Blockchain: Research and Applications

A Critical Literature Review of Security and Privacy in Smart Home Healthcare

Schemes Adopting IoT & Blockchain: Problem, Challenges and Solutions
--Manuscript Draft--

Manuscript Number: BCRA-D-23-00090

Full Title: A Critical Literature Review of Security and Privacy in Smart Home Healthcare
Schemes Adopting IoT & Blockchain: Problem, Challenges and Solutions

Article Type: Full Length Article

Keywords: IoT; smart home healthcare; Blockchain technology; authorisation framework;

interception

Abstract: Protecting private data in smart homes, a popular Internet-of-Things (IoT) application,
remains a significant data security and privacy challenge due to the large-scale
development and distributed nature of IoT networks. Recently, smart healthcare has
leveraged on smart home system, thereby compounding security concern in terms of
confidentiality of personal and sensitive health data. However, Blockchain Technology
(BCT) has emerged as a promising solution for preserving privacy of personal and
sensitive data among participating nodes, and the technology has experience steady
increase in adoption most especially when combines with emerging technologies such
as machine and federated learning algorithms, smart contract, cryptographic
algorithms etc., that also support resource constraints in IoTs, to ensure data security
and privacy in a number of application domain. This review elicits some concerns,
issues, problems that has hindered the adoption of Blockchain and IoT (BCoT) in some
domains and suggested requisite solution using the healthcare realm as a case
study. The study discusses the recent findings, opportunities and barriers, and also
provide recommendations that could facilitate the continuous growth of Blockchain
application in healthcare. Lastly, the study then explored the potential of using
Blockchain with smart contract in peer-to-peer networks to ensure secure and
trustworthy data processing and sharing, as well as ethical disclosure of such data, as
one possible solution direction. To achieve this goal, the study introduced a smart
contract, permissioned BCoT authorization framework, which can guarantee data
ownership, fine-grained access control, tamper-proof and more resilient system against
data interception.

Powered by Editorial Manager® and ProduXion Manager® from Aries Systems Corporation
Declaration of Interest Statement

Declaration of interests

☒The authors declare that they have no known competing financial interests or personal relationships
that could have appeared to influence the work reported in this paper.

☐The authors declare the following financial interests/personal relationships which may be considered
as potential competing interests:
Manuscript File Click here to view linked References

