Internet of

existing state of the art techniques such as FogBus, Femto cloud, Blockchain Fog-based Architecture Network (BFAN), and BeeKeeper. The malicious node detection accuracy of the ASE algorithm in the FC environment is 91% and in the cloud is 83%. Whereas the reliability percentage of the ASE algorithm in FC is 95% and in the cloud is 87%. The proposed approach is tested on simulators iFogSim (Net-Beans) and SimBlock. © 2021 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY license ( http://creativecommons.org/licenses/by/4.0/ )


a b s t r a c t
The healthcare Internet-of-Things (IoT) offers many benefits including data transmission in real-time mode, the ability to monitor the physiological state of the patient in a different interval of time. Devices such as blood-pressure monitors, glucose meters, heart monitoring implants, Electroencephalography (EEG), Electrocardiogram (ECG), and Electromyography (EMG) wearable devices allow health providers to collect the patient health information locally and make a real-time decision based on the Patient Health Data (PHD). Hospitals have been adopting the IoT for many years and now they have healthcare IoT devices in patients' rooms and their bodies. However, the medical agencies, hospitals, and companies do not consider the security risk of healthcare IoT devices connected to a Local Area Network (LAN) or Wide Area Network (WAN). The IoT devices can be easily hacked and may lead to several potentially life-threatening risks due to poor authentication and encryption practices. Existing machine learning algorithms and blockchain approach working in the cloud computing environment are unable to meet the Quality of Service (QoS) like reliability, authentication, identification, and security requirements of healthcare IoT devices. Most of the traditional machine learning algorithms and techniques for healthcare IoT lacks the real-world implementation for secure data transmission. Therefore, blockchain is introduced for secure and reliable transaction in healthcare IoT. Whereas Fog Computing (FC) is introduced to extend the services of the cloud at the edge of networks. Integration of FC with blockchain can overcome the issue of healthcare IoT device identification, authentication, and verification for scalable frequent data transmission in a decentralized environment. Hence, a novel solution for the abovementioned problem is proposed using FC and blockchain. It includes an FC-based three-tier architecture, an analytical model, a mathematical framework, and an Advanced Signature-Based Encryption (ASE) algorithm for healthcare IoT device identification, verification, and Patient Health Data (PHD) authentication. The aim is to extend secure data transmission for healthcare IoT and end-users availing the real-time services. The proposed model and algorithm will be able to provide services for transaction and transmission near the edge in a secure manner. By analyzing the generated results from the proposed novel ASE algorithm for throughput, packet error, reliability, and malicious node detection accuracy; it is observed that the ASE algorithm in the FC environment easily outperforms the cloud and the other existing state of the art techniques such as FogBus, Femto cloud, Blockchain Fog-based Architecture Network (BFAN), and BeeKeeper. The malicious node detection accuracy of the ASE algorithm in the FC environment is 91% and in the cloud is 83%. Whereas the reliability percentage of the ASE algorithm in FC is 95% and in the cloud is 87%. The proposed approach is tested on simulators iFogSim (Net-Beans) and SimBlock.

