Detalhes bibliográficos
| Ano de defesa: |
2021 |
| Autor(a) principal: |
Tomaz, Antonio Emerson Barros |
| Orientador(a): |
Não Informado pela instituição |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Tese
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
eng |
| Instituição de defesa: |
Não Informado pela instituição
|
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Link de acesso: |
http://www.repositorio.ufc.br/handle/riufc/57929
|
Resumo: |
People of different ages have used miniaturized mobile devices with wireless communication capabilities and integrated with biosensors as wearable accessories to collect health data regularly. This type of medical assistance, which uses mobile devices to monitor patients and offer healthcare services remotely, is known as mHealth. The mHealth devices are typically wearable and have resource-limited, so many mHealth resources are managed through a smartphone. In this scenario, one of the most worrying issues involves communication between the monitoring devices and the smartphone. When the communication uses Bluetooth, it is standard for the device to be paired with the smartphone; but generally, it is not exclusively associated with a specific mHealth application. This feature can allow for a data theft attack. Thus, to address this problem, the present work proposes an authentication scheme based on Non-Interactive Zero-Knowledge Proof (NIZKP) — a cryptographic primitive lightweight enough to run on mHealth devices with resource-limited. In order to preserve patient’s privacy throughout the system, this work uses blockchain technology to address the issues of storage, management, and sharing of data. Through smart contracts, the blockchain assumes the role of a decentralized authenticator that guarantees access to data only to legitimate users. As there is no privacy in the standard public blockchain, this work presents a scheme in which the data transmitted, stored, or shared is protected by Attribute-Based Encryption (ABE). Here, the data owner can share the encrypted data, which is associated with an access policy, and he/she himself/herself has the ability to distribute the secret keys to legitimate users to decrypt the data. Privacy-preserving and data security in electronic health record systems, including mHealth systems, are currently among the biggest concerns for patients. Given this scenario of concerns, the proposal presented in this work addresses all these issues holistically, proposing a model for constructing a mHealth system that guarantees the security and privacy of data from end to end, with robust access control and fully managed by the patient. We also provide a real implementation of our proposal using an Arduino Nano to represent the data collection device and the Ethereum blockchain to control access to the data. The results obtained prove that, even with a high level of security, it is possible to implement this scheme on resource-limited devices, requiring low execution time and little memory space. |
