dispatches an ambulance to the elder.(8)If the data collected by the IoT medical sensor are normal, the cloud sends a health report to the elder at set periods of time.
The following lists notations that will be used in our scheme: : ’s identity. : the secret value. : the KGC’s private key. : the hash function , . : the hash function, . : the valid transmission time interval. : the th timestamp generated by . : the elder’s physical inspection report generated by the hospital. : the elder’s biological data collected by the IoT medical sensor, for example, EGC, heart rate, oxygen saturation, blood pressure, body temperature, and blood glucose. : party’s identity certification being issued by the KGC. IMEI: International Mobile Equipment Identity. : ’s public/private key. : the session key between and . : using the symmetric key K to encrypt/decrypt a message M. : using the private key to sign/decrypt a message M. : using the public key to verify/encrypt a message M. : the patient’s health information being generated by . : the emergency message. : the normal report. : checking if is equal to .
2.2. Registration Phase
Both the elder and the hospital must register at the key generation center in advance. The KGC will issue a pair of public key and private key for each party. The user will get the cloud’s public key and use the pregenerated key to encrypt/decrypt the medical information. The KGC will also record the key’s generation time in the database. The flowchart of the registration phase is shown in Figure 2.
(1) The elder, the hospital, and the cloud choose the identity and send it to the key generation center through a secure channel. The elder should also send his/her mobile devices IMEI and personal contact information to the KGC, including emergency family contacts.
(2) After receiving the message, the KGC uses the private key to compute the user’s public key , the private key , and the pregenerated session key as follows:
Then, the KGC sends (), (), and () to the elder, the hospital, and the cloud, respectively. In addition, the KGC generates the certification for the elder and hospital, respectively.
(3) Each party stores (), (), and (), respectively. The elder and hospital can use the certification to process authentication.
2.3. The Health Data Uploading Phase
2.3.1. The Hospital Uploads Physical Inspection Report Case
The elder goes to the hospital for a physical inspection. After the hospital and the cloud process authentication, the hospital uploads the physical inspection report to the cloud. The flowchart of the hospital uploading physical inspection report case is shown in Figure 3.
(1) The hospital uses the session key to encrypt the physical inspection report and makes a timestamp . The hospital uses the cloud’s public key to encrypt and makes a signature as follows:
Then, the hospital sends , , , , , , and to the cloud.
(2) The cloud verifies the hospital’s signature according to the hospital’s identity and checks if the timestamp is valid or not as follows:
If (6) holds, the cloud uses the KGC’s public key to verify the hospital’s certification . Then, the cloud finds according to and uses the private key and session key to decrypt and :
Afterwards, the cloud stores and .
2.3.2. The Mobile Device Uploads Biological Data Case
In this phase, we consider the IoT medical sensors embedded into an elder’s body. The elder uses the mobile device to transfer the biological data which are measured by IoT medical sensors to the cloud. The flowchart of the mobile device uploading biological data case is shown in Figure 4.
(1) The IoT medical sensor collects the biological data and sends them to the elder’s mobile device through a secure channel:
(2) After receiving the message, the mobile device uses the session key to encrypt the elder’s health information and makes a timestamp . Afterwards, the mobile device uses the cloud’s public key to encrypt :
Then, the mobile device sends , , , , and to the cloud.
(3) The cloud checks if the timestamp is valid or not:
If (14) holds, the cloud verifies the received IMEI by finding the mobile device’s registered IMEI which is stored in the database according to the elder’s identity . If it holds, the cloud uses the public key to verify the elder’s certification . Then, the cloud uses the private key and session key to decrypt and , respectively:
Afterward, the cloud stores .
2.4. The Notification Phase
2.4.1. The Emergency Case
When the cloud gets the elder’s biological data from the mobile device, the cloud compares the data with the standard values stored in the database. If there is an emergency situation, the cloud sends the alert message to the hospital and contacts the emergency family simultaneously. Then, the hospital will contact the elder and dispatch an ambulance to help the elder, if necessary. The flowchart of the emergency case is shown in Figure 5.