. Introduction
Healthcare IoT market share will be around 39% of total IoT devices by 2025 [1] . Whereas the annual revenue for industrial applications of blockchain will be $19.9 billion by 2025, as per the report of Tractia an intelligent firm. IoTs are now enormously used in healthcare for facilitating the services to patients and doctors in real-time. Some of the healthcare timesensitive applications such as ECG, EEG monitoring requires the constant evaluation of medical reports and Patient Health Data (PHD) [ 2 , 3 ]. This all could be possible with the use of healthcare IoT devices in medical agencies and industries. However, the increase in the number of IoT devices and their increasing use has generated a large volume and veracity of data traffic. The handling of high IoT data traffic has become a major issue and concern using centralized features of cloud servers [ 4 , 5 ]. This in return has increased the risks related to patient security and confidentiality. There will be a risk of patients' privacy exposure, data eavesdropping, ownership of medical health data, and location privacy. The intruders and hackers can now easily attack the IoT network by replication the data and changing the identity of healthcare IoT devices [ 6 , 7 ]. Currently, the IoT-Cloud system is facing lots of challenges such as single point of failure due to centralized operation, malicious attacks, privacy leakage, and managing distributed IoT devices [ 8 , 9 ]. The data transmission between healthcare IoT and cloud requires the trust, identification of devices, and authentication of users for network security and secure transmission of PHD.
Healthcare IoT has an inherent issue for capacity and scalability. Healthcare IoT generates gigabytes (GB) of healthcare data in real-time, this limitation represents a great barrier to its integration with blockchain [ 6 , 10 ]. Moreover, the heterogeneity of healthcare IoT devices leads to a security issue in IoT networks. The protection and security of healthcare IoT data are directly linked to the identification of IoT devices. In case of no authentication, for example, attackers or intruders can hack the ECG IoT device and impersonate a real sensor and produce erroneous values. [ 11 , 12 ]. Blockchain-based approaches involve significant energy, delay, and computational overhead not suitable for resource-constrained healthcare IoT devices [13][14][15] .
To replicate the patient information among multiple fog nodes placed at the edge can be possible through a distributed ledger. Both blockchain and fog nodes operations are decentralized and distributed in nature [ 6 , 16 ]. Both FC and blockchain have become fundamental techniques that result in the paradigm shift from centralized control to decentralized control. The patient confidential data can be recorded at different fog nodes using ledgers to provide transparency, security, and identity to IoT devices. FC nodes can be used for mining purpose in the hybrid model. Hence to overcome the issue of PHD authentication and identification of IoT devices in healthcare; FC plays a major role using the blockchain model by providing a distributed scalable network at the edge of IoT networks. Distributed FC nodes act as miners can collect the transaction information in blocks to check the validity. FC overcomes the limitation of high data traffic in healthcare IoT by minimizing the packet error during PHD transmission.
While blockchain can resolve and overcome the issue of security and privacy in IoT-FC-cloud system [ 17 , 18 ]. Furthermore, blockchain technology is used to provide various cryptographic operations with mining at the edge of networks. The main advantage of using blockchain in the proposed model is that it keeps the records of PHD transactions by attaching timestamps to each block id along with the usage of different private keys and hash codes. Fog nodes in our proposed work are responsible for handling all possible communication between healthcare IoT devices to secure transaction between nodes and devices. Transmission of healthcare IoT requires a secure communication channel using decentralized blockchain technology and distributed FC approach. A signature scheme is used to ensure that the PHD is not modified during transmission from a healthcare IoT device to a fog node. Once the fog node verifies the PHD with a healthcare IoT digital signature and if the verification is conducted correctly, then it sends the acknowledgement/ response of the health data to the wearable IoT device. This process authenticates the PHD. Healthcare IoT devices are resources constrained devices, and with the increase in the number of IoT device; blockchain perform poorly. Therefore, to overcome this issue the IoT network is divided into several nodes and the PHD is distributed to different fog nodes. These fog nodes are spread over several clusters. Next, the storage of healthcare IoT data on the blockchain is not feasible therefore we have used fog nodes as they provide a safe platform with additional cryptographic security operations such as signatures and high advanced encryption algorithms [ 18 , 19 ]. All the transactions are stored in different blocks and transferred to distributed fog networks. Diffie-Hellman key exchange technique and ring signature are used to transfer keys between healthcare IoT and fog nodes. The integration of the blockchain model at the edge of the network can provide reliable access and control over the healthcare IoT network. In other words, there will be decentralized data storage via blockchain. The proposed intelligent FC-based blockchain model, a mathematical framework, and an algorithm are designed and developed to resolve the issue of healthcare IoT data authentication and IoT device identification for secure PHD transmission at the edge of networks.

Our Contributions
The principal aim of this research is the development of a novel approach to meet the QoS requirement related to security, authenticity, and reliability of Patient Health Data (PHD) transmission between healthcare IoT, fog nodes, patients (wearable device users), doctors, and the cloud servers using FC-based blockchain approach. To accomplish the main aim, the contributions of this paper are as follows: • We proposed and designed a three-tier FC-based architecture for healthcare IoT in a blockchain platform to send secure and reliable data between IoT, fog nodes, patients, and doctors. • Next, we developed a decentralized FC-based blockchain analytical model and a mathematical framework for secure data transmission and transaction in healthcare IoT. The model further performs identification, verification of certificates and keys for IoT devices and fog nodes using a private blockchain. • We designed and developed a novel Advanced Signature-Based Encryption (ASE) algorithm. The algorithm performs the identification of heterogeneous and homogeneous healthcare IoT devices, verification of data sources and targets, and authentication of transmitted data via different IoT devices and fog nodes. The algorithm uses Diffie-Hellman (DF) key exchange method. The data is encrypted and then decrypted using a private blockchain and different cryptographic operations. The developed algorithm performs authentication of healthcare IoT devices using joint probability of IoT devices with random number generation. The proposed algorithm is a combination of four different algorithms.

