Towards an Adaptive Internet of Healthcare Things (IoHT) Authentication Data Model (Preprint)

Abstract

The healthcare industry has faced various challenges over the past decade as we move towards a digital future where services and data are available at your fingertips. The systems of interconnected devices, users, data and working environments are referred to as the Internet of Healthcare Things (IoHT). IoHT devices have been emerging in the past decade as cost-effective solutions with large scalability capabilities to address the constraints on limited resources, and now to cater to the need to remote healthcare services outside of physical interactions. However, IoHT security is often overlooked as the devices are quickly deployed and configured as setup and use solutions to meet the demands of a heavily saturated industry where cyber attackers are taking advantage of the circumstances. During this pandemic, studies have shown that cybercriminals are exploiting the healthcare industry and data breaches are targeting user credentials through authentication vulnerabilities. Poor password use and management, and the lack of multi-factor authentication (MFA) security posture within IoHT, causes millions in damaged according to IBM. Therefore, it is important that healthcare authentication security moves toward adaptive multi-factor authentication (AMFA) to replace the traditional approach to authentication.

At present there are no data models that particularly focus on IoHT data architecture to improve the feasibility of AMFA in healthcare. The aim of the review was to identify key cybersecurity challenges in a theoretical framework for a data model that will summarise the main components of IoHT data. The data is to be used in modalities that are suited for healthcare users in modern IoHT environments and in response to the COVID-19 pandemic.

A review of recent IoHT papers was conducted to discuss the related work in IoHT data management and usage in next generation authentication systems. Reports, journal articles, conferences and white papers were included if they were relevant to the problem statement of remote authentication and user management systems. Only publications written in English from the last decade were included (2012-2022) in order to identify key issues within current healthcare practices and their management of IoHT devices.

We discuss the components of IoHT architecture from the perspective of data management and sensitivity to ensure privacy for all users. The data model will address the security requirements of IoHT users, environments and devices towards automation of AMFA in healthcare. We found that in healthcare authentication, the significant threats occurring during the pandemic were related to data breaches due to poor or weak security option and poor user configuration of IoHT devices.

This review paper of IoHT data architecture identified impactful methods of cybersecurity for healthcare devices, data and their respective attacks in the past decade. We discuss solutions and improvements of user authentication, especially when remote connections are made throughout the COVID-19 pandemic as patients and healthcare workers are working from home or accessing e-health records online. The data model will be useful in understanding the structure of the IoHT landscape during the pandemic and even in the future as new challenges arise.