(1) The IoT medical sensor collects the elder’s biological data, such as ECG, oxygen saturation, blood pressure, and body temperature. The IoT medical sensor sends the biological data to the mobile device through a secure channel and makes a timestamp :
(2) After receiving the message, the mobile device makes a timestamp and integrates IMEI and :
The mobile device then uses the session key to encrypt and the cloud’s public key to encrypt . In the meantime, the elder uses the private and a signature via mobile device as follows:
The mobile device sends , , , , , and to the cloud.
(3) After receiving the message, the cloud checks if the timestamp is valid or not:
If (22) holds, the cloud uses the private key and session key to decrypt and as follows:
The cloud then uses the KGC’s public key to verify the elder’s certification and check if the mobile device’s IMEI is the same as the registered IMEI: The cloud then compares the elder’s biological data with the standard value stored in the database. If some of the inspection data is beyond the threshold, the cloud uses the hospital’s public key to encrypt the emergency message and make a timestamp :
The cloud sends , , ,, , and to the hospital.
(4) After receiving the message, the hospital checks if the timestamp is valid or not as follows:
If (27) holds, the hospital uses the public key to verify the cloud’s and the elder’s certification. Then, the hospital uses the private key to decrypt :
(5) The hospital gets the elder’s identity and obtains his/her contact information which is stored in the database. The hospital then gets the elder’s location via the mobile device. According to , the hospital evaluates the elder’s situation to determine whether to dispatch the ambulance to help the elder. If the elder is able to receive the message, the hospital uses the elder’s public key to encrypt the notification and makes a timestamp :
The hospital then sends , , , and to the elder.
(6) The elder checks if the timestamp is valid or not when he/she receives the message:
If (31) holds, the elder uses the public key to verify the hospital’s certification and uses the private key to decrypt :
(7) If the elder is unconscious and cannot respond to the hospital’s notification, the hospital gets the elder’s location via GPS and dispatches an ambulance to help him/her directly.
2.4.2. The Normal Case
If the elder’s biological data fall in the average scope, the cloud will send a report back to the elder via period of time. The flowchart of the normal case is shown in Figure 6.
(1) The cloud uses the elder’s public key to encrypt the normal health report and makes a timestamp :
The cloud sends the encrypted health information , , , and to the elder via set period time.
(2) After receiving the message, the elder checks if the timestamp is valid or not as follows:
If (35) holds, the elder uses the public key to verify the cloud’s certification . The elder then uses the private key to decrypt .
The elder stores .
3. Security Analysis
In this section, we present a security analysis to discuss how our scheme can defend against various attacks.
3.1. Replay Attack
In our scheme, we use the timestamp mechanism to defend against the replay attack. The receiver will verify if the timestamp is valid or not by checking the valid time interval via (6), (14), (22), (27), (31), and (35). Therefore, our scheme can defend against replay attack.
3.2. Man-in-Middle Attack
If there is a man-in-middle attack, our scheme will be able to resist it by checking the timestamps to verify if the messages are valid.
The elder, the hospital, and the cloud can prove his/her identity via certification in our scheme. The elder sends the certification to the cloud and the hospital. The hospital sends the certification to the cloud and the elder. The cloud sends the certification to the elder and the hospital. Every party will check if the received certification is valid or not.
In our scheme, during the health data uploading phase, the hospital and the mobile device use the session key and the public key to encrypt the information via (3), (4), (12), (13), (19), (20), (26), (30), and (34).
Other parties cannot decrypt the message without the private key or the session key, so attackers cannot achieve the man-in-middle attack.
In the transmission process, the mobile device’s IMEI is authenticated:
Therefore, tampering behaviors can be rapidly detected, so the proposed scheme can ensure data integrity.
3.4. Data Security
Our scheme involves the digital envelope mechanism. In order to ensure the elder’s privacy, we use the public key to encrypt the symmetric key via (3), (12), (19), (26), (30), and (34), emergency information , and normal report . We use the symmetric key to protect the elder’s secret biological data, via (4), (13), and (20).
Then, the cloud uses the hospital’s public key to encrypt the emergency message as shown in (26).