Organization
The remainder of the paper is organized are as follows. An overview of blockchain and healthcare IoT with FC is given in Sec. 4 . Sec. 5 briefly discuss the motivation and significance of the study. Sec. 6 introduces the system model and FC-based blockchain architecture. The methodology and the proposed work are discussed in Sec. 7 and Sec. 8 . Sec 8 . introduces the proposed system along with the ASE algorithm. Sec. 9 introduces the proposed analytical model along with its description. Whereas Sec. 10 discuss the mathematical framework for the proposed blockchain model. Sections 11 and 12 discuss the model implementation, experimental evaluation, results, and its setup. Finally, a short conclusion is given in Sec. 13.

Related Work
Currently, FC-based IoT is a hot topic. The previous papers did not include some major security aspects which are: (i) The data transferred from healthcare IoT devices to cloud servers are typically unencrypted and may get easily tampered with and attacked. This leads to a risk of releasing patient sensitive information (ii) To the best of our knowledge there is an urgency for healthcare IoT device identification which will lead to healthcare data verification and authentication this can conveniently be completed using blockchain in IoT-FC system [20] . In greater detail, servers should perform some authentication and verification in a decentralized manner at the edge of networks. In this section current techniques, approaches, and algorithms are discussed in detail related to healthcare IoT, fog, and cloud. These techniques mainly focused on security, reliability, cyber-attacks, IoT data authentication, and IoT device identification. Some of the existing works on blockchain and healthcare IoT security are summarized as follows: In [21] , LijinNg et.al proposed a novel system called BeeKeeper based on blockchain and IoT. In their proposed system a cloud server can process the data by performing computations on the user data. Any node can be a leader for server authorization which is elected by the present leader. They have used the Ethereum blockchain to deploy BeeKeeper. In [14] , Somino et.al used different credentials by mixing private and public attributes. The users who own these attributes can use the credentials. The users here are the people using IoT devices. However, their proposed techniques are unable to perform the identification of IoT devices. They have used cryptographic operations with blockchain technique in IoT to minimize delay and network traffic. However, no work has been on the scalability issue of blockchain and IoT.
Similarly, in [15] , Rahulamathavan et.al developed a partially centralized protocol. In this, the main authority was responsible for generating parameters for users and miners. The authors used encryption-based attributes so that they can be verified and decrypted by some specific miners and users who own the attributes. The technique was somehow helpful for IoT to maintain secure transmission. But their proposed work lacks the issue of device identification, authentication of keys. They mostly focus on secure transmission using a centralized manner. A distributed environment is absent.
In [22] , the authors used blockchain for data integration and secure transmission. The unencrypted data are mostly stored in different locations at the receiving site following a peer-to-peer file storage protocol. They developed protocols for edge devices like FC which helps the end-users to process the data by maintaining integrity through blockchains. In [23] , the consensus algorithm applications are explained in Proof-of-Work (PoW) blockchain models. In which miners find the solution to the given problem by distributing their computing powers. In [24] , the authors presented an FC-based architecture using blockchain to improve latency and scalability in IoT networks. The architecture is an application to provide secure services to telehealth and tele-industries.
In [25] , the authors proposed the integrated system of the blockchain with FC-based network architecture for Internetof-Everything's (IoE). Furthermore, the FC nodes provide low latency and secure transmission to the smart city networks. In [26] , the authors used blockchain for IoE in a decentralized manner. Which further makes the system tamper-proof. Moreover, it has reduced the maintenance, installation, and deployment cost. Their proposed system works well for IoE and smart cities which saves the devices from a man-in-the-middle attack. Furthermore, there are certain agreement and smart contracts for data transmission and transaction which are stored in Blockchain. In [27] , authors Naveed Islam et.al proposed an FC-based framework using blockchain for healthcare applications such as recognition of patient activity. Their proposed framework categorizes and classifies the video frames based on patient activities using the Support Vector Machine (SVM) algorithm. However, the system does not fulfil the requirement of the identification of IoT devices in e-healthcare.