1
2
3
4 A Critical Literature Review of Security and Privacy in Smart Home Healthcare Schemes
5
6 Adopting IoT & Blockchain: Problem, Challenges and Solutions
7
Olusogo Popoola a* Marcos Rodrigues b Jims Marchang a Alex Shenfield b
8
9 Augustine Ikpehia b Jumoke Popoola a
10
a
11 Department of Computing, Sheffield Hallam University, UK; Email address: o.popoola@shu.ac.uk
12 b
Department of Engineering and Math, Sheffield Hallam University, UK;
13
14
15
16 Abstract
17
18 Protecting private data in smart homes, a popular Internet-of-Things (IoT) application, remains a significant data
19 security and privacy challenge due to the large-scale development and distributed nature of IoT networks. Recently,
20 smart healthcare has leveraged on smart home system, thereby compounding security concern in terms of
21 confidentiality of personal and sensitive health data. However, Blockchain Technology (BCT) has emerged as a
22 promising solution for preserving privacy of personal and sensitive data among participating nodes, and the technology
23 has experience steady increase in adoption most especially when combines with emerging technologies such as
24 machine and federated learning algorithms, smart contract, cryptographic algorithms etc., that also support resource
25 constraints in IoTs, to ensure data security and privacy in a number of application domain. This review elicits some
26 concerns, issues, problems that has hindered the adoption of Blockchain and IoT (BCoT) in some domains and
27
suggested requisite solution using the healthcare realm as a case study. Implementation issues with Blockchain and
28
IoT were examined as well as the combined challenges BCoT can pose when utilised for security gains. The study
29
discusses the recent findings, opportunities and barriers, and also provide recommendations that could facilitate the
30
continuous growth of Blockchain application in healthcare. Lastly, the study then explored the potential of using
31
Blockchain with smart contract in peer-to-peer networks to ensure secure and trustworthy data processing and sharing,
32
as well as ethical disclosure of such data, as one possible solution direction. To achieve this goal, the study introduced
33
a smart contract, permissioned BCoT authorization framework, which can guarantee data ownership, fine-grained
34
35 access control, tamper-proof and more resilient system against data interception.
36
37 Keywords: IoT, smart home healthcare, Blockchain technology, authorisation framework, fine-grained access control,
38 interception.
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61 1
62
63
64
65
 1
2
3
4
5
6
7 1. Introduction
8
The application of Internet of Things (IoT) in Smart Homes (SH) presents a significant challenge in terms of
9
10 data security and user privacy, owing to the vast scale and distributed nature of IoT networks. SH, which are IoT-
11 enabled homes comprising a network of uniquely identifiable connected devices, are capable of automatically
12 acquiring implicit data [1] Such data may include sensor data from IoT devices in the environment surrounding the
13 subject, data obtained through applications installed in mobile devices, or information gleaned from server log files
14 that register the details of the network interactions between the subject and controller services (e.g., IP addresses).
15
These IoT systems are capable of auto-organizing, sharing data and resources, and acting and reacting to
16
17 environmental changes, with or without human intervention. The implementation of IoT in smart homes is
18 increasingly adding levels of comfort and convenience to daily living. For instance, the instantiation of smart
19 healthcare using edge computing devices (such as tablet PCs and PDAs) and wearable technologies to collect and
20 share physiological data from individuals is transformative (Fig. 1), as it enables continuous healthcare by linking
21 home, mobile, and in-clinic health monitoring [2]. Sensing devices could be utilised in medical healthcare IoT-CPS
22
to collect patients' routine health and physiological [3, 4] information classified as private [5]. However, the Internet
23
24 of Health Things (IoHT) provides comfort in health monitoring while also posing security challenges in preserving
25 patient privacy and data confidentiality [6].
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55 Fig. 1. Evolution pathway of smart home concept, related technologies and services [7]
56
57
58
Smart healthcare faces challenges such as compromised devices, unauthorized access to personal identifiable
59
60 information (PII), and the inability of homeowners to selectively disclose information, presenting security concerns
61 2
62
63
64
65
 1
2
3
4 that expose sensitive and contextual information. The heterogenous environment of IoT systems contributes to security
5 and privacy challenges encountered in SH systems [8, 9]. The data value chain, consisting of acquisition/collection,
6
7 analysis, storage, and usage, requires privacy protection via design or enabling technologies as it is susceptible to
8 attacks. The IoT Core is a central engine that connects and controls devices, with security as an important
9 characteristic, and its deployment environment affects its security (Fig. 2). Table 1 illustrates the need to secure the
10 complex software/hardware that supplies IoT functionalities. Private and sensitive data such as personal and wellbeing
11 data collected require protection to avoid non-transparency of usage.
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29 Fig. 2. Inside an IoT Core
30
31
32 Table 1
33 IoT Core description
34
35 Component Description
36 Device Registry Device registry of what is connecting to the user and how to identify those devices. This is
37 stored in some sort of a table.
38 Security Most importantly about how to ensure the device is allowed to connect to the user and that the
39 device is communicating according to protocol i.e., prevent authorised disclosure of
40 information.
41 Messaging Messaging, is at the heart, illustrates transmission of messages back and forth (full duplex)
42 to these devices. Requires having a very scalable and efficient Message Broker in the heart
43 the IoT Core.
44 Integrations The need for simple integrations into other services outside of the core. These are things that
45 the clouds provide such as integrations into databases, into AI engines, into enterprise
46 systems; or at the edge, integrations are needed into SCADA equipment, into MES equipment,
47 etc.
48 Edges The edge concept has now been built in IoT Core. The ability to orchestrate these edges
49 requires working with them in order to move processing between edge and core.
50 Monitoring The need to be able to monitor the performance of the core, monitor the performance of
51 devices, and to monitor the overall health of how the system operates.
52
53
54 The increasing number of internet-dependent devices in smart homes has led to a rise in privacy threats and
55 attacks [10]. Such attacks can reveal sensitive information about homeowners, compromising their lifestyle and well-
56 being. As privacy norms dictate, users should have control over their data, rather than complete withdrawal or non-
57 disclosure. Users should be able to selectively disclose information and exercise control over who sees it. While
58
privacy infringement can sometimes be acceptable when the transparent information and eventual disclosure is
59
60 beneficial to the data owner e.g., in smart healthcare service where data subjects are monitored and supported via the
61 3
62
63
64
65
 1
2
3
4 use of medical sensors in smart homes, confidentiality and ethical disclosure of private data involved is essential for
5 the safety of smart homes owners' lives, their autonomy and well-being [11-16]. Moreover, intangible benefits of
6
7 ethical disclosure of personal information for medical research, therapy logistics and design, advertisement purpose
8 etc., could be controlled based on informed consent, acceptance and tenure of use as agreed by data owner [17, 18].
9 The increasing number of IoT devices in smart homes, such as, wearables and nearables, has led to growing
10 concerns over privacy and security risks, including compromised devices and unauthorized access to personal data.
11 Moreover, in the health realm, a leading user of complex data to produce value and enhance human health., it has been
12 established that standard strategies for addressing health data privacy problems are insufficient for protecting users’
13
14 privacy. Permissioned Blockchain implementation presents a viable solution due to its distributed nature and use of
15 security and privacy techniques such as cryptography and consensus algorithms. A combination of lightweight
16 cryptographic algorithms and secured privacy techniques has been a key enabler in the development of Blockchain
17 and its emerging applications. Hence, of issues of data privacy is progressively being tackled in Blockchain, providing
18 data confidentiality and immutability, and making the desirable security attribute in private Blockchain technology
19 duly applicable in the health sector [19-22].
20
21 This article discusses the evolution of Blockchain beyond virtual currencies to include smart contract
22 management, NFTs, and the digitization of commercial and organizational registries. Smart contracts can be written
23 to the Blockchain and executed by all nodes on the block. Table 2 illustrates the different categories of Blockchains,
24 which differ in their Speed of Consensus, Trusted Authority, and the number of TAs required. All categories of
25 Blockchain (BC) share common properties such as usage of a decentralized P2P network for transactions, digital
26 signature requirements, and reliance on consensus to sync the replicated distributed ledger of transactions across the
27
28 Blockchain Network (BCN).
29
30
31 Table 2
32 Blockchain Classification
33
Types Description No. of SoC Scenario
34
35 TA
36 Private Blockchain Write privileges under the control 1 Fast Information management
37 of an organisation and sharing within an
38 organisation
39 Public Blockchain Anyone can be a participant and it 0 Slow Global decentralized
40 is accessible globally scenarios
41 Consortium Controlled by pre-selected nodes ≥ Slightly Businesses among selected
42 Blockchain within the consortium Fast organisation
43
44
A useful advantage of a permissioned blockchain is the possibility of implementing it as both private-permissioned
45
46 blockchain where it presents high scalability and a public-permissioned blockchain in which medium scalability is
47 achievable as against the low scalability in public permissionless blockchain.
48
49 This review suggests a permissioned BCoT authorization framework, emphasizing secure data exchange and
50 distribution among devices and computing nodes using hybrid asymmetric cryptography techniques to ensure privacy
51
52 preservation as a potential solution to indiscriminate disclosure of private data in smart home wellbeing data
53 management vis-a-vis smart healthcare delivery. The overview of Blockchain categories and development ecosystem
54 is further illustrated in Fig. 3, and explained in Table 3. The permissioned approach is beneficial due to increased
55 privacy control, higher transaction rates, scalability and little or no gas cost requirement, despite arguments on the
56 counter-intuitiveness of private and permissioned Blockchain to the goal of decentralization [23]. Blockchain is built
57 on asymmetric key encryption, hash values, Merkle Tree, and P2P networks. Thus, Blockchain allows decentralized
58
59 transactions to take place and acts as an unchangeable record. Recently, BCT has emerged as a potential solution for
60 secure, trusted, efficient storage, and data sharing [24]. The long-term factor supporting the excellent fit of Blockchain
61 4
62
63
64
65
 1
2
3
4 and IoT integration in the smart healthcare realm [25] is the decentralized nature and distributed network of the
5 technology. However, the computational intensiveness and high energy consumption of traditional consensus
6
7 mechanisms in BC-based systems is its computational intensiveness and high energy consumption in securing data
8 processes: Bitcoin e.g., Bitcoin, uses 707 kilowatt-hours per transaction [26] and this is unsustainable nor scalable.
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29 Fig. 3. Overview of DLT Structures and Aspects of DLT Ecosystem as adapted [27].
30
31 Table 3
32 Comparison between Permission and Permissionless BCNs
33
Permissioned Permissionless
34
Permission is required before participation Permission not required prior to participation
35
Participants are already well known Participants are unknown
36
Limited number of participants Unlimited number of participants
37
Offers data security Less data privacy offered
38
39 Instant consensus inevitability Weak consensus inevitability
40 High transaction rate (throughput) Low transaction rate (throughput)
41 Less scalable Highly scalable
42 Susceptible to participants collusion Susceptible to 51% attack
43
44
45 1.1 BC-Enabled IoT
46
47 A framework that integrates data management in IoT devices with a lightweight Blockchain implementation
48 using the Proof-of-Authority (PoA) consensus mechanism is considered in this paper. PoA algorithm provides a
49 considerable low computational, latency, and energy overhead during the data secure process, suitable for resource-
50 constrained IoT devices. Moreover, the introduced framework offers higher security levels since distributed networks
51 rarely suffer from a single point of failure, while asymmetric cryptography disallows unauthorized access aimed
52 towards data fabrication, modification, and manipulation. Furthermore, the structure supports access management,
53 device binding, fine-grained access control, and data ownership. Smart contract adds another level of control that
54 maintains rules, authentication, and communication between the participating nodes of the system design. Earlier
55 studies suggest that PoA can handle SH communications at high transaction rates with validation performed by
56 randomly selected trustworthy, non-high performing, inexpensive nodes, thereby eliminating earlier energy-hungry,
57 computationally intensive Proof-of-Work and share-based Proof-of-Stake [28]. The proposed framework provides an
58 ethical proof of access request that is acceptable to all participating nodes, where access request to the IoT devices
59
60
61 5
62
63
64
65
 1
2
3
4 within home network components is considered the basic element of permissibility that could prevent data leakage
5 and uphold the privacy of individuals under observation.
6
7
The connection of smart devices through Blockchain enables distributed devices to act autonomously as these devices
8
generate enormous amounts of dynamic and unstructured data, with data being IoT’s true value that needs to be
9
protected. Hence, the Blockchain technology (BCT) can potentially douse security concerns of data usage
10
transparency, traceability, and reliability posed by IoT data collection processes in smart home systems. Authors in
11
[29] mentioned the utilization of Hyperledger Fabric’s chaincode as an instance of smart contracts in permissioned
12
BCNs where the majority of permissioned Blockchains employ a deterministic consensus mechanism that can easily
13
14 achieve fast consensus among the authenticated users [30]. Fig. 4 illustrates a layered implementation of a
15 permissioned blockchain. Providing an ethical proof of access request that is acceptable to all participating nodes is
16 central to this study, where access request (and request types) to the IoT devices within home network components is
17 considered the basic element of permissibility that could prevent data leakage and uphold the privacy of individuals
18 under observation.
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40 Fig. 4. Layered implementation in the proposed PoA-based Permissioned BC as adapted [29]
41
42
43
44 1.2 Authorisation Scheme through Permissioned Blockchain-Enabled Smart Home Healthcare of
45 Things.
46
47 The review discussion is on an authorization framework and user-centric privacy control scheme based on
48 smart contracts and permissioned blockchain. The goal is to prevent unauthorized data collection and disclosure while
49 allowing users to specify their privacy preferences. The focuses on confidentiality, which is one of the three basic
50
security requirements (CIA) and explores the use of blockchain as a viable distributed ledger technology to ensure
51
52 data immutability, transparency, traceability, and auditability. The proposed approach is not limited to smart home
53 healthcare systems but can be applied in several IoT-enabled applications.
54 A proposed framework aims to apply Blockchain technology to address data security challenges in smart home
55 healthcare systems. The challenges include the lack of fine-grained access control and data ownership schemes, which
56 could lead to credential stuffing and insider attacks [31, 32] . The framework proposes the use of Proof-of-Authority
57
(PoA) consensus mechanism in a permissioned Blockchain with smart contracts assigned to each node for role-based
58
59 access control and data management. The second challenge is the lack of data transparency and auditability, which
60 can be mitigated through Blockchain's ability to provide a transparent and auditable process for collecting and storing
61 6
62
63
64
65
 1
2
3
4 data in a private network. The main objective of permissioned blockchain is to establish transparency in the sharing
5 of sensitive information such as medical records or behavioural data. However, this transparency should be balanced
6
7 with privacy preservation, as the degree of information disclosed is directly proportional to the quality of care received.
8 Therefore, a justifiable relationship must be established between blockchain features of data immutability,
9 transparency, traceability, and privacy [33]. In a smart home healthcare system, the information disclosed is stored in
10 both on-chain and off-chain locations, with details such as timestamp, degree of disclosure, authorized recipient,
11 purpose of sharing, and information content being recorded. The content of the information is often encrypted and can
12 only be decrypted by the authorized recipient.
13
14 The implementation of permissioned blockchain can help to reveal cases of medical service denial, abuse, or
15 negligence. Through the auditing processes, maltreatment, inappropriate behaviour, or lack of professionalism can be
16 made transparent, as participants can monitor who gets what based on their role in the blockchain ecosystem. The
17 immutability and traceability of data transactions in the blockchain also allow for the establishment of a reputation-
18 based system, where each entity has a separate smart contract to regulate data sharing. Overall, transparency in
19 permissioned blockchain must constantly be redefined in the context of privacy preservation, and the use of blockchain
20
21 in healthcare should be accompanied by transparent and ethical use of behavioural, implicit, and physiological data.
22 The third challenge is the lack of Tamper-resistant Data Storage. The traditional database management system
23 (DBMS) is unable to protect against database breaches, data manipulation, and corruption due to limited security
24 through the CRUD configuration (Create, Read, Update and Delete). Blockchain technology's immutability and
25 append-only feature make it more secure through the implementation of the CRAB model [34] for persistent storage
26 application. The four basic operations of CRAB (Create, Retrieve, Append & Burn) do not directly support operations
27
28 like UPDATE and DELETE. In a smart home healthcare delivery, keeping private data in an off-the-chain storage
29 instead of on-the-chain is recommended. A permissioned or closed Blockchain is also viable to complement the
30 tamper-resistance property of blockchain data. Data ownership/provenance scheme applied makes it relatively easier
31 to delete personal data based on an individual's request through a process called forking. Overall, engineering the
32 Blockchain characteristics of decentralization, immutability, and asset management is central to this solution delivery.
33 The use of both on-chain (blockchain) and off-chain (IPFS) storage can improve data flow management and
34
35 scalability. Private and sensitive data can be stored in IPFS while only transaction-related data is stored on-chain,
36 reducing transactional data size and increasing the number of transactions that can be accommodated within a block.
37 Authorization controls access to the permissioned distributed ledger, and transactions are digitally signed for privacy.
38 For example, users' passwords are encrypted using public key encryption before off-chain storage, and hash of the
39 users' authentication information will be stored in the on-chain database.
40
41
42
43 1.3 Motivation
44
45 IoT, Smart home, Smart healthcare and Blockchain are technology concept with inherent challenges ranging
46 from resource constraint, privacy, unsecure storage, energy overheads and failure to adoption respectively. However,
47 integrating and implementing these concepts for the benefit of privacy-preservation in a smart home installed with
48
medical sensors when personal data of residents is collected, observed, stored and monitored remotely is a motivating
49
50 factor for this review. The health sector being a major leader in the utilization of complex data has consistently
51 produced value that improved human health. Studies have demonstrated the inadequacies experienced with standard
52 approaches in addressing privacy issues related to health while attempting to protecting personal privacy. Therefore,
53 since permission Blockchain precisely meets the data processing and management requirements in healthcare, an
54 authorisation framework borne out of an integration of BCoT can be an exceptional option in alleviating data security
55
challenges. This paper discusses BCoT as two emerging technologies to address the data security and privacy
56
57 challenges in smart home healthcare systems, specifically with regards to the confidentiality of personal data and
58 potential applications in digital healthcare delivery. This attempt to review and analyse studies that integrate BCoT to
59 achieve an authorisation framework and user-centric privacy control scheme in the healthcare domain, is first of its
60
61 7
62
63
64
65
 1
2
3
4 kind. Based on the existing studies in this research space, key advantages and challenges of technologies involved are
5 separately and jointly addressed.
6
7 The study aims to address the data security and privacy challenges in smart home healthcare systems, specifically
8 with regards to the confidentiality of personal data. The proposed solution is an authorization framework and user-
9 centric privacy control scheme based on smart contracts and permissioned Blockchain. The goal is to prevent
10 unauthorized data collection and disclosure while allowing users to specify their privacy preferences. The study
11 focuses on confidentiality, which is one of the three basic security requirements (i.e., CIA) and explores the use of
12 Blockchain as a viable distributed ledger technology (DLT) to ensure data immutability, transparency, traceability,
13
14 and auditability. The proposed approach is not limited to smart home healthcare systems but can be applied in several
15 IoT-enabled applications. The challenges include the lack of fine-grained access control and data ownership schemes,
16 which could lead to credential stuffing and insider attacks [31, 32]. The framework proposes the use of Proof-of-
17 Authority (PoA) consensus mechanism in a permissioned Blockchain with smart contracts assigned to each node for
18 role-based access control and data management. The second challenge is the lack of data transparency and auditability,
19 which can be mitigated through Blockchain's ability to provide a transparent and auditable process for collecting and
20
21 storing data in a private network.
22 A beneficial objective of permissioned Blockchain is its usability to establish transparency in the sharing of
23 sensitive information such as medical records or behavioural data. However, this transparency should be balanced
24 with privacy preservation, as the degree of information disclosed is directly proportional to the quality of care received.
25 Therefore, a justifiable relationship must be established between blockchain features of data immutability,
26 transparency, traceability, and privacy [33] . In a smart home healthcare system, the information disclosed is stored in
27
28 both on-chain and off-chain locations, with details such as timestamp, degree of disclosure, authorized recipient,
29 purpose of sharing, and information content being recorded. The content of the information is often encrypted and can
30 only be decrypted by the authorized recipient.
31 The implementation of permissioned blockchain can help to reveal cases of medical service denial, abuse, or
32 negligence. Through the auditing processes, maltreatment, inappropriate behaviour, or lack of professionalism can be
33 made transparent, as participants can monitor who gets what based on their role in the blockchain ecosystem. The
34
35 immutability and traceability of data transactions in the blockchain also allow for the establishment of a reputation-
36 based system, where each entity has a separate smart contract to regulate data sharing. Overall, transparency in
37 permissioned blockchain must constantly be redefined in the context of privacy preservation, and the use of blockchain
38 in healthcare should be accompanied by transparent and ethical use of behavioural, implicit, and physiological data.
39 The third challenge is the lack of Tamper-resistant Data Storage. The traditional database management system
40 (DBMS) is unable to protect against database breaches, data manipulation, and corruption due to limited security
41
42 through the CRUD configuration (Create, Read, Update and Delete). Blockchain technology's immutability and
43 append-only feature make it more secure through the implementation of the CRAB model [34] for persistent storage
44 application. The four basic operations of CRAB (Create, Retrieve, Append & Burn) do not directly support operations
45 like UPDATE and DELETE. In a smart home healthcare delivery, keeping private data in an off-the-chain storage
46 instead of on-the-chain is recommended. A permissioned or closed Blockchain is also viable to complement the
47 tamper-resistance property of blockchain data. Data ownership/provenance scheme applied makes it relatively easier
48
49 to delete personal data based on an individual's request through a process called forking. Overall, engineering the
50 Blockchain characteristics of decentralization, immutability, and asset management is central to this solution delivery.
51 The use of both on-chain (Blockchain) and off-chain (IPFS) storage can improve data flow management and
52 scalability. Private and sensitive data can be stored in Interplanetary File System (IPFS) while only transaction-related
53 data is stored on-chain, reducing transactional data size and increasing the number of transactions that can be
54 accommodated within a block. Authorization controls access to the permissioned distributed ledger, and transactions
55
56 are digitally signed for privacy. For example, users' passwords are encrypted using public key encryption before off-
57 chain storage, and hash of the users' authentication information will be stored in the on-chain database.
58
59 1.4 Contributions
60
61 8
62
63
64
65
 1
2
3
4 The main contribution of this paper is to introduce how the combination of IoT and blockchain features and
5 their current applications play a crucial role in improving the privacy preservation techniques when used in the smart
6
7 healthcare ecosystem, through the provision of an authorisation framework. Using the approach of content analysis,
8 this study highlights the growing interest in the academic community and identify three key research areas:
9 (i) IoT and blockchain implementation in smart homes applications for data security gains.
10 (ii) IoT and Blockchain implementations for secure data storage and management of private data in smart home-based
11 healthcare services.
12 (iii) IoT and blockchain implementation for privacy preservation in digital healthcare systems (internal
13
14 consortium/secure disclosure of transparent private data of smart home user.
15 The contribution of this survey is summarised as follows:
16 1) Discussion of the benefits and applications of integratable BCoT for smart healthcare.
17 2) Introduction of the conceptual authorisation framework from blockchain-enabled IoT in (i) Smart home well-being
18 monitoring (ii) data storage and management (i.e., electronic health record - EHR and medical health record-MHR
19 management), and (iii) digital healthcare system analysis and diagnosis, where the blockchain network can guarantee
20
21 ethical disclosure of information that is beneficial to information stakeholders i.e., data subject/publishers and
22 subscribers in the smart home healthcare ecosystem.
23 3) Highlighting the challenges and opportunities requires implementation in the digital healthcare domain by
24 researchers.
25
26
27 1.5 Research Aim
28
29 This study aims to address security and privacy concerns in smart home healthcare systems by proposing an
30 authorization framework using permissioned blockchain technology. The research questions cover various aspects of
31 data security and confidentiality, such as access control mechanisms, secure data storage, and data confidentiality.
32 The study aims to examine security threats to data privacy in smart homes, design a middleware for access control
33 using blockchain technology, and validate the system's performance. The potential impact of the study is significant,
34
as it addresses the growing concern of IoT-based attacks on vulnerable groups [35, 36] and proposes a consensus-
35
36 based transaction endorsement equipped with a privacy preservation model and data ownership to control selective
37 disclosure of personally identifiable information. The proposed model could be applied across all smart home settings.
38
39 In this paper, some of the specific research questions raised, examines and proffered with solution are:
40 RQ1 – Are existing access control mechanism capable of establishing ownership schemes for supervisory control and
41 data acquisition in smart home healthcare setting that could enhance data security?
42
RQ2 - How can monitored vulnerable occupant of smart home ensure that the data collected from them and their
43
44 private environment, and sent outside their home is only accessed by authorized persons (e.g., authorized stack of
45 carers including clinicians); and that it is not altered for any discriminative use or malicious reason by a third party?
46 RQ3- How can a smart home healthcare system be safeguarded against illegitimate collection of private data.
47 RQ4 - What if the confidentiality of a private data cannot be guarantee in a smart home healthcare system?
48 RQ5 – Which storage approach is applicable to ensure secure storage of behavioral, physiological and implicit data in
49
a smart home healthcare ecosystem?
50
51 RQ6 - How can security of private data be ensured in a smart home setting through Blockchain-IoT technologies?
52
53 The direction to follow in proffering solution to this problem is to actually control and protect:
54 1) The data acquisition/collection, monitoring and sharing process,
55 2) Location(s) where the collected data is stored, and
56 3) To provide information stakeholders with smart contracts for acceptable authorisation to subscribe and use
57
such data (i.e., parties that can acquire, monitor and store private data).
58
59
60
61 9
62
63
64
65
 1
2
3
4 The questions above are examined further in the thematic analysis related to them in the related work section. Each
5 theme section provides a list of the research found, a summary of its content, and relative answers to these questions.
6
7
8 1.5 Organisation
9
10 The remainder of the paper is structured as follows. Section 2 is a detailed literature review which explains
11 the recent security and privacy challenges, and outlines related work that adopts BCoT in smart home healthcare
12 systems, including the current state of the art, focusing on their contributions compared with this work. Discussion of
13 viable solution through a descriptive authorisation framework, privacy model and evaluation procedures are presented
14
in section 3. Finally, section 5 presents the conclusion, the paper’s limitations and possible future research.
15
16
17 2. Literature Review
18
19 2.1 Challenges and problems with Smart home-based Healthcare Schemes and BCoT Adoption
20
21
22 Delivering health care to people has become revolutionized due to the technological advancement such as
23 seen in smart home application where individuals live independently, are assisted, or ageing in-place with the help of
24 embedded systems and medical devices; and these emerging technologies are not without their challenges [37-43].
25 Incorporation of different health sensors, handheld devices (PDAs) and the Internet has proven to be of great potential
26 for the significant improvement on the quality of service and experience in remote health care. Instances of IoT devices
27
used in physiological sensing for monitoring vital/behavioural signs are emerging and constantly gaining popularity.
28
29 For instance, the growth of Body Sensor Network (BSN) is attributed to proliferation of IoTs, network of sensors,
30 wearables, nearables and controllers in the smart home environment. Since residents and patients’ health information
31 and private data is transmitted over the air using BSN and stored in database servers. Therefore, in the presence of
32 adversarial behaviour, these data and storage facilities are potential attack surfaces and vulnerable to security threats.
33 In addition, security attacks on communication channels e.g., interception, or malware injection into software
34
applications running sensor and sensing devices could lead to compromised devices, incorrect data collection, or
35
36 indiscriminate use of unauthorised access to transparent data on the data publisher-subscriber network. Eventually,
37 this can result in wrong diagnosis, treatment, or unethical disclosure of personal data revealing lifestyle and wellbeing
38 of smart home healthcare system users. So, the security and privacy of health data is of extreme concern, requiring
39 adequate measures in proffering a viable solution.
40 Slow adoption due to limited information on the underlying techniques, classifications and misconception on
41
transparency feature is a major reason Blockchain technology remains a concept of debate as a viable solution to data
42
43 security and privacy preservation in smart healthcare sector. For instance, navigating the trade-off between openness
44 and security of user’s information represents a significant obstacle to the adoption of using Blockchain for medical
45 purposes. Although, Blockchain technology is not without its associated challenges, issues categorised in Fig. 5, are
46 been investigated by the active research community on Blockchain adaptation, resulting to a gradual increase in the
47 rate of adoption due to its potential widespread application domain. Moreover, the advantages, expansion and use of
48
Blockchain technology in healthcare application has posed significant research challenges which necessitates further
49
50 exploration.
51
52
53
54
55
56
57
58
59
60
61 10
62
63
64
65
 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 Fig. 5. Classification of problems associated with implementing Blockchain technology in healthcare applications.
29
30
31 Some recent challenges stem from the environment of open data and transparency observed in Blockchain.
32
This contributes to emerging concerns that resulted to the slow adoption of Blockchain technology aside challenges
33
34 with conventional consensus algorithms that are not energy efficient nor eco-friendly. The benefits of Blockchain
35 classification i.e., with variants of permissionless, permissioned and hybrid, is currently exploited to implement data
36 security in many sectors including the healthcare domain. When properly implemented, blockchain technology could
37 be a useful solution to certain healthcare application limitations including data confidentiality, protection, sharing,
38 usability, interoperability, and real-time medical data updates. Combination of Blockchain with AI, ML and Federated
39
learning for protecting personal data, securing IoT sensitive medical data, secure data storage, etc is a confirmation of
40
41 the efficacy which Blockchain features can complement to achieve. In essence, lack of adequate procedure for the
42 implementation of a lightweight authorisation framework, that is user-centric by approach, which combines security
43 algorithms with access control mechanisms, that could guarantee ethical disclosure of private data, is also achievable
44 with Blockchain technology. Summaries of recent related reviews that discussed challenges, opportunities, adoptions
45 and key contributions of Blockchain technology are illustrated in Tables 4 and 5.
46
Discussion of how blockchain can be utilised to achieve a transparent, privacy-preserved and secure health
47
48 data management system is the focus of this paper. This involves integrating and optimising the architecture of IoT-
49 enabled Smart home and Blockchain specifically for healthcare related applications (i.e., supervisory control on data
50 acquisition, secure data access and storage, privacy-preserved digitised healthcare monitoring systems). This paper
51 discusses the pros and cons of blockchain-enabled smart home system for wellbeing monitoring and healthcare
52 delivery. The paper also classifies the technologies’ potential applications under this domain and introduces a
53
conceptual authorisation framework built on the synergy of IoT, Smart Contract, Blockchain, and Smart Home
54
55 services application to different domains in Healthcare. In addition, a systematic analysis of previous papers published
56 on blockchain-based intervention in the health-related domain is provided.
57
58
59
60
61 11
62
63
64
65
 1
2
3
4 Table 4
5 Challenges and opportunities of Blockchain Technology in the healthcare sector
6
7 Direction of discussion Highlight Ref
8 Stakeholders Perception On smart healthcare system stakeholder perspective. [44](2022), [45](2021), [46](2022),
9 [47](2019), [48](2019), [49](2022),
10 [50](2023)
11 Fit-for-purpose Approach On data management, provenance and security. [51](2019), [52](2018), [53](2023),
12 [54](2023), [55](2021), [56](2023),
13 [57](2022)
14 Trustworthiness On trust, scalability and governance. [58](2022), [59](2023), [60](2023),
15 Privacy and Authorisation On confidentiality, system transparency, privacy- [61](2019), [62](2022), [63](2022),
16 preservation, and secure data management and storage [64] (2022), [58](2022), [65](2022),
i.e., of EHR and EMR. [66](2022), [67] (2019), [60](2023),
17
[68](2022), [69](2023), [53](2023),
18 [70](2022), [71](2023)
19 Technology Integration On ecosystem interoperability and resource constrains. [72](2022), [64] (2022), [73](2023),
20 [74] (2022), [75](2023)
21 Remote Monitoring On applications for observing patients securely. [62](2022), [63](2022), [76](2022),
22 [65](2022), [60](2023),
23 Intelligent Sharing On transactional data intelligent, data sharing, mutual [66](2022), [63](2022), [60](2023),
24 authentication. [73](2023), [53](2023) ,
25 [77](2023), [78](2023)
26 Control Techniques On data ownership and access control. [60](2023), [69](2023)
27 Efficient Logistics On drug tracking, secure pharmaco-logistic, integrity and [62](2022), [79](2022), [52](2018),
28 anti- counterfeiting, [65](2022), [80](2023)
29 Distributed Storage On secure storage of data in a distributed environment. [81](2022), [60](2023), [82](2020),
30 [83](2022)
31
32 Table 5
33 Adoption of Blockchain Technology in the healthcare sector
34 Direction of discussion Highlight Ref
35 Integrity Framework Merger of technologies to achieve data immutability and [84](2022), [85](2022), [86](2022),
accuracy. [87](2023), [88](2023), [89](2023),
36 [90](2022), [91](2023), [92](2022)
37 Regulatory Framework Openness, transparency, anonymity, confidentiality and [93](2022), [86](2022), [87](2023),
38 security of user’s information. [94](2022), [88](2023), [89](2023),
39 [95](2019), [96](2021), [97](2023),
40 [98](2023), [99](2023)
41 Scalable Framework Transactional throughput, latency, information sharing, [100](2019), [85](2022),
42 traceability, trust, and distributed storage. [101](2023), [102](2022),
43 [103](2022), [93](2022),
44 [104](2021), [87](2023),
45 [94](2022), [88](2023),
46 [105](2022), [106](2023),
[107](2023), [108](2023)
47
Privacy Framework Privacy-preservation, access control and interoperability. [109](2022), [20](2018),
48
[102](2022), [110](2021),
49 [86](2022), [88](2023), [90](2022),
50 [111](2023), [96](2021),
51 [112](2022), [113](2018),
52 [114](2023), [115](2023),
53 [116](2023), [117](2023)
54 Access Control Fine-grained access control, smart contract, decentralised [118](2022), [119](2022),
55 Framework secure identity authentication, verification, and monitoring. [101](2023), [104](2021),
56 [110](2021), [86](2022),
57 [88](2023), [67](2019) [95](2022),
58 [97](2023), [120](2023),
[121](2023), [122](2023),
59
[123](2023)
60
61 12
62
63
64
65
 1
2
3
4 Service Availability Storage requirement, resource constrains management [90](2022), [124](2022)
5 Framework
6 This work Authorisation framework for ethical disclosure of private
7 data in smart healthcare using permissioned Blockchain
8
9 2.2 Related Work
10
11 There have been substantial number of studies in the field of smart home security, most of which focused on
12
13 challenges experienced by vendors, implementers and users when adopting the IoT in smart home, and how to address
14 those challenges. Emerging research have proposed various stand-alone architectures and frameworks to secure IoT
15 devices in smart homes while others proposed a combination of technologies to enhance security of devices and
16 guarantee data protection; with device, communication and service (or applications connected to devices) issues being
17 the three main security and privacy challenges in smart connected homes [8, 9]. Moreover, several papers exist that
18 discuss common security issues of IoT-enabled smart homes such as privacy, inter-compatibility, authentication and
19
20 secure end2end connection in the presence of adversarial behaviour and argued that secure end-to-end cryptographic
21 framework could be the elusive panacea. The privacy framework proposed by National Institute of Science and
22 Technology (NIST) stated five core functionalities for achieving data privacy [125] which includes data control,
23 communication, identification, governing data, and data protection. It was further argued that privacy could be defined
24 as freedom from intrusion and possession of the ability to control personal data, while security refers to data protection
25
against unauthorized access to user data [126]. Some even go as far as relating “Confidentiality” (which is basically a
26
27 property of data) to “Privacy” (which is a property of an individual).
28 In handling privacy issues, all phases of the data value chain are to be considered; including
29 acquisition/collection, analysis, storage, and usage. Two possible practical solution is to implement privacy by design,
30 and privacy enhancing technologies [127]. Techniques often discussed to ensure privacy as illustrated in Fig. 6
31 includes:
32
i). Security, encryption, anonymization, and accountability controls (data provenance, policy enforcement, granular
33
34 access control, accountability and auditability);
35 ii). Ownership, consent management, transparency and control (privacy preferences, consent, sticky policies, personal
36 data stores).
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61 13
62
63
64
65
 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31 Fig. 6. Security and Privacy Taxonomy
32
33 Furthermore, smart home system assets shown in Fig. 7 requires intrusion detection and preventions against threats to
34 the triad of Confidentiality, Integrity and Availability (CIA) with emphasis on network and channel security as well.
35 Mostly, recommendation techniques involve protecting the OSI seven layers to strengthen the security, tackled open
36
internet connection issues and reduced the risk of compromising a device on the smart home network [128], but
37
38 traditional security measures are computational and storage intensive, energy-unfriendly for resource constrained IoTs
39 in SH.
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56 Fig. 7. Security Threats and Information System Assets in Smart Home
57
58 Therefore, resource friendly approaches for securing P2P network entities in smart home ecosystem is
59 beneficial to this study, and several related works are available in this regard. Specifically, the motive for using
60
61 14
62
63
64
65
 1
2
3
4 blockchain as a service is on the premise that the technology is built by providing asymmetric key encryption, hash
5 values, and Merkle Tree in P2P networks as denoted in Fig. 8.
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28 Fig. 8. Asymmetric Cryptography and Merkle Tree of blocks in the blockchain [129]
29
30 In essence, background study as illustrated in Fig. 9 examined lightweight methodologies and approaches
31 that made use of cryptography primitives, access controls techniques and artificial intelligent algorithms as these are
32 state-of-the-art technologies utilised in evaluating privacy preservation concerns encountered in smart homes.
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51 Fig. 9. Scope of related research work investigated
52
53
54
55 2.2.1 Ethical analysis and synthesis in IoT security
56
57 There have been several attempts to address privacy issues anchored on ethics, mostly in the smart home
58 context [130] where there is growing concern about how collected data is used. This has been examined from a
59 legislative viewpoint [131, 132], as well as from a technological standpoint. Authors in [133-136] discussed privacy
60 as what is ethically defendable in the context of application. Specifically, [135] elaborated the architectural blueprint
61 15
62
63
64
65
 1
2
3
4 using legal concept to propose data subject’s consent on personal identifiable information (PII) as a matter of control
5 rather than trust and emphasized the principle of best practice for privacy by design (Art. 25 GDPR) using
6 Blockchain’s hybrid cryptography to ensures individual data sovereignty and shared transparency. The drawback is
7 that, the approach emphasized the non-legal argument which makes blockchain-data anonymous by reference, thereby
8 making a consensus-centric, smart contract-enabled permissioned blockchain implementation a viable solution for
9 securing private and sensitive data from threat of data interception.
10 Government policy on public safety do not fully accommodate individual’s data ownership vis-à-vis data
11 security and user’s privacy. Existing methodologies on privacy preservation struggle to protect citizen’s data because
12 some legislations support backdoor activities of government agencies (e.g., NSA) in the name of providing public
13 security [134]. Cybersecurity improvement act emphasized IoTs should be patchable, devoid of known security
14 vulnerabilities and updatable, to forestall variants of the Dyn’s attack occurrence where ISPs experiences a major
15 Denial-of-Service (DoS) attack by an army of compromised IoT machines. Likewise, normative ethical
16 considerations proposed in [136] focused towards device manufacturer i.e., Original Equipment Manufacturers
17 (OEMs), and stakeholders both on microscopic and macroscopic levels but had little or no end user participation
18 (i.e., end-user’s perception) or application-based consideration.
19
20
21 2.2.2 Lightweight Cryptography (LWC) primitives in IoT and use cases
22
23 In [137] lightweight cryptography (LWC) primitives e.g., Advanced Encryption Scheme (AES) and Elliptic
24 Curve Cryptography (ECC) were highlighted as ultra-lightweight schemes suitable for resource constrained systems.
25 Consequently, BC implementations leverages on hybrid cryptography in [138-143] to utilise LWC-symmetric
26 techniques such as AES and Data Encryption Standard (DES); with emphasis on ECC as a more efficient LWC
27 asymmetric approach and a suitable alternate to RSA because it requires a much smaller key size to provide the same
28
degree of security for privacy by design, identity-based stateful encryption scheme, searchable encryption protocols,
29
30 and unique data-dependent keys respectively. Theses methodologies achieved individual data sovereignty and shared
31 transparency, computational efficiency that boosts secure communication, confidentiality, privacy-preserving
32 encrypted queries and principle of least privilege. Authors in [144] revealed that primitive RSA is too hefty for IoT
33 devices while ECC (Elliptic Curve Diffle-Hellman) are lightweighted but susceptible to replay and MITM attacks.
34 Moreover, [145] argued that the use of LWC could assist in dealing with security, trust, and traditional privacy issues
35
in BCoT computing architecture for securing healthcare operational data and infrastructure. In [146], a privacy-aware
36
37 PKI based system developed for permissioned blockchain proposed a digital certificate publishing scheme that assisted
38 in preserving the privacy of user identity and provision of legitimate authorization.
39 Arguments surrounding the integrity and confidentiality of medical information in IoMT platform, an
40 integration of IoT with medical systems used in medical applications for real-time diagnosis, remote patient
41 monitoring, and real-time medicine prescriptions etc., is of interest. The scenario is similar to that of a health care
42
smart home in [147] which proposed a framework that encouraged ageing-in-place for the elderly via a caring network
43
44 i.e., remote patient monitoring. LWC-based data hiding (LWC-DH) system was proposed in [148] as a technique for
45 attaining security of patient’s medical record to guarantee information confidentiality in IoMT by combining LWC
46 approach with a steganography model to secured medical data. Elliptic curve cryptography (ECC) was used to encrypt
47 the even medical data while the odd ones with Feistel block cipher (FBC) cryptography. Lastly, the encrypted
48 messages were hidden using redundant discrete wavelet transforms (RDWT) based steganography. The approach
49
performed superior to contemporary schemes in terms of peak signal-to-noise ratio (PSNR), structural similarity index
50
51 measure (SSIM), and mean square error (MSE) with better robustness, imperceptibility performance and low
52 computation time as compared to traditional cryptography methods.
53 However, these approaches could not guarantee a descriptive framework of information disclosure and
54 control through data ownership, but presented private key generator (PKG) which were appealing single point of
55 failure, had issues of insecure key exchange among multiple entities in the presence of adversarial behaviours and
56
had restricted application to non-sharable sensitive data respectively as limiting factors. Furthermore, suggested
57
58 tactics in [149] proposed quality attributes for architecting IoT systems supported by Blockchain-based on functional
59 and non-functional security requirements. In line with theses suggestion, hybrid cryptography were implemented
60
61 16
62
63
64
65
 1
2
3
4 using RSA-1024, AES-256, etc., for smart contract-enabled asymmetric or symmetric encryption, in combination
5 with hash and digital signature algorithms such as SHA-256, ECDSA-SECP256K1 to ensure data confidentiality
6
7 and integrity respectively in [113, 150] [151-160].
8
9 2.2.3 Access control-based authorisation schemes in IoT and use cases
10
11 Several approaches have been proposed to address the challenges of access control and security in smart
12
13 home environments, which often involve a large number of IoT devices with varying levels of trustworthiness. One
14 approach that has been explored is the use of a private local Blockchain for access control of IoT devices in smart
15 homes [151] . While this approach has the potential to provide distributed trust and privacy, it introduces latency due
16 to the overlay tier and may be vulnerable to exploitation of transactions with public keys that are stored off-chain.
17 Another approach involves repurposing Blockchain into a non-trust-based automated access control moderator that
18 requires no trusted third party (TTP) and is associated with an off-chain key-value store, such as a Distributed Hash
19
20 Table (DHT), for storing user's personal data, including location data [155]. However, this approach also has
21 limitations, including the use of PoW consensus, which is computationally intensive and time-consuming, and may
22 not be suitable for resource-constrained smart home environments.
23
24 In this context, the present study proposes a Blockchain-based smart home architecture that uses a lightweight
25
instantiation of a permissioned consensus mechanism to meet resource constraints [156]. The suggested PoA
26
27 consensus algorithm as an attribute is expected to handle transactions amongst the nodes in the smart home healthcare
28 ecosystem at higher rate, with the home node proposing new transaction(s) and other nodes e.g., the storage and
29 monitoring nodes, as selected trustworthy nodes (based on their reputation) validating the transaction before such
30 transaction is added to blocks on the blockchain network. Since the validation process is simplified, this algorithm
31 only requires a limited number of block validators to maintain the network. High scalability is achieved since block
32
are generated in predictable sequence taken into consideration the number of validators, which are also pre-approved,
33
34 thus allowing for greater efficiency and higher throughput rate. Hence, since this algorithm requires no mining or
35 staking to validate transactions, the need for expensive nodes, with high performance capabilities, is avoided, thereby
36 eliminating energy-hungry, computationally intensive features which often results to low scalability in traditional
37 algorithms such as PoW and share-based PoS. A beneficial trade-off possible with PoA is in sacrificing some
38 characteristics of decentralisation in Blockchain with gains of high transaction processing speed at low costs,
39
scalability, lower energy consumption and eco-friendliness as illustrated in Table 6.
40
41
42 The proposed solution assumes a scenario of adversarial behaviours within the smart home ecosystem,
43 utilizing lightweight cryptosystems for signing transactional data among entities, and on-chain storage for hash-values.
44 The framework offers several advantages, including the ability to achieve distributed trust and privacy, handle high
45 transaction rates, and reduce energy consumption and computational requirements. Further research is needed to
46
47 explore the feasibility and effectiveness of the proposed approach in real-world smart home environments.
48
49 Table 6
50 Comparison between PoW, PoS and PoA Consensus Algorithms
51 Evaluation Parameter POW POS PoA
52 Security 51% of the computing power is 51% of the network’s wealth is More of centralisation, and risk
53 susceptible to attack the network susceptible to attack it of attack
54 Incentive 12.5 bitcoins and transaction fees of Transaction fees of the product Not applicable
55 the product block (gas fee) block
Equipment Computationally Intensive (requires Does not require powerful and Does not require powerful and
56 computer power) expensive hardware expensive hardware
57 Energy consumption High Moderate Low
58 Validation latency of High latency (about 10 minutes) About six seconds to validate a Excellent, as it corresponds to
59 transactions block network latency
60
61 17
62
63
64
65
 1
2
3
4 Identity of the nodes Public, fully decentralised Random according to its wealth Identity is basic criterion for
5 validator selection i.e., identity-
6 as-a-stake.
Scalability Excellent (thousands of nodes), Excellent (thousands of nodes), Unlimited and considerably
7 Vertical Vertical scalable, Horizontal
8 Performance (throughput) Low transactions and Performance, Comparatively lower High transactions and
9 Limited due to the possibility of transactions and Performance. Performance.
10 forking the BC Limited due the possibility of Excellent, due to tens of
11 the BC fork thousands of transactions per sec
Management of nodes Accessible Accessible Authorised
12 Frameworks/platforms Bitcoin Ethereum, Peercoin VeChain, Hyperledger fabric
13
14
15 Attribute-based access control utilised smart contracts for location sharing in [161], and data privacy was
16 achieved. The approach resulted in much lower computation overhead in meeting this objective excepts for query
17 inefficiency (i.e., indirect query of blockchain data), a challenge introduced by mis-appropriation of on-chain/off-
18 chain storage of transaction data. Permissioned blockchain based on Practical Byzantine Fault Tolerance (PBFT)
19 consensus algorithm and ECIES/AES in [153] provided traceability and privacy protection of access policy, both
20
Blockchain and group signature were integrated to anonymously authenticate group members alongside the use of
21
22 Message Authentication Code (MAC) to efficiently authenticate home gateway. However, fine-grained access control
23 could not be achieved, and besides, PBFT employs PoW-like complex computations with an efficiency that degrades
24 due to the high communication overhead that increases exponentially with every extra node in the network.
25 Furthermore, Blockchain’s smart contracts used ECDSA for verification and anonymity, but it rarely provided the
26 identification assurance desired.
27
Another proposal implemented publisher-subscriber algorithm [162] for notification to enhance a protocol
28
29 for data access through smart contracts among providers and consumer of data in eHealth realm because of the
30 sensitivity of medical data. Only the response time (mining time), i.e., systems response time variation against the rate
31 of transaction, was explicitly considered as a factor of performance evaluation of this approach among many other
32 elaborate performance evaluation metrics such as packet and energy overhead that could ascertain the efficacy of such
33 a proposal. Access control-based authorisation schemes in IoT [163-169] proposed use cases in smart homes where
34
authentication protocols/services were used to grant authorisation, access tokens and tickets to build a system that
35
36 ensures data security and user’s privacy. Blockchain was used for authentication i.e., user authentication scheme using
37 Blockchain-enabled fog nodes where fog nodes interface to Ethereum smart contracts to authenticate users to access
38 IoT devices. Such authentication system came with an overall system architecture, overloaded with key role of
39 different system participants i.e., Admins, End-users, SC, Fog nodes, IoT Devices, Cloud.
40 Some other authorisation schemes used soft security mechanism through rule and attribute- based access
41
control such as belief and confidence [168] for fine-grained access control to thwart insider attacks due to device
42
43 sharing and existence of complex social and trust relationship between entities. However, external attack is more
44 prominent due to likely spread of the heterogeneous user entities that subscribes remotely to request personal
45 transactional data of smart home subject. Furthermore, the focus on trust rather than control is unapplicable in the
46 presence of adversarial behaviour where only the data owner is adjudged to be the only entity that is not ‘honest-but-
47 curios’, that is, the only trusted actor. Some other Auth schemes are mostly used are efficient but utilises centralised
48
authorisation scheme which makes them susceptible to single point of failure (SPOF) attack such as DOS.
49
50
51 2.2.4 AI solution Concept for securing IoT edge devices
52
53 Artificial Intelligence (AI) solution concept were proposed in [142, 170, 171, 172] for enhancing users data
54 security and privacy preservation in IoT-enabled ecosystems including smart home systems. In securing IoT edge
55 devices, AI Cyber Kill Chain model [170] was utilised with modules to detect, attribute, and identify stages of attack
56
life cycle. This solution is capable of handling/dealing with new threats or current versions of existing ones, including
57
58 interception threat to data confidentiality. Despite the 84.7% success rate among peer techniques, the focus was on
59 the edge layer and the evaluation metric was thematic. Various forms of interception threat could be one of those
60 detectable in the perception (sensing) layer of smart home devices as demonstrated but privacy concerns transverse
61 18
62
63
64
65
 1
2
3
4 the entire ecosystem of device, communication and services in smart homes. In Ambient Assisted Living [171], a
5 solution that combined IoT technologies and machine learning to provide services that are context-aware and
6
7 personalised, where anonymisation and data sharing was examined to develop a methodology of privacy-preserving
8 machine learning with differential privacy. The privacy-preserving deep learning mechanism provided flexible
9 anonymisation and data sharing, with evaluation method that used various real and synthetic dataset. The technique
10 though exemplary in application, presented a passive control over user’s data privacy. Moreover, the application of
11 differential privacy relates more to public sharing of data and non-interactive zero knowledge proof concept.
12 Context-aware data allocation/controller mechanism via Fuzzy logic (AI) is utilised in [150] to effectively
13
14 calculate the Rating of Allocation (RoA) value and extract each IoT data request based on multiple context parameters
15 i.e., data, network and quality used as threshold measurement, to assist with on-chain versus off-chain allocation
16 decisions, focused in real-world healthcare application. Evaluation of the data allocation mechanism suggested
17 improved network usage, latency, efficient blockchain storage allocation to on-chain or cloud database and reduced
18 energy consumption. However, the approach is best described as a reactive data allocation mechanism for calculating
19 the RoA value, a dynamic and adaptive controller on how self-adaptive mechanisms and AI is needed to provide user’s
20
21 privacy. An intelligent BCoT integration proposed in [24] presented a layered conceptual framework for smart
22 applications to provide data reliability, privacy, and scalability by introducing an intermediary layer in the IoT
23 ecosystem. The continuous stream of data generation, acquisition, manipulation, distribution, processing and
24 encryption among IoT devices is secured using a hybrid or private Blockchain network. The whole trusted data
25 exchange and efficient storage involved the secure processing of all transactions with the introduction of a validator
26 node in a P2P network.
27
28 Consequently, emerging studies in digital healthcare delivery have investigated concept which combined
29 Blockchain with AI and Machine Learning techniques in [173-177]. Smartly secured data privacy-preserving health
30 monitoring in children [173] utilised Blockchain to provide data security and avoided non-repudiation services while
31 different ML algorithms were used to obtain the acceptable output with accuracy and performance measures; proposed
32 a secure healthcare system using ML based scalable blockchain framework [174], examined Blockchain-AI
33 implementation to securely store digital health records e.g. EHR (Electronic Health Records) and EMR (Electronic
34
35 Medical Records) in eHealth systems [175, 178], maintain the source record to protect and preserve the identity of
36 patients, uncovered different ways of sharing decentralized view of health information to improve medical accuracy,
37 health, and prevent health disorders [179]. Evolving IoT-AI technologies in [176, 177] examined the potentialities in
38 privacy-aware smart healthcare informatics. Blockchain-based federated learning (FL) in [180, 181] allowed for
39 smarter simulations, lower latency, and lower power consumption while maintaining privacy at the same time to build
40 a more reliable and robust IoMT model. Precision Healthcare (PHC) ineffectiveness due challenges regarding low
41
42 opt-in rates of patients was addressed with a Blockchain-enabled PHC ecosystem in [182].
43 To fend against resurgent threat posed by attackers, AI methodologies offered as a hope of equipping cyber-
44 security professional in [183] with the proposed use of Ant Colony Optimization based Convolutional Neural Network
45 (ACO-CNN) mechanism. With the CNN algorithm, invaders and normal qualities were detected more successfully.
46 More exact features were provided while subjecting chosen qualities to training and testing approach, and performance
47 metrics such as specificity, false alarm rate, recall and accuracy used for evaluation. With the created framework,
48
49 cyberattacks are detected in the healthcare sector with more excellent performance than the modern techniques by
50 detecting cyberattacks more accurately by better-identifying intrusions and tracking attacker behaviour. However,
51 despite the numerous assault detection technologies and approaches, network infiltration is still unavoidable. Thus, a
52 combination of advanced optimization with classification algorithms and future iterations of this approach is required
53 to successfully detect more threats.
54
55
56 2.2.5 Blockchain as a service for IoT security and use cases
57
58 In response to the challenges of security and privacy in IoT, researchers have explored the use of distributed,
59 secure, and localized (private) Blockchain technology as a viable solution. This approach offers several advantages,
60
61 19
62
63
64
65
 1
2
3
4 including the ability to safeguard data and transactions, as well as improve IoT security assessments and user privacy
5 and integrity [184]. The use of tactically orchestrated consensus algorithms has been identified as an effective means
6
7 of improving the speed and privacy-awareness of Blockchain-based solutions for smart homes [149, 185, 186]. In
8 particular, emerging Proof-of-Authority (PoA) consensus algorithms have been found to be suitable for permissioned
9 (hybrid) blockchain service delivery. Unlike other consensus algorithms such as PoW, PoS, and PBFT, PoA
10 algorithms are censorship-resistant solutions that are lightweight and suitable for user data security and privacy in
11 smart home settings. The value chain of provenance, ownership, and authorization inherent in PoA further underscores
12 its potential for securing smart home transactions and data. Overall, the use of private Blockchain technology and PoA
13
14 consensus algorithms represent promising solutions to the security and privacy challenges associated with smart
15 homes and IoT.
16 Value exchange could mitigate issues of unauthorized identification (sybil attack) as threat to confidentiality
17 in smart home authorisation scheme. Patient-centric access control in [187] utilised a combination of private key,
18 public key and blockchain for remote patient monitoring which is common nowadays for the treatment and care of
19 patients, although with downside of high computational/ energy cost. Authors in [188] discussed vital fusion of BC-
20
21 IoMT as two emerging technologies integrated into a decentralised access control system with offers of privacy and
22 security for the medical data of patients. Authors in [189] proposed as a PoC, a novel scalable framework shown in
23 Fig. 10, that integrated IoT network with permissioned (Ethereum-based) blockchain in healthcare to address potential
24 privacy and security threats for data integrity. Smart contracts handled device authentication, authorization, access-
25 control, and data management; off-chain data storage increased the overall scalability and confidential concerns of the
26 model.
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61 20
62
63
64
65
 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39 Fig. 10. Instance of Framework for BCoT Integration [189]
40 The application of Blockchain in healthcare (BoHT) in [190-198] revealed the dynamics of security and
41 privacy frameworks possible with the integration of smart contracts, machine learning, signature algorithms and
42
consortium blockchain architecture to protect the process for the collection, tracking and storage of medical records
43
44 pertaining to smart home healthcare systems. A summary of related works where Blockchain-IoT framework has been
45 proposed in privacy preservation of wellbeing and healthcare records using several evolving technologies is presented
46 in Table 5. These systems rely on the use of blockchain and/or smart contracts as an integral building block for
47 achieving various security objectives. Internet of Things, on the other hand, has brought about the dynamic growth in
48 the digitisation of the healthcare systems due to possibilities presented through various secure techniques of wellbeing
49
monitoring and data collection procedures. Moreover, it has become a research domain for researchers to integrate
50
51 various security techniques that could maintain the confidentiality and integrity of patient’s implicit, behavioral and
52 sensitive data from unauthorized tampering. Blockchain, digital signatures, smart contract and multi-factor user
53 authentication etc., are emerging technologies being researched to secure IoT platforms and by extension smart homes
54 equipped to render healthcare services. Table 7 is a comparison of related work and recent contributions on security
55 objectives of privacy preserving schemes within the IoT application domain.
56
57
58 Table 7
59
60 Comparison of related work
61 21
62
63
64
65
 1
2
3
4 Ref. Architecture Application
Domain
Adversarial
Model
SS STT EE FT TAI PP CP AP ACP I AI AUTHI VI TUI TPI IT Limitations

