An Open, Secure and Flexible Platform Based on Internet of Things and Cloud Computing for Ambient Aiding Living

and Telemedicine

Xiao Ming Zhang

School of Information Science and Engineering Hunan University Changsha, China e-mail:

Ning Zhang
School of Information Science and Engineering Hunan University Changsha, China e-mail:

AbstractCurrently Internet of Things (IoT) and multimedia technologies have entered the healthcare field through ambient aiding living and telemedicine. However there are still several obstacles blocking in the way, the toughest ones among which are IoT interoperability, system security, streaming Quality of Service (QoS) and dynamic increasing storage. The major contribution of this paper is proposing an open, secure and flexible platform based on IoT and Cloud computing, on which several mainstream short distant ambient communication protocols for medical purpose are discussed to address interoperability; Secure Sockets Layer (SSL), authentication and auditing are taken into consideration to solve the security issue; an adaptive streaming QoS model is utilized to improve streaming quality in dynamic environment; and an open Cloud computing infrastructure is adopted to support elastic Electronic Health Record (EHR) archiving in the backend. Finally an integrated reference implementation is introduced to demonstrate feasibility. Keywords- internet of things;cloud computing; telemedicine; Ambient Aiding Living



Currently Internet of Things (IoT) [1] and multimedia technologies have entered the healthcare field through telemedicine and ambient aiding living, which aim at increasing patient autonomy and confidence [2]. By WHO, telemedicine is the practice of medical care using interactive audiovisual and data communications [3]. This includes the delivery of medical care, diagnosis, consultation and treatment, as well as health education and the transfer of medical data [4]. While Ambient Assisted Living means ambient intelligence that improves the patient healthcare through artificial intelligence and Internet of things, which is able to use sensors to detect patients health status and activities, learn their behavior patterns, gain knowledge of the context, define action rules for each scenario in relation with the patients health and behavior [5][6][7]. Through IoT and multimedia, it is not only able to implement deeper and richer communication and interaction between patients and specialists remotely, but also could create huge opportunities for the industry. In 2009, GE and Intel Corporation formed an alliance to develop home-based telehealth technologies including Intel Health Guide, helping seniors live

independently and patients with chronic conditions manage their care from the comfort of their home or wherever they choose. IMEC has developed next generation wireless smart ECG (electrocardiography) necklace and wearable EEG (electroencephalography) headset, which relies on a ultralow-power ASIC for the acquisition of the life sensing data, a low-power microcontroller and radio providing local processing and wireless communication functionalities [8][9][10]. However there are still several obstacles in the way, the toughest ones among which are IoT interoperability, system security, streaming Quality of Service (QoS) and dynamic increasing storage. IoT interoperability Regularly the system for telemedicine and Ambient Assisted Living needs to connect multiple medical devices like blood pressure meter, weighting meter, blood-glucose meter, pulse oximeter, ECG and pulmonary peak flow meter [11][12], but these medical devices are normally manufactured by different factories, so the system provider has to contact and cooperate with multiple different device factories to develop as more devices services as possible. Therefore the integration of health data from different telemedicine and telehealth devices becomes complex and difficult, and hence discounts the benefit brought by IoT health application. System security To help and prolong the patient living time decently at home, the physiological data from the patient should be collected in time and sent automatically to the remote specialists through network. Those data are highly privacy sensitivity, so most governments have strict policy to regulate the medical data transmission on network, for example the HIPPA law in US. Besides the communication security, other related issues should also be considered by the system security, including authentication and auditing. Streaming QoS Current interaction between patients and remote specialists has become versatile, that contains not only simple physiological data transmission, but also rich multimedia consultation. However the patients are widely distributed around the internet, the bandwidths are various greatly by location. And even for the same user, the network