In [28] , the authors proposed a blockchain-based architecture in the FC environment for IoE. It is a secured architecture that works in a fog-based network called Blockchain Fog-based Architecture Network (BFAN). Their proposed work utilizes blockchain for the security of data using various encryption and authentication techniques. The proposed architecture can be deployed in smart cities. The main aim of their proposed work is to minimize latency and energy consumption and to further improve secure data transmission using blockchain. Similarly, in [29] , the authors Michael Harbert et.al proposed a plasma-based framework to overcome the issue of heavy load in blockchain when working for IoT. Their proposed framework is based on the concept of integrating FC with blockchain. In [7] , the authors Muhammad Tahir et.al proposed a novel work for authentication and identification of IoT networks. Their proposed work consists of a blockchain-based IoT network that uses a probabilistic model and random numbers.
In [30] , the authors proposed an infrastructure that works on the concept of Proof-of-Work (PoW). It is a lightweight infrastructure. The major function of the proposed model is to offload the computational task to fog and cloud using a consensus algorithm. They have used the Stackelberg algorithm which formulates the resource management at the fog nodes using a computational process. The optimization part is handled by the miners at the nodes. The purpose of service for offloading depends on the miners' interest. The model is verified and validated using the backward induction method. Whereas, in [31] , the authors discussed various aspects and research challenges associated with the fusion of fog and cloud for latency minimization, resource allocation, secure transmission, optimization, energy consumption, and RAM usage in IoT. They expressed the problem of an increase in the number of heterogeneous devices and applications. In [32] , the authors used the reinforcement learning algorithm with computation offloading of blocks, the approach works on a distributed environment where fog nodes are placed at the edge of IoT networks. However, their research work was unable to address the issue of security and privacy for data transmission between IoT, fog and cloud.
Similarly, in [4] , the authors introduced a technique for data protection in centralized cloud servers from outside hackers. Their proposed technique is a combination of dynamic metadata and database schema design. They have used various cryptographic techniques in their algorithm. Future works require the implementation of the proposed work using a reinforcement learning algorithm. In [33] , the authors applied the concept of binary ATM for a reduction in latency which further solves the problem of packet error in the cloud. Their results show that binary ATM is superior to conventional methods. Apart from this, node processing delays, which depend on the number of packets, are lower in binary ATMs when the component of constant bit rate (CBR) is equivalent to or lesser than variable bit rate (VBR).
However, in [34] , the authors proposed the method of the Femto cloud. Their proposed method specifies a changing, selfconfigurable and multi-device mobile cloud from a group of mobile devices. This method enables many mobile devices to be arranged in integrated cloud computing servicing. The scheduler necessarily appoints duties using scheduling algorithm accessible tools to increase the available metrics while managing device churning. In [35] , the authors proposed a framework called FogBus to minimize the data traffic by minimizing the network and CPU usage in IoT-Fog-Cloud infrastructure. Their proposed approach used a blockchain-based technique to minimize the high data traffic and secure the private confidential IoT data from outside intruders and hackers. It applies several encryption techniques to secure operations on IoT sensitive data. Also, the proposed framework facilitates the IoT-Fog (Edge)-Cloud infrastructure integration.
Similarly, in [36] , the authors discussed the role of IoT for smart healthcare applications. Their discussion includes various technologies, several challenges, and opportunities associated with healthcare IoT, e-healthcare, and telemedicine. The authors further discussed the role of FC to minimize the high latency and meet QoS requirements for time-sensitive application in smart healthcare. They proposed a unique model to monitor patient health conditions. Next, the authors discussed the various wearable device to monitor and record patient vital signs. They used a machine learning approach in their system model.
In [37] , the authors proposed a framework for a smart healthcare system using deep learning-based techniques to diagnose the patient heart disease in real-time mode by integrating IoT and FC. The framework was able to meet the QoS requirement for healthcare IoT. It was designed to operate for latency-sensitive applications like healthcare monitoring and flight control. Healthcare IoT generates a large amount of data called Big data. This data requires a large computation, next the data is transferred to databases and from databases to cloud data centres which lead to a drop in the performance of the system. Therefore, the proposed fog-enabled cloud framework meets the QoS for healthcare IoT in terms of power consumption, jitter, and prediction accuracy of heart disease diagnosis.
The existing IoE, IoT and medical devices work on a centralized model for communication. The IoT devices are validated by the cloud servers which in turn increase, the overhead related to cost for maintenance and infrastructure. Therefore, with the IoT device identity, the IoT data can be authenticated. Healthcare IoT device identification is important for authentica-