5
Blockchain-based
6
[109] Permissioned - Hyperledger Electronic Health √ √ √ x √ √ √ √ No specific
7 Fabrics Smart Contracts Record threat model
addressed

8 [20] ANCILE framework and

Advanced Cryptography -
Electronic Health
Record
√ √ computationally
intensive,
Ethereum Smart Contracts arduous
9 verification
[199] Permissioned - Ethereum Smart Electronic Health √ √ √ √ √ √ computational
10 [200]
Contracts
Permissionless - MIT's
Record
Medical Health √ √ √ √
complexities.
Public BC and
publiication on public BC Records consensus
11 algorithm used
not known
12 [201] BC-IoT Federated Learning -
Smart Contracts-based
Medical Health
Records
√ √ √ √ √ Transacting
nodes not
13 uniquely
identified.

14 [126] IoT, Cloud/Fog, Machine

Learning, BC
Secure Embedded
Living
External attack √ √ √ √ √ P4 lacks
performance,
P4Runtime
15 vulnerable to
MIIT attacks and
channel flooding.
16 [202] Malware Recovery (MalRec) √ √ √ √ √ √ √ √ Data verification
backup policies enforcement slow, process
17 framework - Hyperledger Fabric,
Smart Contract
could
compromise the
data’s privacy
18 . Private BC Benchmarking Private BC few numbers of
[203] framework BLOCKBENCH - BC Analytics consensus
19 evaluation framework algorithm used to
perform
20 [162] Private - Ethereum publisher- Smart Home Interception √ √ √ √ √ √ √
evaluation
PoC, and
subscriber Smart Contracts Sensitive Data Consensus
21 (eHealth realm) in Algorithm not
specified
22 . Consortium, Group signature, and Electronic x √ √ √ Deficient in
23 [204] asymmetric encryption. - PBFT &
Hyperledger Fabric
Medical Records
and Medical Big
handling
ownership of
Bata. private and
24 sensitive data

25 .
[153]
Group signature, and Message
Authentication Code - Smart
Authentication
System for Smart
Impersonation,
DDOS,
√ √ √ √ √ √ PoC, Deficient in
fine grained
26 Contract, PBFT Homes Modification,
Replay, MIIT
access control

Attack
27 . Group signature, and Message Authentication Impersonation, √ √ √ √ √ √ PoC, Deficient in
[153] Authentication Code - Smart System for Smart DDOS, fine grained
28 Contract, PBFT Homes Modification,
Replay, MIIT
access control

29 . Permissionless, Merkel tree Decentralized x √ √ √ √ √ √ Unable to ensure

30 [205] structure – Ethereum, smart
contracts
Smart Healthcare
System (DSHS)
efficient storage
and integrity

31 [6] Permissionless, Certificateless

(ECC)
IoHT Realm Myriad of
Attacks e.g.,
√ √ √ Inaccessibility of
data due to
Impersonation, inefficient data
32 Sybil, Replay
attacks
storage
technique.

