A Security aware IoT-Driven Remote Patient Monitoring in Health Care Framework

Abstract

The increasing adoption of the Internet of Things (IoT) in healthcare has revolutionized patient care through real-time monitoring and remote diagnostics. This project presents a SecurityAware IoT-Driven Remote Patient Monitoring (RPM) Framework that captures, encrypts, and securely transmits vital patient data over the internet. Built on the ESP32 microcontroller, the system integrates multiple biomedical sensors—including DHT22 for temperature, pulse sensors for heart rate, analog sensors for SpO₂, and blood pressure sensors—to continuously collect physiological parameters. To safeguard sensitive health data during transmission, the framework employs a hybrid cryptographic approach, combining Advanced Encryption Standard (AES) for fast symmetric encryption and Elliptic Curve Cryptography (ECC) for secure key exchange and asymmetric encryption of the AES key. This encrypted data is transmitted over the MQTT protocol using TLS to a secure cloud broker (HiveMQ), ensuring data confidentiality and integrity during communication. On the cloud end, the system uses a FlowFuse-hosted Node-RED environment to visualize decrypted sensor data on a real-time dashboard. Node-RED workflows are designed to handle decryption, verification, and display, allowing authorized healthcare providers to access the data in human-readable form. This layered architecture addresses critical security vulnerabilities such as unauthorized access, data interception, and tampering. The proposed framework is scalable, low-power, and cost-effective, making it ideal for deployment in home care, rural clinics, and telehealth applications. It demonstrates a practical balance between real-time performance and high-level data security, marking a significant contribution to secure IoT healthcare solutions.