Motivation and Significance of the Study
This section discusses the conventional healthcare IoT data transmission with the cloud as a centralized server and the proposed enhanced data transmission model using the FC-based blockchain technique.
The main motivation for this study is the requirement of security, reliability, and authenticity for highly sensitive healthcare IoT applications. The fusion of blockchain and IoT with cloud computing working as a centralized server faces several challenges such as malicious node behaviour, packet errors, vulnerable codes in smart contracts, and unauthenticated IoT data. In the existing scenario, the trustworthiness of healthcare IoT data is of major concern for medical agencies. There can be tampered, alternation, falsified information in healthcare IoT through some intruders and hackers which may affect the end outcome of medical agencies, and hospitals.
In the medical healthcare IoT system, cloud servers have been used for storing, analyzing, and processing large data collected from IoT devices [24] . However, there are still three main challenges in healthcare IoT and cloud servers for secure data transmission such as 1) IoT device identification 2) Patient Health Data (PHD) authentication and 3) Verification of issued certificates and keys in a distributed environment [17] . In healthcare IoT data loss and error are intolerant. Healthcare IoT data is a high priority and sensitive data which needs to be updated every second [38] . The current existing algorithms, protocols, and analytical models for healthcare IoT are not designed to comprehensively address these issues simultaneously. They lack the PoW concept in healthcare IoT [39] .
Most of the previous work for secure PHD transmission in healthcare IoT focused on heavy complex communication protocols and algorithms related to computation and memory requirements only [26] . They have faced a single point of failure due to a centralized cloud server. Therefore, healthcare IoT device identification and PHD authentication remain a challenging problem that has been not studied and discussed yet in healthcare IoT. The problem is worth meeting the QoS requirement for data transmission in healthcare IoT. Hence there is a scope to research this area. However, only a few studies have been conducted on it, but most of the recent research work lacks real-world implementation. See Figure 1 shows the conventional method of data transmission between healthcare IoTs and the cloud. Here R1, R2,….., ..Rn are the routers used in transmission. Figure 1 shows the IoT-cloud environment that uses the multiple hop count for data transmission. All the conventional method deals only with data transmission using routers between IoT and cloud.
See Figure 2 for the advanced integrated FC-based blockchain model.  Figure 2 shows an enhanced data transmission method using an FC-based blockchain technique for secure data transmission in healthcare IoT and the cloud. Here R1, R2…...., Rn are the routers used in transmission. All the participating servers, nodes have the PHD and the means to verify that have not been tampered with this authenticity can be easily achieved. This method will guarantee data reliability and mining to be possible at the fog nodes with blockchain to operate in the FC environment. In this Figure 2 , we have used the FC approach at the edge of networks. The time-sensitive healthcare IoT data is processed and filtered at the fog nodes. The fog node in this model is acting as a small sub-cloud server with limited storage and processing power. These fog nodes are easy to be deployed over a geographical region and can be distributed at the local hospital sites and medical agencies. When compares to cloud there is no single point of failure in FC.
Moreover, the FC technique is used in healthcare IoT to bring all the advanced features like resource sharing and server virtualization of the cloud near the network of IoT. The major benefits of using FC in our proposed system is that it minimizes service delay, network traffic and bandwidth consumption. In healthcare IoT, large data transmission of data leads to an increase in the network traffic which further increases the data packet error hence to overcome this limitation; FC plays a very major role in IoT networks. FC acts on the time-sensitive healthcare IoT data in milliseconds and the rest of the non-time-sensitive data it sends directly to the cloud for future storage and processing.
Whereas blockchain in the proposed system is used to overcome the issue of security, authenticity, identification, and detection of the malicious node along with packet error in healthcare IoT. Blockchain technology is used for storing the records of transactions between the different entities. It acts in a decentralized manner by keeping the information of every block id along with the attached timestamp.
The proposed FC-based technique could also be used and deployed for other secure operations and services in healthcare IoT. Such as e-healthcare, telehealth, telesurgery, telemedicine, remote-surgery, robot-surgery, ECG, EEG, and EMG data transmission, remote patient monitoring, and e-healthcare. Besides, the application of the work can be utilized in domains like Augmented Reality (AR) in healthcare which includes vein visualization and surgical visualization. Context-based augmented reality interaction and object guided tracking. The fog nodes can be deployed at the local hospital sites to collect the patient confidential data; while the historical data can be transferred to the cloud. The overhead related to communication cost, computation cost, bandwidth, and energy consumption cost will be reduced due to local deployment. This local deployment of fog nodes at the hospital sites will be a major boost in the current scenario of a pandemic like Covid-19.