33 [206] Smart Home based IoT-BC

(SHIB) - Smart Contract,
Smart Home
Environment
√ √ √
Ethereum
34 [207] Permissionless (ELIB) -
Certificateless cryptography (CC),
IoT-enabled smart
home
√ √ √ √ √ √ Inefficient
energy
35 Distributed Throughput
Management (DTM) scheme
environment consumption

36 [208] Lightweight Scalable (LSB) -

Distributed Time-based Consensus
Smart Home
Setting
Resilient to 8
relevant cyber
√ √ √ √ √ √ √ √ √ √ √ Performance
understanding
algorithm (DTC) attacks based on PoC
37 [209] Differential Privacy-based (DP-
SGD), Attribute based Access
Smart Home
Systems
Side channel,
Modification,
√ √ √ √ √ √ √ √ √ Loss of data
accuracy
38 control, Edge computing. - Private
Ethereum Smart contracts, ML
DoS, data
mining,
Algorithm, linking attacks
39 [210] Permissioned, PoA based IoT,
IPFS - Smart contracts Ethereum
Healthcare
System - Disease
DDoS,
Impersonation,
√ √ √ √ √ √ √ Lacks data
filtering
40 Management Message
forgery, MIIT
mechanism and
real-time data
analysis
41 interface.
[211], Consortium - privacy-preserving Analysis Adversary- √ √ √ √ √ √ √ √ Review
42 reputation systems framework for
privacy-
dishonest
participants
acknowledged
the exclusion of
preserving Authorizability
43 reputation
systems
44 [212] BC privacy-preserving reputation
framework (BPRF) - Group
Abnormal
behaviour
√ √ √ √ Smart contract
not implemented
45 Signature Algorithm, Smart
Contract
(e.g., fake
reports), Sybil
attack
46 [184] Private (Local) - Decentralised Smart Home √ √ √ √ √ √ √ Limited Access
Private BC Systems Control
47 Signature-based Systems
Implementation

48 [213] LSITA framework Neural

Network – E-ECDH
IoT
Communication
√
√ √ √ √ logistic
regression
function used
49 was sparsely
done
50 [85] Hash-based Message
Authentication Code (HMAC) DS
Healthcare IoT Non-
repudiation,
√ √ √ √ √ √ √ √ Consensus
algorithm &
and BC’s Smart Contracts
51 Sybil attack threat
evaluation
52 model missing
[2] Federated Learning (FL) and Ring- Smart Healthcare Source √ √ Lacks incentive
53 signature (FRESH)-Certificateless
ring signature schema (ECC)
Systems Inference
attacks (SIAs)
mechanism

Smart Home Wellbeing Monitoring

54 [214] Ageing-in-place framework Healthcare Smart Framework lacks
Homes real applicability.
55 AI-based Systems

56 [215] Cognitive ML-assisted Attack Healthcare Certified √ √ Security of data

Detection Framework (CML- Systems Signature storage facility is
57 ADF) Schema’s
Impersonation
not considered

58 Attack

Game Theory Implementations

59 [216] Game Theory - Markov based IoT enabled M2M/IoT √ Likelihood of
Theory Game Model (MTGM) eHealth system. Autonomous inference attack
60
61 22
62
63
64
65
 1
2
3
4 Decision
Making
on undisclosed
information

5
6 Legend
Abbreviation Property √ Property satisfied
7 SS Secure Storage x Property not satisfied
8 STT Scalability and Transaction Throughput Property not specified or not applicable
EE Energy Efficiency
9 FT Fault Tolerance
10 TAI Traceability/Auditability/Irrevocability
PP Privacy Preservation
11 CP Confidentiality/Privacy
AP Anonymity/Privacy
12 ACP Access Control/Privacy
13 I Integrity
AI Authentication/Integrity
14 AUTHI Authorisation/Integrity
15 VI Verifiability/Integrity
TUI Tamper-resistance/Unforgeability/Integrity
16 TPI Transparency/Provability/Integrity
17 IT Immutability/Integrity

