Thinking Out of the Blocks: Holochain for Distributed Security in IoT Healthcare

by   Shakila Zaman, et al.

The Internet-of-Things (IoT) is an emerging and cognitive technology which connects a massive number of smart physical devices with virtual objects operating in diverse platforms through the internet. IoT is increasingly being implemented in distributed settings, making footprints in almost every sector of our life. Unfortunately, for healthcare systems, the entities connected to the IoT networks are exposed to an unprecedented level of security threats. Relying on a huge volume of sensitive and personal data, IoT healthcare systems are facing unique challenges in protecting data security and privacy. Although blockchain has posed to be the solution in this scenario thanks to its inherent distributed ledger technology (DLT), it suffers from major setbacks of increasing storage and computation requirements with the network size. This paper proposes a holochain-based security and privacy-preserving framework for IoT healthcare systems that overcomes these challenges and is particularly suited for resource constrained IoT scenarios. The performance and thorough security analyses demonstrate that a holochain-based IoT healthcare system is significantly better compared to blockchain and other existing systems.



There are no comments yet.


page 3

page 5

page 6

page 7

page 11

page 12

page 13

page 15


IoT Analytics and Blockchain

The Internet of Things (IoT) is revolutionizing human life with the idea...

Softwarization of Internet of Things Infrastructure for Secure and Smart Healthcare

We propose an agile softwarized infrastructure for flexible, cost effect...

Towards Secure IoT Communication with Smart Contracts in a Blockchain Infrastructure

The Internet of Things (IoT) is undergoing rapid growth in the IT indust...

Blockchain Enabled Enhanced IoT Ecosystem Security

Blockchain (BC), the technology behind the Bitcoin cryptocurrency system...

BYOD, Personal Area Networks (PANs) and IOT: Threats to Patients Privacy

The passage of FISMA and HIPPA Acts have mandated various security contr...

A Privacy-Preserving Data Inference Framework for Internet of Health Things Networks

Privacy protection in electronic healthcare applications is an important...

IoT Blockchain Solution for Air Quality Monitoring in SmartCities

IoT cloud enabled societal applications have dramatically increased in t...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

The Internet-of-Things (IoT) is an exponentially increasing network of physical devices (the ‘things’) that contain various embedded sensing, processing and communication technologies to collect and communicate sensory data through the internet [1, 2]. All interconnected entities of IoT networks are responsible to collect, store, process and exchange information with each other. With the amelioration of heterogeneous technologies, IoT is rapidly proliferating in all aspects of our life including smart healthcare, smart home, smart cities, agriculture, education, food industries, and many many more. In particular, the introduction of IoT applications in healthcare has the potential to revolutionize the sector where all the stakeholders will be interconnected to enable pervasive and universal healthcare for all regardless of their locations [1].

The integrated connectivity amongst various entities of a healthcare system along with accurate and timely operations means that a massive amount of sensitive data will be shared with instant accessibility. A characteristic of an IoT-based healthcare network is that the data is originated at geographically distributed locations. Thus, the data is particularly vulnerable to unauthorized access and other malicious activities.

One increasingly straining challenge for healthcare systems in both developed and developing worlds is the rapid expansion of aged population whose care requirement is different in nature and more demanding compared to the young population [3]. The predominantly traditional physical/manual management of care system of aged population is further complicating the problem. Furthermore, devices with very limited communication and networking capability and limited agility are exacerbating the problem. However, recent advances in flexible electronics [4] and nano-bio sensors [5] have the potential to address the critical healthcare problem mentioned above which was unthinkable even just a decade ago. Also, rapid progress in ubiquitous connectivity and networking solutions offered by 5G and emerging 6G systems will enable remote healthcare management anywhere and round the clock [6]. Progress in soft robotics for medical applications as well as medical informatics coupled with Immersive and eXtend Reality (IXR) will realize the dream of remote surgery [6]. It will enable surgeons with certain expertise to assist and supervise robots to carry out the procedure from anywhere in the world provided that the critical latency and reliability requirements of the end-to-end connections are met.

Despite these promising development and innovation, data privacy and security in such a gigantic and distributed network remains a major bottleneck for widespread implementation of smart healthcare systems [7, 8]. Unless innovative solutions for security and privacy are designed and implemented, the smart healthcare system will remain vulnerable. This is evident from the ever increasing reports of numerous sophisticated cyber attack on healthcare systems globally resulting in loss of sensitive health records as well as in significant downtime of the healthcare infrastructure [9].

IoT based healthcare technologies offer numerous advantages including constant patient monitoring at a low cost, less error and significant saving in time. It also enables authorized doctors, staff and other technicians to access patient information online and real-time which improves the efficiency of the service significantly. As healthcare deals with the dynamic and real-time data such as patients’ health status, prescriptions, test results, diagnosis, medical images and staff information, it is vitally important to keep all information extremely secure while allowing the right level of accessibility. With the acceleration of smart healthcare functionalities, intruders can impede the quality of services in various ways such as slowing down normal operations or even bringing the infrastructure to standstill, injecting malicious data to alter critical information as well as tampering medical devices to modify or take control patient records. Moreover, IoT devices are lightweight and resource-constrained with limited memory, low computation power, and limited energy supply. Therefore, providing security and privacy using traditional cryptographic approaches are impractical in most of the scenarios and quite challenging to implement [2, 10].

As IoT healthcare devices have resource constraints, conventional cryptography techniques such as advanced encryption standard (AES) and Rivest–Shamir–Adleman (RSA) are not suitable for securing massive amount of sensitive information. Therefore, lightweight cryptographic algorithms such as lightweight SIMON ciphers are employed in IoT healthcare applications, which offers reduced time complexity and pragmatic trade-off between security and services [11]

. However, due to the heterogeneity and dynamic environment of IoT healthcare technologies, attackers can still post various threats that make the system vulnerable to data theft and tampering. Machine learning (ML) and deep learning (DL) based security approaches have gained popularity as they possess advanced capability of tackling security challenges. In


, an ML based HealthGuard framework was proposed which combined artificial neural network (ANN), decision tree, random forest and K-nearest neighbor algorithms to detect various malicious activities. An ML-enabled biometric security method was also introduced to train electrocardiogram (ECG) signals to authenticate users of a medical system


Despite the progresses mentioned above, an IoT healthcare system remains vulnerable as most of the cryptographic solutions are centralized which are incompatible to the distributed and heterogeneous nature of the IoT healthcare system and present the risk of a single point failure. They also suffer from inability to tackle complex attacks in resource-constrained IoT networks. Additionally, the performance of ML and DL algorithms is highly dependant on high-quality sample data for training which is not always readily available. Consequently, real-time distributed security approaches such as blockchain-based approaches have recently emerged as a promising alternative to provide effective responses to various privacy, security and authentication challenges in IoT healthcare systems. In principle, blockchain is a distributed ledger technology (DLT) that stores information in a series of integrated blocks which are difficult to tamper. Due to its transparency and fairness, blockchain has a wide range of applications including real-time IoT operating system [14], secure smart home [15], personal identity, supply chain management [16], real-estate processing platform [17] as well as smart healthcare [18], to name a few. The most popular application of blockchain is the cryptocurrency application such as bitcoin which is expected to save money and time of business entities.

Blockchain is also well known to provide distributed security for data in healthcare environments. Blockchain-based security solutions have been proposed in [19] for remote healthcare operations where the patients are entities of a body area network and collect various medical data to share with authorized entities through an overlay network. Blockchain technique also provides a distributed framework to store large-scale medical information in the clouds, ensures authorized access on the database, guarantees the integrity of each modification and confirms secure transactions among blockchain entities through consensus algorithms [20].

As each entity of a blockchain network stores all users’ transactions in a chain, the memory requirements at blockchain entities escalate with increasingly longer chains thereby jeopardizing practical applications of resource-constrained IoT devices. Another consequence of increasing transactions in a longer chain is that it requires a very large bandwidth and data sharing giving rise to security vulnerability. The challenge is further exacerbated by the requirement of additional computational energy for mining and consensus algorithms [21]. To validate any transaction in a blockchain, all the nodes will start mining and only the first node who is successful in the mining process will be allowed to validate the transaction. From the aspect of computational time, this is a complete wastage of time for the rest of the nodes who attempted the mining process but were unsuccessful. Hence, blockchain gives rise to redundant computational overheads for resource-constrained IoT healthcare systems. Therefore, a practically feasible solution is required for IoT systems that can overcome this challenge. It is vitally important to ensure that the DLT is implemented in an inherently secure and privacy-preserving manner in the distributed IoT healthcare setting, while being less complex and less resource-hungry.