Afterwards, the hospital uses the elder’s public key to encrypt the notification as shown in (30).
In the normal case, the cloud uses the elder’s public key to encrypt the normal health report as shown in (34).
The elder’s privacy information is protected. Therefore, our scheme can achieve confidentiality.
The cloud can use the hospital’s public key to verify the uploaded data via (7). The hospital cannot deny the uploading fact. The cloud can verify the correctness of the mobile device’s via (24). The mobile device cannot deny the transmission. Every party can use the KGC’s public key to verify whether the sender’s certification is valid or not. The nonrepudiation proof is shown in Table 1.
Data transmission on the Internet is insecure and the elder’s private information may be revealed in the transmission process. In this paper, we use symmetric encryption to protect his/her personal privacy from unauthorized access. The elder’s privacy is ensured.
3.8. Transmission Continuity
The elder’s physical report and the biological data which are measured by IoT medical sensors will be stored in the cloud. In order to ensure transmission continuity, the receiver will send information to the sender. If the cloud has not received the elder’s biological data in an acceptable time, which is recommended by the doctor, the cloud will notify the elder and contact his/her emergency family.
3.9. Security Analysis Comparison
According to the security issue, we make a comparison with other schemes in Table 2. In Table 2, Ben Othman et al.’s scheme  and Lounis et al.’s scheme  have some weaknesses. They cannot resist the replay attack. Ben Othman et al.’s scheme cannot ensure the security of data. And Kalra and Sood‘s scheme  cannot achieve integrity. The proposed scheme can resist the replay attack and man-in-middle attack and provide integrity and data security.
4.1. The Computation Cost of Our Scheme
In this subsection, we present the proposed scheme’s computation cost in Table 3. We use SHA-256 hash function, AES-symmetric encryption, Menezes-Vanstone cryptosystem, and signature generated by the ECDSA .
|: the time to execute a one-way hash function.|
: the time to execute a symmetric encryption/decryption operation.
: the time to execute an asymmetric encryption/decryption operation.
: the time to execute/verify a signature.
4.2. The Communication Cost of Our Scheme
In this subsection, we show the communication cost of the proposed scheme in Table 4. The highest communication cost in our scheme is for emergency case, while the cost is = bits. The time of transmitting these messages is = 0.9152 ms under the 20 Mbps bandwidth network environment. Fast transmission makes our scheme feasible and efficient.
|: the time to transmit the identity (80 bits).|
: the time to transmit a timestamp (16 bits).
: the time to transmit a symmetric encryption, ciphertext (256 bits).
: the time to transmit an asymmetric encryption, ciphertext (1,024 bits).
: the time to transmit a signature (1024 bits).
: the time to transmit a certificate (8192 bits) .
The elder’s continuous medical monitoring is a serious problem. In this paper, we proposed a scheme with IoT sensor based on cloud computing to make the elder safely and conveniently monitored. In our scheme, the digital envelope, digital certification, signature, and timestamp mechanisms are involved. We also use the cloud’s characteristics to make sure that the elder can get the available medical service conveniently. The asymmetric/symmetric encryption technology is used to protect the inspection report and the biological data of the elder. The elder’s biological data and other personal information can be uploaded to the cloud via authentication. The hospital can notify the elder or dispatch an ambulance directly to him/her if there is an emergency situation. The elder can receive his/her personal health reports via set periods of time and browse the reports on their mobile device. Therefore our scheme can provide more flexible and accurate medical service as well as reduce the waste of medical resource.
Besides, our scheme can defend against the replay attack and man-in-middle attack and offer data security, integrity, nonrepudiation, and confidentiality in a cloud environment. As a result, the elder need not worry about the insecure access of medical records in our proposed medical environments.
In the future, we will focus on the bioinformatics certification to make the whole process easier for the elderly.
The authors declare that there is no conflict of interests regarding the publication of this paper.
This research was supported by the Ministry of Science and Technology, China, under Contract nos. MOST 103-2632-E-324-001-MY3, MOST 105-2221-E-324-007, and MOST105-2622-E-305-004-CC2.
