Data Privacy, Conceptual Framework for IoT Based Devices in Healthcare: A Systematic Review

  • Elton Luvaha Rongo University
  • Lamek Ronoh Rongo University
  • James Abila Rongo University
Keywords: Data Privacy, Privacy Technologies, Attack Surfaces, Privacy Dangers
Share Article:


With the rollout of the Fifth-Generation network, more Internet of Things (IoT) devices tend to increase, which increases the amount of data being shared by the devices. It is complex to secure data transmission and device-to-device communication due to the vast number of IoT devices and the complexity of networks. The Internet of Things (IoT) has evolved to enable everyday things and gadgets to connect digitally and communicate with one another, using technologies that send, gather, and analyse data from people using those objects and devices. IoT data privacy risks are widespread use. The primary objective of information technology (IT) security in Web 2.0 was to ensure the privacy, accuracy, and reliability of systems and communications. As a result of IoT devices’ often limited CPU power for longer-lasting activities, these conventional metrics, however, exhibit measurable constraints. IoT security is, therefore, critical in the context of guaranteeing security through the data privacy of IoT users. The author conducted a literature methodological analysis on the data privacy framework that will help to safeguard the 5G IoT-enabled devices on user data, technologies for data privacy in 5 G-based IoT devices, data privacy dangers associated with 5G IoT devices, and data privacy attack surfaces in 5G IoT devices


Download data is not yet available.


Ahmad, I. & Gurtov, A. (2018). Overview of 5G Security Challenges and Solutions. IEEE Communications Standards Magazine, 2(1), 36– 43.

Anthraper, J. J., & Kotak, J. (2019). Security, Privacy and Forensic Concern of MQTT Protocol. SSRN Electronic Journal, January.

Antonakakis, M. & Zhou, Y. (2017). Understanding the Mirai Botnet. USENIX Security, 1093–1110.

Anwar, R. W. & Iqbal, S. (2020). Security Threats and Challenges to IoT and its Applications: A Review. 2020 5th International Conference on Fog and Mobile Edge Computing, FMEC 2020, 301– 305.

Aravindhan P, S. C., & Shamir Adleman, R.-R. (2008). Multifactor Authentication in IoT devices for ensuring secure cloud storage in Smart Banking. International Research Journal of Engineering and Technology, 9001, 1307.

Ateniese, G. & Felici, G. (2015). Hacking smart machines with smarter ones: How to extract meaningful data from machine learning classifiers. International Journal of Security and Networks, 10(3), 137–150.

Australian Government. (2017). IP Australia and the Future of Intellectual Property Megatrends, scenarios and their strategic implications. July.

Azrour, M. & Kanwal, A. (2021). Internet of Things Security: Challenges and Key Issues. Security and Communication Networks, 24(7), 1951– 1957.

Balough, C. D. (2011). Privacy implications of smart meters. Chi.-Kent L. Rev., 1(1), 161–191.

Brad, M. (2017). Licensed by Sunshine Cracked by: Catania, E., & La Corte, A. (2018). IoT Privacy in 5G Networks. IoTBDS 2018 - Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security, 2018-March (IoTBDS 2018), 123–131.

Chaudhary, A. & Kadarla, K. (2017). Study of Internet-of-Things Messaging Protocols Used for Exchanging Data with External Sources. Proceedings - 14th IEEE International Conference on Mobile Ad Hoc and Sensor Systems, MASS 2017, 666–671.

Colquhoun, L. (2022, October 1). IoT Security Is Giving Healthcare Heart Attacks | CDOTrends. CDO TRENDS Digital & Data Insights for Business Leaders.

Cybersecurity & Infrastructure Security Agency. (2022). AUTHENTICATION. In CISA (Issue January).

Cynerio. (2022). The State of Healthcare IoT Device Security 2022.

Daemen, J., & Rijmen, V. (2000). The block cipher rijndael. International Conference on Smart Card Research and Advanced Applications, 1820, 277–284.

Divyaniyadav & Sharma, U. (2018). Vulnerabilities and security of web applications. 2018 4th International Conference on Computing Communication and Automation, ICCCA 2018, 1– 5.

Ducklin, P. (2014). New York City makes a hash of taxi driver data disclosure – Naked Security. Nacked Security by SOPHOS.