18
19
20 2.3 Solution Direction
21
22 Based on existing literature review and their solution, it is identified that a dynamic model of privacy that
23 provides a pattern of computing data transaction process as expected by nodes designated for acquisition (collection),
24 storage and monitoring in the smart home system using underlying Blockchain technology has not been considered in
25
decision making for ethical disclosure of private data in smart home most especially when used as home healthcare
26
27 systems. This solution assessment is based on the analysis of various data security and privacy issues arising from the
28 use of sensitive data in an IoT based smart home systems. Therefore, this study presents a Blockchain-based privacy-
29 preserving authorisation framework which ensures ethical disclosure of private data in a smart home setting with
30 emphasis on both data confidentiality and user privacy. The analysis of the framework is decomposed into the
31 following dimensions:
32
 approach for securing private data against interception from non-network participants,
33
34  architecture of approach,
35  threat evaluation of interception to confidentiality of private data.
36  privacy model for decision-making in Blockchain implementation
37 Ethical usage of data require that IoT ethics should be factored into privacy and security discussions, more so, when data
38
39 generated needs to be protected because it is IoT's true value. Ethical concern on privacy preservation based on
40 consent of home resident (i.e., data subject) is encapsulated with smart contract. Informed consent and acceptability
41 of what information is to be collected, stored, monitored and shared among parties (data subscriber or consumers) is
42 based on consensus among stakeholders from a descriptive framework of authorisation based on the roles of the
43 participating nodes, stating data to be shared, the tenure of sharing, reasons/when to opt out or stop sharing; and what
44 to remain secret. Hence, bringing the concept of privacy and secrecy under one umbrella, the umbrella of smart
45
46 contracts.
47
48 The features and functionality of the suggested smart contract and permissioned BC-based architecture
49 depicted in Fig. 11 which can be referred to as a Smartchain, is capable of tackling certain limitations in healthcare
50 application such as in data confidentiality, protection, sharing, usability, interoperability and real-time medical data
51 updates; thereby delivering an improved secure data management and privacy preservation scheme. Similar approach
52
53 implemented in [217] utilised Hyperledger Fabric to securely and scalably manage data acquisition, storage and
54 monitoring process of home residents’ sensitive data to preserve their privacy, deliver efficient permission
55 management among stakeholders for enhancing collaborative clinical decision support and comprehensive continuum
56 of care via smart home system.
57
58
59
60
61 23
62
63
64
65
 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Fig. 11. Features of BC identified for Improved Privacy Preservation in a Smart Home Healthcare System.
28
29
30 The proposed solution addresses concerns in the areas of:
31  Acquisition of data from residents, monitoring and intervention at home using IoT devices;
32  Decentralized data management and storage to avoid data manipulation issues, mistrust among network
33
participants and SPOF;
34
35  Privacy and security aspects of the overall smart home ecosystem during the cross-continuum of care.
36
37 The solution strategies of this paper are summarized as follows:
38
39 • At first, this research introduces a user-centric interoperable authorisation framework that allows residents to have
40
41 control over data management processes in smart homes healthcare scenario in order to maintain security, privacy and
42 integrity of their wellbeing data. This framework could be deployed via Hyperledger fabrics, private Ethereum or any
43 other variant of blockchain implementation which supports PoA consensus algorithm as a data distribution technique.
44 Moreover, a permissioned distributed ledger solutions can as well utilise Hyperledger composer and store wellbeing
45 data in IPFS to build the proposed private Smartchain network. The decentralization feature of this framework ensures
46 no SPOF, transparency of data to only and data immutability reveals visibly any change in the BC to participating
47
48 nodes of the Smartchain network.
49
50 • The hash of the wellbeing records is stored on the Blockchain while the actual data is encrypted and then store on
51 the off-chain IPFS decentralized storage. This is to maintain efficiency and integrity of the Blockchain. In addition,
52 the Smartchain framework allows only true records authenticated by the consensus to be added on Blockchain and the
53
access such records given only based on user permission. Moreover, unique public key encryption cryptographic
54
55 algorithm is used to encrypt the data stored in the IPFS in order to create robust Blockchain solutions for electronic
56 health data.
57
58 • Design emphases is on a user-centric approach with data ownership and provenance where the data subject (home
59 resident) has the complete access control over their data, and grants access permissions to the authorized stakeholders.
60
61 24
62
63
64
65
 1
2
3
4 Access-right to transactional data is based on smart contracts which encapsulate agreements inculcating
5 deontological normative ethical regulation to derive an acceptable consent with proof of acceptance from data subject
6
7 for data sharing and monitoring, leading to more resilient systems against data interception or leakage.
8
9 Hence, this study introduces an authorisation framework which exploits features of Blockchain to ensure IoT data
10 access protection vis-à-vis user’s privacy during the wellbeing monitoring process where physiological measurement
11
and environmental sensor data in smart homes healthcare schemes are securely managed.
12
13
14 3. The Solution Methodology
15
16 The method for providing requisite solution to challenges faced on adopting emerging technologies
17 such as Blockchain, cryptography and AI-based schemes in IoT ecosystem, is majorly influenced by the scenario and
18
19 the prioritization of security concerns to alleviate. Managing trade-offs encountered when certain evaluation metrics
20 are put in place to achieve significant security and privacy benefits is of utmost importance and the focus of this paper.
21 Moreover, the evolution pathway of smart home concepts in [7] is vast and to secure the related technologies and
22 services in this pathway such as in smart healthcare, this paper investigates another “privacy-by-design” procedure
23 to achieve an authorisation framework, and complement earlier work cited and several others who have utilised
24 Blockchain-based schemes as a security service in transactional information system.
25
26
27 3.1 System Development Approach
28
29 This proposed solution and its methodology, suggest an emerging research method, which is applicable and
30 could further interprets existing methods. The solution approach complements scientific theories, concepts, and
31 models on how to protect data management processes in smart home systems, identify the components responsible
32 for collecting, storing and sharing private data of residents and devise how to ensure the confidentiality of data and
33
user’s privacy is preserved. Hence, data ownership and access control scheme is desired. This research work aims to
34
35 design a requisite authorisation framework of integrated blockchain and IoT that guarantees ethical disclosure of
36 private data borne out of a combination of techniques such as lightweight asymmetric cryptography, lightweight
37 permissioned consensus algorithm in blockchain implementation and smart contracts to facilitate an access control
38 system. Therefore, an agile prototyping approach with iterative processes consisting of prototyping-feedback-
39 improvement modules is suggested to reach the basic goal of providing overall system functionality of data security
40
and user’s privacy in a smart home healthcare regime. Stages include Planning, Analysis, Design, Deployment and
41
42 Implementation with mnemonic ‘PADDI’. In this design process, the end-user participation is needed to determine
43 the desired level of privacy preservation.
44 Methodology of this research contains:
45 1) Access Control on the data acquisition, storage and monitoring process.
46 2) Derivation of a proposed privacy model
47
3) Authorisation policies in the permissioned smart home network.
48
49
50 3.2 Defining the Scenario
51
52 To proffer a solution to issue of data protection and user’s privacy in smart home, a potential real-life scenario
53 of a Smart home healthcare system is specified to adequately identify the needed components and processes. This
54 scenario considered is a home equipped with numerous connected wearables and nearables i.e., medical and
55
environmental sensors and remote monitoring of the residents’ wellbeing. Wearables are able to track all key health
56
57 metrics [218], and allow continuous collection and recording of the data streams of physiological parameters,
58 movement of users and relevant environmental variables [219].
59 In essence, the dataset of interest consists of components such as:
60
61 25
62
63
64
65
 1
2
3
4 1) Element: The data subject being monitored (on which data are collected, stored), a resident or inhabitant smart
5 home; IPFS and eHealth Expert System.
6
7 2) Variable: An attribute/characteristic of interest for the element e.g., lifestyle or wellbeing data.
8 3) Observation: The set of measurements defining collected data for a particular element e.g.,
9 Set of Personal Activity Data (SoPAD) and Environmental Data (ED) being collected and exchanged between
10 authorized parties i.e.
11 healthcare providers (i.e., doctors, hospitals, pharmacies, laboratories, health insurance companies, etc.)
12 With the possibility that IoT devices could collect, share data and resources; and act and react to
13
14 environmental changes, with or without human intervention, indiscriminatory disclosure of the resident’s information
15 is imminent, thereby causing data leakage of their wellbeing status during the process of data acquisition, monitoring
16 or storage. This study aims to address the following research question:
17
18 Q7: How can the monitored resident ensure that their set of personal wellbeing data and data collected from their
19
private environment sent outside their home is only accessed by authorized parties (e.g., authorized stack of
20
21 clinicians/carers as monitoring nodes, and authorized storage nodes) and that it is not altered for any indiscriminative
22 or malicious reason by a third party?
23 Q8: How can the transparency of the monitored data be secured such that the disclosure of relevant information is
24 beneficial to the data owner, the confidentiality of the private data revealed is preserved and the purpose of disclose
25 is maintained.
26
27
28 Illegitimate collection of smart home user’s health data comes under questioning and is to be addressed alongside
29 safeguarding the home user’s health data and securely share it with healthcare providers (i.e., doctors, hospitals,
30 pharmacies, lab oratories, health insurance companies, etc.)
31
32 The direction to follow in proffering solution to this problem is to actually protect the data acquisition process, location
33
where the collected data is stored and define entities with acceptable authorisation that can subscribe to and use the
34
35 data through a contractual agreement.
36
37 3.3 Framework Description
38
39 To handle privacy issues, all phases of IoT’s true value in smart home system, that is, data value chain are
40 considered; including acquisition/collection, storage, analysis, and use. In addition, two possible solutions by practice,
41 namely: privacy by design, and privacy enhancing technologies are investigated. The former being a concept which
42
43 takes place before the development of a product or service, and signifies the integration of privacy protection into both
44 technology (devices, networking platforms, etc.) and regulatory policies (privacy impact assessments); while the latter
45 permits embedding enhanced privacy technologies to avoid personal data compromise, rebuild trust among users and
46 service providers. A hierarchical structure and distributed trust mechanism is a viable solution that could maintain BC
47 compatibility with specific requirement of IoT for provision of data security and users' privacy in the context of smart
48
home.
49
50 In essence, the framework provides a 3-tier security, firstly through the conception of a decision-making
51 model for privacy in the proposed security implementation through BC as basis for consensus-centric authorisation.
52 Secondly, based on the resource access with permissioned BC self-security mechanism, and lastly, through the
53 utilisation smart contract-based access control. Therefore, the proposed authorisation framework classification that
54 aims to ensure ethical disclosure of private data of a smart homeowner using BC
55
oT is depicted in Fig. 12 and described as follows:
56
57
58 a). An approach to secure private data against interception is built on:
59 o Permissioned BC Technology (On-chain DB Storage)
60
61 26
62
63
64
65
 1
2
3
4 o Inter Planetary Filing System – IPFS (Off-chain DB Storage)
5 o Smart Contract
6
7 b). Architecture of the approach illustrates the:
8 o Composition: Publisher, Subscriber and Client Nodes
9 o Key Signature: Hybrid Cryptosystem of RSA, SHA512, PKCS1_v1_5, OAEP
10 o Distribution Technique: PoA Consensus Mechanism in Permissioned BCT
11 o Execution of Authorisation Protocol: 3 Tier Smart Contract (Publisher, Subscriber and Client)
12 c) Performance Evaluation and Evaluating threat of Interception to Confidentiality of Private Data
13
14 o Performance - Evaluation Metrics (latency, time, energy)
15 o Resilience test to detect & respond to threat - using shellcode injection
16 o Threat Model – LINDDUN and STRIDE
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43 Fig. 12. Proposed authorisation framework classification for ethical disclosure of private data of a smart homeowner
44 using Blockchain and IoT integration.
45
46 3.3.1 On the Approach to Securing Private Data against Interception
47
48 Interception is a threat to confidentiality, data privacy and by extension an adversarial model that grants
49 unauthorized access to individual’s private data. To ensure privacy-preservation in the smart home healthcare
50 scenario presented, fine-grained access control is proposed through the use of a secure data store and smart contract.
51
52 3.3.1.1 P2P Permissioned BCT (On-chain DB Storage)
53
54
55 In the permissioned BCN proposed, all nodes are pre-authenticated, which is similar to a controlled corporate
56 intranet, limiting participation to specific parties or nodes, and allows for fine-grained controls [29]. This type of BCN
57 is often deployed for a group of organizations and individuals, typically referred to as a consortium, more so with the
58 consideration of a public eHealth expert system.
59
60
61 27
62
63
64
65
 1
2
3
4 3.3.1.2 Inter Planetary File System (off-chain DB Storage)
5
6 InterPlanetary File System (IPFS) is a P2P network for storing and sharing data in a distributed file system
7 using architectural elements similar to Merkle Tress, and designed to work together with existing Blockchain
8
9 protocols. Though not specifically built on Blockchain, it uses content-addressing to uniquely identify each file within
10 the global namespace that connects IPFS hosts. These contents are accessible via peers located globally and could
11 relay or/and store information. IPFS discover information using content address (identify content by what is in it)
12 rather than the information location [220]. Basic principles of IPFS includes understanding Unique identification
13 through content addressing; content linkage using directed acyclic graphs (DAGs), and content discovery utilising
14 distributed hash tables (DHTs).
15
16 The hash of the personal data is stored on the BC while the actual data is encrypted and then stored on the
17 off-chain IPFS decentralized storage. For instance, newly generated wellbeing data from any sensor connected to a
18 publisher is stored by the gateway in the IPFS (off-chain) storage. The gateways also broadcast the message containing
19 the hash pointing to the location of data stored on the IPFS to the blockchain (On-chain store). In addition, the IPFS
20 store is used for sharing generated private and sensitive data emanating from the data subject in the smart home. These
21 two-storage association is exploited to maintain security and privacy of data collected within the BCoT Network.
22
23
24 3.3.1.3 Smart Contract
25
26 This solution proposes the use of Smart Contracts to maintain rules, authentication, and communication
27 between the different nodes and parties of healthcare smart home system. Finally, since the transaction of information
28 with large amount of data is likely to impact negatively the performance of the BC, the use an off-chain IPFS database
29
to store the data is proposed as peer-to-peer storage system.
30
31
32 3.3.2 On the Architecture of Approach
33
34 The structure of the introduced Blockchain network is logically designed based on data publisher and
35 subscriber nodes, cryptographic scheme applied for secure data exchange and the consensus algorithm for the
36
distribution of transactional data among the nods on the BCN.
37
38
39 3.3.2.1 Network Composition
40
41 The overview of the proposed SH ecosystem and the setup of the BCN is duly discussed. As illustrated in
42 Fig. 13 and Fig. 14, the three nodes describing the smart home healthcare scenario considered in this study are as
43
follow:
44
45
46 (i) Smart Home (Publisher Node): - contains low-end IoT Devices i.e., wearable sensors for remote health
47 monitoring [221] and environmental sensors, that generate infinite data for collection connected to the permission
48 BCN via the data publisher node i.e., high-end IoT device known as the home gateway. This solution’s main purpose
49 is highlighted in Fig. 13 to overcome the constrain of connected objects (low end IoTs) in a smart home not able to
50
51 directly connect to the BCN due to their limited processing capacity and energy power. Thus, the introduction of an
52 intermediary edge system i.e., high-end IoT device based on categorization of IoT [222], called the gateway which
53 connects the SH to the BC. The gateway, more powerful than normal sensors, plays the role of the publisher and will
54 eventually publish data received from the set of connected sensors in the SH to the permissioned BCN.
55
56
The data owners, that is, data subjects, are the monitored persons (e.g., vulnerable, elderly) living in their
57
58 homes and have can access this data. These individuals can specify a set of authorised persons or organisation
59 permitted to access this data. Table 8 illustrates the proposed data acquisition process overview.
60
61 28
62
63
64
65
 1
2
3
4
5
6
7 Table 8
8 Smart care home actors and data collection process
9 Datatypes
10 SoPAD ED
11 Actors Description Symptoms Sensor Ambient Sensor
12 Monitored Monitored
13 Data subject – in SH whose PII (confidential wellbeing Body Composition BIA* Sensor Temperature, BMP280
14 vulnerable data) is to be selectively disclosed, fully e.g., BMI* & BMR*
homeowner trusted entity who owns a semi-trusted
15 PDA.
Samsung Pressure
16 Watch4
17 Data low- end IoT devices (sensors) ECG* Movesense Air Quality MQ 135Gas
Collectors Sensor
18 Data High-end IoT nodes (HG, Pi4); semi- Movement Movesense Humidity, Envi & AQ
19 Publishers trusted RaspPi
20 Data Requester(s) of home data; semi-trusted Heartbeat Rate Smartwatch
Air Quality
21 Subscribers
22 Smart Defines authorisation policies among Gait Appraisal BIA Sensor Camera Rasp Pi
Contracts participants for fine-grained access Camera
23 control Module V2.1.
24 Samsung
Watch4
25 Consensus Nodes on the BCN: Home Gateway
26 participants (HG), IPFS, eHealth Expert Stack,
27 Clients (Apps)
28
29 Legend
30 *BMI Body Mass Index
*BMR Basal Metabolic Rate
31 *BIA Bioelectrical Impedance Analysis
32 *ECG Electrocardiogram
33
34 In essence, a major contribution of this study borders around the non-transparency on the use of collected
35 private data, which becomes an ethical concern when the purpose of usage is undefined and the subscribers/consumers
36 of such data are unknown. Therefore, mechanisms that allows data owners to monitor who has access to their data and
37 to regulate who has these access is paramount. Privacy scheme and transparency features of blockchain could be seen
38
39 to be counter-intuitive. However, the transparency of data subject’s information is in it meaningful disclosure with a
40 desired level of access control that permits as much data that is needed to authorised parties only. In such a way, user’s
41 private data is adequately preserved while requisite information is revealed to data subscribers, a win-win situation
42 for the data owner. Similarly, although data anonymity could conceal the identity of data owner, the confidentiality of
43 private data when anonymized is of utmost importance, more so with the application of statistical models in emerging
44 studies which has revealed how relatively easy it is to reidentify an individual from a supposedly anonymised data set,
45
46 even when such set is incomplete.
47 Ethics is of concern when private data are collected and are to be protected to avoid non-transparency of how
48 they are used. Privacy is the option to limit the access others have on the data owner’s personal information. What if
49 they cannot guarantee the confidentiality of a private data in a smart home system? Their private data may be under
50 threat of interception without the knowledge of the smart home user (i.e., device, communication, storage and
51 services). Confidentiality is the specific security requirement considered in addressing the data security and user’s
52
53 privacy concern in our scenario.
54 Moreover, Smart contracts extend and leverage BCT i.e., are hosted on the Blockchain. The contract is a
55 collection of code and data (occasionally referred to as functions and state) which is deployed using cryptographically
56 signed transactions on the BCN; and is/are executed by nodes within the BCN. All nodes that execute the smart
57 contract are expected to derive the same results from the execution, and the results of execution are recorded on the
58 Blockchain [29].In defining the requisite SCs for this study and in order to specify the formal relation between data
59
60
61 29
62
63
64
65
 1
2
3
4 owners, consumers, and clients, smart contracts are the corner stone of the proposed B-IoT system. Consequently,
5 three types of contracts will be defined for this scenario. smart contracts on the blockchain.
6
7 (ii). Off-chain database storage (Storage Node): - acts as the storage service provider for infinite data, and as a peer
8 connected to the permission BCN. However, the storage node can also be identified as a data subscriber.
9 (iii). Public eHealth Expert System (Subscriber Node): – this peer is a individual set of care givers subscribing to
10 SH data request and access types i.e., clinicians, therapist, carer subscribing to the data publisher and lists of sensors
11 attached to the publisher in the SH). This subscriber node(s) is connected to the permission BCN. The subscriber’s
12 smart contract defines the level of privilege a particular data consumer is authorised to have.
13
14 (iv). Clients: – these are device or service applications connected to the subscriber nodes or directly to the permission
15 BCN. Client could act as subscribers as well participating in data request and access transaction from both the sensors
16 via the gateway and the off-chain and on-chain storages.
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42 Fig. 13. Proposed Authorisation Framework made up of Nodes within the BCN (Home Gateway -Publisher; IPFS,
43 E-health Expert System and Subscribers)
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61 30
62
63
64
65
 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24 Fig. 14. A layout of BCoT in smart home healthcare service delivery identifying the gateway to the
25 blockchain, the owners (data subject), and the authorized subscribers (e-health and storages nodes) to access the
26 private data.
27
28 The configuration of the BCoT layout is such that
29
 The 3 Nodes have a copy of ledger of blocks.
30
31  Data within the block are encrypted with complex algorithms.
32  Secure tunnel for P2P Transaction with key exchange.
33  Unauthorized Node/Interloper unable to intercept or alter data.
34
35 Furthermore, Smart contract are associated to each of the blockchain network participants to allow for fine-grained
36 access control based in the management of private data in the smart home ecosystem. Smart contract for the proposed
37 BCoT network is described as follows:
38
39
40 (i). Publisher Contract Description: - This contract will first be specified before a user (he/his) subscribe to the
41 proposed system and connect his SH gateway to the BCN. Since all nodes in a permission BCN are pre-authenticated,
42 a unique ID mapped to his Blockchain address is received once the publisher contract is accepted. The list of the IoT
43 devices to connect to the Blockchain must also be specified using names for ease of access and identification of the
44 generated data. In addition, the type of sharing mechanism to manage the publisher-subscriber association and the list
45
46 of addresses that are permissible to access data i.e., addresses of authorised subscribers to the data., are to be specified.
47 The publisher’s smart contract comprises the data subject’s consent which allow any subscribing party to
48 request a subset of or a full SoPAD and ED. This service allows the data subject to decide on how to react to requests,
49 and which subsets of private/personal data they have agreed to share or want to share. The smart contract manages
50 each request type of SoPAD/ED a data publisher provides to subscriber parties. The third party (subscriber) initializes
51 contact with the publisher’s smart contract once, requesting a certificate for future access to the SoPAD/ED. Upon the
52
53 data subject consent to the subscriber’s request, an up-to-date SoPAD/ED can then be subsequently requested just in
54 time whenever it is needed for processing.
55 The publisher smart contract provides the SoPAD/ED instantaneously once the certificate of the subscribing
56 party is valid. Hence, it is no longer necessary to store the actual private/personal data for the subscriber.
57
58
(ii). Subscriber Contract Description: - This second contract should contain the address of the subscriber(s) in the