Holochain is an emerging technology that provides an open source distributed network infrastructure to communicate securely without inheriting the huge storage and data exchange requirements like blockchain

[22]. Holochain magically performs the task by combining two underlying techniques: (i) distributed hash table (DHT) and (ii) hash chain. DHT is focused on data propagation issues and hash chains are built to preserve data integrity [23]. One of the main visions of holochain is to reduce dominant characteristics of certain network entity. For instance, most of the applications are based on the client server model which normally imposes restrictions on resource utilization. Contrary to this model, holochain aims to build a completely distributed network. DHT replaces the need of centralized control of flow or management of data. DHT can be implemented and utilized in IoT healthcare networks for storing the chain of transition data in each individual node to ensure the autonomous nature of a holochain-based network. The DHT concept can be utilized to share data with each other and provide an actual distribution framework. The most significant aspect of storing data in DHT is that the network will not become congested like the blockchain-based network does. The DHT of holochain allows the network to provide scalable performance. To summarize, all these attributes make holochain an attractive candidate for IoT healthcare systems.

In this paper, we propose a holochain-based IoT healthcare framework that mitigates the security and privacy challenges and offers a low-complexity, highly-secure alternative to blockchain. Our main contributions are listed below:

  • A holistic holochain approach to address the security and privacy issues in IoT healthcare systems;

  • Critical analysis with regards to the superiority of the holochain framework over blockchain based systems;

  • Systematic algorithms design for holochain implementation as well as validation and authentication procedures;

  • Security performance analysis of the holochain-based IoT healthcare network as compared to blockchain and other classical cryptographic systems.

  • Discussions on the challenges of the implementation of holochain based IoT healthcare systems followed by comprehensive discussion on future research directions.

The rest of this article is organized as follows. Section II describes the vulnerabilities of IoT healthcare systems. Section III introduces the role and working principle of blockchain in IoT security in general. Section IV then provides a comprehensive discussion on how holochain can address the limitations of blockchain. In Section V, a thorough security performance analysis of existing security mechanisms is given. The proposed holochain-based IoT healthcare framework is presented in Section VI followed by a component-wise discussion in Section VII and its implementation in Section VIII. A security analysis of the holochain-based IoT healthcare network is provided in Section IX. Finally, some key challenges and promising future research directions are provided in Section X before we conclude the article in Section XI.

Fig. 1: The transaction validation processes of blockchain and holochain.

Ii Vulnerability of IoT Healthcare Systems

Cyber-attacks pose a serious threat to our daily life as we are increasingly relying on IoT connections in all aspects of our life which potentially exposes our personal data, financial information, computers and other devices, home and work and even medical data to hackers and malicious entities. Anything connected to the IoT network has the risk of being hacked or compromised. From a pacemaker in heart to our infotainment in cars, everything is connected to the IoT network and thus is exposed to the threat of cyber-attacks. When it comes to healthcare, it is even more alarming. For example, a CT lung scan can show the ravaging signs of COVID-19 and the inflammatory response, the cytokine storm. What if the CT scan was wrong? An attacker with access to the medical imagery can alter the contents to cause a misdiagnosis. The attacker can even add or remove evidence of some medical conditions, e.g., inject/remove lung cancer from a scan, add/remove evidence of aneurysms, heart disease, blood clots, infections, arthritis, cartilage problems, torn ligaments or tendons, tumours in the brain, heart, or spine, and other cancers [24]. These are no longer science fictions but are happening in real life nowadays.

In 2018, a malicious attack was designed to hack hospital CT scans, generating false lung tumours that conformed to a patient’s unique anatomy, leading to a misdiagnosis rate in excess of [24]. Furthermore, researchers at Harvard University tested adversarial attacks against algorithms used to diagnose skin cancer images, demonstrating that such attacks required only modifying a few pixels in the original biopsy picture to deceive a diagnosis [25]. Marie Elisabeth Gaup Moe, a cybersecurity specialist, successfully hacked her own pacemaker to show how vulnerable we are to cyberattacks.

The real risk is that a hacker could potentially take over the communication to the medical device; switch it off, make it malfunction, or falsify the information that is sent to the doctor. Researchers have also shown that it is possible to do something called a battery-draining attack on a pacemaker implant. Many recent cyber-attacks have shut down hospitals/healthcare systems and caused deaths. In 2017, the global ransomware attack, WannaCry, took hold across multiple continents and inflected over organizations including hospital trusts in the UK that were locked out of their digital systems and medical devices, such as MRI scanners [26]. WannaCry impacted patient care directly, costing the organization m (m) and leading to cancelled appointments. These examples are just a sample of how AI can automate the manipulation of medical datasets, expanding a cyber attack’s impact through health and biotech industries.

While raising awareness at all levels is certainly necessary, a proactive, insightful, forward-thinking approach is desperately needed to make the necessary changes to protect individuals. This is so true of any solution built using the current ageing approach to software. The current coding approach is too detailed for the human mind to comprehend. Hence many gaps in the logic are missed, creating loopholes, which in turn, creates doorways o backdoors for hackers to exploit.

In this article, we explore DLTs which are ‘secure-by-design’ and implementable under resource-constrained IoT settings. Although this article focuses on medical applications facilitated through the IoT, the proposed secure-by-design technology will have wider implications. For example, hacking of transport systems (including autonomous driverless cars) also has the potential to cause devastating accidents. Hacking of financial systems can cost billions from businesses, wipe out lifetime savings in pension schemes, and critical infrastructure could also be damaged, and the list goes on. Therefore, we need to include cyber-security in the design phase of our connected devices and should not see it as an add-on feature. We need to ensure that the system is secure by nature, which is not only profitable but also safe at the same time, such that people with severe health conditions and requiring special care can feel safe while being assisted with care facilities.

Iii Blockchain for IoT Security

Blockchain is a DLT in which a chain of blocks allows authorized IoT users to store private or shared transactions in a decentralized fashion. Every node (IoT devices) involved in the transaction maintains a copy of each transaction blocks of the network. Each block consists two parts: a header and a body. The body of the block mainly stores the data or information of certain transactions. A header holds several items including the previous contents hash, timestamp, nonce (a solution to the cryptographic puzzle), target value (for mining) and Merkel root (all transactions root value of block) [14]. The transaction flow of a block of a blockchain network is shown in Fig. 1.

Before storing the linked blocks of transactions among various IoT nodes, blockchain utilizes the benefits of public-key cryptography to sign the transactions. In blockchain, once a block is entered in the cryptographically immutable chain, data can never be changed or removed. A blockchain stores every single transaction of a user in a specified time. It is linked automatically with the previous block using the hash technique. Whenever a new block is created, mining is performed for validating the block by some selected miners (random IoT nodes) to solve a cryptographic puzzle called consensus algorithms. There are several variants of consensus algorithm such as Proof-of-Work (PoW), Practical Byzantine Fault Tolerance (PBFT), Proof-of-Stake (PoS) and Delegated Proof-of-Stake (DPoS) [27]. The miner who first finds a nonce of the complex computational puzzle becomes the owner of the new block using its private key with timestamp and broadcasts the block to all the connected IoT nodes in the network to store in their local blockchains. Thereafter, other nodes will accept the new block using a verification process.

To provide IoT security, hash and digital signatures of blockchain are exploited. In blockchain, hash is used during the storing process of every current block which consists of the hash value of the previous block as well as its own contents hash. The hash helps to provide a unique fingerprint as well as to ensure verification of the blocks to confirm that it has not been tampered or changed during transactions or storing process. The very first hash of a blockchain is formulated using the first block or genesis contents followed by the afterword calculation using the previous block’s hash and its own hash. Therefore, the chain of the hash can be used to easily detect any tempering of the history of the block or transaction. For example, in a smart healthcare system, a block may hold patient’s billing information which is hashed with a specific hash function known by authorized users only. If an unauthorised user tries to access or modify the information, the hash value of the original message will not be matched. Therefore the receiver can simply discard the message through the verification process and ensures data integrity of a transaction. On the other hand, digital signature is used to ensure the authenticity of an IoT user or the origin of the messages. Digital signature not only provides message authentication but also ensures non-repudiation of a message. As only the authorized sender has the knowledge of the digital signature key, the receiver can use the data with signature to provide authentic information and to refute any future disagreements with third party.