System Model and Three Tier FC-based Blockchain Architecture
This section discusses the proposed three-tier FC-based blockchain architecture and system model for healthcare IoT using blockchain in the FC environment.  Figure 3 shows the proposed three-tier architecture where a fog layer is placed between the healthcare IoT devices layer and cloud data centres. The fog layer consists of multiple blocks, smart contracts written in a programming language and ledgers. Furthermore, the fog servers are connected to the healthcare IoT layer using decentralized Apps for distributed data processing. Patients and doctors can directly access the fog layer in the single-hop count. The main innovation of the proposed three-tier architecture is that it uses the concept of FC at the edge of healthcare IoT networks along with the blockchain technique using various cryptographic operations. The proposed architecture is used to design the system model for secure healthcare IoT communication along with authentication of healthcare IoT data and identification of IoT devices. Whereas the other state of the art techniques lacks the real-world implementation, development, and QoS requirement for healthcare IoT. The existing architecture and models are still in infancy when compares with the proposed three-tire FCbased blockchain architecture. However, the current analytical models and architectures such as Femto cloud, FogBus, BFAN, and BeeKeeper are not optimized for healthcare IoT requirement and could not address the above-mentioned issues. They are unable to provide a secure communication channel for time-sensitive healthcare IoT data transmission. See Figure 4 for the proposed healthcare IoT system model. Figure 4 shows the FC-based blockchain system model for healthcare IoT. The data transmitted from healthcare IoT devices are first classified into confidential data and non-confidential data. Next, the healthcare IoT data is transferred to the fog layer which consists of fog servers where fog nodes using various cryptographic techniques perform data authorization and encryption. Fog nodes act as miners and collect the data in different blocks. Hashing is conducted using a healthcare IoT private key.
See Figure 5 shows the healthcare transaction process and sequence inside the FC-based blockchain model.

Methodology
The research passes through different activities to answer the research questions as shown in Figure 6 . The activities are literature review, problem identification, design of three-tier architecture, development and implementation of the proposed ASE algorithm, development of FC-based blockchain analytical model, performance evaluation of the algorithm, simulation and analysis of the algorithm, demonstration and validation from healthcare data, benchmarking, and comparison with algorithm optimization.

Proposed System
Our proposed system consists of healthcare IoT networks, FC storage, smart contracts, healthcare IoT devices i.e., the patient wearing devices, and doctors. Instead of storing healthcare IoT data over blockchains and cloud servers, we stored the healthcare data to the fog nodes and master fog servers. The fog storage arranges the PHD generated from healthcare IoT devices in similar blocks linked with a unique block. The fog nodes are attached to healthcare IoT. The network consists of fog nodes, healthcare IoT devices and they need to prove that the devices and data are authenticated with identification of devices, verification of certificates, and the exchange of keys. After the completion of PHD data authentication and healthcare IoT devices identification; the transaction is proceeded with the signed data digitally using the ring signature. We have grouped the fog nodes into clusters. Each cluster has its master fog node with the public key. The fog nodes and master fog node exchange their roles from time to time based on the request of keys and transaction. Master fog node acting as a cluster head maintains the request made by the patients and users, they decide who can access the PHD of a healthcare IoT device. They also handle the request for PHD and key. In our system when a healthcare IoT devices want to send/transmit the PHD to a medical agency; the fog server verifies the transaction by a digital signature and sends it further to IoT networks along with the attached public address of the concerned doctor or medical agencies. The master fog node verifies the PHD signature and the healthcare IoT public key.
And if the public key is available the transaction of PHD file is broadcasted, if the key available then ok; else the PHD file is transacted to other nodes. In the case where the digital ring signature or the public key of any healthcare IoT device is not verified then the fog node will not broadcast healthcare IoT data to other fog nodes of the same cluster but transfer to other nodes. See Figure 7 for the digital signature description and sequence. Fig. 8 .

Advanced Signature-Based Encryption (ASE) algorithm
The proposed novel ASE algorithm consists of asymmetric cryptographic operations such as Diffie-Hellman key exchange and digital signature along with the usage of blockchain techniques. The digital signature in this algorithm consists of three  Next, the algorithm is sub-divided into four major algorithms 1) PHD security using blockchain 2) Healthcare IoT data encryption using Diffie-Hellman method in blockchain 3) PHD decryption and 4) Healthcare IoT device identification, authen- The proposed ASE algorithm easily outperform the existing algorithms and techniques in terms of security and reliability of PHD. The existing state-of-the-art approaches are not able to fully utilize the concept of FC and blockchain at the edge of healthcare IoT devices. Therefore, they are unable to handle the time-sensitive healthcare IoT data. Most of the existing works lack the real-world implementation of the designed algorithms and models. The performance of the ASE algorithm is evaluated and compared with other existing algorithms in section 12.1 for malicious node detection accuracy and reliability.