59
60 Blockchain, the list of publishers to which it subscribes and should also state the specific list of sensors to subscribe
61 31
62
63
64
65
 1
2
3
4 to. The sensors are to be chosen by type, name or the use of a wildcard in order to select all the available sensors
5 associated to a certain publisher. This happens to be the critical component of the publisher-subscriber procedure,
6
7 since the generated data can be filtered before sending it to a subscriber based on the information recorded in this
8 contract.
9
10 (iii). Client Contract Description: - The client contract is third contract, serving as a mapping contract between normal
11 nodes, or clients connected to the BC, and their respective subscriber contracts. The client’s name is contained here
12
also to make it easier for clients to communicate among one another using a front-end application, and this name is
13
14 mapped to the corresponding address in the BC. For instance, the client connects to the IPFS node whenever it is
15 requested by the end-user, using the hash code to fetch the data generated by sensor (IoT devices).
16
17 The proposed smart contract is expected to meet the following minimal requirements:
18
19
20 •The smart contracts are to have an interface that handles the initial request of a certificate for future requests of a
21 SoPAD/ED.
22
23 • The smart contract should have access to a securely hosted decryption function, which will provide the function
24 Dec(X) = Enc (SoPAD/ED), where X is element of Enc (SoPAD/ED)
25
26
27 The data subject is a single source that provide the smart contract capable of decrypting the SoPAD/ED in question.
28 This ensure they get notification whenever SoPAD/ED is processed.
29
30 This functionality is handled by a BC functioning as an immutable access-log. Described below is a model for the
31
minimal interface for a smart contract to allow a subscriber to request a SoPAD/ED of data subject and also ensure
32
33 they are notified whenever any of their SoPAD/ED is revealed to any subscriber.
34 • Request_Certificate (SubscriberID, Reason_For_Request)
35 • Request_SoPAD/ED (Certificate, Requested_Subset_Of_SoPAD/ED)
36 • Access to BC for Dec(X), where X is element of Enc (SoPAD/ED)
37 • Check_Validity_Of_Certificate (Certificate) checks if the requesting subscriber is allowed to be granted access to
38
the SoPAD/ED based on the certificate provided with the request.
39
40 The data subject utilises the BCoT to ascertain high availability while maintaining full control over their
41 personal data. To guarantee that copies of SoPAD/ED are up to date once the hash of SoPAD i.e., H(SoPAD/ED) has
42 changed, the timestamp in the SoPAD/ED can be modified whenever it is requested. This is simply because changing
43 only the timestamp (without the interfering with related personal data) results in a different hash forcing the subscriber
44 to file a new request against the data publisher smart contract, should such subscriber want to process an up -to- date
45
SoPAD/ED. Thus, any processing of SoPAD/ED without the consent (or with prior request) of data subject is easily
46
47 identifiable because such dataset is outdated. This mechanism assists to identify subscribers that store personal data
48 without data subject’s consent. Thus, for efficiency, the publisher smart contract could also inform the subscriber if a
49 previous request of a SoPAD/ED is still up to date.
50 Therefore, to withdraw a once given consent, changing the hash H(SoPAD/ED) and invalidating the
51 subscribers certificate will suffice. Moreover, for every smart contract, a separate key pair is generated for security
52
reason, thereby making it possible to invalidate the public key supposing the private key for a particular SoPAD/ED
53
54 is compromised.
55
56 3.3.2.2 Proposed Cryptography Scheme
57
58 Blockchain implementations leverages on hybrid cryptography. The use of encryption on the sensitive data
59
(i.e., SoPAD and ED) placed on the BC decreases the likelihood of the information within records being accessible
60
61 32
62
63
64
65
 1
2
3
4 by unauthorized actors. The P2P BCN proposes to employ hybrid cryptosystems by complementing RSA with SHA
5 256/512, PKCS1_V1_5, OAEP for certificate distribution and key signature as illustrated in Table 9. This process will
6
7 also provide a secure communication network between participating nodes in the presence of adversarial behavior.
8
9
10 Table 9
11 Proposed Cryptography Scheme for framework
12 Cryptosystem Description Benefit
13 RSA Well establish asymmetric cryptography Two algorithms, one for encryption and one for
signatures verification
14
15 Secure Hash Algorithm 512 Security:
- used to derive digital signature from conversion of text -Provided collision-resistant cryptographic hash.
16
SHA-512 of any length into a fixed-size string i.e., password Practically, security provided by SHA-256 and SHA-512
17 hashing, and digital record verification. is identical.
18 - each output produces a SHA-512 length of 512 bits (64 Computational Efficiency:
SHA-256
19 bytes). - SHA-256 produces smaller outputs than SHA-512, thus
20 requires less bandwidth, memory and processing power
in some case to store and transmit data.
21 - SHA-512 better on 64-bit processors, while SHA-256
22 is better on 32-bit processors.
23 - Larger block sizes of SHA-512 adds computational
24 overhead that slows down the transaction validation
process.
25 Compatibility:
26 - SHA 256 is more compatibility for both blockchain and
27 non-blockchain applications.
28 Two main strengths:
29 Public-Key Cryptography Standards (PKCS), published (i) extreme simplicity i.e., very easy to implement,
30 PKCS1_v1_5 by RSA Laboratories. (ii) verification of signatures is significantly faster than
31 for DSA or ECDSA.
- this signature algorithm is the most widely used digital Addresses issues of small messages in RSA through
32 signature scheme in practice. deterministic padding scheme of the message with
33 - is a low-level cryptographic primitive sometimes called random string.
34 'raw RSA'. i.e., it works on raw, does not work on files
35
neither produce files.
36
37 Optimal Asymmetric Encryption Padding
- applied an asymmetric cipher based on RSA for
38 OAEP encrypting messages slightly shorter that RSA Modulus - proven secure against chosen ciphertext attack
39 (a few hundred bytes) often used along with RSA.
40
41 Base64 encoding Base64 i.e., Base64 Content-Transfer-Encoding, is used Converts bytes with binary or text data into ASCII
42 to encode and decode data. characters.
43 Base64 is an encoding and decoding technique used to Encoding prevents data corruption during transfer over a
44 convert binary data to ASCII text format, and vice versa. medium that only supports ASCII formats (e.g., MIME
and XML) or when processed through text-only system.
45
46
47
48 3.3.2.3. Distribution Technique
49
50 The implementation of a PoA consensus algorithm proposed does not require mining, therefore, high
51 performance hardware is not needed since nodes are not required to spend computational resources for solving
52 complex mathematical puzzle as shown in Fig. 15. This consensus algorithm is not involving any form of mining
53
incentives beyond rewarding nodes with access-right to transactional data upon legitimate request as defined in their
54
55 associated contract based on their reputation and the efficient utilization of roles with the BCN. In addition, this
56 characteristics in PoA provides high transaction rate, provides high performance and fault tolerance.
57 Other benefits of PoA includes;
58
59
60
61 33
62
63
64
65
 1
2
3
4 (i) that the rights to generate new blocks are awarded to node with proven authority to do so, haven passed
5 a preliminary authentication;
6
7 (ii) the interval of time at which new blocks are generated is predictable, i.e., performed in sequence at
8 appointed time interval by authorized nodes, leading to the increase in the speed at which transactions
9 are validated;
10 (iii) tolerance to compromised and malicious nodes.
11 (iv) only selected trustworthy nodes known as validating nodes can generate new blocks; and their list is
12 store in the BC registry.
13
14 (v) Validating nodes maintain the BCN (distributed ledger), and the order of nodes in the list of validator
15 determines the sequence in which new blocks are generated by nodes.
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35 Fig. 15. Sequence diagram for the proposed PoA Consensus in private BCoT Network
36
37 3.2.3 Strategies for Evaluating the Solution’s Performance
38
39 To effectively evaluate the performance of the proposed authorisation framework, some evaluation metrics
40 could be considered.
41
42
3.2.3.1 Performance Evaluation Direction
43
44
45 The permission BC-based framework is proposed for providing and ensuring improved data security and
46 privacy in the smart home setting through a computational friendly, secure encryption scheme vis-a-vis efficient
47 Hashing (SHA) for signature, key generation and exchanges. Though PoA consensus algorithm does not involve
48 mining, the BC-based architecture is likely to still incur slight computational and packet overhead on the nodes for
49 the processes involved. To provide an appreciable evaluation at this stage, two different and logical traffic flow
50
51 patterns classified as periodic and query based could be implemented to evaluate theses overheads [151, 208]. The
52 evaluation metric of Packet and Time Overhead, and Energy Utilization is applicable for performance evaluation. To
53 compare the overhead of the BC-based architecture, another scenario which handles acquired transactional data
54 (SoPAD/ED) without encryption, hashing, and BC could be simulated.
55
56
3.2.3.2 Resilience Testing Procedure
57
Resilience test is proposed as a component of the authorisation security framework to detect and adequately
58
59 respond to interception as a threat form to confidentiality, being the specific security requirement needed to address
60 data security and user’s privacy on SoPAD/ED emanating from smart home setting. Therefore, in considering
61 34
62
63
64
65
 1
2
3
4 confidentiality, this study proposes the use of blockchain and cryptoanalysis when testing the resilience of the
5 proposed security framework in securing private data. Here, cryptanalysis is performed by launching a Shellcode
6
7 injection (i.e., via malware and botnet) to validate the system's performance. The code injection attacks are to be
8 employed to simulate interception attack scenarios on the smart care home ecosystem to compromise devices, infiltrate
9 networks, truncated services or applications (i.e., for interruption attack/DDOS) or masquerade as an authorised entity.
10 The experience in the cryptanalysis domain has revealed that evaluating the security level of a cryptosystem
11 involves not only understanding the mathematical concept, but also the application of the best possible cryptographic
12 attacks on such cryptosystem to test its resilience by using the best available techniques [223]. Therefore, with the
13
14 application of appropriate attack on the resource constrained platform, security limits of the studied cryptographic
15 algorithms can be determined, and this enables the recommendable adjustment to the related parameters of the
16 proposed algorithm. In essence, cryptanalytical tasks in the scenario of study will be tailored towards systems without
17 high-performing capacity requiring massive computations but rather used alongside the characteristics of the PoA
18 consensus algorithm in the proposed BCoT network for privacy preservation in smart home setting.
19 Furthermore, input validation approach such as whitelisting validation (inclusion or positive validation) and
20
21 blacklist validation (exclusion or negative validation) is applicable. However, blacklist validation is favored as
22 signature algorithms (binary patterns) not allowed to gain access to the smart home system are pre-defined. Thus, the
23 proposed secure framework would be resilient enough to detect, attribute and identify stages of interception attack life
24 cycle, and deal with new or current version of existing threats. Moreover, the elements within publisher-subscriber-
25 client smart contract algorithm contains the privacy-aware fine-grained access control mechanism expected to exclude
26 smart home actors/ entities that do not follow protocol. A proposed privacy model underpins this conception during
27
28 the privacy assessment criteria.
29
30 3.2.3.3 Procedure for Evaluation of Threat Model
31
32 Combination of LINDDUN and SRIDE is suggested as a mean of evaluating the threat model of the secure
33 authorisation framework designed for our scenario. Fig. 16 depicts the threat analysis of both model with the
34 LINDDUN framework more focused towards the provision of extensive procedural and knowledge support to
35 systematically tackle privacy threat elements, and for the elicitation and mitigation of privacy threats in software
36 application systems. LINDDUN’s methodology consists of 3 main steps: (1) Model the system, (2) Elicit threats, and
37 (3) Manage threats. The six steps of this privacy assessment tool are categorised into problem and solution spaces.
38
39
40
41
42
43
44
45
46
47
48
49 Fig. 16. Overview of LINDDUN [224]
50 LINDDUN is mnemonic for Linkability, Identifiability, Nonrepudiation, Detectability, Disclosure of Information,
51 Unawareness and Noncompliance. These six steps provide a systematic approach to privacy assessment but disclosure
52 of information is the primary focus considered to handle privacy concerns as well as data security examined in the
53 course of this study. Moreover, as a suitable and alternative privacy assessment criterion, identity spoofing, data
54 tampering, information disclosure and elevation of privilege are specific threat violating authentication, integrity,
55 confidentiality and authorisation among others when examined using STRIDE for threat evaluation. Table 10 further
56 illustrates the applicability of STRIDE.
57
58
59
60
61 35
62
63
64
65
 1
2
3
4 Table 10
5 Illustration of STRIDE application to privacy assessment
6 Mnemonic Threat Security Violated Threat Description
7 S Spoofing Authentication Identity pretense, masquerading e.g., sybil attack.
8 T Tampering Integrity Data, software or network modification, fabrication.
9 R Repudiation Non-repudiation Denial of actions, honest but curious behaviours.
10 I Information Confidentiality Unauthorized information access.
11 Disclosure
12 D Denial of Services Availability Exhausting resources required for services provision
13
or theft of resources.
14
E Elevation of Authorisation Granting unauthorized access.
15
Privilege
16
17
18 3.4 Procedure for Decision-making Scheme to Enhance a Privacy-preserving smart home healthcare
19 system
20
21 A dynamic model of privacy that provides a pattern of computing data transaction process as expected by
22 nodes designated for acquisition (collection), storage and monitoring in the smart home system using underlying
23 Blockchain technology is considered in decision making for ethical disclosure of private data in smart home most
24 especially when used as home healthcare systems. This solution assessment is based on the analysis of various data
25
security and privacy issues arising from the use of sensitive data in an IoT based smart home systems. To this effect,
26
27 a Blockchain-based privacy-preserving authorisation framework solution will suffice for ethical disclosure of private
28 data in a smart home setting with emphasis on both data confidentiality and user privacy.
29 To proffer solutions to privacy issues in the scenario of study within the smart home systems, all phases of
30 the data value chain is considered; including acquisition/collection, analysis, storage, and use. Proponents of privacy
31 preservation in [127, 225] suggested two practicable solutions e.g., privacy by design, and privacy enhancing
32
technologies (PET). An approach which adopts the conceptualization of privacy by design/default before the
33
34 development of the acquisition, storage and monitoring services presented by this study is proposed. Authors in [216]
35 studied and proposed a similar implementation which integrated privacy protection into both technology such as
36 computer chips, networking platforms, and organizational policies i.e., in privacy impact assessments.
37 Therefore, a rigorous privacy model was purposefully created for preserving data privacy while maintaining
38 the utility of the system. In a similar manner, [20] utilised differential privacy to ensure confidentiality of viewable
39
data in privacy-preserving framework for access control and interoperability of electronic health records, but the
40
41 differential privacy scheme added noise to Blockchain’s transactions, thereby, preventing blockchain analysis from
42 inferring extra information. A contribution of this study is related to the outcome of analysis on various security and
43 privacy issues arising from the use of sensitive data in an IoT based smart home system. Hence, a decision-making
44 model for privacy is suggested in the proposed security implementation framework through Blockchain.
45
46
47 3.4.1 System Process Model for Data Classification in Smart Home System
48
49 Security of private data is explained by a system process of permissibility(acceptability) and access-right
50 granted by the patient residing in the smart home. In the described scenario, the functional input data X are factors of
51 permissibility observed, which was broadly categorised into (i) Set of Personal Activity Data (SoPAD), and (ii)
52 Environmental Data (Ambient Data), and denoted as independent variables, while the access-right denoted as Y is a
53 single dependent variable. Both permissibility and access-right states describe the evolution in time of a random
54
phenomenon of the system process. Each of the processes involve the operation of chance described by probability
55
56 theory. This system process is explained by a stochastic model that characterizes a situation where uncertainty and
57 randomness are present in both permissibility and access-right processes. Probability is a method of understanding
58 variation in a system process with uncertain outcomes i.e., with a result of either 0 or 1 derived for deny or allow
59 respectively.
60
61 36
62
63
64
65
 1
2
3
4 3.4.2 Deriving a Decision-making Model for Privacy-preservation for Smart Home Data Management
5
6
The relationship between permissibility and access-right granted by the data subject on their private
7
8 information in a smart home is measured using regression analysis to describe the nature of relationship between
9 independent variables (X) and dependent variable (Y). The dependent variable is a single variable that represent
10 access-right which is categorized into three levels, namely acquire, store and monitor transactions of data subject.
11 Each level has binary outcome, i.e., to either allow (1) or deny (0) the transaction. Moreover, logistic (logit) regression
12 model is used to test whether the changes in the predictor variables (X) of permissibility are associated with changes
13
in the response variable (Y) of access-right. Hence, the specific regression analysis utilised as a method for
14
15 understanding variation in the probabilities suitable for this scenario is Multinomial Logistic Regression.
16
17 In summary, one can say logit regression references the Binomial distribution, estimates the probability (𝝅)
18 of an event occurring (Y=1) rather than not occurring (Y=0) from a knowledge of relevant independent variables (k1,
19 k2 and k3). Maximum Likelihood (MLE) are iterative processes used to estimate regression coefficients. Therefore,
20
21
22 𝝅 is for Probability that Y = 1, and
23 1- 𝝅 for Probability that Y = 0
24 then the logistic model is:
25
26 𝝅
27 𝜴 = 𝒇(𝑿) = 𝐥𝐨𝐠 ( ) = 𝜷𝟎 + 𝜷𝟏 𝑿 (1)
𝟏− 𝜴
28
29
30 Thus, if the antilog (exponential operator) e is applied to both sides of equation (1), we get the value of the odd:
31
𝝅
32 𝜪 = е𝐥𝐨𝐠(𝟏− 𝝅) = е𝜷𝟎 +𝜷𝟏 𝑿 (2)
33
34 where β0 is now the value of the odd when X = 0
35 Essentially, when one takes the log of odd ratio it gives multinomial logistic regression model
36
37 expression:
38
39 eβ0+β1x1+β2x2+⋯+βnxn
40 Logistic Model: 𝒀 = (3)
𝟏− eβ0+β1x1+β2x2+⋯+βnxn
41
42 Hence, we can further illustrate how the sigmoid function is used to make predictions for data security and decision
43
making in BC.
44
45
46 The decision is to know how we can effectively model the relationship between access-right and permissibility
47 variables by modelling the expected security on private data that is suggested from the behavior of each node in the
48 future as authorisation policies are put in place. The behaviour of access-right in the future has only binary outcomes
49 to either deny (0) or allow (1) access. The expected value of privacy of personal data is a probability P since it involves
50
51 a binary random variable. This probability is approximated by considering the number of allow and deny actions a
52 trustworthy node performs, and then utilize a sigmoid function to squash it into a probability. Thus, for every block i
53 which decides the node weight to select the allow or deny transaction, the privacy model for every node of the
54 permissioned BCN is re-evaluated. Hence, the following:
55 • A new dynamic measure of privacy is proposed which represent the expected value of privacy in each node
56
(n) for every block (i) that predicts the probability of a node behaving well in the future. This is simply the
57
58 estimate of the probability P where allowable transactions that follow protocol are rewarded with access
59 rights and is explained by the sigmoid function.
60
61 37
62
63
64
65
 1
2
3
4 • The sigmoid function plays an important role in the context of logistic regression, where logistic regression
5 is a technique to predict the outcome of binary classification problems.
6
7 • In this study, the multinomial logistic regression model explains the relationship between functional input X
8 as factors of permissibility as independent variable; and single dependent variable Y for accessibility which
9 has 3 levels namely acquire (access), store, and monitor transactions of the data subject, and each level has
10 a binary outcome, i.e., to either allow (1) or deny (0) the transaction.
11 • The sigmoid function plays the role of an activation function by taking the weighted sum of the functional
12 input factors and outputs the probability value. For any value of x, the sigmoid function will output a value
13
14 between 0 and 1.
15 • The limits of the power of the exponential in the multinomial logistic regression model is expressed in
16 equation 3; and using the Sigmoid function, equation 3 can be squash into equation 4.
17 • For the sigmoid function, the profile of the limits of the sigmoid function is utilised to re-evaluate the privacy
18 model of every node as:
19
20 (𝑖) 1
21 𝑃𝑟𝑖𝑣𝑎𝑐𝑦𝑛 = (4)
1+ 𝑒 −𝛼(#𝑎𝑙𝑙𝑜𝑤−#𝑑𝑒𝑛𝑦)
22
23
24 Where α is the step size i.e., number of steps taken to attain permissible (acceptable) transaction that follow protocol;
25 the activation function decides which value to pass as output and what not to pass.
26 With this procedure, the BCN attaches more importance (e.g., give more weight) to trusted nodes that decides
27 and validates transactions by either to allow or deny them. Table 11 is a summary of the proposed privacy model
28 description.
29
30
31 Table 11
32 Summary of system process model for data classification to demonstrate the planned privacy preservation process in
33 the presented scenario.
34
35 Model Actions
36 functional input data (X) are factors of permissibility: identified as independent variables categorised into SOPAD and AD
(Y) represents access-right: identified as single dependent variable, categorized into three levels,
37 namely store, access and monitor transactions of data subject.
38 - each level has a binary outcome, i.e., to either allow (1) or
39 deny (0) the transaction.
40
41 Regression Analysis: used to describe the nature of relationship between (X) and (Y) above
42 Logistic (logit) Regression: to test if changes in the predictor variables (X) of permissibility are
43 associated with changes in the response variable (Y) of access-rights.
44
45 Regression coefficients estimated using Maximum Likelihood
Estimation (i.e., iterative process): - estimates the probability ( ) of an event occurring (Y=1) rather than
46
47 probability ( ) of not occurring (Y=0), having knowledge of
relevant independent variables (k1,k2 and k3).
48
49 Logistic model is:
50 (1)
51
52 the value of the odd:
53 antilog (exponential operator) e applied to both sides of eqn (1)
54 Where β0 is now the value of the odd when X = 0
(2)
55
56 Multinomial logistic regression model (log of odd ratio) is the
57 specific regression analysis for understanding variation in the (3)
probabilities for examining the system process of permissibility
58 and access-right and expressed as:
59
60
61 38
62
63
64
65
 1
2
3
4 Sigmoid function: we re-evaluate the privacy model of every node as:
5 - to make predictions for data security and decision making in
6 BC.
- by counting the number of allow and deny actions a (4)
7 trustworthy node, n, perform; sigmoid function is used to
8 squash(summarizes) it into a probability.i.e., Where α is the step size
9 Privacyn ∝ Resources(n)
10
11
12 4. Conclusion
13
14
The article performed a critical review of issues and challenges faced on data security and user’s privacy in
15
16 IoT-based applications such as in the smart home healthcare system, a combination of both smart home and smart
17 healthcare. The smart healthcare is a potential use case where the implementation approach, secure algorithms and
18 framework has been proposed to provide requisite solution, and those presented examined the adoption of Blockchain
19 technology as a service to improve on data confidentiality and integrity, enhance secure storage and access to private
20 data in health-based repositories e.g., EMR/EHR, and to provide trustworthiness among honest-but-curious healthcare
21
facilities. Moreover, the paper also reviewed opportunities and solutions that focused on integration of BCoT with
22
23 other technologies to prevent data interception and leakage, and ensure privacy-preservation in several domains with
24 similar data security concerns to smart healthcare delivery. In several use cases and adoptions, Blockchain’s
25 advantages were usable and efficient. However, it is necessary to continue to test out if the healthcare domain requires
26 the integration of blockchain or not.
27
28
Specific problems addressed in the research questions investigated in this article revealed the need for an
29
30 authorisation framework which implements a permissioned PoA-based Blockchain as a building block and a privacy
31 model for decision making within the Blockchain network to support ethical disclosure of private data in the healthcare