Feng, Y. & Chen, D. (2019). Poster: IoT device discovery and identification using network traffic data. WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks, 338–339.

Geeng, C., & Roesner, F. (2019). DRAFT: Who’s In Control ?: Interactions In Multi-User Smart Homes. Association For Computing Machinery, Section 4.

Gibbs, S. (2016, April 19). SS7 hack explained: what can you do about it? | Hacking | The Guardian. The Guardian.

Gong-Guo, Z., & Wan, Z. (2021). Blockchain-based IoT security authentication system. Proceedings - 2021 International Conference on Computer, Blockchain and Financial Development, CBFD 2021, 415–418.

Groopman, K. (2018, February 12). Six challenges facing blockchain and IoT convergence - IoT Agenda. TechTarget.

GSMA. (2019). Protecting Privacy and data in the Internet of things (Issue February).

Haris, R. M., & Al-Maadeed, S. (2020). Integrating Blockchain Technology in 5G enabled IoT: A Review. 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies, ICIoT 2020, 367– 371.

Haus, M. & Member, S. (2017). Security and Privacy in Device-to-Device (D2D) Communication : A Review. 19(2), 1054–1079.

He, D. & Guizani, N. (2021). Toward Hybrid Static-Dynamic Detection of Vulnerabilities in IoT Firmware. IEEE Network, 35(2), 202–207.

Hewa, T. M. & Liyanage, M. (2020). Blockchain for 5G and IoT: Opportunities and Challenges. 2020 8th International Conference on Communications and Networking, ComNet2020 - Proceedings.

Hron, M. (2018, August 16). Are smart homes vulnerable to hacking? AVAST.

Jafarnia-Jahromi, A. & Lachapelle, G. (2012). GPS vulnerability to spoofing threats and a review of antispoofing techniques. International Journal of Navigation and Observation, 2012.

Johnson, M. E. & Willey, N. D. (2016). The Security Risks of Peer-to-Peer File Sharing Networks. Centre for Digital Strategies Tuck School of Business Dartmouth College, Https://Citeseerx.Ist.Psu.Edu.

Kar, U. N., & Sanyal, D. K. (2020). A Critical Review of 3GPP Standardization of Device-to-Device Communication in Cellular Networks. SN Computer Science, 1(1).

Katiyar, V. & Gupta, S. (2010). A Survey on Elliptic Curve Cryptography for Pervasive Computing Environment. International Journal of Computer Applications, 11(10), 41–46.

Krishnan, H. (2023, March 31). Security challenges associated with healthcare IoT devices. Log360.

Kumar, B. R. & Naidu, G. A. (2015). An ElGamal Encryption Scheme of Adjacency Matrix and Finite Machines. Compusoft, 4(3), 1548–1554.

Landerreche, E., & Stevens, M. (2018). On Immutability of Blockchains. Proceedings of 1st ERCIM Blockchain Workshop 2018. European Society for Socially Embedded Technologies (EUSSET), 1–8.

Lu, C., & Tseng, S. (2002). Integrated Design of AES ( Advanced Encryption Standard ) Encrypter and Decrypter. Proceedings of the International Conference on Application-Specific Systems, Architectures and Processors, 277–285.

Lundgren, B., & Möller, N. (2019). Defining Information Security. Science and Engineering Ethics, 25(2), 419–441.

Magalakshmi, V. B., & Kumar, D. S. (2017). Privacy Protection and Authentication Handover in 4G Network : A Survey of Literature. International Journal of Advance Research, Ideas and Innovations in Technology, 3(6), 32–37.

Maggi, F. & Quarta, D. (2018). The fragility of industrial IoT’s data backbone. Trend Micro Inc., 1–65.

Meneghello, F. & Zanella, A. (2019). IoT: Internet of Threats? A Survey of Practical Security Vulnerabilities in Real IoT Devices. IEEE Internet of Things Journal, 6(5), 8182–8201.

Mohammed, H. & Awwad, F. (2020). Fusion-on-field security and privacy preservation for IoT edge devices: Concurrent defense against multiple types of hardware trojan attacks. IEEE Access, 8, 36847–36862.

Mohanta, B. K. & Jena, D. (2018). An Overview of Smart Contract and Use Cases in Blockchain Technology. 2018 9th International Conference on Computing, Communication and Networking Technologies, ICCCNT 2018, 10–13.

