Securing the Integrity of Open mHealth-Compliant Data by using TPM 2.0

Abstract

In this thesis, we propose a protocol to secure the integrity of Open mHealth-Compliant data by using Trusted Platform Module (TPM) 2.0. This allows the Data Consumer to verify the integrity of the Data points generated on the open mhealth platform.To implement the protocol, we use raspberry pi 3 board based on Ubuntu 16.04 as IoT gateway and another raspberry pi 3 boardbased on Raspbian as Data Consumer. The proposed protocol generates the integrity information to guarantee the acquisition provenance and sequence of data by using PCR, QUOTE in TPM and hash chain. When the protocol is applied, the integrity information and key certificate for this is included in the header part of original Data point, and the ID of Data point is set to hash value of the previous Data point. We call this newly defined Data point as Extended Data point.Extended Data points are saved in Data Storage Unit(DSU). Later, Data Consumer can obtain Extended Data points from DSU.We also use Hardware TPM2.0 provided by IBM to protect Data point from malicious attacker in DSU and to verify in Data Consumer.We implemented a prototype in raspberry pi and performed the performance evaluation. To generate Extended Data point, it needs additional time to generate key certificate and integrity information. As a result, we show that it takes 2~20 times more than to generate original Data point.