Blockchain: Research and Applications (Jun 2024)

A critical literature review of security and privacy in smart home healthcare schemes adopting IoT & blockchain: Problems, challenges and solutions

  • Olusogo Popoola,
  • Marcos Rodrigues,
  • Jims Marchang,
  • Alex Shenfield,
  • Augustine Ikpehai,
  • Jumoke Popoola

Journal volume & issue
Vol. 5, no. 2
p. 100178

Abstract

Read online

Protecting private data in smart homes, a popular Internet-of-Things (IoT) application, remains a significant data security and privacy challenge due to the large-scale development and distributed nature of IoT networks. Recently, smart healthcare has leveraged smart home systems, thereby compounding security concerns in terms of the confidentiality of sensitive and private data and by extension the privacy of the data owner. However, proof-of-authority (PoA)-based blockchain distributed ledger technology (DLT) has emerged as a promising solution for protecting private data from indiscriminate use and thereby preserving the privacy of individuals residing in IoT-enabled smart homes. This review elicits some concerns, issues, and problems that have hindered the adoption of blockchain and IoT (BCoT) in some domains and suggests requisite solutions using the aging-in-place scenario. Implementation issues with BCoT were examined as well as the combined challenges BCoT can pose when utilised for security gains. The study discusses recent findings, opportunities, and barriers, and provides recommendations that could facilitate the continuous growth of blockchain applications in healthcare. Lastly, the study explored the potential of using a PoA-based permission blockchain with an applicable consent-based privacy model for decision-making in the information disclosure process, including the use of publisher-subscriber contracts for fine-grained access control to ensure secure data processing and sharing, as well as ethical trust in personal information disclosure, as a solution direction. The proposed authorisation framework could guarantee data ownership, conditional access management, scalable and tamper-proof data storage, and a more resilient system against threat models such as interception and insider attacks.

Keywords