Moreover, blockchain uses smart contracts which are self-executing predefined agreements maintained by the peers of the IoT networks to structure their relationships. A smart contract restricts the accessibility or functionality of the individual users, which is dependent on specific applications. The smart contracts provide an additional layer of security which is digitally signed by the user’s private key and can only be decrypted by the public key of the shared authorized peers.

Despite the above-mentioned benefits of blockchain, there are a number of challenges that make the blockchain-based system mostly impractical for large-scale deployment. As mentioned before, the complexity and resource requirements (both in terms of storage, processing and communications) increase rapidly with the increased IoT network size as the hash length of blockchain will grow with more transactions. Every new entity involved will need relatively larger memory space to store a longer hash. This will also inevitably require much more spectrum/bandwidth for distributed authentication. This is particularly challenging for healthcare systems as many of entities in the network are envisaged to be operating on energy and resource constraints. Therefore, a lightweight solution is of paramount need in order to enable a practically implementable secure IoT healthcare system.

Iv Holochain: A Lightweight and Scalable Security Solution for IoT Healthcare Networks

Holochain is an emerging technology that has the potential to address the drawbacks of the blockchain in enabling secure IoT healthcare networks. Holochain is based on an open source distributed network infrastructure that communicates securely without inheriting the huge storage and data exchange requirements of a blockchain. In this section, we demonstrate how holochain offers better solutions in contrast to blockchain for realizing secure IoT healthcare systems.

Iv-a Better Scalability

Blockchain is a data-centric distributed security approach where the main objective is to create a single shared block of data among all authorized users in the network. Thus the size of the data will therefore increase with the number of network entities involved in each transaction and is not scalable [28]. In contrast, each holochain application (hApp) is maintained by an agent that can independently participate in data encryption, storing transaction in a unique source chain of a holochain network and share the required data with a peered agent. This agent-centric holochain approach is highly scalable.

Iv-B Reduced Network Traffic

Since holochain combines digital signature and DHT, it could be an effective alternative of blockchain to ameliorate the performance of retrieving information from a distributed peer-to-peer (P2P) network. Each agent in a holochain network stores its individual data locally. In IoT networks, many devices use offloading concepts, fog nodes, or clouds to store their database due to the limitation of memory and computational power. However, each agent is capable of computing their own hash value and shares a significant part with other peers using DHT. In contrast, all peers of a blockchain network store an indistinguishable copy of the transmission which requires significantly more communication exchanges between the nodes. Moreover, additional bandwidth is required by each entity which significantly increases the network bandwidth consumption and affects the scalability. However, in holochain, agents do not need to share their individual transaction information with all other peers of the network except some nodes which will have a backup whenever the owner goes to offline. Thus, holochain can significantly reduce the amount of bandwidth requirement and traffic in the network [29].

Iv-C Low-Complexity Transaction Validation

In blockchain, miners are responsible for validating new transactions by solving a mathematical problem. Any network node can act as a miner and initiate mining anytime. For example, if there are 20 network nodes and 10 of them start to mine for validating a transaction. The node that finds the solution of the mathematical challenge earliest will validate the transaction. A miner can cooperate with the other nodes and mine simultaneously. The involvement of the other 9 nodes in the mining process are complete wastage of time and resource. If a network split occurs amid the mining process, then it becomes difficult to recognize which part of the network is still active resulting in new security issues for that transaction. This may turn out to be crucial in some situations such as during a payment-related transaction. For example, if a transaction holds cryptocurrency information, splitting events may trigger disagreements and uncertainty between the users [30].

In contrast, holochain allows individual nodes to validate its own transaction and neighbour nodes with a predefined distance are allowed to do the secondary validation of that transaction when the transaction information is sent to them along with some other pre-settled information. As only few nodes keep the copy of the transaction rather then all the nodes in the network, the memory space and the amount of information exchange are significantly lower than blockchain.

Characteristics Blockchain Holochain Reference
Chain contains Hole ledger data only a part of entire ledger data [29]
Cryptocurrency Bitcoin Holo fuel [31], [32]
Chain approach global data stored in block Data stored in individual agents [29], [28]
Mining approach Mining is essential No mining approach is required [29]
Consensus POW, POS, DPOS, PBFT No consensus is required [29], [33]
Processing Cost High Low [34]
Shared transition with All nodes Few nodes [35]
Error Handling Data rejection Data rejection, Node blacklisting [33]
Data redundancy Extreme Optimal [29]
Scalability Low High [35]
Energy consumption High Low [35]
Transition degree Maximum per second Maximum bps/Hz [35]
Data integrity Validation is ensured by Miners Validation is ensured by previous cryptographic record [33]
TABLE I: Difference between holochain and blockchain

Iv-D Efficient Consensus Mechanism

Unlike blockchain, holochain does not require a global consensus mechanism. Holochain is designed to provide autonomy for each user or a group of users who can validate the transaction without any global consensus. The validation processes of both blockchain and holochain based networks are illustrated in Fig. 1. Evidently, holochain is more efficient than blockchain. To validate a transaction, blockchain sends the current transaction to all nodes for storing full node information whereas holochain requires only a few holo-hosts who are involved in running the same application to validate the current transaction without requiring a global consensus. Moreover, the validation process, data ownership rights and network governance are managed by agents and creators only. In some cases, it may happen that the data, which is posted to validate nodes or transactions, itself is not authorized or valid. To address this problem, hashed fingerprint is used to help detect the authentication of a transaction.

Iv-E Communication Resource Efficiency

In a P2P network, blockchain relies on persistent communication among the distributed users. Moreover, it involves a set of miners to process and validate a transaction, and store it in all the users. The consensus mechanism which is a significant part of the blockchain, also demands a large number of communication channels that limit the transaction throughput of the network [36]. On the contrary, the holochain consensus mechanism is agent-centric and does not require frequent communication with other nodes that greatly reduces the number of occupied communication channels.

Iv-F Operating Time and Memory Efficiency

An inherent property of blockchain is to have the same transaction information in all nodes for providing data integrity throughout the hash tree. In many practical applications, a particular user’s data may not be of interest to others, but a blockchain network enforces all users to store all of the information resulting in increased data processing time and larger memory space. Given that many IoT healthcare devices are lightweight, this is detrimental to their design objective. As a consequence, the entire system becomes slower compared to the holochain-based counterpart [29]. For example, in a smart healthcare management system, doctor X, and many others if not all, do not need to know the glucose level of patient Y. In blockchain, doctor X and others nodes are also imposed to store the transaction regarding glucose level information of patient Y. However, in holochain, only some selected agents will store it to ensure data integrity and store the transaction locally that saves memory as well as processing time. Moreover, hApp agents share the transaction data using DHT which requires less space and makes the network faster.

Fig. 2: Time complexity order of blockchain and holochain networks.

Iv-G Efficiency in Large-Scale Networks

Since blockchain technology monitors and stores all transactions at every node connected to the network, the network load increases rapidly with the increasing number of users leading to high inefficiency in large-scale networks. For instance, if a network consists of nodes, then the network efficiency will be reduced folds due to the increased data redundancy as well as time-complexity for each transaction. On the contrary, for holochain, the processing tasks only escalate linearly and distribute the processing loads among other nodes of the network. Considering the example above, if a holochain network includes agents, then the whole network load will be distributed among nodes and each node will only process a small fraction of the total transactions. Therefore, most nodes will save significant processing capacity. To generalize this, the average time-complexity of a blockchain network implementing a Bitcoin structure is given by [28]

where is the number of nodes and is the number of network-wide transactions required. In contrast, the average time-complexity for the holochain framework is given by

where is the application-specific complexity parameter [28].

Exploiting the above time-complexity definitions, Fig. 2 presents a comparative analysis of the time-complexity order for both blockchain and holochain networks against the number of nodes. It can be observed that the order of time-complexity for a blockchain network increases exponentially with the number of nodes while the average order of time-complexity in a holochain network remains largely settled for a larger number of connected nodes.