situation changes by time in a day. So the more flexible streaming QoS control mechanisms are required. Dynamic increasing storage The systems of telemedicine and Ambient Assisted Living are always connected to the Electronic Health Record system (EHRs) in the backend, where patients data are archived and specialists are able to conveniently access them at any time. But with continually collecting and storing of patients data and multimedia materials, there are more storage requirement by EHRs, so the underlying infrastructure has to be elastic to suit dynamic requirement. The major contribution of this paper is proposing an open, secure and flexible platform on which the abovementioned issues are discussed and addressed. The rest of the paper firstly introduces the platform architecture, then crucial technological design and finally a reference implementation. II. ARCHITECTURE In this section, a simplified reference architecture (Fig. 1) is introduced for telemedicine and Ambient Assisted Living system, which is based on the standard framework recommended by CHA (Continua Health Alliance) [13], an international authorized telemedicine and telehealth standard body. In the PAN (Personal Area Network) device area, varies peripheral medical sensors and devices with short distant wireless/wired communication capability are deployed at patient home, while in LAN (Local Area Network) device area the medical devices around patient always have RJ45 or WiFi connection. Those devices in PAN and LAN devices area take the responsibility to detect patient behavior, sensing health status, collect ambient data and communicate with IoT gateway in Application-hosting device area. IoT gateway could be implemented with handheld devices, laptop or just common PCs. It is not only the data sink of the devices in PAN and LAN area, but also the communication bridge between the patient ambient devices and remote specialists workstations. Then in the WAN (Wide Area Network) area, the workstations are utilized by the specialists to visit patient data remotely and possibly in real time if needed. Moreover, to provide more accurate medical aiding, the specialists are capable of directly operating remote patient medical devices through IoT gateway. The last part in the architecture is health record device area where hosts larger health management systems like EHRs. Varies data from the source devices in PAN and LAN area and other data in the medical transaction should be finally archived in the health record device area. Under this architecture, the challenging issues discussed in section 1 can be clearly identified. In Fig. 1, the interoperability issue majorly exists between PAN/LAN health devices and IoT gateway in application-hosing device area. The multimedia streaming issue stays between IoT gateway and remote WAN devices which normally are specialists own workstations supporting multimedia distant communication. The secure communication issue is also located between IoT gateway and WAN devices which helps patients using IoT gateway and specialists using WAN devices in communicating more securely through either multimedia or command way. The dynamic archiving issue

is marked in the last health record device area, where some elastic computing capability should be implemented.
Interoperability Adaptive streaming

Secure Communication

Elastic Archiving

Figure 1. A reference architecture based on CHA framework



In this section, several major crucial technologies identified in the architecture are discussed, including interoperability of IoT gateway, adaptive streaming, secure communication and elastic archiving. A. Interoperability of IoT gateway In addressing the interoperability of IoT gateway, there have been many efforts undergoing, among which CHA should be the most canonical standard body. The proposing IoT gateway follows CHA framework, which suggests two layers structure for IoT health gateway interoperability: transplantation layer and data layer. Further on the transplantation layer, there are wireless communication health standard and wired communication health standard. On the data layer of CHA architecture, ISO/IEEE 11073 Personal Health Data (PHD) standard is default adopted [14][15]. Firstly there is a common basic framework protocol, i.e. 11073-20601, which refers to application profile and optimized exchanging model. Some common data types, message types and communication models are defined here. Then based on 11073-20601, other protocols are easily extended corresponding to specific medical devices, which means they only need to define the special data model corresponding to specific personal health device while sharing and keeping the common definition in the 11073-20601. It exhibits a modular design, better extensibility and easier operation to add new medical devices support. In wireless communication health standard, there are currently two sets of protocols, i.e. Bluetooth Health Device Profile (HDP) [16] and ZigBee Health CareTM Profile [17]. For wired telehealth communication between gateway and peripheral medical devices, USB Personal Healthcare Device Class (PHDC) [18] is CHA default recommending standard. B. Adaptive Streaming As mentioned above, one of the basic roles in telemedicine system is multimedia consultation, so the streaming QoS (e.g. jitter and delay) between patient and remote specialist has great influence on distant medical

service quality. However it is a tough job to maintain high quality real time streaming on current complex internet, some flexible control mechanism has to be taken. Fig. 2 illustrates a streaming QoS control model based on RTP and RTCP protocols. In patient part, the image and audio data is captured and encoded by the DataSource object, and then pushed into a sending buffer which is under the control of SessionManager object. Later when network is available, the data in the buffer are sent to remote specialist receiving buffer. Next, when the receiving buffer is full or waiting time is up, the data are pulled out and decoded by the DataSource object in the specialist part, and finally present or play to specialist. Like the counterpart of the patient, the SessionManager object is responsible to control the streaming QoS. For example, if SessionManager detects that the jitter in current stream is too large by RTCP report, it is able to increase the size of buffer so as to smooth data flow, while it sometimes also reduces the buffer size to shorten the streaming delay based on RTCP statistics report.
Patient Session Manager DataSource RTP Data Buffer RTP Buffer Control RTCP Report Session Manager Buffer Control DataSource RTP Data Buffer RTP Specialist