32 realm. Publisher-subscriber smart contract algorithm is also introduced to ensure access control from the context of
33 patient empowerment and information stakeholder’s engagement. Moreover, there are several approaches toward
34 implementation that can be done using different features of blockchain to achieve the aims desired in RQ7-8. The
35
suggested approach introduces the intermediate steps of how smart contracts is applicable. In addition, the
36
37 classification of permission authority, specific layers of smart contracts, control authority, ethics and governance rules
38 across multiple healthcare services is explorable and extensible as future work recommendations.
39
40
41
42
43 Compliance with Ethical Standards
44
45
CRediT authorship contribution statement
46
47 Olusogo Popoola: Writing – original draft, Writing – review & editing. Marcos A. Rodrigues: Review & editing. Jims N. Marchang:
48 Review & editing. Alex Shenfield: Review & editing. Augustine Ikpehia: Review & editing. Jumoke Popoola: Review & editing.
49
50
Acknowledgments
51
52 I would like to thank my supervisory team for the inspiration and assistance offered during the development and
53 revision of this article.
54
55
Disclosure of potential conflicts of interest
56
57
The authors declare that this manuscript has no conflict of interest with any other published source and has not been
58
published previously (partly or in full). No data have been fabricated or manipulated to support our conclusions.
59
60
61 39
62
63
64
65
 1
2
3
4 Author Contributions
5
6
All authors have equally contributed to this work and read and agreed to the published version of the manuscript.
7
8
Funding
9
10
This research did not receive any specific grant from funding agencies in the public, commercial, or not-for-profit
11
sectors.
12
13
14 Declaration of Competing Interest
15
The authors of this research article declares that no conflict of interest in preparing this research article.
16
17
18 Data availability
19
20 No data was used for the research described in the article.
21
22
23
24 References
25
26
27
[1] R. Neisse, G. Steri and I. Nai-Fovino, "A blockchain-based approach for data accountability and provenance tracking.," in In Proceedings
28 of the 12th international conference on availability, reliability and security, 2017.
29 [2] W. Wang, X. Li, X. Qiu, X. Zhang, J. Zhao and V. Brusic, "A privacy preserving framework for federated learning in smart healthcare
30 systems.," Information Processing & Management., vol. 60, no. 1, p. 103167, 2023.
31 [3] T. K. Landauer, "Research methods in human-computer interaction.," In Handbook of human-computer interaction. North-Holland, pp.
32 905-928, 1988.
33 [4] J. Lazar, J. H. Feng and H. Hochheiser, Research methods in human-computer interaction., Morgan Kaufmann., 2017.
34 [5] L. K. Ramasamy, F. Khan, M. Shah, B. V. V. S. Prasad, C. Iwendi and C. Biamba, "Secure smart wearable computing through artificial
35 intelligence-enabled internet of things and cyber-physical systems for health monitoring.," Sensors., vol. 22, no. 3, p. 1076, 2022.
36 [6] A. S. Rajasekaran, A. Maria, M. Rajagopal and J. Lorincz, "Blockchain Enabled Anonymous Privacy-Preserving Authentication Scheme
37 for Internet of Health Things.," Sensors., vol. 23, no. 1, p. 240, 2023.
38 [7] W. Li, T. Yigitcanlar, A. Liu and I. Erol, "Mapping two decades of smart home research: A systematic scientometric analysis,"
39 Technological Forecasting and Social Change., vol. 179, p. 121676., 2022.
40 [8] J. Bugeja, A. Jacobsson and P. Davidsson, "On privacy and security challenges in smart connected homes.," In 2016 European
41 Intelligence and Security Informatics Conference (EISIC). IEEE., pp. 172 -175, 2016.
42 [9] W. Ali, G. Dustgeer, M. Awais and M. A. Shah, "IoT based smart home: Security challenges, security requirements and solutions.," In
2017 23rd International Conference on Automation and Computing (ICAC). IEEE., pp. 1-6, 2017.
43
44 [10] I. Butun, A. Sari and P. Österberg, "Security implications of fog computing on the internet of things," In 2019 IEEE International
Conference on Consumer Electronics (ICCE) IEEE., pp. 1 - 6, 2019.
45
[11] O. Cheikhrouhou, O. B. Fredj, N. Atitallah and S. Hellal, "Intrusion Detection in Industrial IoT.," In 2022 15th International Conference
46 on Security of Information and Networks (SIN) IEEE., pp. 01-04 , 2022.
47
[12] E. M. Schomakers, H. Biermann and M. Ziefle, "Users’ preferences for smart home automation–investigating aspects of privacy and
48 trust.," Telematics and Informatics., vol. 64, p. 101689, 2021.
49 [13] J. K. Burgoon, "Privacy and communication.," Annals of the International Communication Association., vol. 6, no. 1, pp. 206 - 249, 1982.
50
[14] H. Nissenbaum and T. Wong, "Review Essay—Helen Nissenbaum's Privacy in Context: Technology, Policy, and the Integrity of Social
51 Life," German Law Journal., vol. 12, no. 3, pp. 957-967, 2010.
52 [15] I. Altman, "Privacy - A conceptual analysis.," Environment and behavior., vol. 8, no. 1, pp. 7 -29, 1976.
53 [16] S. Lahlou, "Identity, social status, privacy and face-keeping in digital society.," Social science information., vol. 47, no. 3, pp. 299-330,
54 2008.
55 [17] T. Dinev, M. Bellotto, P. Hart, V. Russo, I. Serra and C. Colautti, "Privacy calculus model in e-commerce–a study of Italy and the United
56 States.," European Journal of Information Systems., vol. 15, no. 4, pp. 389-402, 2006.
57 [18] F. Kehr, T. Kowatsch, D. Wentzel and E. Fleisch, "Blissfully ignorant: the effects of general privacy concerns, general institutional trust,
58 and affect in the privacy calculus.," Information Systems Journal., vol. 25, no. 6, pp. 607 -635, 2015.
59
60
61 40
62
63
64
65
 1
2
3
4 [19] M. Singh, A. Singh and S. Kim, "Blockchain: A game changer for securing IoT data.," In 2018 IEEE 4th World Forum on Internet of
5 Things (WF-IoT). IEEE., pp. 51 -55, 2018.
6 [20] G. G. Dagher, J. Mohler, M. Milojkovic and P. B. Marella, "Ancile: Privacy-preserving framework for access control and interoperability
7 of electronic health records using blockchain technology.," Sustainable cities and society, vol. 39, pp. 283-297, 2018.
8 [21] R. Zhang, R. Xue and L. Liu, "Security and privacy on blockchain.," ACM Computing Surveys (CSUR), vol. 52, no. 2, pp. 1 -34, 2019.
9 [22] A. Jøsang, "A consistent definition of authorization. In Security and Trust Management:," in 13th International Workshop, September 14–
10 15, 2017, Proceedings 13 (pp. 134-144). Springer International Publishing., Oslo, Norway,, 2017.
11 [23] V. Buterin, "On Public and Private Blockchains," 7 August 2015. [Online]. Available: https://blog.ethereum.org/2015/08/07/on-public-
12 and-private-blockchains. [Accessed 1 December 2020].
13 [24] A. Badshah, M. Waqas, F. Muhammad, G. Abbas and Z. H. Abbas, "A Novel Framework for Smart Systems Using Blockchain-Enabled
Internet of Things," IT Professional, vol. 24, no. 3, pp. 73-80, 2022.
14
15 [25] C. V. S. Aishwarya, J. Caleb Joel Raj, S. K. Mandal, C. N. Reddy and B. Mishra, "Smart Health Care by Harnessing the Internet of
Things (IoT): Applications, Challenges, and Future Aspects.," In IoT Based Smart Applications (pp. 35-54). Cham: Sprin, pp. 35 - 54,
16 2022.
17 [26] R. Krishnamurthy, "Bitcoin mining unsustainable; climate damages comparable to beef, natural gas, crude oil: Study," 03 October 2022.
18 [Online]. Available: https://www.downtoearth.org.in/news/renewable-energy/bitcoin-mining-unsustainable-climate-damages-comparable-
19 to-beef-natural-gas-crude-oil-study-
20 85266#:~:text=Roughly%20707%20kilowatt%20hour%20(kWh,and%20natural%20gas%2C%20said%20Jones.. [Accessed 10 October
21 2022].
22 [27] ITU-T, "Technical Report FG DLT D1.2 Distributed ledger technology overview, concepts, ecosystem," 1 August 2019. [Online].
Available: https://www.itu.int/en/ITU-T/focusgroups/dlt/Documents/d12.pdf. [Accessed 1 March 2021].
23
[28] M. Xie, J. Liu, S. Chen and M. Lin, "A survey on blockchain consensus mechanism: research overview, current advances and future
24
directions.," International Journal of Intelligent Computing and Cybernetics, (ahead-of-print)., 2022.
25
[29] D. Yaga, P. Mell, N. Roby and K. Scarfone, " Blockchain technology overview.," arXiv preprint arXiv:, p. 1906.11078., 2019.
26
[30] X. Xu, G. Sun, L. Luo, H. Cao, H. Yu and A. V. Vasilakos, " Latency performance modeling and analysis for hyperledger fabric
27 blockchain network," Information Processing & Management, vol. 58, no. 1, p. 102436., 2021.
28
[31] T. Wall, "The Risk of "Credential Stuffing" to the Smart Home.," 28 March 2019. [Online]. Available:
29 https://www.iotforall.com/credential-stuffing. [Accessed 19 June 2021].
30 [32] B. A. A. I. Ali, " Cyber and physical security vulnerability assessment for IoT-based smart homes.," Sensors., vol. 18, no. 3, p. 817, 2018.
31
[33] L. Ziani, M. E. Khanouche and A. Belaid, "Internet of Behaviors: A literature review of an emerging technology.," In 2022 First
32 International Conference on Big Data, IoT, Web Intelligence and Applications (BIWA) IEEE., pp. 42-47, 2022.
33 [34] D. Zafar, "The blockchain & data privacy (GDPR)," 11 November 2022. [Online]. Available: https://cybersecurity.att.com/blogs/security-
34 essentials/the-blockchain-data-privacy-gdpr. [Accessed 13 February 2023].
35 [35] Gartner, "Leading in a digital world: The dawn of the digital industrial economy.," in Gartner Symposium/ITxpo 2013, 28 – 31 October,
36 Gold Coast, Australia , 2013.
37 [36] R. Meulen, "Gartner Says 4.9 Billion Connected "Things" Will Be in Use in 2015," 11 November 2014. [Online]. Available:
38 https://www.gartner.com/en/newsroom/press-releases/2014-11-11-gartner-says-nearly-5-billion-connected-things-will-be-in-use-in-2015.
39 [Accessed 15 March 2021].
40 [37] S. Cannizzaro and R. Procter, "How Is the Internet of Things Industry Responding to the Cybersecurity Challenges of the Smart Home?.,"
In Ubiquitous and Pervasive Computing-New Trends and Opportunities. IntechOpen., 2022.
41
42 [38] O. d’Angelis, L. Di Biase, L. Vollero and M. Merone, "IoT architecture for continuous long term monitoring: Parkinson’s Disease case
study.," Internet of Things., vol. 20, p. 100614., 2022.
43
[39] J. Zhao, S. Zhang, Y. Sun, N. Zhou, H. Yu, H. Zhang and D. Jia, "Wearable optical sensing in the medical internet of things (MIoT) for
44 pervasive medicine: Opportunities and challenges.," Acs Photonics,, vol. 9, no. 8, pp. 2579-2599, 2022.
45
[40] Y. Padarthi and R. R. P. Kuppusamy, "IoT-Based Embedded Sensor System for Real-Time Health Monitoring of Composite Structures
46 for Large-Scale Industrial Operations.," In Industrial Automation and Robotics. CRC Press., pp. 3-32, 2023.
47 [41] C. V. S. Aishwarya, J. Caleb Joel Raj, S. K. Mandal, C. N. Reddy and B. Mishra, "Smart Health Care by Harnessing the Internet of
48 Things (IoT): Applications, Challenges, and Future Aspects.," In IoT Based Smart Applications. Cham: Sprin, pp. 35 -54, 2022.
49 [42] A. J. Perez, F. Siddiqui, S. Zeadally and D. Lane, "A Review of IoT Systems to Enable Independence for the Elderly and Disabled
50 Individuals.," Internet of Things., p. 100653., 2022.
51 [43] S. A. Ali and R. Khan, " IoT-based Technologies for Addressing the Unique Healthcare Needs of the Elderly Population.," Preprints.org
52 2023, 2023030088. https://doi.org/10.20944/preprints202303.0088.v1., 2023.
53 [44] M. Hamza and M. A. Akbar, "Smart Healthcare System Implementation Challenges: A stakeholder perspective.," arXiv preprint
54 arXiv:2208., p. 12641, 2022.
55 [45] X. Du, B. Chen, M. Ma and Y. Zhang, "Research on the application of blockchain in smart healthcare: constructing a hierarchical
56 framework.," Journal of Healthcare Engineering, 2021., 2021.
57 [46] A. I. Florea, I. Anghel and T. Cioara, "A Review of Blockchain Technology Applications in Ambient Assisted Living.," . Future
Internet., vol. 14, no. 5, p. 150, 2022.
58
59
60
61 41
62
63
64
65
 1
2
3
4 [47] H. M. Hussien, S. M. Yasin, S. N. I. Udzir, A. A. Zaidan and B. B. Zaidan, "A systematic review for enabling of develop a blockchain
5 technology in healthcare application: taxonomy, substantially analysis, motivations, challenges, recommendations and future direction.,"
6 Journal of medical systems., vol. 43, pp. 1-35, 2019.
7 [48] W. Viriyasitavat, L. Da Xu, Z. Bi and D. Hoonsopon, "Blockchain technology for applications in internet of things—mapping from
8 system design perspective.," IEEE Internet of Things Journal., vol. 6, no. 5, pp. 8155-8168., 2019.
9 [49] K. Gaikwad, K. Kulkarni, S. Kohle and P. Patil, "Implementation of Blockchain Technology in IOT Based Smart Home.," In 2022 5th
International Conference on Advances in Science and Technology (ICAST). IEEE., pp. 6 -10, 2022.
10
11 [50] Z. K. Taha, C. T. Yaw, S. P. Koh, S. K. Tiong, K. Kadirgama, F. Benedict, J. D. Tan and Y. A. Balasubramaniam, "A Survey of
Federated Learning from Data Perspective in the Healthcare Domain: Challenges, Methods, and Future Directions. IEEE Access.," IEEE
12 Access., 2023.
13 [51] T. K. Mackey, T. T. Kuo, B. Gummadi, K. A. Clauson, G. Church, D. Grishin, K. Obbad, R. Barkovich and M. Palombini, "‘Fit-for-
14 purpose?’–challenges and opportunities for applications of blockchain technology in the future of healthcare.," BMC medicine., vol. 17,
15 no. 1, pp. 1-17, 2019.
16 [52] K. A. Clauson, E. A. Breeden, C. Davidson and T. K. Mackey, "Leveraging Blockchain Technology to Enhance Supply Chain
17 Management in Healthcare:: An exploration of challenges and opportunities in the health supply chain.," Blockchain in healthcare today.
18 https://doi.org/10.30953/bhty.v1.20, vol. 1, no. https://www.blockchainhealthcaretoday.com/index.php/journal/article/view/20, 2018.
19 [53] S. A. Bennacer, K. Sabiri, A. Aaroud, K. Akodadi and B. Cherradi, "A comprehensive survey on blockchain-based healthcare industry:
applications and challenges," Indonesian Journal of Electrical Engineering and Computer Science., vol. 30, no. 3, pp. 1558-1571., 2023.
20
21 [54] R. Pathak, B. Soni and N. B. Muppalaneni, "Role of Blockchain in Health Care: A Comprehensive Study.," in In Proceedings of 3rd
International Conference on Recent Trends in Machine Learning, IoT, Smart Cities and Applications: ICMISC 2022 (pp. 137-154),
22 Springer Nature Singapore., 2022.
23 [55] A. Pattanayaka and S. Dhala, "Blockchain in Healthcare.," Preprint, Elsevier, 2021.
24
[56] M. S. Mahmood and N. B. Al Dabagh, "Blockchain technology and internet of things: review, challenge and security concern.,"
25 International Journal of Electrical and Computer Engineering., vol. 13, no. 1, p. 718, 2023.
26 [57] N. Kuriakose and D. Midhunchakkaravarthy, ". A Review on IoT Blockchain Technology.," Indian Journal of Data Communication and
27 Networking (IJDCN). DOI: 10.54105/ijdcn.F3719.123122, vol. 3, no. 1, pp. 2582-760X, 2022.
28 [58] D. Marbouh, M. C. E. Simsekler, K. Salah, R. Jayaraman and S. Ellahham, "Blockchain for Patient Safety: Use Cases, Opportunities and
29 Open Challenges.," Data., vol. 7, no. 12, p. 182, 2022.
30 [59] Z. Wenhua, F. Qamar, T. A. N. Abdali, R. Hassan, S. T. A. Jafri and Q. N. Nguyen, "Blockchain Technology: Security Issues, Healthcare
31 Applications, Challenges and Future Trends.," Electronics. , vol. 12, no. 3, p. 546., 2023.
32 [60] B. S. Egala, A. K. Pradhan, P. Dey, V. Badarla and S. P. Mohanty, "Fortified-Chain 2.0: Intelligent Blockchain for Decentralized Smart
33 Healthcare System.," IEEE Internet of Things Journal., 2023.
34 [61] S. G. Alonso, J. Arambarri, M. López-Coronado and I. de la Torre Díez, "Proposing new blockchain challenges in ehealth.," Journal of
35 medical systems., vol. 43, pp. 1 - 7, 2019.
36 [62] A. Odeh, I. Keshta and Q. A. Al-Haija, "Analysis of Blockchain in the Healthcare Sector: Application and Issues.," Symmetry., p. 1760,
2022.
37
38 [63] K. M. Abiodun, E. A. Adeniyi, J. B. Awotunde, C. Chakraborty, D. R. Aremu, A. A. Adebiyi and M. O. Adebiyi, "Blockchain and
Internet of Things in Healthcare Systems: Prospects, Issues, and Challenges.," In Digital Health Transformation with Blockchain and
39 Artificial Intelligence. CRC Press., pp. 1-22, 2022.
40 [64] M. S. Arbabi, C. Lal, N. R. Veeraragavan, D. Marijan, J. F. Nygård and R. Vitenberg, "A Survey on Blockchain for Healthcare:
41 Challenges, Benefits, and Future Directions.," IEEE Communications Surveys & Tutorials., 2022.
42 [65] R. Kumar, D. Singh, K. Srinivasan and Y. C. Hu, "AI-Powered Blockchain Technology for Public Health: A Contemporary Review,
43 Open Challenges, and Future Research Directions.," In Healthcare. MDPI., vol. 11, no. 1, p. 81, 2022.
44 [66] K. Pal, "A Decentralized Privacy Preserving Healthcare Blockchain for IoT, Challenges, and Solutions.," In Prospects of Blockchain
45 Technology for Accelerating Scientific Advancement in Healthcare. IGI Global., pp. 158-188, 2022.
46 [67] A. D. Dwivedi, G. Srivastava, S. Dhar and R. Singh, "A decentralized privacy-preserving healthcare blockchain for IoT.," Sensors., vol.
47 19, no. 2, p. 326, 2019.
48 [68] Z. Ilyas, M. I. Tariq, S. K. Shahzad and R. A. Karim, "Resolving Smart Health Security Issues Using Ontologies and Blockchain
49 Services," Pakistan Journal of Emerging Science And Technologies (PJEST), vol. 3, no. 2, 2022.
50 [69] R. Myrzashova, S. H. Alsamhi, A. V. Shvetsov, A. Hawbani and X. Wei, "Blockchain Meets Federated Learning in Healthcare: A
Systematic Review with Challenges and Opportunities.," IEEE Internet of Things Journal., 2023.
51
52 [70] C. Choudhary, I. Singh and M. Shafiq, "Blockchain for IoT Security and Privacy: Challenges, Application Areas and Implementation
Issues.," Cross-Industry Blockchain Technology: Opportunities and Challenges in Industry 4.0, 1., 2022.
53
[71] H. D. Zubaydi, P. Varga and S. Molnár, "Leveraging Blockchain Technology for Ensuring Security and Privacy Aspects in Internet of
54 Things: A Systematic Literature Review.," Sensors., vol. 232, p. 788, 2023.
55
[72] M. Attaran, " Blockchain technology in healthcare: Challenges and opportunities.," International Journal of Healthcare Management.,
56 vol. 15, no. 1, pp. 70-83, 2022.
57 [73] J. Andrew, D. P. Isravel, K. M. Sagayam, B. Bhushan, Y. Sei and J. Eunice, "Blockchain for healthcare systems: Architecture, security
58 challenges, trends and future directions.," Journal of Network and Computer Applications, , p. 103633., 2023.
59
60
61 42
62
63
64
65
 1
2
3
4 [74] Y. I. Alzoubi, A. Al-Ahmad, H. Kahtan and A. Jaradat, " Internet of Things and Blockchain Integration: Security, Privacy, Technical, and
5 Design Challenges.," Future Internet., vol. 14, no. 7, p. 216, 2022.
6 [75] N. Adhikari and M. Ramkumar, " IoT and Blockchain Integration: Applications, Opportunities, and Challenges.," Network. MDPI, vol. 3,
7 no. 1, pp. 115-141, 2023.
8 [76] S. Gupta, H. K. Sharma and M. Kapoor, "Application and Challenges of Blockchain in IoMT in Smart Healthcare System.," In
9 Blockchain for Secure Healthcare Using Internet of Medical Things (IoMT). Cham: Springer International Publishing., pp. 39-53, 2022.
10 [77] M. Alarjani and M. Alhaider, "A Review of Challenges of Block Chain with COVID-19: A Review Paper. European Journal of Health
11 Sciences.," European Journal of Health Sciences., vol. 8, no. 2, pp. 32-49, 2023.
12 [78] W. Issa, N. Moustafa, B. Turnbull, N. Sohrabi and Z. Tari, "Blockchain-based federated learning for securing internet of things: A
comprehensive survey.," ACM Computing Surveys. , vol. 55, no. 9, pp. 1-43., 2023.
13
[79] K. Zoughalian, J. Marchang and B. Ghita, "A blockchain secured pharmaceutical distribution system to fight counterfeiting.,"
14
International Journal of Environmental Research and Public Health., vol. 19, no. 7, p. 4091, 2022.
15
[80] M. Aslam, S. Jabbar, Q. Abbas, M. Albathan, A. Hussain and U. Raza, "Leveraging Ethereum Platform for Development of Efficient
16 Tractability System in Pharmaceutical Supply Chain.," Systems., vol. 11, no. 4, p. 202, 2023.
17 [81] D. Komarasamy, M. K. Dharani, R. Thamilselvan and J. J. Hermina, "Challenges, Progress and Opportunities of Blockchain in
18 Healthcare Data.," In Healthcare 4.0. Chapman and Hall/CRC., pp. 111-130, 2022.
19 [82] T. Alam, "Blockchain-Based Internet of Things: Review, Current Trends, Applications, and Future Challenges.," Computers., vol. 12, no.
20 1, p. 6, 2022.
21 [83] S. A. Yousiff and R. A. A. H. Muhajjir, "A Review of Blockchain-based Internet of Things. development, 6, 8.," development. DOI:
22 10.37917/ijeee.19.1.3, vol. 6, no. 8, 2022.
23 [84] A. K. Yadav and V. P. Vishwakarma, "Adoptation of Blockchain of Things (BCOT): Oppurtunities & Challenges.," In 2022 IEEE
24 International Conference on Blockchain and Distributed Systems Security (ICBDS). IEEE., pp. 1-5, 2022.
25 [85] S. Lipsa, T. N. Nguyen and R. K. Dash, "A New Signature-Based Blockchain Paradigm: Foreseeable Impact on Healthcare Applications,"
26 IEEE Internet of Things Magazine,, vol. 5, no. 3, pp. 146-151, 2022.
27 [86] A. Razzaq, S. A. H. Mohsan, S. A. K. Ghayyur, N. Al-Kahtani, H. K. Alkahtani and S. M. Mostafa, "Blockchain in Healthcare: A
28 Decentralized Platform for Digital Health Passport of COVID-19 Based on Vaccination and Immunity Certificates," In Healthcare.
MDPI., vol. 12, p. 10, 2453.
29
[87] M. H. Yekta, A. Shahidinejad and M. Ghobaei-Arani, "Blockchain for transparent, privacy preserved, and secure health data
30 management.," In Implementation of Smart Healthcare Systems using AI, IoT, and Blockchain. Academic Press., pp. 219-242, 2023.
31
[88] A. B. Tello, J. Xing, A. L. Patil, L. P. Patil and S. Sayyad, "Blockchain Technologies in Healthcare System for Real Time Applications
32 Using IoT and Deep Learning Techniques.," International Journal of Communication Networks and Information Security., vol. 14, no. 3,
33 pp. 257-268, 2023.
34 [89] S. S. Nath, S. Sadagopan, D. V. Babu, R. D. Kumar, P. Jonnala and M. Y. B. Murthy, "Block chain-based security and privacy framework
35 for point of care health care IoT devices.," Soft Computing., pp. 1-13., 2023.
36 [90] M. Mejri, "HealthBlock: A Modular Framework for a Collaborative Sharing of Electronic Health Records Based on Blockchain.,"
37 https://doi.org/10.21203/rs.3.rs-1881776/v1, 2022.
38 [91] G. M. Karthik, A. S. Kalyana Kumar, A. B. Karri and N. P. Jagini, "Deep intelligent blockchain technology for securing IoT-based
39 healthcare multimedia data. Wireless Networks.," Wireless Networks., pp. 1-13., 2023.
40 [92] A. Hasselgren, K. Kralevska, D. Gligoroski, S. A. Pedersen and A. Faxvaag, "Blockchain in healthcare and health sciences—A scoping
review.," International Journal of Medical Informatics., vol. 134, p. 104040., 2020.
41
42 [93] D. Marbouh, M. C. E. Simsekler, K. Salah, R. Jayaraman and S. Ellahham, "A Blockchain-Based Regulatory Framework for mHealth.,"
Data., vol. 7, no. 12, p. 177, 2022.
43
[94] A. E. Smail and F. Harmali, "Electronic Health Record (EHR) Management Blockchain-Based in Healthcare Systems.," Doctoral
44 dissertation, université akli mohand oulhadj-bouira., 2022.
45
[95] K. Pal, " A Decentralized Privacy Preserving Healthcare Blockchain for IoT, Challenges, and Solutions.," In Prospects of Blockchain
46 Technology for Accelerating Scientific Advancement in Healthcare. IGI Global., pp. 158-188, 2022.
47 [96] B. Balusamy, N. Chilamkurti, L. A. Beena and T. Poongodi, "Blockchain and machine learning for e-healthcare systems. Blockchain and
48 Machine Learning for e-Healthcare Systems.," Blockchain and Machine Learning for e-Healthcare Systems., pp. 1-481, 2021.
49 [97] J. Zhang, "How do trust and decentralization impact adoption?: an agent-based model for diffusion of blockchain-based COVID-19
50 contact tracing apps.," Doctoral dissertation, University of British Columbia., 2023.
51 [98] S. Meisami, S. Meisami, M. Yousefi and M. R. Aref, "Combining Blockchain and IOT for Decentralized Healthcare Data Management.,"
52 arXiv preprint arXiv., p. 2304.00127., 2023.
53 [99] S. Gupta, M. Shabaz, A. Gupta, A. Alqahtani, S. Alsubai and I. Ofori, "Personal HealthCare of Things: A novel paradigm and futuristic
54 approach.," CAAI Transactions on Intelligence Technology., p. https://doi.org/10.1049/cit2.12220, 2023.
55 [100] I. Azogu, A. Norta, I. Papper, J. Longo and D. Draheim, " A framework for the adoption of blockchain technology in healthcare
56 information management systems: A case study of Nigeria," In Proceedings of the 12th International Conference on Theory and Practice
of Electronic Governance., pp. 310-316, 2019.
57
[101] K. Pal, "Pal, K. (2023). Blockchain With the Internet of Things for Secure Healthcare Service Using Lightweight Cryptography.," In
58
Blockchain Applications in Cryptocurrency for Technological Evolution. IGI Global., pp. 60-93, 2023.
59
60
61 43
62
63
64
65
 1
2
3
4 [102] L. Javed, B. M. Yakubu, M. Waleed, Z. Khaliq, A. B. Suleiman and N. G. Mato, "A Survey on Healthcare IoT Security Issues and
5 Blockchain-Based Solution.," International Journal of Electrical and Computer Engineering Research., vol. 2, no. 4, pp. 1-9., 2022.
6 [103] X. Yang, C. Wu, X. Yan and F. Hu, "Blockchain-Based Healthcare and Medicine Data Sharing and Service System.," in In Blockchain
7 and Trustworthy Systems: 4th International Conference, BlockSys (pp. 79-90).2022, Singapore: Springer Nature Singapore, August 4–5,
8 2022. .
9 [104] A. Pattanayaka and S. Dhala, "Blockchain in Healthcare.," aComputer Science and Engineering Department, IIIT Guwahati, Assam,
India, 2021.
10
11 [105] B. Sharma, "Blockchain: Remaking the Healthcare Sector.," In 2022 11th International Conference on System Modeling & Advancement
in Research Trends (SMART). IEEE., pp. 779-785, 2022.
12
[106] L. Abdelgalil and M. Mejri, "HealthBlock: A Framework for a Collaborative Sharing of Electronic Health Records Based on
13 Blockchain.," Future Internet., vol. 15, no. 3, p. 87, 2023.
14
[107] A. Tiwari and U. Batra, "Internet of Medical Things Enabled by Permissioned Blockchain on Distributed Storage.," In International
15 Conference on IoT, Intelligent Computing and Security. Springer, Singapore., pp. 3-17, 2023.
16 [108] S. Showkat and S. Qureshi, "Securing the Internet of Things Through Blockchain Approach: Security Architectures, Consensus
17 Algorithms, Enabling Technologies, Open Issues, and Research Directions.," International Journal of Computing and Digital Systems.,
18 vol. 13, no. 1, pp. 97-129, 2023.
19 [109] S. Chenthara, K. Ahmed, H. Wang, F. Whittaker and Z. Chen, "Healthchain: A novel framework on privacy preservation of electronic
20 health records using blockchain technology.," Plos One., vol. 15, no. 12, p. e0243043., 2020.
21 [110] S. Biswas, K. Sharif, F. Li, A. K. Bairagi, Z. Latif and S. P. Mohanty, "Globechain: An interoperable blockchain for global sharing of
22 healthcare data—a covid-19 perspective.," IEEE Consumer Electronics Magazine,, vol. 10, no. 5, pp. 64-69., 2021.
23 [111] K. Pal, "IoT Applications With Cryptography and Blockchain Technology in Healthcare Digital Twin Design.," In Role of 6G Wireless
Networks in AI and Blockchain-Based Applications. IGI Global., pp. 220-249, 2023.
24
25 [112] O. Hasan, L. Brunie and E. Bertino, "Privacy-preserving reputation systems based on blockchain and other cryptographic building blocks:
