A critical literature review of security and privacy in smart home healthcare schemes adopting IoT&blockchain:Problems,challenges and solutions  被引量：2

作　　者：Olusogo Popoola Marcos Rodrigues Jims Marchang Alex Shenfield Augustine Ikpehai Jumoke Popoola 

机构地区：[1]Department of Computing,Sheffield Hallam University,Sheffield,S11WB,UK [2]Department of Engineering and Math,Sheffield Hallam University,Sheffield,S11WB,UK

出　　处：《Blockchain(Research and Applications)》2024年第2期13-61,共49页区块链研究（英文）

摘　　要：Protecting private data in smart homes,a popular Internet-of-Things(IoT)application,remains a significant data security and privacy challenge due to the large-scale development and distributed nature of IoT networks.Recently,smart healthcare has leveraged smart home systems,thereby compounding security concerns in terms of the confidentiality of sensitive and private data and by extension the privacy of the data owner.However,proof-of-authority(PoA)-based blockchain distributed ledger technology(DLT)has emerged as a promising solution for protecting private data from indiscriminate use and thereby preserving the privacy of individuals residing in IoT-enabled smart homes.This review elicits some concerns,issues,and problems that have hindered the adoption of blockchain and IoT(BCoT)in some domains and suggests requisite solutions using the aging-in-place scenario.Implementation issues with BCoT were examined as well as the combined challenges BCoT can pose when utilised for security gains.The study discusses recent findings,opportunities,and barriers,and provides recommendations that could facilitate the continuous growth of blockchain applications in healthcare.Lastly,the study explored the potential of using a PoA-based permission blockchain with an applicable consent-based privacy model for decision-making in the information disclosure process,including the use of publisher-subscriber contracts for fine-grained access control to ensure secure data processing and sharing,as well as ethical trust in personal information disclosure,as a solution direction.The proposed authorisation framework could guarantee data ownership,conditional access management,scalable and tamper-proof data storage,and a more resilient system against threat models such as interception and insider attacks.

关 键 词：IOT Smart home healthcare PoA-based permissioned blockchain Authorisation framework Fine-grained access control INTERCEPTION Privacy model Consent 

分 类 号：TP311.13[自动化与计算机技术—计算机软件与理论] TP309[自动化与计算机技术—计算机科学与技术]