A Secure and Decentralized Trust Management Scheme for Smart Health Systems

The Internet of Things (IoT) growth is extremely fast and it now has found its way to healthcare applications too. Many smart health gadgets and devices are helping practitioners in collecting medical information and monitoring patients. In this distributed system, information or service is sometimes shared and used by other devices. Considering the importance of health-related information and the decisions made based on it, there should be some sort of assurance on the security and quality of the services or information provided. Trust management is an efficient means of promoting application security and reliability in these cases. However, due to some limitations that are specific to IoT, traditional trust evaluation algorithms cannot be employed or do not yield satisfactory results. In this paper, evidence theory is exploited to design a decentralized service-oriented trust management model for healthcare IoT. A measure of evidence distance is used to reward well-behaving healthcare service/information providers as well as referrers and punish malicious entities. In this context-aware model, trust is estimated based on direct experiences and indirect feedbacks of recommenders. The process runs in two contexts; trust to healthcare service and trust to recommendation. When personal direct experience does not exist, trust to a source or service is estimated by applying the combinatorial laws of evidence theory and integrating indirect trust values. The proposed model is secure against bad-mouthing, good-mouthing, and on-off attacks due to its dynamic parameters and using the concept of evidence distance. Our results confirm the robustness and efficiency of this scheme.