A Multi-Factor Access Control and Ownership Transfer Framework for Future Generation Healthcare Systems

Abstract

The recent advancements in ubiquitous sensing powered by Wireless Computing Technologies (WCT) and Cloud Computing Services (CCS) have introduced a new thinking ability amongst researchers and healthcare professionals for building secure and connected healthcare systems. The integration of Internet of Things (IoT) in healthcare services further brings in several challenges with it, mainly including encrypted communication through vulnerable wireless medium, authentication and access control algorithms and ownership transfer schemes (important patient information). Major concern of such giant connected systems lies in creating the data handling strategies which is collected from the billions of heterogeneous devices distributed across the hospital network. Besides, the resource constrained nature of IoT would make these goals difficult to achieve. Motivated by aforementioned deliberations, this paper introduces a novel approach in designing a security framework for edge-computing based connected healthcare systems. An efficient, multi-factor access control and ownership transfer mechanism for edge-computing based futuristic healthcare applications is the core of proposed framework. Data scalability is achieved by employing distributed approach for clustering techniques that analyze and aggregate voluminous data acquired from heterogeneous devices individually before it transits the to the cloud. Moreover, data/device ownership transfer scheme is considered to be the first time in its kind. During ownership transfer phase, medical server facilitates user to transfer the patient information/ device ownership rights to the other registered users. In order to avoid the existing mistakes, we propose a formal and informal security analysis, that ensures the resistance towards most common IoT attacks such as insider attack, denial of distributed service (DDoS) attack and traceability attacks.