transparent to users and follows the same interface style as common RMI. Besides communication, MD5 algorithm is utilized to fulfill authentication, in which users passwords are encrypted by MD5 and stored in database. Every time the user logins, his password will be computed by MD5, and then compared with the value in the database. If matching, the user gets access of the system, or he is refused. Under this mechanism, the hackers cant find plain text of the passwords since they are all encrypted. While another necessary security part is auditing, which helps administrator analyse system status, identifie the security issues, stop dangerous activities and avoid lose enlarging. Auditing normally is done through varies activities logs, e.g. login account, date, time, operations, etc. D. Elastic archiving As to the last dynamic data archiving issue, the Cloud computing infrastructure is adopted, since it naturally designed for elastic resource provisioning through Software as a Service (SaaS) and Infrastructure as a Service (IaaS) [21][22]. For the EHRs backend in the reference architecture, EUCALYPTUS Cloud computing infrastructure is considered because it has some outstanding advantageous over other cloud artifacts [23], such as user friendly style, highly modular design, compatible interface with Amazon EC2, and virtual network overlay that both isolates network traffic of different users and allows two or more clusters to appear in the same Local Area Network.
EHR Archiving Cloud Cloud Controller Storage Controller


Figure 2. A streaming QoS control model

Public network

C. System Secure The communication between patient and specialist should be carefully secured because the data transmitted is very sensitive to privacy. The first data type secured is multimedia like image and audio, but encryption is costly which consumes much CPU resource and always degrades the streaming quality. So in some situations, the special secure hardware is utilized. The other type of secured data is control command through which the specialist is capable of remotely and accurately operating the medical devices to access the patient. Unlike the multimedia data, these data is not CPU intensive, so more flexible communication methods can be applied. One of the optimization model is the combination of Remote Method Invoking (RMI) [19][20] and Secure Sockets Layer (SSL). RMI is a distributed object model, in which the patients medical device operations can be encapsulated in distributed objects and published through IDL language on network. The specialist is able to easily access these distributed objects through the stub generated by IDL without considering underlying network marshalling and transmitting. While the SSL encryption and key exchanging can be seamlessly integrated with RMI, which is

Cluster Controller Private network Node Node Node Controller Controller Controller

Cluster Controller Private network Node Controller

Node Controller

Node Controller

Figure 3. Elastic archiving based on EUCALYPTUS Cloud

In EUCALYPTUS, the Virtual Machines are implemented through the Xen hypervisor [24], while the high-level system components are implemented as a standalone Web service. The four major high-level components are explained as followings (Fig. 3): Node Controller controls the execution, inspection, and terminating of VM instances on the host where it runs; Cluster Controller gathers information about and schedules VM execution on specific node controllers, as well as manages virtual instance network; Storage Controller is a put/get storage service that implements Amazons S3 interface, providing a mechanism for storing and accessing VM images and user data; Cloud Controller is the entry-point into the cloud for users and administrators. It queries node managers for information

about resources, makes high level scheduling decisions, and implements them by making requests to cluster controllers. Under the framework of EUCALYPTUS, EHRs system is able to elastically start, control, access, and terminate entire Virtual Machines using an emulation of Amazon EC2s SOAP and Query interfaces. When more data is coming and requires more space, the system dynamically starts more virtual machines with more storage. While the dynamic archiving requirement meets, the system may not be rooted and user cant perceive it. IV. REFERENCE IMPLEMENTATION To verify the system feasibility, an IoT health gateway is implemented on a desktop PC with Windows XP. Upon interoperability, it utilizes ISO/IEEE 11073 health data standard and USB communication health standard to interact with ambient medical devices including blood pressure meter, blood glucose meter and heart rate meter. For security, JAVA RMI/SSL combination, MD5 and auditing database are adopted. As to multimedia consultation, JAVA Multimedia Framework is taken which provides the flexible interfaces to control underlying streaming buffer and supports adaptive QoS control policy implementation. Fig. 4 demonstrates the video/audio consultation interface with remote controls of medical high HD camera, and auditing interface with user login and operation history records.

[5] [6]







[13] [14]



[17] Figure 4. Reference implementation interface [18] [19]



This paper argues that the IoT and Cloud computing will be the supporting stones in telemedicine and Ambient Aiding Living, in which an open, secure and elastic architecture is introduced, and then several crucial technological issues are identified and researched including IoT interoperability, adaptive streaming, security and elastic archiving. Finally a reference implementation is demonstrated. REFERENCES
[1] [2] [3] [4] L. Atzori, A. Iera and G. Morabito, The Internet of Things: A survey, Computer Networks, vol. 54, 2010, pp. 27872805. COMMISSION OF THE EUROPEAN COMMUNITIES, Internet of Things An action plan for Europe, Brussels, Jun. 18, 2009. D. Hailay and R. Roine, Systematic review of evidence for the benefits of telemedicine, J Telemed Telecare, vol. 8. 2002, pp. 17. S. Stowe, S. Harding, Telecare, telehealth and telemedicine, European Geriatric Medicine, vol. 1, 2010 , pp. 193197.