- World Health Organization, http://www.who.int/mediacentre/factsheets/fs381/en/.
- H. Baldus, K. Klabunde, and G. Müsch, “Reliable set-up of medical body-sensor networks,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 2920, pp. 353–363, 2004.
- H. J. La, H. T. Jung, and S. D. Kim, “Extensible disease diagnosis cloud platform with medical sensors and IoT devices,” in Proceedings of the 3rd International Conference on Future Internet of Things and Cloud (FiCloud '15), pp. 371–378, IEEE, Rome, Italy, August 2015.
- Z. Zhang and X. Hu, “ZigBee based wireless sensor networks and their use in medical and health care domain,” in Proceedings of the 7th International Conference on Sensing Technology (ICST '13), pp. 756–761, Wellington, New Zealand, December 2013.
- F. Banaie and S. A. H. Seno, “A cloud-based architecture for secure and reliable service provisioning in wireless sensor network,” in Proceedings of the International Conference on Computer and Knowledge Engineering (ICCKE '14), pp. 96–101, Mashhad, Iran, October 2014.
- C. Vecchiola, S. Pandey, and R. Buyya, “High-performance cloud computing: a view of scientific applications,” in Proceedings of the 10th International Symposium on Pervasive Systems, Algorithms, and Networks (ISPAN '09), pp. 4–16, IEEE, Kaohsiung, Taiwan, December 2009.
- C.-L. Chen, T.-T. Yang, M.-L. Chiang, and T.-F. Shih, “A privacy authentication scheme based on cloud for medical environment,” Journal of Medical Systems, vol. 38, article no. 143, 2014.
- A. Hendre and K. P. Joshi, “A semantic approach to cloud security and compliance,” in Proceedings of the IEEE 8th International Conference on Cloud Computing (CLOUD '15), pp. 1081–1084, New York, NY, USA, June 2015.
- C.-L. Chen, T.-T. Yang, and T.-F. Shih, “A secure medical data exchange protocol based on cloud environment,” Journal of Medical Systems, vol. 38, no. 9, article 112, 2014.
- P. Tudor, W. Martin, B. Natalia, P. Zeeshan, and B. Leon, “Ambient Health Monitoring: the smartphone as a body sensor network component,” Innovation in Medicine and Healthcare Inmed, vol. 6, no. 1, pp. 62–65, 2013.
- Z.-Y. Wu, Y.-C. Lee, F. Lai, H.-C. Lee, and Y. Chung, “A secure authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 36, no. 3, pp. 1529–1535, 2012.
- S. Sahaa and S. Kumar Tomar, “Issues in transmitting physical health information in m-healthcare,” International Journal of Current Engineering and Technology, vol. 3, no. 2, pp. 411–413, 2013.
- Q. Pu, J. Wang, and R.-Y. Zhao, “Strong authentication scheme for telecare medicine information systems,” Journal of Medical Systems, vol. 36, no. 4, pp. 2609–2619, 2012.
- S. Ben Othman, A. Trad, and H. Youssef, “Security architecture for at-home medical care using Wireless Sensor Network,” in Proceedings of the 10th International Wireless Communications and Mobile Computing Conference (IWCMC '14), pp. 304–309, IEEE, Nicosia, Cyprus, August 2014.
- S. Kalra and S. K. Sood, “Secure authentication scheme for IoT and cloud servers,” Pervasive and Mobile Computing, vol. 24, pp. 210–223, 2015.
- A. Lounis, A. Hadjidj, A. Bouabdallah, and Y. Challal, “Healing on the cloud: secure cloud architecture for medical wireless sensor networks,” Future Generation Computer Systems, vol. 55, pp. 266–277, 2016.
- X.509—Wikipedia, https://en.wikipedia.org/wiki/X.509.
- D. Johnson and A. Menezes, “The elliptic curve digital signature algorithm (ECDSA),” Tech. Rep. CORR 99-34, Department of C & O, University of Waterloo, 1999.
Copyright © 2017 Jin-Xin Hu et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.