Security context framework for distributed healthcare IoT platform

Abstract

As Internet of Things (IoT) is entering mainstream, data privacy and security in information exchange becomes a major concern and a barrier for potential adopters, especially in healthcare regime. Information from health IoT devices and services is sensitive and confidential. While many existing works have proposed enhancements and security prospects for individual devices and components in IoT ecosystems, they still do not address the underlying challenge which is the lack of sufficient security within systems. Effective security has to be built-in, not patched upon. To efficaciously tackle the challenge in distributed IoT systems, we present a security context framework which applies adaptive security contexts to properly track data of interest. The proposed solution can achieve accountability and track information propagation, involving devices, services and parties who have responsibility and potential legal liability. This could help leverage not just technical but also policy and legal aspects to enable health IoT adoption.