Pseudonymization Approach in a Health IoT System to Strengthen Security and Privacy Results from OCARIoT Project

Ribeiro, Sérgio Luís; Nakamura, Emilio Tissato

doi:10.1007/978-3-030-34353-8_10

Sérgio Luís Ribeiro⁹ &
Emilio Tissato Nakamura⁹

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1113))

Included in the following conference series:

International Conference on Future Network Systems and Security

662 Accesses
1 Citations

Abstract

Regarding security and privacy in Internet of Things (IoT), especially in a digital health system, is necessary to guarantee that user rights are respected. This requires an approach that considers security-in-depth strategy established on risk-based results, actors, their privacy and the entire ecosystem, including the applications and platform. This paper presents an approach to strengthen the security and privacy aspects, using different security layers based on cryptographic, pseudonymization and anonymization technics to protect the processed, stored and transmitted data. The approach present at this paper was developed and applied in a digital health platform in the Project OCARIoT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

OCARIoT Project: Smart Childhood Obesity Caring Solution using IoT potential. https://ocariot.eu/. Accessed June 2019
OWASP: Security by design principles. https://www.owasp.org/index.php/Security_by_Design_Principles. Accessed July 2019
IAPP: Privacy by design 7 fundamentals principles. https://iapp.org/resources/article. Accessed July 2019
European Commission: 2018 reform of EU data protection rules. https://ec.europa.eu/commission/priorities/justice-andfundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en. Accessed June 2019
Lei Nº13.709: Lei sobre a proteção de dados pessoais. http://www.planalto.gov.br/ccivil_03/_Ato2015-2018/2018/L13709. Accessed June 2019
Privacy Act: Privacy Act of 1974. https://www.justice.gov/opcl/privacy-act-1974. Accessed July 2019
Perry, B.: Pseudonymization, Anonymization & GDPR. https://medium.com/@brperry/pseudonymization-anonymization-gdpr. Accessed June 2019
GDPR: General Data Protection Regulation. Art4. GDPR Definitions. https://gdpr-info.eu/art-4-gdpr/. Accessed June 2019
Valdez, A.C., Ziefle, M.: The users’ perspective on the privacy-utility trade-offs in health recommender systems. Int. J. Hum.-Comput. Stud. 121, 108–121 (2019)
Article Google Scholar
Privacy Analytics: Comparing Pseudonymization and Anonymization Under the GDPR. http://www.privacy-analytics.com. Accessed July 2019
Ribeiro, S.L., Nakamura, E.T.: A privacy, security, safety, resilience and reliability focused risk assessment in a health IoT system - results from OCARIoT project. In: IEEE Global Internet of Things Summit (GIoTS), Arhus, Denmark, June 2019. ISBN 978-1-7281-2171-0
Google Scholar
NIST: Hash Functions. Information Technology Laboratory. https://csrc.nist.gov/projects/hash-functions. Accessed May 2019
OpenSSL: Cryptography and SSL/TLS Toolkit. https://www.openssl.org/. Accessed June 2019
NIST: Block Cipher Techniques. Information Technology Laboratory. https://csrc.nist.gov/projects/block-cipher-techniques/bcm. Accessed June 2019
Business.Com: How to Select the Right Encryption Key Management Solution. https://www.business.com/articles/encryption-key-management-considerations/. Accessed June 2019
Verbauwhede, I.M.R.: Secure Integrated Circuits and Systems. Integrated Circuits and Systems. Springer, Boston (2010). https://doi.org/10.1007/978-0-387-71829-3
Book MATH Google Scholar

Download references

Acknowledgment

The authors acknowledge the financial support given to this work, under OCARIoT project, which received funding from the European Union’s Horizon 2020 research and innovation programme under grant No. 731533 and the RNP under No. 3007. This paper reflects only the author’s views and the Agencies are not responsible for any use that may be made of the information contained therein.

Author information

Authors and Affiliations

CPQD, Campinas, Brazil
Sérgio Luís Ribeiro & Emilio Tissato Nakamura

Authors

Sérgio Luís Ribeiro
View author publications
You can also search for this author in PubMed Google Scholar
Emilio Tissato Nakamura
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Sérgio Luís Ribeiro or Emilio Tissato Nakamura .

Editor information

Editors and Affiliations

Deakin University, Burwood, VIC, Australia
Robin Doss
University of Florida, Gainesville, FL, USA
Selwyn Piramuthu
Information & Operations Management, ESCP Europe, PARIS, France
Wei Zhou

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Ribeiro, S.L., Nakamura, E.T. (2019). Pseudonymization Approach in a Health IoT System to Strengthen Security and Privacy Results from OCARIoT Project. In: Doss, R., Piramuthu, S., Zhou, W. (eds) Future Network Systems and Security. FNSS 2019. Communications in Computer and Information Science, vol 1113. Springer, Cham. https://doi.org/10.1007/978-3-030-34353-8_10

Download citation

DOI: https://doi.org/10.1007/978-3-030-34353-8_10
Published: 28 October 2019
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-34352-1
Online ISBN: 978-3-030-34353-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics