Blockchain-based Ownership Management for Medical IoT (MIoT) Devices

Abstract

Recently, blockchain has been foreseen by industry and research community as a transformational and disruptive technology that is poised to play a major role in transforming the way we transact, trade, bank, track and register assets, and do business. Blockchain can potentially be used to provide trusted authenticity, origin, and ownership for IoT devices, in a way that is secure and decentralized without the involvement of a Trusted Third Parties (TTP) or centralized authorities and services. A TTP can be a subject to a single point of failure, and it can be disrupted, compromised or hacked. A TTP can potentially misbehave and become corrupt in the future, even if it is trustworthy now. This paper shows how Ethereum blockchain (with the powerful feature of programmability through smart contracts) can provide a trusted ownership management for medical IoT (MIoT) devices. Tracking the true ownership of MIoT devices is of a paramount importance as using counterfeited MIoT devices can be life-threatening to patients. The paper presents a general framework and solution to manage and trace back the true origin of ownership for an MIoT; whereby an MIoT device can be owned by multiple parties during its life cycle. The paper presents a detailed overview of our proposed system architecture, design, entity relationship, and interactions among all involved parties. The source code of the Ethereum smart contracts is made publicly available. Key aspects related to the algorithms, interactions, implementation and testing are discussed in the paper. Furthermore, we provide security analysis of our proposed solution in terms of satisfying the general security goals and also resiliency against popular attacks as those of DDoS, eavesdropping and replay attacks.