Iv-H Better Protection Against Consensus Based Attacks

As blockchain is a consensus-driven technique, a handful of attacks may target to disrupt the consensus operations. A huge number of nodes require to detect and prevent the attacks requiring high computational capacity. Conversely, the agents in holochain are mostly accountable for their own transaction history and consistently audit others’ holo-currency to validate the credit spending status. Therefore, the agents only need to build trust in its own code and thus are less prone to consensus-based attacks like majority attacks, sybil attacks, PoW attacks, selective drop attacks, and etc.

Iv-I Application-Dependent Validation Function

In blockchain, all the applications of the same network must go through the same validation rule to validate each transaction. However, not all the transactions have the same importance and deserve the same resources for validation. For example, in healthcare systems, the information of the appointment schedule of a doctor is not as important as the medical report or live patient monitoring data sent to the doctor. For a blockchain network, the same validation rule will be applied for both cases but in a holochain, information validation functions can be designed in a way that they will incur resource cost that are proportionate to their level of importance. Thus the complexity of validation can be adjusted to make the best use of the available resources while ensuring the required security, privacy and authenticity.

Iv-J Cost Effective Solution

Since the computational cost and complexity of blockchain are significantly higher than those of holochain, particularly in large-network scenarios, holochain is a lot more efficient in terms of energy cost and cost of required equipment.

In light of the above comparative analysis, it becomes apparent that holochain offers a more viable option compared to blockchain for IoT healthcare systems. Table I provides a comprehensive summary of the comparison between holochain and blockchain technologies and the associated references for further reading. It is evident that holochain is convincingly a better choice for distributed real-time systems. In the following sections, a novel holochain based IoT smart healthcare framework is proposed that exploits the benefits discussed above.

V Our Holochain-Based IoT Healthcare Model

In this section, a novel holochain-based smart IoT healthcare system is proposed which guarantees strict data integrity as well as high level of network security. The proposed IoT healthcare framework constitutes four main layers: (1) IoT (2) perception layer, (3) network layer, cloud or processing layer and (4) the application layer. Fig. 3 shows the functionalities and protocols in each layer of the IoT healthcare system. The functionalities of each layer are discussed in details below.

Fig. 3: Layer-wise protocols and technologies of the IoT healthcare architecture.

V-a The Perception Layer

Perception layer is responsible for sensing and collecting necessary information such as patient’s health data. IoT nodes sense and collect the data and transfer them using various protocols and systems including Ethernet, IEEE802 series, wireless sensor network (WSN), global positioning system (GPS), wireless-HART and Bluetooth. A robust trust assessment system is used to collect data from authorized users only [37], Fig. 4 describes a holochain-based IoT healthcare framework that interconnects various medical entities such as patients, doctors, staff, technologists, pharmacists as well as medical devices in the perception layer. Every entity of the healthcare system can have multiple hApps. A unique set of logic-based rules are employed to provide the specific services using these hApps. For instance, a patient can use the QardioCore app that is an ECG monitoring system to deliver incessant health grade information [38, 39]. The same patient can also utilize various other apps connected to smart IoT devices such as patient position sensors, blood pressure sensor, pulse sensor, oxygen level sensor and temperature sensor to collect and analyze various health related data for monitoring physical or mental conditions. The health related information collected from the perception layer can be transferred to a specialist for real-time monitoring through the internet.

V-B The Network Layer

Network layer accepts the forwarded data from the perception layer which are processed information by various hApps for IP addressing. This layer ensures reliable transmission paths using various common protocols like Internet Protocol version 4 and 6 (IPV4, IPV6), Internet Protocol Security (IPSec), Enhanced Interior Gateway Routing Protocol (EIGRP), Internet Control Message Protocol (ICMP), Internet Group Management Protocol (IGMP), and Open Shortest Path First (OSPF), etc. [40, 41]. Network layer handles the transaction and provides services using heterogeneous devices and technologies including routers, gateway, base station, master station, hub, switch, Bluetooth and WiFi. After processing the packets, this layer transfers the trusted information to the upper layer known as the cloud layer which is responsible for managing the storage and sharing of the trusted values among the IoT nodes in a distributed manner.

V-C The Cloud Layer

Since IoT devices are resource-constrained, sensitive medical information could be stored and preserved in the cloud, authorized parties (e.g., doctors, insurance providers, medical staff, pharmacy, etc.) can conveniently share the information with each other. Like patients, other entities can also store their information in the cloud and share that sensitive information with authorized peers for augmenting the performance of healthcare services. Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and ML, data analysis and data predictive protocols are the common protocols in this layer [41]. To ensure security and data integrity in the cloud layer, this work uses distributed holochain in cloud devices.

V-D Application Layer

The upper layer of the IoT network is responsible for information formatting and presentation. This layer defines a set of rules for transferring the message. Constrained Application Protocol (CoAP), Data Distribution Service (DDS), Message Queue Telemetry Transport (MQTT), Extensible Messaging and Presence Protocol (XMPP), Advanced Message Queuing Protocol (AMQP) and Hyper Text Transfer Protocol (HTTP) are the well-known protocols dedicated to the application layer [42]. Application layer introduces a variety of healthcare services. For example, electronic bed management system (eBMS) is used for managing beds in the hospital. CYCORE is another crucial application which is used for cancer patient monitoring. Open artificial pancreas system (OpenAPS) is designed to help automate the insulin delivery system. To summarize, the application layer is responsible for delivering app-based services via direct communication with the users.

Vi Key Components

The proposed framework consists of holochain, holofuel, hashchain and the DHT. The functionalities of all these major components along with the source chain structure of the holochain are described in detail here [33].

Fig. 4: The holochain-based IoT healthcare architecture.

Vi-a Holochain

Holochain is a well-organized energy-efficient DLT for the next-generation internet that utilizes P2P network facilities for handling agent-centric commitment and consensus model among users. The fundamental benefit of a holochain network is to have an individual secure ledger that ensures individuality even when it is communicating with other peers of the network. Thus, it permits fully distributed computing.

Vi-B Holo Fuel

Like blockchain-based Ethereum and Bitcoin, holochain also introduces an electronic currency to support the payment system of the holo-hosts, which is known as holo fuel [34]. Holo fuel is also defined as a mutual-credit system which is required to perform millions of daily transaction for holo-hosts or users. Holochain network providers are accountable for managing and providing service regarding transaction fees through specific protocols. The price or value of the holo fuel is operated by the computing capacity of a host in the network. Moreover, cyptocurrency transaction and balance status are also signed, stored in an individual user. They are shared using DHT for validation like all other transactions. Two authorized agents can make a transaction only if they have a sufficient credit balance [32].

Fig. 5: The source chain structure of a holochain network.

Vi-C Hashchain

Hash technique is used to create a unique signature for a block of holochain data which guarantees that it cannot be tampered or lost once it has been formed, propagated and stored in other peer nodes in a distributed network [34]. For instance, each transaction of a holochain contains the previous header hash value that ensures the integrity of the whole source chain entries. Each block contains the previous header hash which strengthens the security of the last block while the last block points to the second last block through the hash of the previous block, and so on. Therefore, the source chain is a sequential block of all transactions that originates from the first one. Fig. 5 illustrates the hashchain structure in a local source chain of a user where each entity or block contains its previous header’s hash value to ensure data integrity. If an attacker wants to alter one transaction block of a source chain, the previous header hash will also be changed and thereby the tampering can be easily detected by the users.

Vi-D Dht

DHT is a distributed data storage approach that creates a hash table on an authorized P2P network. DHT was initially introduced to allow a large number of peers to transfer their confidential information locally in a holochain network. With the introduction of Bitorrent and Napster model, it has evolved to be a more efficient, powerful, and fault-tolerant technique capable of handling each node’s propagation regardless of whether the node is online or offline [28]. Each user of an hApp is connected to a DHT to share their sensitive information with each other as presented in Fig. 5. For instance, patients, doctors, medical staff, and other technologists in a smart healthcare system are connected in an identical DHT for a specific hApp to share and store their information which ensures distributed data integrity.

Vi-E Source Chain Structure

Each agent of a holochain network stores the information of every transaction together with the validation rules and applications source code locally. The structure of a whole chain, referred to as a source chain, is represented in Fig. 5. The source chain of an agent holds three components: DNA, genesis and transactions.