Analytical Model Description
In the proposed model a certificate and a key are issued for fog nodes and healthcare IoT devices. The healthcare IoT data is retrieved using the keys. Certificates along with keys are verified using the proposed FC-based blockchain analytical model. The data is stored at the fog nodes. The healthcare IoT device sends an artificial key and PHD to the FC-based blockchain model. Certificates along with keys are verified using the proposed analytical model. Furthermore, the FC system formats PHD and send it to other fog nodes for further verification. The Interplanetary File System (IPFS) at fog nodes generates a hash code of data and send it to the blockchain network for mining to the respective miners.
Next, the three smart contracts are developed at fog nodes: In our algorithm, we are using a symmetric key encryption technique. Our proposed algorithm is dedicated to securing both IoT-Fog networks and nodes from outside hackers and intruders. We further added a signature for the PHD authentication purpose. Due to the limitation of healthcare IoT devices a ring-based signature is used for the verification of certificates and keys. These signatures are used for PHD-file authentication. Each node sends a public-private key. Mostly, the key pairs used for signing and verification.
The keys used for encryption and decryption and different. In our case, the healthcare IoT has one key pair H _ IoT k prv , H _ IoT k pub and the fog nodes will have another key pair f n k prv , f n k pub . The healthcare IoT private key H _ IoT k prv is used to sign the PHD. While H _ IoT k pub key and H _ IoT k prv the key is used for verification and transaction. Healthcare IoT device feeds the data to h = generate the hash value Has h PHD .

Algorithm 1
Patient Healthcare Data (PHD) Security using Blockchain Algorithm 1 performs security of PHD between healthcare IoT devices, fog nodes and end-users. It consists of patients, doctors, healthcare IoT devices, and fog nodes which uses an FC-based blockchain system for storing and securing the medical data. The users can then retrieve the data from these nodes. The output is the secured PHD. The algorithm further performs the healthcare IoT device request by different distributed fog nodes.

Algorithm Symbol Notation
Successfully stored PHD in FC-based blockchain system Algorithm Steps: Step 1: FC-based blockchain system creation Step 2: Patient selection Step 3: Retrieve of PHD A hash value of the PHD is the plain text and signature. H _ IoT k prv the key is then transferred to the proposed algorithm and send with encrypted PHD. During the verification process, the fog node verifies and generate the hash value and hash function of the PHD from the same hash function. Using the algorithm and the healthcare IoT public key extract the original hash value of the PHD and if the hash _ P H _ IoT = = hash _ C f n are similar then the data is verified and not forwarded during the transaction process. Next, to achieve the H _ IoT anonymity and H _ IoT correctness we have used digital ring structure. Healthcare IoT network is a collection of heterogeneous devices. Which allow H _ IoT to sign the PHD in an anonymous key. This process helps in the identification of H _ IoT devices.
The authentication process is performed at the healthcare IoT devices and fog nodes. Several messages are transferred between the nodes (i.e., healthcare IoT device, fog server, doctors, and patients). The fog nodes will now retrieve the data Algorithm 2 Healthcare IoT Data Encryption using Diffie-Hellman Method in Blockchain.
Algorithm 2 performs the encryption of PHD over the blockchain. The PHD is generated from H _ IoT and is encrypted using algorithm 2. The digital signature is designed using the Hash and private key. Asymmetric public-private key pairs are also used in the development of an algorithm. And at the last signatures are mixed to form a Ring. The algorithm uses the Diffie-Hellman method for the exchange of key among different healthcare IoT devices and nodes. Algorithm Symbol Notations PHD : Patient Health Data K sym : Symmetric key K pub : Public key C: Ciphertext C K : Cipher key f n : Fog node f n K pub : Fog node public key S K pub : Signed public key S K pri v : Signed private key H _ IoT _ PHD _ F ile : Patient Health Data file generated from healthcare IoT P _ SIGNAT URE: Patient signature P ax : Patient Encryp t sym : Symmetric encryption Encryp t asym : Asymmetric encryption Algorithm Steps: Step 1: Start the encryption process Step 2: Generation of symmetric keys Step 3: Next, generation of signature and use of Diffie-Hellman key exchanges.
Step 4: Generate the hash code  The algorithm performs the asymmetric decryption of PHD_ File using a fog node private key and a symmetric key.

