Abstract

Smart hospital is a healthcare infrastructure that uses IoT technology. This intelligent space allows to collaborate a several health actors via their IoT devices. This coordination improves the quality and continuity of health services for better patient care. However, uncontrolled access to patient information can disrupt the smooth running of hospital services. In this paper, we aim to secure the information of patient exchanged and shared, using the privacy and access control based on the context. We develop two protocols, the first is a context-aware pseudonym service. It protects the patient’s personal and health information in two smart space hospital and home. Furthermore, we prevent the disclosure of the patient’s location during his hospital stay. The second is an authorization and delegation protocol based on trust, context and role. It oversees the actions and interactions of health body with the smart bracelet object of patient. Our protocol uses the context to generate a set of roles with their trust values. Only one role is activated if its trust value is greater than or equal to a trust threshold. A dynamic delegation mechanism is created to better manage the interactions between health bodies. We demonstrate through the practical analysis as well as generation time overhead, storage overhead and response time requirement the efficiency and robustness of our proposed protocols.

Highlights

  • Traditional hospital is an infrastructure connected locally via the intranet of the hospital, the data of patient are stored as a set of records in a database, which is accessible from the local network of hospital

  • The access control plays an important role in the smart hospital (SH) environment, because of the various kinds of users (Wang and Jiang, 2015), that create the need of ability to specify (1) what users may access to different electronic health record (EHR), (2) what parts of this record, and (3) what kinds of operations may be performed

  • Intelligent health care system (IHCS) is based on the use of ubiquitous and intelligent infrastructure, a patient constitutes a wireless body area network (WBAN), in which sensor nodes are placed on the skin or implanted inside the patient’s body, that measure a set of physiological phenomena in order to monitor his health continuously

Read more

Summary

Introduction

Traditional hospital is an infrastructure connected locally via the intranet of the hospital, the data of patient are stored as a set of records in a database, which is accessible from the local network of hospital. The access control plays an important role in the SH environment, because of the various kinds of users (Wang and Jiang, 2015), that create the need of ability to specify (1) what users may access to different EHRs, (2) what parts of this record, and (3) what kinds of operations may be performed These requirements are important in order to filter illegitimate access to health data, which could present negative impact on the patient life. It controls the using and sharing of health information This protocol monitors the actions and interactions of doctor with the patient and his connected objects, including the access rights to examine and obtain a copy of EHR under the resource constraint.

Privacy in the healthcare
Background and literature related to access control
Scenario
Literature Works
Assumptions
Preliminaries
Dynamic patient context data
Protocol steps
Constructing our authorization model
Protocol phases
Analysis of our approach
Privacy preserving integrity
Privacy preserving authentication
Non-repudiation
Practical analysis
Pseudonym generation time requirement
Storage overhead
Response time requirement
Conclusion

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.