Vi-E1 Dna

The DNA is a set of validation rules which is unique for each hApp and applies to every user of an hApp. It ensures the integrity of the network without global consensus like blockchain. This unique feature equips holochain with scalable capabilities. The existence of different validation rules in holochain uniquely identifies different source chain addresses. A DNA file consists of multiple components such as application name, description of the holochain, the DHT structure, app specific data schemes as well as functions that execute the app operations.

Vi-E2 Genesis

When a user installs a new hApp, a hash is created to guarantee that the app is following the predefined rules. This hash is known as genesis. It is stored as the second entity of the local source chain. A genesis has two special entries: the first one is the hash of the DNA that applies the agreement rules to the user and the second one is the agent ID that holds the user’s public key. Additionally, it can also contain information like invitation code or payments schedule. Whenever a user creates a new entity of the hashchain, it will look back to the genesis block to ensure whether the new block is following the given rules.

Vi-E3 Block of a Holochain

Each block is stored in the local chain as an entry. Each entry contains several elements in its header such as timestamp of creating the transaction, entry type that defines the purpose of the data, hash of the data, digital signature of the entry, and hash of the previous header. Moreover, the block also contains users identity and private data of a transaction along with the header [33].

Vii Implementation of Holochain in IoT Healthcare Systems

Most of the healthcare facilities offer app-based services where different types of users of a healthcare system sign-up to get continuous support and monitoring of health conditions. In a smart healthcare ecosystem, holochain-based healthcare applications can be designed which work together like a marketplace to provide services. Healthcare providers offer various smart facilities by introducing a specific set of rules/protocols under which a user can benefit themselves. Users can search the whole marketplace to find their most desirable offers and accept the public agreements. Then health service delivery apps are initiated to build a private relationship between healthcare providers and the users.

The proposed holochain framework facilitates completely distributed IoT-based smart healthcare systems, which is represented in Fig. 4 where holochain is implemented for storing information and ensuring the security and privacy of the network. Holochain can be implemented at the network edge (IoT nodes, fog nodes, etc.) as well as in cloud servers. As holochain is an agent-centric framework, each hApp of the smart healthcare entities is considered as an agent/user who can actively participate in the network to transfer the information [22]. Moreover, we propose to use the cloud to process and store the transaction of a holochain network. Since IoT devices are resource-constrained such as limited memory, power, computation capacity and energy, it is quite inefficient and often impractical to process the complex calculations and store a large volume of data at the local storage of IoT nodes/sensors. Therefore, it is important to shift all these capability-demanding activities to the cloud servers yet facilitating the healthcare services at IoT end users.

In the proposed smart healthcare system, various stakeholders (patient, doctor, admin staff, technologist, etc.) are represented as individual agents, each of which maintains a unique source chain to store their transactions locally with the help of cloud servers as shown in Fig. 4. An agent can decide to use one or multiple healthcare applications depending on their own needs. Each hApp is recognized through its unique private digital signature–DNA which consists of a set of initial entry types, executable codes and parameters for the specific applications. Even though two different healthcare hApps use the same property to write the code, two different names will result in two unique DNAs.

When an agent of a healthcare system joins a hApp network, he creates an identifier by producing a key pair that consists of a private key and a public key. The key pair helps to create a unique identification of the agent into the network, ensure data authorization, access the data, and permit others to analyze and detect various types of threats and attacks. The private key is secretly stored at its own node which serves as a password and produces a digital signature using DNA, which is needed to publish as open-source resources with the public key of the agent to other peers that can also be used as an address (identifier) of the agent in the holochain network. However, with the help of the public key, other peers can authenticate the integrity of the agent’s digital signature and process encrypted data to send only for the specific user.

Instead of having a global shared consensus, all agents of a holochain have their individual local source chains to store and validate each transaction. Communications among multiple users are signed by each agent involved and are restricted to their own source chains. They are capable of transferring the health data through the identical public DHT.

Each healthcare agent maintains a secure private group of peers who share new transaction details, validity of the transaction, source of the information, the sender’s chain header containing historical sequence, peer creation and states of the network health within the group [28]. When a doctor wants to monitor his patient remotely using the IoT network, (s)he requests a set of health reports. The patient generates a capability grant or token for the particular reports or medical data that (s)he wants to share and stores the new transaction or stories as the new entity of the holochain. Moreover, the patient also shares the hash of the grant entry with the authorized doctor that will be used as a capability token.

On the other hand, the doctor preserves this token as the new entry on his private source chain and uses it whenever needed to access that particular patient’s data. The patient also checks the validity of the granted token and sends the required medical records to the doctor whenever needed. DHT guarantees the reliability of the distributed holochain network using gossip protocol. If a peered agent breaks the validation protocol, it will be excluded from next event participation to avoid bad-action. The agents of the holochain network use gossip protocol to share their own experience of the other agent’s behaviour. Each holochain user maintains an experience matrix which includes confidence of the experience that refers to the behaviour or outcomes of the previous experience. The confidence value of the experience matrix can be modified according to the attitude of the users. For instance, if a patient tries to double spend regarding a transactions’ holo fuel value and be detected as bad-actor, then the confidence value will be decreased. High confidence agents are encouraged to validate and participate more frequently. Moreover, the value of the experience matrix can be updated by both direct experience or through other agents. A step-by-step processing of a holochain framework is presented in the Algorithm 1 and the channel authentication process is demonstrated in Algorithm 2. Only a valid healthcare application user can create a transaction and participate in data sharing using DHT. To be a authenticated channel, a user needs to be a valid user of a specific healthcare application in the marketplace. Then any attempted transaction should be validated by the set of given rules in the DNA.

1:   Setup hApp consensus or validation protocol.
2:   Initialization DNA: Design DNA as local source chain entity for each in healthcare marketplace , where i=1, 2, 3, …..N.
3:   Function create DNA in
4:    Set entity types as validation rules.
5:    Set executable functions for specific
6:    Set other expected parameters to specified a unique . Where, x=1, 2, 3, 4, ……N.
7:   End Fuction
8:   Function Creating DNA for .
9:   Initialization Genesis: The Second entity of a local source chain .
10:   Function create Genesis in .
11:    Calculate timestamp of the genesis.
12:    Initialize Private and Public key set .
13:    Calculate hash value of the DNA.
14:   End Fuction
15:   Function Creating Genesis
16:  Create temper-proof hashchain based new holochain entity.
17:   Function Demands for a new transaction/entity.
18:    Calculate of the new entity.
19:    State the new entry type.
20:    Calculate digital signature using step 26 .
21:    Create current data hash.
22:    Calculate hash of previous header .
23:    Store signed entity in before broadcast.
24:   End Function
25:   Function creating a new holochain entity.
26:  Cryptographycally signed each hashchain entity.
27:   For each new entity of a holochain.
28:    Calculate digital signature of the transaction using agent’s private key.
29:    Store signed entity in hashchain based before broadcast.
30:   End For
31:  Design DHT to broadcast the valid transaction among peered users via gossip protocol.
32:   Create DHT for authenticated channel.
33:    Initialize a set of (, ).
34:    Share (, ) with random users who have same DNA.
35:    Validates the transaction using their own copy of DNA.
36:    Valid transaction is broadcast to other users to backup through gossip protocol.
37:  Setup gossip protocol to resist bad data broadcast.
38:   Design gossip protocol.
39:    Create matrix of a set of , , where, experience and confidence refer to the behaviors of other nodes.
40:    Update , in each experience to resist bad users entity.
Algorithm 1 A step-by-step implementation of the holochain framework
1:   Transaction validation of a
2:   For ()
3:    If (all DNA)
4:    Ensure the validity of the transaction
5:    Else
6:    Invalid transaction
7:    End If
8:   End For
9:   Application validation of a healthcare marketplace.
10:   For (all DNA)
11:    If ( )
12:    Ensure the validity of the .
13:    Else
14:    Invalid application.
15:    End If
16:   End For
17:   Overall channel authentication
18:    If Validation in (Step Step ) succeeds,
19:    Channel authentication complete.
20:    Else
21:    Invalid channel.
22:    End If
Algorithm 2 Channel validation algorithm

Viii Security Analysis

Viii-a Privacy and Security

DLT records transaction details, replicates, synchronizes and transfers digital information across all over the network in a distributed fashion. Holochain is a security-preserving DLT technology as it implements the concept of both advanced cryptography and cryptocurrency (holo fuel). Holchain is reliable, tamper-proof and resistant to various attacks such as Denial-of-service (DoS), fake node, Man-in-the middle attack (MitM), double spending and illegal data tempering.