National Institute of Standards and Technology. (2010). Guidelines for Smart Grid Cyber Security: Vol. 2, Privacy and the Smart Grid. National Institute of Standards and Technology, 2(August), 69.

National Security Agency. (2021). Potential threat vectors to 5G infrastructure. 1–16. THREAT VECTORS TO 5G INFRASTRUCTURE.PDF

Nechvatal, J. & Roback, E. (2001). Report on the Development of the Advanced Encryption Standard (AES). Journal of Research of the National Institute of Standards and Technology, 106(3), 511.

Nyemba, chisomo. (2019). Right to Data Privacy in the Digital Era Critical Assessment of Malawi’s Data.

Office of the Australian Information Commissioner. (2016, September 23). Privacy Commissioners reveal the hidden risks of the Internet of Things - Home.

Office of the Victorian Information Commissioner. (2021). Internet of things and privacy issues and challenges. April.

Palo Alto Networks. (2020). 2020 Unit 42 IoT Threat Report. In Paloaltonetworks.Com.

Panicker, J. G. & Rudolph, C. (2021). Authentication and Access Control in 5G Device-to-Device Communication. Proceedings - 2021 IEEE 20th International Conference on Trust, Security and Privacy in Computing and Communications, TrustCom 2021, 1575–1582.

Peppet, S. R. (2014). Regulating the Internet of things: First steps toward managing discrimination, Privacy, Security, And consent. Texas Law Review, 93(1), 85–179.

Qian, Y. & Pustišek, M. (2018). Towards decentralised IoT security enhancement: A blockchain approach. Computers and Electrical Engineering, 72, 266– 273.

Rajagopalan, S. R. & Poor, H. V. (2011). Smart meter privacy: A utility-privacy framework. 2011 IEEE International Conference on Smart Grid Communications, SmartGridComm 2011, 190–195.

Rghioi, A. & Bouhorma, M. (2014). Security Review and Proposed Solution. Ieee, 384–389.

Sarma, A. C., & Girão, J. (2009). Identities in the future Internet of things. Wireless Personal Communications, 49(3), 353–363.

Sarrab, M., & Alnaeli, S. M. (2019). Critical Aspects Pertaining Security of IoT Application-Level Software Systems. 2018 IEEE 9th Annual Information Technology, Electronics and Mobile Communication Conference, IEMCON 2018, 960– 964.

Shacklett, M. (2021, November). What is multifactor authentication (MFA) and how does it work? SearchSecurity.

Sharma, A., & Nandal, V. (2020). Comparison between the Messaging Protocols : CoAP and MQTT Protocol. Journal of Emerging Technologies and Innovative Research (JETIR), 7(7).

Sicari, S. & Coen-Porisini, A. (2020). 5G In the Internet of things era: An overview on security and privacy challenges. Computer Networks, 79(June).

Singh, A. & Mukhopadhyay, S. (2019). Energy Efficient and Side-Channel Secure Cryptographic Hardware for IoT-Edge Nodes. IEEE Internet of Things Journal, 6(1), 421–434.

Singh, G. P., & Bangotra, P. K. (2021). Internet of Things (IoT): Vulnerability, Attacks, and Security. Wireless Sensor Networks and the Internet of Things, July, 247–262.

Tiburski, R. T. & Hessel, F. (2016). Security challenges in 5G-based iot middleware systems. Modeling and Optimisation in Science and Technologies, 8(April), 399–418.

Tushnet, M. V. (2009). In the matter of Nomi Technologies, Inc (United States of America Before the Federal Trade Commission, Docket No. C-4538, August 28 2015). In The “Militant Democracy” Principle in Modern Democracies.

Van, D. H., & Thuc, N. D. (2015). A privacy preserving message authentication code. 2015 5th International Conference on IT Convergence and Security, ICITCS 2015 - Proceedings, 1, 15– 18.

Wazid, M. & Rodrigues, J. J. P. C. (2020). Security in 5G-Enabled Internet of Things Communication: Issues, Challenges and Future Research Roadmap. IEEE Access, 8, 1– 25.

27 July, 2023
How to Cite
Luvaha, E., Ronoh, L., & Abila, J. (2023). Data Privacy, Conceptual Framework for IoT Based Devices in Healthcare: A Systematic Review. East African Journal of Information Technology, 6(1), 119-134.