Developing a Secure Architecture for Internet of Medical Things Using Attribute-Based Encryption

The Internet of Medical Things (IoMT) is a new paradigm in the IoT-based healthcare and medical applications which has brought many advantages to this. Increasing in the number of smart medical devices has led to security challenges within IoMT environments. Cryptography and other cutting-edge approaches have been widely used to mitigate the challenges and prevent sensitive data leakage. One of such approaches is the attribute-based encryption (ABE), which enables a fine-grained and flexible access control. However, the ABE does not provide a dynamic encryption mechanism when patients' conditions change over the period of remote monitoring. To address this, we present a novel security architecture for IoMT that relies on ciphertext policy attribute-based encryption (CP-ABE). The architecture applies a dynamic access structure for the encryption in accordance with the status of the medical data collected by IoMT devices. We define some new components mainly hosted on the IoMT gateways in order to encrypt and decrypt the medical data in the architecture. An IoMT use case is presented to show how our proposed architecture supports dynamic encryption in e-healthcare systems.