Viii-B Security Threats

Smart healthcare services deal with a large number of significant sensitive personal data of the users. Moreover, due to the heterogeneous technologies of an IoT-healthcare system, security vulnerabilities are needed to be considered. Some frequent threats or attacks are discussed below.

Viii-B1 Unauthorized Access

Unauthorized access occurs when an intruder wants to access healthcare information in a network through compromised nodes or communication channel without appropriate authorization or permission. The malicious user sometimes manipulate, alter, destroy or gain ownership of confidential health information using unauthorized access. The works in [43] analyzed the vulnerabilities of using simple and default password in a healthcare IoT environment. It demonstrated that through unauthorized attack using default Secure Shell (SSH) commands, it was able to launch brute force attack and gained access to the IoT nodes (Raspberry Pi) for modifying and forging crucial personal data.

Viii-B2 Illegal or Intentional Data Tempering

Illegal data tempering is one of the frequent attacks on IoT healthcare networks. It can cause data integrity issues. The attacker of this threat could be an insider who can temper its own node information in a holochain or even an outsider. The work in [44] demonstrated how an illegal data tampering attack on biomedical security systems can be done to breach healthcare records from the communicating nodes to track the communication or alter the actual data.

Viii-B3 MitM

MitM occurs when an attacker sends a malicious request or eavesdrop in order to to monitor, access and modify a transaction between two agents of a holochain network. The works in [45] demonstrated a cross-layer MitM attack in a smart healthcare application. The performance evaluation shows that with the increasing number of attackers (from 0 to 25), communication overhead is increased to 15% from 10% while the packet delivery ratio is dropped to 69% from 96%.

Viii-B4 DoS/Distributed DoS (DDoS)

Each layer of an IoT network may be compromised by DoS/DDoS attack in both the IoT nodes and network links. DoS/DDoS occurs when an attacker sends a malicious request flood to disrupt the functionalities of targeted IoT nodes or cloud servers or communication links. This attack is also responsible for making dedicated services unavailable for an authorized user. The authors in [46] analyzed the weaknesses of the Datagram Transport Layer Security (DTLS) protocol which is employed in a constrained healthcare network to preserve the security of health data. DTLS can be compromised by a large number of ClientHello messages sent by an attacker to create a DoS attack for establishing fake communication between attacker and server. This will occupy legitimate bandwidth and resources for each ClientHello message.

Viii-B5 Double Spending Attack

In holochain networks, an agent can duplicate or reuse the digital token or cryptocurrency (i.e., using the same holo fuel token multiple times) and transmit as identical tokens to multiple receiver agents. Double spending problem is a serious security threat for the various smart applications including healthcare. In [47], a channel parasite attack was implemented to design double-spending attack on a blockchain-based IoT framework which disrupted the immutability and irreversibility of the DLT.

Viii-C Protection against Threats

Here, we discuss how holochain addresses the above threats.

Viii-C1 Unauthorized Access

The DNA limits the unauthorized user access of a holochain network. Every user of a network should have a unique DNA that provides capability-based security and ensures access control to the users as well as its source chain data [48].

Viii-C2 Illegal Data Tempering

If a user modifies his own code of an hApp, it will automatically redirect the hApp services to a completely different hApp network from the authorized shared DHT network. Therefore, if a user wants to modify the code intentionally, he cannot influence, access or modify the records of the original network.

Viii-C3 MitM Attack

When an attacker initiates MitM attacks in a holochain network, it can be detected on a source chain entry through the digital signature. Each modification of an hApp creates an entry that is signed by the private key of the user and adds to the header. Therefore, the digital signature can ensure the data origins of a request. The hash value of the previous header also helps to detect MitM attacks among the entire stored entries of a source chain. Whenever an intruder tries to modify the previous entry, the hash value of the previous header will notify nodes about the unauthorized activity.

Viii-C4 DoS/DDoS

IoT nodes are in greater risk of getting compromised due to various types of devices with wide ranging characteristics. Holochain networks are capable of handling on-demand P2P communication against Dos/DDoS attacks. When a transaction is faced with a DDoS attack, it could demand to impose filtering rules (e.g., Border Gateway Protocol (BGP)). For instance, the transaction will have the detailed information such as type of the attack, total counted drop packet and average dropped packets per unit time which will be signed to store in local hash-chain and will be broadcast through DHT. After broadcasting the transaction, the service provider can employ a DDoS attack detection method by analyzing the record samples with the help of BGP to validate whether DDoS is initiated on a targeted node [49].

Viii-C5 Malicious Code/Node

When an attacker attempts to hack the holochain code, random peers will fail to validate the generated anomalous results. Therefore, the stored abnormal outputs will be tagged as counterfeit and will not be transmitted. The network is thus capable of identifying the bad transaction and can blacklist the agent who commits the crime.

Viii-C6 Double Spending Attack

Since the holochain technology uses electronic credit currency to communicate with other users in the network, ensuring transparency can handle the double spending attack robustly. For instance, A is the patient of a holochain-based system who has 5 holo fuel credit to make a creditable transaction that sends to a doctor X. Assume that after sending the credit to the doctor X, patient A intentionally removes the A-X transaction and again sends the same balance to another doctor Y for his service. The holochain network will detect this kind of double spending attack through gossip protocol. Whenever patient A makes A-X transaction, gossip protocol will be responsible for spreading the news of the occurred transaction to some randomly selected users. When patient A tries to double spend with doctor Y, the network checks with those randomly selected users’ log of the transaction history to validate whether the balance is correct.

Ix Performance Analysis of Security Mechanisms

In this section, some prevalent lightweight cryptographic algorithms are considered with their performance evaluated and compared using medical data in IoT networks against two key performance indicators (KPI), namely memory usages and CPU cycles per bits. A comparative analysis on how various existing DLTs perform against the KPIs are also provided. Among them, AES and Data Encryption Standard (DES) are two popular symmetric key block cipher algorithms while RSA is used as an asymmetric key encryption mechanism. They are able to detect and resist various common attacks in IoT such as MitM attack [50]. Leak Extraction (LEX) and Light Encryption Device (LED) are extended versions of AES. In addition, LEX is a software-oriented stream cipher which modifies the AES key stream using a recursion process. On the other hand, LED is more useful for hardware implementation which uses a simple key schedule to resist various attacks. This is particularly true for LED-80 [50].

Another important type of cryptographic algorithms is categorized as lightweight block ciphers such as RC5 and Salsa20 [2]. RC5 utilizes a variable number of block size, key size and number of rounds during recursion which depends on the functionality of microprocessors. Salsa20, on the other hand, utilizes the advantage of hash and XOR functions with a 64-byte block size [51, 52]. Both RC5 and Salsa20 are more appropriate for IoT-based medical applications due to the relatively lower memory requirements. However, SPECK and SIMON are used for multi-block cipher with a variable number of key size and block size. The fundamental advantage of using SIMON and SPECK is improving the speed and memory utilization which is more suitable for a lightweight healthcare application. Fig. 6 shows a comparative performance analysis of existing IoT security mechanisms as presented in [2]. Fig. 6 also demonstrates that compared to the other considered ciphers, LEX is the fastest in terms of CPU speed. Though AES and DES are slightly faster than SPECK, in terms of memory usages, SPECK is faster than AES and DES. Considering all the various security mechanisms’ performance, it is suggested that SIMON and SPECK offer better performance in resource-constrained IoT networks.

Fig. 6: Comparative analysis of existing encryption mechanisms in IoT networks.
Fig. 7: Comparative analysis of blockchain and holochain based encryption mechanisms in IoT networks.

On the other hand, Fig. 7 includes the comparative analysis of the performance of popular DLTs in terms of IoT security. Since the functionalities of DLTs are different from the existing traditional cryptography mechanisms, the memory requirement more important than the CPU cycle time. According to [53], the hybrid technology of Software-Defined Network (SDN) and blockchain provides better performance compared to traditional blockchains. Blockchain includes the request from any user, but SDN ensures the secure connection and avoids unnecessary requests, which reduces the memory as well as CPU cycle per bits. Though this technique brings new breakthroughs in the world of blockchain, the memory requirements and processing techniques remain the challenges. However, holochain and the new version of holochain (Holochain RSM) reduce huge loads of data processing and storing in the dynamic and real-time implementation like IoT networks. The memory utilization and speed of holochain are far better than that of the blockchain technology which can be an out of bound thinking for the upcoming IoT networks.

