Context-aware pseudonymization and authorization model for IoT-based smart hospitals

Abstract

Smart hospital is a healthcare infrastructure that uses IoT technology. This intelligent space allows to collaborate a several health actors via their IoT devices. This coordination improves the quality and continuity of health services for better patient care. However, uncontrolled access to patient information can disrupt the smooth running of hospital services. In this paper, we aim to secure the information of patient exchanged and shared, using the privacy and access control based on the context. We develop two protocols, the first is a context-aware pseudonym service. It protects the patient’s personal and health information in two smart space hospital and home. Furthermore, we prevent the disclosure of the patient’s location during his hospital stay. The second is an authorization and delegation protocol based on trust, context and role. It oversees the actions and interactions of health body with the smart bracelet object of patient. Our protocol uses the context to generate a set of roles with their trust values. Only one role is activated if its trust value is greater than or equal to a trust threshold. A dynamic delegation mechanism is created to better manage the interactions between health bodies. We demonstrate through the practical analysis as well as generation time overhead, storage overhead and response time requirement the efficiency and robustness of our proposed protocols.