Securing Patient Data in IoT Devices: A Blockchain-NFT Approach for Privacy, Security, and Authentication

Farha Masroor; Adarsh Gopalakrishnan; Neena Goveas

doi:10.5220/0012764800003767

Securing Patient Data in IoT Devices: A Blockchain-NFT Approach for Privacy, Security, and Authentication

Farha Masroor, Adarsh Gopalakrishnan, Neena Goveas

2024

Abstract

The Internet of Things (IoT) is poised to revolutionize healthcare by enabling remote patient monitoring and data access from any device. However, ensuring secure and flexible access control on IoT device-based systems remains a challenge, especially when handling multiple users with varying privileges at different points in time. Most of the current proprietary IoT products have a data pipeline where the measured data is sent to cloud-based servers before any access is possible. This creates data privacy issues, access problems or devices not working when Internet connectivity is not perfect. An ideal solution for an IoT-based system is one in which data can be stored and accessed on device in real-time with additional cloud-based storage and access for later use. To address these challenges, we propose a Blockchain-based Non-Fungible Token (NFT) based mechanism for IoT systems. Our system uses Blockchain technology to provide untameable NFT access keys, ensuring only authorized individuals can access patient data on a given IoT device. We conducted an experimental study using ESP32 microcontroller, Beaglebone Black boards, and Raspberry Pi devices to evaluate the effectiveness of our approach. Our results show that this approach is suitable for deployment on resource-constrained devices, with minimal computational requirements and negligible delays. Additionally, we implemented a Zero-trust type of architecture where no implicit trust is granted to any user or device, regardless of prior successful authentication and authorization validation. We find that the delays due to the additional processing of NFTs are negligible even within such constraints. Our findings demonstrate that utilizing NFTs for access control of patient data on resource-constrained IoT devices is feasible and offers a secure and scalable solution for developing cost-effective and safe IoT systems for healthcare.

Download

Paper Citation

in Harvard Style

Masroor F., Gopalakrishnan A. and Goveas N. (2024). Securing Patient Data in IoT Devices: A Blockchain-NFT Approach for Privacy, Security, and Authentication. In Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-709-2, SciTePress, pages 704-709. DOI: 10.5220/0012764800003767

in Bibtex Style

@conference{secrypt24,
author={Farha Masroor and Adarsh Gopalakrishnan and Neena Goveas},
title={Securing Patient Data in IoT Devices: A Blockchain-NFT Approach for Privacy, Security, and Authentication},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2024},
pages={704-709},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012764800003767},
isbn={978-989-758-709-2},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Securing Patient Data in IoT Devices: A Blockchain-NFT Approach for Privacy, Security, and Authentication
SN - 978-989-758-709-2
AU - Masroor F.
AU - Gopalakrishnan A.
AU - Goveas N.
PY - 2024
SP - 704
EP - 709
DO - 10.5220/0012764800003767
PB - SciTePress