X Future Directions

The holochain-based technique will play a significant role to ensure security and privacy for next-generation communication models for large-scale deployment as it allows the advantages of high scalability, lightweight and decentralized architecture, flexibility and transparency with a high level of security. The characteristics of being lightweight, transparent and distributed operation ensures fast processing which is crucial for high data-rate and low-latency communication systems emerging in 5G or in upcoming 6G standards. Moreover, the holochain technology will also be utilized for storing massive data in a distributed fashion with the help of fog nodes, cloud servers, mobile edges, and etc. Undoubtedly, holochain has a significant impact on distributed security but more advances need to be made to suit the resource-constrained IoT environments for reducing latency of a transaction, processing speed, and tackling real-time threats. To meet those needs, there are a number of challenges that need to be addressed.

X-a Real-Time Cryptocurrency Processing and Monitoring

In recent computing systems, cryptocurrency emerges as an alternative to the physical currency that has been growing. However, processing the real-time holo fuel and analyzing the performance in IoT networks can be a difficult task. As mentioned earlier, thousands of transactions are in need of processing and transferring among various agents through the holochain. Therefore, cryptocurrency is required to support the network which requires the presence of a unique real-time monitoring system used by all agents of holochain networks.

X-B Real-Time Smart Threats Detection

With the advances in technology, an attacker may create ML-based intelligent and unknown attacks on IoT nodes in a holochain-based smart healthcare system. Implementation of a complex and intelligent real-time threat detection model requires a high degree of computation capacity and memory which is quite challenging for resource-constrained IoT nodes. Therefore, it is imperative to design a real-time smart threat detection mechanism suitable for running on memory and processing capacity constrained systems.

X-C Load Balancing

With the increasing number of users, a holochain network distributes its load over other authorized peers. The peers are selected using specially designed protocols to randomly select nodes in the network. It needs to ensure that alternate nodes are available with validation power or storing capability of other users information whenever one goes off line. Finding the right balance to select the minimum number of agents while ensuring the process of validation is intact is a challenging task which becomes more difficult with an increasing scale of the network size. Moreover, this whole process of assigning and reassigning agents should be near real time to avoid any disruption in the operation of the IoT healthcare system.

X-D Quick Response to Bad Activity

In holochain networks, information storage, access and sharing authority are not always fixed. For instance, if one patient loses awareness, (s)he can no longer possess the authority of sensitive health related data sharing, but still, this patient can be the best choice candidate for sharing the data. Thus, quick response to bad-activity and detecting the responsible agents are essential to maintain a healthy holochain.

Xi Conclusions

A holochain-based privacy-preserving secure communication scheme for distributed IoT healthcare applications has been proposed in this article which leverages the inherent autonomy of the holochain architecture and protocols. In contrast to blockchain, holochain liberates the communicating agents from any form of centralized control by running the applications (hApps) entirely at the user side. Therefore, there exists no central point of failure. Since users are the hosts, as more agents use an app, more hosting power and storage become available and the load gets lighter. If any agent alters their own app code, they effectively fork themselves out of the shared DHT space into an entirely different application. Thus holochain has appeared to be the most effective technology for distributed IoT applications. Comparative performance results and analyses demonstrate significant reduction in time and space complexity of the holochain framework compared to the rival blockchain schemes, which shows promises for realistic deployment of large-scale IoT healtchare systems.


