Date of Award

2025

Document Type

Open Access Master's Thesis

Degree Name

Master of Science in Health Informatics (MS)

Administrative Home Department

Department of Applied Computing

Advisor 1

Ronghua Xu

Committee Member 1

Guy Hembroff

Committee Member 2

Yu Cai

Abstract

Advancements in Artificial Intelligence (AI) and Internet of Medical Things (IoMT) technologies have significantly revolutionized the conventional healthcare systems. Through the integration of smart devices, medical sensors, and communication technology, IoMT provides real-time patient’s monitoring data for healthcare providers, thus promoting accurate and timely clinical decisions for patient-centric care. The current healthcare sector is evolving to a connected ecosystem with connectivity and intelligence. While it also incurs increasing security and privacy concerns as integrating IoMT generated patient monitoring data into healthcare information systems. Both blockchain and biometrics are measures that have established reputable names in the security realm. When evaluating a market known to be especially vulnerable to cyber attacks, such as healthcare, it is imperative to devise solutions that have multiple layers of trusted security mechanisms.

This thesis explores and verifies the security of combining both biometrics and blockchain being utilized to protect remote patient monitoring (RPM) data, one of healthcare's most vulnerable sectors of information. The proposed framework combines the immutability of data hashing and biometric authentication to verify the identity of the patient as the sender of the data to ensure the integrity of the source. The data owners (patients) rely on smart contract-based tokens to record hash values of their biometric information (e.g, fingerprint), which provides a decentralized identity authentication. In addition, data owners leverage a merkle tree based data batch validation to verify integrity and authenticity for storage and sharing of patient monitoring data (e.g., 7-days rest heart rate). The merkle root is stored on the distributed ledger and can later be retrieved by an authorized party by way of tokens. This framework also integrates access control token to address the concerns of unauthorized users that manipulate RPM data in transit and at rest. A proof-of-concept prototype is implemented and test on a private Ethereum network. Experimental results demonstrate the feasibility of the proposed framework to provide a decentralized and trustworthy data sharing platform for IoMT-based RPM applications.

Additional Files
00 Publishing Agreement 9-2021.pdf (77 kB)
Download

Share

COinS