E-health represents an attractive application for the Internet of Things. It improves the quality of medical services by allowing periodic patient diagnostics. As it collects and sends sensitive biomedical information, both content and contextual privacy requirements must be satisfied. Content privacy ensures the protection of patient information against inappropriate disclosure. Contextual privacy is about the context of the communication. Several privacy-preserving approaches have been proposed. However, they only consider content privacy requirement. To fill this gap, we propose in this paper a new privacy preserving scheme adapted to e-Health systems, satisfying all privacy requirements, as well as communication security and authentication. Content privacy is based on cryptographic primitives. Contextual privacy relies on the onion routing concept, fake messages injection and a multicast strategy. To validate our proposal, a security and performance analysis are reported. The security analysis confirms its safety and proves its resistance to a set of security attacks. The performance analysis highlights the trade-off between privacy and efficiency.
2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA)
Internet of Things,Security and Privacy,Content privacy,Contextual privacy,e-Health,ns-3
Authentication,Computer science,Computer network,Cryptographic primitive,Security analysis,eHealth,Multicast,Public-key cryptography,Onion routing,Communications security