Steg, H. et al.: Europe Is Facing a Demographic Challenge Ambient Assisted Living Offers Solutions.VDI/VDE/IT, Germany (2006). A. J. Jara, M. A. Zamora and A. F. G. Skarmeta. An ambient assisted living system for telemedicine with detection of symptoms. Third International Work-Conference on the Interplay Between Natural and Artificial Computation. Lecture Notes, 2009, pp.75-84. A. J. Jara, M. A. Zamora and A. F. G. Skarmeta, An architecture based on Internet of Things to support mobility and security in medical environments, IEEE CCNC 2010 proceedings, in press. X. M. Zhang and J. Li, Research on Interoperability of Internet of Things Gateway Oriented to Telehealth and Telemedicine, in IEEE Proc. of 2010 International Conference on Future Information Technology, vol. 2, Changsha, Dec. 2010, pp. 406-410. X. M. Zhang and N. Zhang, Research on Interoperability of Telehealth Gateway Based on Internet of Things, in IEEE Proc. of 2010 International Conference on Computer and Computational Intelligence, vol. 3, Nanning, Dec. 2010, pp. 523-527. X. M. Zhang and C. Xu, A Multimedia Telemedicine System in Internet of Things, in IEEE Proc. of 2010 2nd International Conference on Information and Multimedia Technology (ICIMT 2010), vol. 3, Dec. 28-30, 2010, Hong Kong, pp. 460-464. S. C. Wu, et al., The development of a tele-monitoring system for physiological parameters based on the B/S model, Computer in Biology and Medicine, 2010, doi:10.1016/j.compbiomed.2010.09.009. Y. F. Ding, et al., A biomedical sensor system for real-time monitoring of astronauts physiological parameters during extravehicular activities, Computer in Biology and Medicine, vol. 40, 2010, pp. 635-642. The Continua Health Alliance, R. Carroll, R. Cnossen, M. Schnell and D. Simons, "Continua: An Interoperable Personal Healthcare Ecosystem," IEEE Pervasive Computing, vol. 6, no. 4, Oct-Dec, 2007, pp. 90-94. L. Schmitt, T. Falck, F. Wartena and D. Simons, "Novel ISO/IEEE 11073 Standards for Personal Telehealth Systems Interoperability," 2007, pp. 146-148. Bluetooth Medical Working Group press release, H_SIG_AIMS_TO_IMPROVE_HEALTHCARE_EXPERIE NCE_THROUGH_INTEROPERABILITY.htm ZigBee Health Care Working Group, ZigBee Health CareTM Profile 1.0, Mar. 2010. USB Personal Healthcare Device Profile, X. M. Zhang, H. M. Wang and Q. Y. Wu, High performance virtual distributed object, Journal of Computer Research and Development (Supplement), 2000, pp. 102-107. X. M. Zhang, Q. Y. Wu, H. M. Wang and Y. Jia, A Dynamic Scalable Asynchronous Message Model Based on Distributed Objects, Computer Engineering and Science, vol. 3, 2002, pp. 48-50. X. M. Zhang, A Semantic Grid Oriented to E-Tourism, IEEE Proc. of the First International Conference on Cloud Computing (CloudCom 2009), Beijing, LNCS 5931, Dec. 2009, pp. 485-496. X. M. Zhang, C. Xu, A Semantic E-Tourism Framework Based on Cloud-computing, IEEE Proc. The 2010 International Conference on Management Science and Information Engineering, Zhengzhou, Dec. 17-19, 2010, in press. D. Nurmi, R. Wolski, C. Grzegorczyk, G. Obertelli, S. Soman, L. Youseff and D. Zagorodnov, The Eucalyptus Open-source Cloudcomputing System, Proc. of the 9th IEEE/ACM International Symposium on Cluster Computing and the Grid, Shanghai, May, 2009, pp. 124-131. P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt and A. Warfield, Xen and the art of virtualization, Proc. of the 19th ACM symposium on Operating systems principles (SOSP 03), New York, 2003, pp. 164-177.