  • [1] S. M. R. Islam, D. Kwak, M. H. Kabir, M. Hossain, and K. Kwak, “The internet of things for health care: A comprehensive survey,” IEEE Access, vol. 3, pp. 678–708, 2015.
  • [2] V. A. Thakor, M. A. Razzaque, and M. R. A. Khandaker, “Lightweight cryptography algorithms for resource constrained IoT devices: A review, comparison and research opportunities,” IEEE Access, to appear, 2021.
  • [3] S. B. Baker, W. Xiang, and I. Atkinson, “Internet of things for smart healthcare: Technologies, challenges, and opportunities,” IEEE Access, vol. 5, pp. 26 521–26 544, 2017.
  • [4] X. Wang, Z. Liu, and T. Zhang, “Flexible sensing electronics for wearable/attachable health monitoring,” Small, vol. 13, no. 25, p. 1602790, 2017.
  • [5] R. D. Singh, R. Shandilya, A. Bhargava, R. Kumar, R. Tiwari, K. Chaudhury, R. K. Srivastava, I. Y. Goryacheva, and P. K. Mishra, “Quantum dot based nano-biosensors for detection of circulating cell free mirnas in lung carcinogenesis: from biology to clinical translation,” Frontiers in Genetics, vol. 9, p. 616, 2018.
  • [6] F. Tariq, M. R. A. Khandaker, K.-K. Wong, M. A. Imran, M. Bennis, and M. Debbah, “A speculative study on 6G,” IEEE Wireless Communications, vol. 27, no. 4, pp. 118–125, 2020.
  • [7] B. Farahani, F. Firouzi, and K. Chakrabarty, Healthcare IoT.    Cham: Springer International Publishing, 2020, pp. 515–545. [Online]. Available:
  • [8] P. A. Laplante and N. Laplante, “The internet of things in healthcare: Potential applications and challenges,” It Professional, vol. 18, no. 3, pp. 2–4, 2016.
  • [9] S. Ghafur, E. Grass, N. R. Jennings, and A. Darzi, “The challenges of cybersecurity in health care: the uk national health service as a case study,” The Lancet Digital Health, vol. 1, no. 1, pp. e10–e12, 2019.
  • [10] M. R. A. Khandaker and K.-K. Wong, “Masked beamforming in the presence of energy-harvesting eavesdroppers,” IEEE Trans. Inf. Forensics Security, vol. 10, pp. 40–54, Jan. 2015.
  • [11] N. Alassaf, A. Gutub, S. A. Parah, and M. Al Ghamdi, “Enhancing speed of SIMON: A light-weight-cryptographic algorithm for IoT applications,” Multimedia Tools and Applications, vol. 78, no. 23, pp. 32 633–32 657, Dec. 2019.
  • [12] A. Newaz, A. K. Sikder, M. A. Rahman, and A. S. Uluagac, “HealthGuard: A Machine Learning-Based Security Framework for Smart Healthcare Systems,” arXiv:1909.10565 [cs], Sep. 2019. [Online]. Available:
  • [13] S. Pirbhulal, N. Pombo, V. Felizardo, N. Garcia, A. H. Sodhro, and S. C. Mukhopadhyay, “Towards machine learning enabled security framework for IoT-based healthcare,” in 2019 13th International Conference on Sensing Technology (ICST), 2019.
  • [14] S. Zoican, M. Vochin, R. Zoican, and D. Galatchi, “Blockchain and consensus algorithms in Internet of Things,” in 2018 International Symposium on Electronics and Telecommunications (ISETC), 2018.
  • [15] A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for iot security and privacy: The case study of a smart home,” in 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), 2017, pp. 618–623.
  • [16] R. Cole, M. Stevenson, and J. Aitken, “Blockchain technology: implications for operations and supply chain management,” Supply Chain Management: An International Journal, vol. 24, no. 4, pp. 469–483, Jan. 2019, publisher: Emerald Publishing Limited. [Online]. Available:
  • [17] S. Latifi, Y. Zhang, and L. Cheng, “Blockchain-based real estate market: One method for applying blockchain technology in commercial real estate market,” in 2019 IEEE International Conference on Blockchain (Blockchain).    Los Alamitos, CA, USA: IEEE Computer Society, jul 2019, pp. 528–535. [Online]. Available:
  • [18] A. D. Dwivedi, G. Srivastava, S. Dhar, and R. Singh, “A Decentralized Privacy-Preserving Healthcare Blockchain for IoT,” Sensors, vol. 19, no. 2, p. 326, Jan. 2019, number: 2 Publisher: Multidisciplinary Digital Publishing Institute. [Online]. Available:
  • [19] K. N. Griggs, O. Ossipova, C. P. Kohlios, A. N. Baccarini, E. A. Howson, and T. Hayajneh, “Healthcare Blockchain System Using Smart Contracts for Secure Automated Remote Patient Monitoring,” Journal of Medical Systems, vol. 42, no. 7, p. 130, Jun. 2018.
  • [20] J. Xu, K. Xue, S. Li, H. Tian, J. Hong, P. Hong, and N. Yu, “Healthchain: A blockchain-based privacy preserving scheme for large-scale health data,” IEEE Internet of Things Journal, vol. 6, no. 5, pp. 8770–8781, 2019.
  • [21] T. McGhin, K.-K. R. Choo, C. Z. Liu, and D. He, “Blockchain in healthcare applications: Research challenges and opportunities,” Journal of Network and Computer Applications, vol. 135, pp. 62–75, Jun. 2019.
  • [22] A. Brock, D. Braden, and J. M. Day, “Holochain - A Framework For Distributed Applications,” US Patent US20 200 389 521A1, Dec., 2020. [Online]. Available:
  • [23] K. Janjua, M. A. Shah, A. Almogren, H. A. Khattak, C. Maple, and I. U. Din, “Proactive Forensics in IoT: Privacy-Aware Log-Preservation Architecture in Fog-Enabled-Cloud Using Holochain and Containerization Technologies,” Electronics, vol. 9, no. 7, p. 1172, Jul. 2020, number: 7 Publisher: Multidisciplinary Digital Publishing Institute. [Online]. Available:
  • [24] Y. Mirsky, T. Mahler, I. Shelef, and Y. Elovici, “CT-GAN: Malicious tampering of 3D medical imagery using deep learning,” in Proc. 28th USENIX Conference on Security Symposium, 2019, p. 461–478.
  • [25] S. G. Finlayson, J. D. Bowers, J. Ito, J. L. Zittrain, A. L. Beam, and I. S. Kohane, “Adversarial attacks on medical machine learning,” Science, vol. 363, no. 6433, pp. 1287–1289, 2019.
  • [26] S. Ghafur, S. Kristensen, K. Honeyford, G. Martin, A. Darzi, and P. Aylin, “A retrospective impact analysis of the WannaCry cyberattack on the NHS,” npj Digit. Med., vol. 2, 2019.
  • [27] M. T. Hammi, B. Hammi, P. Bellot, and A. Serhrouchni, “Bubbles of Trust: A decentralized blockchain-based authentication system for IoT,” Computers & Security, vol. 78, pp. 126–142, Sep. 2018. [Online]. Available:
  • [28] E. Harris-Braun, N. Luck, and A. Brock, “Holochain: Scalable agent-centric distributed computing,” Github, 2018. [Online]. Available:
  • [29] R. T. Frahat, M. M. Monowar, and S. M. Buhari, “Secure and scalable trust management model for IoT P2P network,” in 2019 2nd International Conference on Computer Applications Information Security (ICCAIS), 2019.
  • [30] A. K. M. N. Islam, M. Mäntymäki, and M. Turunen, “Why do blockchains split? An actor-network perspective on Bitcoin splits,” Technological Forecasting and Social Change, vol. 148, p. 119743, Nov. 2019. [Online]. Available:
  • [31] “What is HoloFuel? | Holo FAQ.” [Online]. Available:
  • [32] “Holo-Host/holofuel-model,” Jul. 2019, original-date: 2018-07-24T17:54:17Z. [Online]. Available:
  • [33] “Holochain | Think Outside the Blocks - Scalable distributed computing.” [Online]. Available:
  • [34] “The (re)Distributive enterprise.” [Online]. Available:
  • [35] D. Diojdescu, “The city as a collaborative commons. the state of the art of codesigning digital ledger technologies for commons and common good,” University of Torino, Tech. Rep., 2018.
  • [36] L. Zhang, H. Xu, O. Onireti, M. A. Imran, and B. Cao, “How Much Communication Resource is Needed to Run a Wireless Blockchain Network?” arXiv:2101.10852 [cs], Jan. 2021, arXiv: 2101.10852. [Online]. Available:
  • [37] L. Oliveira, J. J. P. C. Rodrigues, S. A. Kozlov, R. A. L. Rabêlo, and V. H. C. d. Albuquerque, “MAC Layer Protocols for Internet of Things: A Survey,” Future Internet, vol. 11, Jan. 2019.
  • [38] A. L. Bleda, R. Maestre, J. Corral, and R. Ruiz, “A Quality and Ergonomic Heart Monitoring Device with User-Friendly App for Telemedicine,” Proceedings, vol. 31, no. 1, p. 67, 2019, number: 1 Publisher: Multidisciplinary Digital Publishing Institute. [Online]. Available:
  • [39] M. Faezipour and M. Faezipour, “System dynamics modeling for smartphone-based healthcare tools: Case study on ECG monitoring,” IEEE Systems Journal, pp. 1–10, 2020.
  • [40] H. Kharrufa, H. A. A. Al-Kashoash, and A. H. Kemp, “RPL-based routing protocols in IoT applications: A review,” IEEE Sensors Journal, vol. 19, no. 15, pp. 5952–5967, 2019.
  • [41] A. Rayes and S. Salam, “The Internet in IoT—OSI, TCP/IP, IPv4, IPv6 and Internet Routing,” in Internet of Things From Hype to Reality: The Road to Digitization, A. Rayes and S. Salam, Eds.    Cham: Springer International Publishing, 2017, pp. 35–56. [Online]. Available:
  • [42] S. Seleznev and V. Yakovlev, “Industrial Application Architecture IoT and protocols AMQP, MQTT, JMS, REST, CoAP, XMPP, DDS,” International Journal of Open Information Technologies, vol. 7, no. 5, pp. 17–28, Apr. 2019.
  • [43] C. Bradley, S. El-Tawab, and M. H. Heydari, “Security analysis of an iot system used for indoor localization in healthcare facilities,” in 2018 Systems and Information Engineering Design Symposium (SIEDS), 2018, pp. 147–152.
  • [44] H. Liu, R. G. Crespo, and O. S. Martínez, “Enhancing Privacy and Data Security across Healthcare Applications Using Blockchain and Distributed Ledger Concepts,” Healthcare, vol. 8, no. 3, p. 243, Sep. 2020, number: 3 Publisher: Multidisciplinary Digital Publishing Institute. [Online]. Available:
  • [45] “IC-MADS: IoT Enabled Cross Layer Man-in-Middle Attack Detection System for Smart Healthcare Application | SpringerLink.” [Online]. Available:
  • [46] P. M. Kumar and U. D. Gandhi, “Enhanced DTLS with CoAP-based authentication scheme for the internet of things in healthcare application,” The Journal of Supercomputing, vol. 76, no. 6, pp. 3963–3983, Jun. 2020. [Online]. Available:
  • [47] A. Cullen, P. Ferraro, C. King, and R. Shorten, “Distributed Ledger Technology for IoT: Parasite Chain Attacks,” arXiv:1904.00996 [cs], Mar. 2019. [Online]. Available:
  • [48] “Glossary - Holochain Docs.” [Online]. Available:
  • [49] N. Kenchaiah and N. M. M, “Distributed policy management for service provider chains chains,” Technical Disclosure Commons, Mar. 2020. [Online]. Available:
  • [50] “Triathlon of lightweight block ciphers for the Internet of things | SpringerLink.” [Online]. Available:
  • [51] T. Güneysu, G. Leander, and A. Moradi, Lightweight Cryptography for Security and Privacy: 4th International Workshop, LightSec 2015, Bochum, Germany, September 10-11, 2015, Revised Selected Papers.    Springer, Jan. 2016, google-Books-ID: Kc9yCwAAQBAJ.
  • [52] G. Meiser, T. Eisenbarth, K. Lemke-Rust, and C. Paar, “Efficient implementation of eSTREAM ciphers on 8-bit AVR microcontrollers,” in 2008 International Symposium on Industrial Embedded Systems.    Le Grande Motte, France: IEEE, Jun. 2008, pp. 58–66. [Online]. Available:
  • [53] T. T. A. Dinh, R. Liu, M. Zhang, G. Chen, B. C. Ooi, and J. Wang, “Untangling blockchain: A data processing view of blockchain systems,” IEEE Transactions on Knowledge and Data Engineering, vol. 30, no. 7, pp. 1366–1385, 2018.