2.3.3 Cloud Layer
The cloud layer integrates data from various fog nodes and does analysis using deep learning, generates pattern, and gets future insights for the disease prediction. The cloud layer provides various connectivity protocols to address variety of users across the world Akintoye et al. [27]. The fog node across different geographical areas uses different communication channel like optical fibers, twisted pair, co-axial cable, satellite communication, and sometimes LTE. The cloud provides best data management techniques to health-related user for better management of large amount of patient data. The cloud healthcare system incorporates set of rules through which it can analyze patterns and can trigger alarm when any risky pattern detected. The cloud layer uptime should be as high as possible (very near to 100%). So, it can always be there for help when ever any request arises from persons involved in healthcare institutions.
2.4 Issues and Challenges
Integration of IoT and fog computing can take the healthcare industry to the next level. The smart health sensors of wearable IoT devices stays with the patient all the time and it monitors patient heart rate, blood pressure, body temperature, blood glucose, oxygen saturation, and much more in real time and passes these whole data to the fog node for the processing and storage and then to the cloud for deep learning Khan et al. [29]. All this data plays an important role in the healthcare industry. So, it should be protected from various threats and vulnerabilities. There are a number of security challenges that we should care about. Generally, the patient care industry invests very less amount of money on privacy and security of healthcare data. But in a smart healthcare system, security and privacy plays a very important role Hamid et al. [30]. The data produced by medical e-health sensors are very large and very sensitive. These data also contain patient private information. The patient data can be hampered on different stages like in data gathering from sensors and transfer it to fog nodes and sometimes on clouds also.
Some of the data risks that should be taken into account are integrity of data, authenticity of data, and auditing of data and private data of patients. Various mechanisms are shown in Table 2.1.
Integrity of Patient Data: It refers to availability of the same data in the whole system without change. Or you can say no modification in data throughout its life cycle. This means accuracy of data should not be tempered. There should be no unintentional change in data. Any intention should reflect immediately in the whole system. The main purpose of maintaining integrity is to ensure accuracy and reliability of the health data. Integrity can be sub-categorized in four categories: integrity defined by user, integrity of reference, integrity of various domains, and integrity of data entity.
Usability of Patient Information: Information usability refers to no unauthorized access of patient data generated or stored by smart healthcare systems. The use of deep learning on patient data can generate unique patterns and provide different solutions. The data generated by the system also comes at data privacy risks. The little bit of unwanted modification in data can cause serious issues.
Audition of Healthcare Data: Access of healthcare devices needs to be auditioned properly for monitoring of various mechanisms and techniques for identifying unwanted patterns. The integration of cloud computing resources may also create some trouble in security concerns because the cloud providers generally are usually unreliable in case of privacy terms. So, it requires a good audition procedure, the audition procedure consists of records used in operation, the service provider (in this case the cloud provider) and the user which is involved in patient care.
Privacy of Patient: Privacy of users plays a very important role in any digital technology. In the e-health system, patient information is the most valuable resource. So, we need to be very careful in keeping data safe. The patient data can be divided into two kinds: general records and the critical personal information. General records do not require any good privacy like name, age, sex, height, weight, and color. But critical personal information needs special attention in terms of security and privacy [21]. Critical information includes genetic info data, allergy from some kind medicine, addiction to drugs, certain kinds of infections, color blindness data, fertility information, sexual orientation, and some others. This information needs to be encrypted before storing and sending it to the cloud.
Table 2.1 Security and privacy mechanism prosed in some papers.
| Paper | Techniques | Domain | Characteristic |
| [4] | Machine Learning | Smart Healthcare Health Decision | Support System |
| [7] | Attribute Based-Encryption | Personal Healthcare | Encrypting Personal Healthcare Records |
| [8] | Ciphertext Policy Attribute Based-Encryption | Wireless Network for Healthcare Sensors | Preserving integrity and confidentiality of health-related data |
| [9] | Attribute Based-Encryption | Patient Data sharing | Resolving key escrow problem |
| [10] | KMS | e-health systems | Lightweight end to end key management |
| [11] | IoT sensors based on Cloud | Senior citizen health data management | Providing medical assistance to elder people |
| [12] | Ciphertext Policy Attribute Based-Encryption | Encrypted cloud data | Resolving APKS problem in Cloud computing |
| [13] | m2-ABKS | Encrypted e-health data | Authorized access of records and collusion attacks are addressed |
| [14] | Laplace guided KR | Image Compression | Achieving high compression ratio with low computational cost |
| [15] | PASStree | Matching of string | Providing good string matching without privacy hampering |
| [16] | Authentication techniques | Patient Supervision | Promising patient’s privacy while preserving confidentiality of system |
| [17] | Homomorphic Encryption | Privacy of Data | Preserving privacy of data generated by IoT devices |
There are some threats available related to security and privacy.
Fake