A survey.," ACM Computing Surveys (CSUR)., vol. 55, no. 2, pp. 1-37, 2022.
26
[113] N. Rifi, N. Agoulmine, N. Chendeb Taher and E. Rachkidi, " Blockchain technology: is it a good candidate for securing iot sensitive
27 medical data?," Wireless Communications and Mobile Computing,, 2018.
28
[114] F. I. Anik, N. Sakib, H. Shahriar, Y. Xie, H. A. Nahiyan and S. I. Ahamed, "Unraveling a blockchain-based framework towards patient
29 empowerment: A scoping review envisioning future smart health technologies.," Smart Health., p. 100401., 2023.
30 [115] Y. Liu, F. Ju, Q. Zhang, M. Zhang, Z. Ma, M. Li, .. A. Yank and F. Liu, "Overview of Internet of Medical Things Security Based on
31 Blockchain Access Control.," Journal of Database Management (JDM)., vol. 34, no. 3, pp. 1-20, 2023.
32 [116] B. B. Sezer, H. Turkmen and U. Nuriyev, "PPFchain: A novel framework privacy-preserving blockchain-based federated learning method
33 for sensor networks.," Internet of Things. , p. 100781., 2023.
34 [117] S. Uppal, B. Kansekar, S. Mini and D. Tosh, "HealthDote: A blockchain-based model for continuous health monitoring using
35 interplanetary file system.," Healthcare Analytics., p. 100175, 2023.
36 [118] P. Bedi, S. B. Goyal, J. Kumar and A. S. Rajawat, "Secure Medical Data Transmission Over Wireless Body Area Network Using
37 Blockchain.," In AI-Enabled Multiple-Criteria Decision-Making Approaches for Healthcare Management. IGI Global., pp. 70 - 84, 2022.
38 [119] H. K. Sharma, A. Kumar and S. R. M. Pant, "Artificial Intelligence, Blockchain and IoT for Smart Healthcare.," CRC Press., 2022.
39 [120] S. Baskar and P. V. Gopirajan, "Application of Blockchain in Digital Healthcare.," In 2023 International Conference on Intelligent and
40 Innovative Technologies in Computing, Electrical and Electronics (IITCEE).IEEE., pp. 591-595, 2023.
41 [121] H. B. Mahajan and A. A. Junnarkar, "Smart healthcare system using integrated and lightweight ECC with private blockchain for
42 multimedia medical data processing.," Multimedia Tools and Applications., pp. 1 -24, 2023.
43 [122] S. Shree, C. Zhou and M. Barati, "Data Protection in Internet of Medical Things Using Blockchain and Secret Sharing Method.,"
Research Square -preprint, no. https://doi.org/10.21203/rs.3.rs-2791374/v1, 2023.
44
45 [123] N. K. Dewangan and P. Chandrakar, "TempChain: a blockchain scheme for telehealth data sharing between two blockchains using
property mapping function.," The Journal of Supercomputing., pp. 1 -19, 2023.
46
[124] A. Ali, M. F. Pasha, O. H. Fang, R. Khan, M. A. Almaiah and A. K. Al Hwaitat, "Big Data Based Smart Blockchain for Information
47 Retrieval in Privacy-Preserving Healthcare System.," In Big Data Intelligence for Smart Applications .Cham: Springer International
48 Publishing, pp. 279-296, 2022.
49 [125] N. Lefkovitz and K. Boeckl, "NIST Privacy Framework: An Overview.," 2020. [Online]. Available:
50 https://tsapps.nist.gov/publication/getpdf.cfm?pub id=930470. [Accessed 28 February 2021].
51 [126] S. Mazumdar and T. Dreibholz, "Secure Embedded Living: Towards A Self-Contained User Data Preserving Framework.," IEEE
52 Communications Magazine., vol. 60, no. 11, pp. 74 -80, 2022.
53 [127] G. D'Acquisto, J. Domingo-Ferrer, P. Kikiras, V. Torra, Y. A. de Montjoye and A. Bourka, "Privacy by design in big data: an overview of
54 privacy enhancing technologies in the era of big data analytics.," arXiv preprint arXiv:1512.06000., 2015.
55 [128] C. Lee, L. Zappaterra, K. Choi and H. A. Choi, "Securing smart home: Technologies, security challenges, and security requirements.," In
56 2014 IEEE Conference on Communications and Network Security , pp. 67 -72, 2014.
57 [129] Z. Zeng, Y. Li, Y. Cao, Y. Zhao, J. Zhong, D. Sidorov and X. Zeng, "Blockchain technology for information security of the energy
internet: fundamentals, features, strategy and application.," Energies, , vol. 13, no. 4, p. 881, 2020.
58
59 [130] N. Guhr, O. Werth, P. P. H. Blacha and M. H. Breitner, "Privacy concerns in the smart home context.," SN Applied Sciences., vol. 2, no.
2, pp. 1 - 12, 2020.
60
61 44
62
63
64
65
 1
2
3
4 [131] E. COMMISSION, "Commission proposes a comprehensive reform of data protection rules to increase users' control of their data and to
5 cut costs for businesses," 25 January 2012. [Online]. Available: https://ec.europa.eu/commission/presscorner/detail/en/IP_12_46.
6 [Accessed 20 March 2021].
7 [132] Rt.com., "President Obama Announces Initiatives on Data Security and Student Privacy," 12 January 2015. [Online]. Available:
8 https://www.huntonprivacyblog.com/2015/01/12/president-obama-announces-initiatives-data-security-student-privacy/. [Accessed 20
March 2021].
9
[133] IEEE, "INTERNET OF THINGS (IOT) SECURITY BEST PRACTICE," IEEE Internet Technology Policy Community White Paper,
10 2017.
11
[134] J. Wolff, "At Long Last, a Sensible Internet of Things Security Bill Has Been Introduced in the Senate," 3 August 2017. [Online].
12 Available: http://www.slate.com/blogs/future_tense/2017/08/03/the_senate_is_considering_an_internet_of_things_security_bill.html.
13 [Accessed 12 January 2018].
14 [135] C. Wirth and M. Kolain, "Privacy by blockchain design: a blockchain-enabled GDPR-compliant approach for handling personal data," In
15 Proceedings of 1st ERCIM Blockchain Workshop 2018. European Society for Socially Embedded Technologies (EUSSET)., 2018.
16 [136] H. Rahanu, E. Georgiadou, K. Siakas, M. Ross and E. Berki, "Ethical issues invoked by Industry 4.0.," In European Conference on
17 Software Process Improvement. Springer, Cham., pp. 589 -606, 2021.
18 [137] S. S. Dhanda, B. Singh and P. Jindal, "Lightweight cryptography: A solution to secure IoT.," Wireless Personal Communications , vol.
19 112 , no. 3, pp. 1947-1980, 2020.
20 [138] C. Wirth and M. Kolain, "Privacy by blockchain design: a blockchain-enabled GDPR-compliant approach for handling personal data.," In
21 Proceedings of 1st ERCIM Blockchain Workshop 2018. European Society for Socially Embedded Technologies (EUSSET)., 2018.
22 [139] S. Al Salami, J. Baek, K. Salah and E. Damiani, "Lightweight encryption for smart home," In 2016 11th International Conference on
Availability, Reliability and Security (ARES) IEEE, pp. 382-388, 2016.
23
[140] M. A. Rodrigues and M. M. Siddeq, "Information System: Secure Access and Storage in the Age of Cloud Computing," Athens Journal of
24
Sciences, vol. 3, no. 4, pp. 267-284, 2016.
25
[141] G. S. Poh, P. Gope and J. Ning, "PrivHome: Privacy-preserving authenticated communication in smart home environment.," IEEE
26 Transactions on Dependable and Secure Computing, vol. 18, no. 3, pp. 1095 -1107, 2019.
27 [142] M. Rodrigues, "AI Deep Learning and Data Security in the Internet of Everything," in Kelaniya International Conference on Advances in
28 Computing and Technology KICACT, Colombo, Sri Lanka, 2016.
29 [143] S. Lee, J. Choi, J. Kim, B. Cho, S. Lee, H. Kim and J. Kim, "FACT: Functionality-centric access control system for IoT programming
30 frameworks.," In Proceedings of the 22nd ACM on Symposium on Access Control Models and Technologies., pp. 43-54, 2017.
31 [144] F. Jonsson and M. Tornkvist, "RSA authentication in Internet of Things: Technical limitations and industry expectations.,"
32 http://www.diva-portal. org/smash/get/diva2: 1112039/FULLTEXT01.pdf., Stockholm, Sweden , 2017.
33 [145] K. Pal, "Blockchain With the Internet of Things for Secure Healthcare Service Using Lightweight Cryptography.," In Blockchain
34 Applications in Cryptocurrency for Technological Evolution. IGI Global., pp. 60 -93, 2023.
35 [146] R. Wang, J. He, C. Liu, Q. Li, W. T. Tsai and E. Deng, "A privacy-aware PKI system based on permissioned blockchains.," In 2018 IEEE
36 9th international conference on software engineering and service science (ICSESS).IEEE., pp. 928-931, 2018.
37 [147] R. Creaney, L. Reid and M. Currie, "The contribution of healthcare smart homes to older peoples' wellbeing: A new conceptual
38 framework.," Wellbeing, Space and Society., vol. 2, p. 100031, 2021.
39 [148] S. Pesaru, N. K. Mallenahalli and B. V. Vardhan, "Light weight cryptography-based data hiding system for Internet of Medical Things.,"
International Journal of Healthcare Management., pp. 1-14, 2022.
40
[149] W. Yánez, R. Bahsoon, Y. Zhang and R. Kazman, "Architecting internet of things systems with blockchain: A catalog of tactics.," ACM
41
Transactions on Software Engineering and Methodology (TOSEM), vol. 30, no. 3, pp. 1-46, 2021 .
42
[150] W. Yánez, R. Mahmud, R. Bahsoon, Y. Zhang and R. Buyya, "Data allocation mechanism for Internet-of-Things systems with
43 BlockChain.," IEEE Internet of Things Journal, vol. 7, no. 4, pp. 3509-3522, 2020.
44 [151] A. Dorri, S. S. Kanhere, R. Jurdak and P. Gauravaram, "Blockchain for IoT security and privacy: The case study of a smart home.," In
45 2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops) , pp. 618-623, 2017.
46 [152] Q. Wang, T. Xia, Y. Ren, L. Yuan and G. Miao, " A New Blockchain-Based Multi-Level Location Secure Sharing Scheme.," Applied
47 Sciences, vol. 11, no. 5, p. 2260, 2021.
48 [153] C. Lin, D. He, N. Kumar, X. Huang, P. Vijayakumar and K. K. R. Choo, "HomeChain: A blockchain-based secure mutual authentication
49 system for smart homes.," IEEE Internet of Things Journal, vol. 7, no. 2, pp. 818-829, 2019.
50 [154] Alpa, "Proof-of-Authority consensus," 2018. [Online]. Available: https://apla.readthedocs.io/en/latest/concepts/consensus.html. [Accessed
51 10 October 2021].
52 [155] G. Zyskind and O. Nathan, " Decentralizing privacy: Using blockchain to protect personal data.," In 2015 IEEE Security and Privacy
53 Workshops. IEEE., pp. 180-184, 2015.
54 [156] D. Schreckling, J. D. Parra, C. Doukas and J. Posegga, "Data-Centric Security for the IoT," In International Internet of Things Summit,
55 Springer, Cham., pp. 77-86, 2015.
56 [157] A. Outchakoucht, E. Hamza and J. Leroy, "Dynamic access control policy based on blockchain and machine learning for the internet of
things.," International journal of advanced Computer Science and applications., vol. 8, no. 7, pp. 417-424, 2017.
57
[158] W. Han, Y. Zhang, Z. Guo and E. Bertino, "Fine-grained business data confidentiality control in cross-organizational tracking.," In
58
Proceedings of the 20th ACM Symposium on Access Control Models and Technologies., pp. 135 -145, 2015.
59
60
61 45
62
63
64
65
 1
2
3
4 [159] P. Zhong, Q. Zhong, H. Mi, S. Zhang and Y. Xiang, "Privacy-protected blockchain system.," In 2019 20th IEEE International Conference
5 on Mobile Data Management (MDM) IEEE., pp. 257 -461, 2019.
6 [160] R. Almadhoun, M. Kadadha and M. Alhemeiri, "A user authentication scheme of IoT devices using blockchain-enabled fog nodes.," In
7 2018 IEEE/ACS 15th international conference on computer systems and applications (AICCSA)IEEE., pp. 1-8, 2018.
8 [161] Q. Wang, T. Xia, Y. Ren, L. Yuan and G. Miao, " A New Blockchain-Based Multi-Level Location Secure Sharing Scheme.," Applied
9 Sciences., vol. 11, no. 5, p. 2260, 2021.
10 [162] N. Rifi, N. Agoulmine, N. Chendeb Taher and E. Rachkidi, "Blockchain technology: is it a good candidate for securing iot sensitive
11 medical data?," Wireless Communications and Mobile Computing., 2018.
12 [163] W. River, "Security in the Internet of Things: Lessons from the Past for the Connected Future.," WIND River., 2015.
13 [164] T. Hardjono, "Kerberos for Internet-of-Things," MIT Kerberos & Internet Trust Consortium, IETF89, February 2014. [Online].
Available: “. URL: http://www. tschofenig. priv. at/tutorials/Kerberos-Tutorial. pdf (abgerufen am 08.06. 2015), 25.. [Accessed 13
14
February 2020].
15
[165] H. Kim, A. Wasicek, B. Mehne and E. A. Lee, "A secure network architecture for the internet of things based on local authorization
16 entities," 016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud). IEEE, pp. 114-122, August, 2016.
17 [166] H. Kim and E. A. Lee, "Trusting the Internet of Things: Authentication and Authorization for the Internet of Things," IT Professional,
18 vol. 19, no. 5, pp. 27-33, 2017.
19 [167] W. He, V. Zhao, O. Morkved, S. Siddiqui, E. Fernandes, J. Hester and B. Ur, "SoK: Context sensing for access control in the adversarial
20 home IoT.," In 2021 IEEE European Symposium on Security and Privacy (EuroS&P) , pp. 37-53, 2021.
21 [168] N. Ghosh, S. Chandra, V. Sachidananda and Y. Elovici, " SoftAuthZ: a context-aware, behavior-based authorization framework for home
22 IoT.," IEEE Internet of Things Journal., vol. 6, no. 6, pp. 10773-10785., 2019.
23 [169] A. S. J. Ukil and S. Koilakonda, "Embedded security for Internet of Things," In 2011 2nd National Conference on Emerging Trends and
24 Applications in Computer Science. IEEE., pp. 1-6, 2011.
25 [170] H. HaddadPajouh, R. Khayami, A. Dehghantanha, K. K. R. Choo and R. M. Parizi, "AI4SAFE-IoT: An AI-powered secure architecture
26 for edge layer of Internet of things.," Neural Computing and Applications, , vol. 32, no. 20, pp. 16119-16133., 2020.
27 [171] I. Psychoula, "Privacy Modelling and Preservation for Assisted Living within Smart Homes.," DeMortfort University, Leicester, 2020.
28 [172] A. Verma, K. Sahay, S. Prakash, A. Kumar, A. Kumar, H. F. M. Lahza, H. Lahza and M. A. Albahar, "A Systematic Review on Machine
29 Learning Fundamentals for Smart Home.," Towards Smart City Solution., 2023.
30 [173] K. P. M. T. Revathi, " A Smart and Secured Approach for Children’s Health Monitoring Using Machine Learning Techniques Enhancing
Data Privacy.," IETE Journal of Research., pp. 1 - 12, 2022.
31
32 [174] M. M. Salim, L. Park and J. H. Park, " A Machine Learning based Scalable Blockchain architecture for a secure Healthcare system.," In
2022 13th International Conference on Information and Communication Technology Convergence (ICTC).IEEE, pp. 2231-2234, 2022.
33
[175] G. Velliyangiri, V. Krishnamoorthy, C. Inbaraj, A. Venkatachalam, R. Rahim and M. Ramachandran, "Blockchain and Artificial
34 Intelligent for Internet of Things in e-Health.," In The Convergence of Artificial Intelligence and Blockchain Technologies: Challenges
35 and Opportunities., pp. 23-42, 2022.
36 [176] J. Mandala, R. Ganeshan, B. Maram and T. Daniya, "IoT and Artificial Intelligence for Healthcare Informatics: Evolving Technologies.,"
37 In Handbook of Research on Mathematical Modeling for Smart Healthcare Systems IGI Global., pp. 110-120, 2022.
38 [177] H. K. Sharma, A. Kumar, S. Pant and M. Ram, "Artificial Intelligence, Blockchain and IoT for Smart Healthcare.," CRC Press, 2022.
39 [178] R. Kumar, D. Singh, K. Srinivasan and Y. C. Hu, "AI-Powered Blockchain Technology for Public Health: A Contemporary Review,
40 Open Challenges, and Future Research Directions.," In Healthcare. MDPI., vol. 11, no. 1, p. 81, 2022.
41 [179] C. Pirtle and J. Ehrenfeld, "Blockchain for healthcare: The next generation of medical records?," Journal of Medical Systems, vol. 42, no.
42 9, pp. 1-3, 2018.
43 [180] K. Farooq, H. J. Syed, S. O. Alqahtani, W. Nagmeldin, A. O. Ibrahim and A. Gani, "Blockchain Federated Learning for In-Home Health
44 Monitoring. Electronics,," Electronics., vol. 12, no. 1, p. 136, 2022.
45 [181] V. K. Prasad, P. Bhattacharya, D. Maru, S. Tanwar, A. Verma, A. Singh, A. Tiwari, R. Sharma, A. Alkhayyat, F. Țurcanu and M. S.
46 Raboaca, "Federated Learning for the Internet-of-Medical-Things: A Survey.," Mathematics., vol. 11, no. 1, p. 151, 2022.
47 [182] A. Zahid, R. Sharma, S. Wingreen and A. Inthiran, "Soft systems modelling of design artefacts for blockchain-enabled precision
48 healthcare as a service.," Proceedings of The International Conference on Electronic Business. ICEB’22,, vol. 22 , pp. 451-467, 2022.
49 [183] A. A. Alzahrani, "Using Artificial Intelligence and Cybersecurity in Medical and Healthcare Applications.," Alzahrani, A. A. (2023).
Using Artificial Intelligence and Cybersecurity in Medical and Healthcare Applications. 2023.
50
[184] K. Gaikwad, K. Kulkarni, S. Kohle and P. Patil, "Implementation of Blockchain Technology in IOT Based Smart Home.," In 2022 5th
51 International Conference on Advances in Science and Technology (ICAST). IEEE., pp. 6-10, 2022.
52
[185] VeChain, "VeChain Whitepaper 2.0," VeChain Foundation, http://www.vechain.org/qfy-
53 content/uploads/2020/01/VeChainWhitepaper_2.0_en.pdf, 2019.
54 [186] VeChain, "VeChain Whitepaper 2.0 - CreatingValuableTXs on The VechainThor Blockchain," VeChain Foundation, 1 12 2019. [Online].
55 Available: https://www.vechain.org/whitepaper/#bit_65sv8. [Accessed 2 December 2021].
56 [187] A. D. Dwivedi, G. Srivastava, S. Dhar and R. Singh, "A decentralized privacy-preserving healthcare blockchain for IoT.," Sensors., vol.
57 19, no. 2, p. 326., 2019.
58 [188] S. K. Rana, A. K. Rana and S. Dhawan, "A Vital Fusion of Internet of Medical Things and Blockchain to Transform Data Privacy and
59 Security.," in Convergence of Deep Learning and Artificial Intelligence in Internet of Things, CRC Press, 2022, pp. 293 - 308.
60
61 46
62
63
64
65
 1
2
3
4 [189] K. P. Satamraju, "Proof of concept of scalable integration of internet of things and blockchain in healthcare.," Sensors., vol. 20, no. 5, p.
5 1389, 2020.
6 [190] R. Pathak, B. Soni and N. B. Muppalaneni, "Role of Blockchain in Health Care: A Comprehensive Study.," in In Proceedings of 3rd
7 International Conference on Recent Trends in Machine Learning, IoT, Smart Cities and Applications: ICMISC, Singapore: Springer
8 Nature Singapore., 2023.
9 [191] B. Sharma, "Blockchain: Remaking the Healthcare Sector.," In 2022 11th International Conference on System Modeling & Advancement
in Research Trends (SMART) . IEEE., pp. 779-785, 2022.
10
11 [192] S. S. Nath, S. Sadagopan, D. V. Babu, R. D. Kumar, P. Jonnala and M. Y. B. Murthy, "Block chain-based security and privacy framework
for point of care health care IoT devices.," Soft Computing., pp. 1-13., 2023.
12
[193] D. Yonathan, D. Husna, F. A. Ekadiyanto, I. K. E. Purnama, A. N. Hidayati, M. H. Purnomo, S. Nugroho, R. Rachmadi, I. Nurtanio and
13 A. A. P. Ratna, "Design of decentralized application for telemedicine image record system with smart contract on ethereum.,"
14 International Journal of Advanced Computer Science and Applications., vol. 12, no. 10, 2021.
15 [194] L. Abdelgalil and M. Mejri, "HealthBlock: A Framework for a Collaborative Sharing of Electronic Health Records Based on
16 Blockchain.," Future Internet., vol. 15, no. 3, p. 87, 2023.
17 [195] A. D. Dwivedi, G. Srivastava, S. Dhar and R. Singh, "A decentralized privacy-preserving healthcare blockchain for IoT.," Sensors., vol.
18 19, no. 2, p. 326, 2019.
19 [196] B. S. Egala, A. K. Pradhan, P. Dey, V. Badarla and S. P. Mohanty, "Fortified-Chain 2.0: Intelligent Blockchain for Decentralized Smart
20 Healthcare System.," IEEE Internet of Things Journal., 2023.
21 [197] M. Paul, L. Maglaras, M. A. Ferrag and I. AlMomani, "Digitization of healthcare sector: A study on privacy and security concerns.," ICT
22 Express., 2023.
23 [198] Z. Ilyas, M. I. Tariq, S. K. Shahzad and R. A. Karim, "Resolving Smart Health Security Issues Using Ontologies and Blockchain
Services.," PAKISTAN JOURNAL OF EMERGING SCIENCE AND TECHNOLOGIES (PJEST), vol. 3, no. 2, 2023.
24
25 [199] A. Ekblaw, A. Azaria, J. D. Halamka and A. Lippman, "A Case Study for Blockchain in Healthcare:“MedRec” prototype for electronic
health records and medical research data.," . In Proceedings of IEEE open & big data conference, vol. 13, p. 13, Ekblaw, A., Azaria, A.,
26 Halamka, J. D., & Lippman, A. (2016, August). A Case Study for Blockchain in Healthcare:“MedRec” prototype for electronic health
27 records and medical research data. In Proceedings of IEEE open & big data conference (Vol. 13, p. 13). Ekblaw, A., Azaria, A., Halamka,
28 J. D., & Lippman, A. (2016, August). A Case Study for Blockchain in Healthcare:“MedRec” prototype for electronic health records and
29 medical research data. In Proceedings of IEEE open & big data conference (Vol. 13, p. 13). 2016 .
30 [200] L. A. Linn and M. B. Koo, "Blockchain for health data and its potential use in health it and health care related research.," in In ONC/NIST
31 use of blockchain for healthcare and research workshop. , Gaithersburg, Maryland, United States, 2016.
32 [201] S. Tiwari, D. N. and H. Dev, "An Intelligent Healthcare Framework for Data Security Based on Blockchain and Internet of Things.,"
International Journal of Intelligent Systems and Applications in Engineering, vol. 10, no. 3, pp. 95-102, 2022.
33
[202] A. Lekssays, G. Sirigu, B. Carminati and E. Ferrari, "MalRec: A Blockchain-based Malware Recovery Framework for Internet of
34 Things.," In Proceedings of the 17th International Conference on Availability, Reliability and Security., pp. 1-8, 2022.
35
[203] T. T. A. Dinh, J. Wang, G. Chen, R. Liu, B. C. Ooi and K. L. Tan, "Blockbench: A framework for analyzing private blockchains.," In
36 Proceedings of the 2017 ACM international conference on management of data., pp. 1085-1100, 2017.
37 [204] B. Wang and Z. Li, "Healthchain: A Privacy Protection System for Medical Data Based on Blockchain.," Future Internet., vol. 13, no. 10,
38 p. 247, 2021.
39 [205] A. Raj and S. Prakash, " Smart Contract-Based Secure Decentralized Smart Healthcare System.," International Journal of Software
40 Innovation (IJSI), vol. 11, no. 1, pp. 1-20., 2023.
41 [206] T. L. N. Dang and M. S. Nguyen, "An approach to data privacy in smart home using blockchain technology.," In 2018 International
42 Conference on Advanced Computing and Applications (ACOMP), pp. 58-64, 2018.
43 [207] S. N. Mohanty, K. C. Ramya, S. S. Rani, D. Gupta, K. Shankar, S. K. Lakshmanaprabu and A. Khanna, "An efficient Lightweight
44 integrated Blockchain (ELIB) model for IoT security and privacy.," Future Generation Computer Systems., vol. 102, pp. 1027-1037,
45 2020.
46 [208] A. Dorri, S. S. Kanhere, R. Jurdak and P. Gauravaram, "LSB: A Lightweight Scalable Blockchain for IoT security and anonymity.,"
Journal of Parallel and Distributed Computing., vol. 134, pp. 180-197., 2019.
47
48 [209] A. Qashlan, P. Nanda, X. He and M. Mohanty, "Privacy-preserving mechanism in smart home using blockchain.," Privacy-preserving
mechanism in smart home using blockchain. IEEE Access., vol. 9, pp. 103651-103669., 2021.
49
[210] K. Azbeg, O. Ouchetto and S. J. Andaloussi, "Access Control and Privacy-Preserving Blockchain-Based System for Diseases
50 Management.," IEEE Transactions on Computational Social Systems., 2022.
51
[211] O. Hasan, L. Brunie and E. Bertino, "Privacy-Preserving Reputation Systems Based on Blockchain and Other Cryptographic Building
52 Blocks: A Survey.," ACM Computing Surveys (CSUR), vol. 55, no. 2, pp. 1 - 37, 2022.
53 [212] H. J. Jo and W. Choi, "BPRF: Blockchain-based privacy-preserving reputation framework for participatory sensing systems.," Plos one.,
54 vol. 14, no. 12, p. e0225688., 2019.
55 [213] M. I. Ahmed, G. Kannan and S. R. Polamuri, "LSITA: An Integrated Framework for Leveraging Security of Internet of Things
56 Application with Remote Patient Monitoring System.," Research Square, 2022.
57 [214] R. Creaney, L. Reid and M. Currie, "The contribution of healthcare smart homes to older peoples' wellbeing: A new conceptual
58 framework. Wellbeing.," Space and Society., vol. 2, p. 100031, 2021.
59 [215] A. A. AlZubi, M. Al-Maitah and A. Alarifi, "Cyber-attack detection in healthcare using cyber-physical system and machine learning
60 techniques.," Soft Computing, , vol. 25, no. 18, pp. 12319-12332, 2021.
61 47
62
63
64
65
 1
2
3
4 [216] A. R. Sfar, E. Natalizio, S. Mazlout, Y. Challal and Z. Chtourou, "Privacy preservation using game theory in e-health application.,"
5 Journal of information security and applications., vol. 66, p. 103158., 2022.
6 [217] T. Kuhrt, "Hyperledger Projects- Hyperledger Foundation," 3 January 2022. [Online]. Available:
7 https://wiki.hyperledger.org/display/TSC/Hyperledger+Projects. [Accessed 12 January 2022].
8 [218] R. Pandey, "How to measure your body composition on the Samsung Galaxy Watch 4 and Watch 5 series," 19 December 2022. [Online].
9 Available: https://www.androidpolice.com/measure-body-composition-samsung-galaxy-watch/. [Accessed 13 january 2023].
10 [219] S. C. Mukhopadhyay, "Wearable sensors for human activity monitoring: A review.," IEEE sensors journal, vol. 15, no. 3, pp. 1321-1330.,
11 2014.
12 [220] I. Docs, "How IPFS works," 7 December 2022,. [Online]. Available: https://docs.ipfs.tech/concepts/how-ipfs-works/#content-addressing.
[Accessed 9 January 2023].
13
[221] S. Majumder, T. Mondal and M. J. Deen, "Wearable sensors for remote health monitoring.," Sensors., vol. 17, no. 1, p. 130, 2017.
14
15 [222] S. Bansal and D. Kumar, "IoT ecosystem: A survey on devices, gateways, operating systems, middleware and communication.,"
International Journal of Wireless Information Networks., vol. 27, no. 3, pp. 340 -364, 2020.
16
[223] E. Saleh and S. Rajesh, "High-performance cryptanalysis: a comparative study of code-breaking techniques.," in In Proceedings of the
17 International Conference on Innovative Computing & Communication (ICICC)., 2021 .
18
[224] G. Pedroza and P. Tessier, "D5.5 Methods for data protection and privacy model-driven design v2," ResearchGate, DOI:
19 10.13140/RG.2.2.30257.45929, 2020.
20 [225] S. Becher, A. Gerl, B. Meier and F. Bölz, "Big picture on privacy enhancing technologies in e-health: a holistic personal privacy
21 workflow. Information," Information,, vol. 11, no. 7, p. 356, 2020.
22 [226] W. Ali, G. Dustgeer, M. Awais and M. A. Shah, "IoT based smart home: Security challenges, security requirements and solutions.," In
23 2017 23rd International Conference on Automation and Computing (ICAC) IEEE., pp. 1 -6, 2017.
24 [227] T. A. S. Srinivas, A. D. Donald, I. D. Srihith, D. Anjali and A. Chandana, "The Rise of Secure IoT: How Blockchain is Enhancing IoT
25 Security.," International Journal of Advanced Research in Science, Communication and Technology (IJARSCT), vol. 3, no. 1, pp. 2581-
26 9429, 2023.
27 [228] A. K. Yadav and V. P. Vishwakarma, " Adoptation of Blockchain of Things (BCOT): Oppurtunities & Challenges.," In 2022 IEEE
28 International Conference on Blockchain and Distributed Systems Security (ICBDS), pp. 1-5, 2022.
29 [229] S. A. Bennacer, K. Sabiri, A. Aaroud, K. Akodadi and B. Cherradi, "A comprehensive survey on blockchain-based healthcare industry:
applications and challenges.," Indonesian Journal of Electrical Engineering and Computer Science., vol. 30, no. 3, pp. 1558-1571., 2023.
30
[230] W. Viriyasitavat, T. Anuphaptrirong and D. Hoonsopon, "When blockchain meets Internet of Things: Characteristics, challenges, and
31
business opportunities.," Journal of industrial information integration., vol. 15, pp. 21-28, 2019.
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61 48
62
63
64
65
Author Contribution Statement

CRediT authorship contribution statement

Olusogo Popoola: Writing – original draft, Writing – review & editing. Marcos A. Rodrigues: Review & editing. Jims N. Marchang:
Review & editing. Alex Shenfield: Review & editing. Augustine Ikpehia: Review & editing. Jumoke Popoola: Review & editing.