Algorithm Symbol Notations
C: Ciphertext C k : Cipher key f n K prv : Fog node private key K sym : Symmetric key H _ IoT _ PHD _ F ile : Patient health data file generated from healthcare IoT Input: Encrypted H _ IoT _ PHD _ F ile , ciphertext, cipher key, and encrypted symmetric key Output: Decrypted H _ IoT _ PHD _ F ile and K sym Algorithm Steps: Step 1: Start the decryption process Step 2: End of the decryption process 1: function DECRY PT ION (C, C k , f n K prv , K sym ) 2: K sym < -Decryptio n asym ( C k , f n K prv ) 3: H _ IoT _ PHD _ F ile < -Decryption (C, K sym ) 4: end function Algorithm 4 Healthcare IoT Device Identification, Authentication and Verification for PHD Transmission.
Algorithm 4 performs the identification of healthcare IoT devices using FC and blockchain. The authentication and verification of issued certificates and private keys for healthcare IoT devices are conducted using random number generation and with joint probability formulation in the blockchain system. Each healthcare IoT device is uniquely identified by a "device ID" and the stored healthcare data. The mapping of device ID for healthcare IoT devices is conducted by fog nodes for device identification using a configured data stored on the blockchain. Step 3: Next D A at fog nodes using a private blockchain.

Algorithm Symbol Notations
Step 4: f n are used to store healthcare data Step 5: f n check the availability of free processor available at the f s Step 6: A timestamp T S is attached to the block of data.
Step 7: H _ IoT find the PHD to f n using ledgers Step 8: f s allocates the PHD Step 9: PHD authentication Step 10: Mutual authentication of healthcare IoT devices Step 11: Next to perform D A and mining at the individual f n .
Step 12 : To issue a certificate C t for f n and H _ IoT Step 13: H _ IoT sends a key and PHD to the f s .
Step 14: Start of the verification process Step 15: f s verifies the C t and key k  through IPFS using the hash. Once the data is encrypted; it will be transferred to the blockchain network and from the blockchain network to patients and doctors. In the proposed system to change the contract of the state, i.e., to modify the blockchain, a transaction must be published in the network. The transaction is signed by healthcare IoT and must be accepted by the fog nodes and blockchain network. Every fog node creates a block, and the new fog node must verify the signature to confirm the ownership again. A ring signature scheme is used to mine the block in the blockchain network, in which the mined block is only considered as a valid block.
Signature here guarantees that the PHD information has not been modified and protected by a seal of proof such that its contents are not altered. The next encryption algorithm is used to encrypt the PHD generated from healthcare IoT using symmetric key encryption. To exchange the keys securely over cryptographic operations, we have used the Diffie-Hellman key exchange technique. The cipher identities are attached with H _ IoT _ P HD _ F ile and sent from healthcare IoT device to fog nodes. And if the f n at the receiver side possessed the information for cipher identity, then the mutual authentication is verified for homogeneous and heterogenous devices; or else it is not verified. Next, the communication channel is closed by ending the message with f n identity. However, there are few assumptions have been made while designing the model. These assumptions are as first the patient can wear only one healthcare IoT device, next the patient will execute their smart contracts.

Authentication Method for Healthcare IoT Devices
The healthcare IoT devices are denoted as

Probability for Similar Healthcare IoT Devices
In this case of similar functioning of healthcare IoT, the combined probability is evaluated in equation (1) and equation (2) .

P H IoT a H IoT b H Io T a i , H IoT b i = P H IoT a H _ Io T a j P Io T b H
Generally, if H _ Io T a and H _ Io T b are n series; n = 1 , 2 , 3 , − − −n then equation ( shows the probability for union, where H _ Io T b = H _ Io T b i holds true. The process when applied to its joint event j i.e.

j P H _ Io T b /H _ Io T a ( H _ Io T b j /H _ Io T a i ) that generates equation (5) and equation (6)
The heterogeneous healthcare IoT devices probability as shown in equation (7) i Next, equation (8) , Equations (7) and (8) are used for recognition during the healthcare IoT authentication process. Hence, healthcare IoT devices with different functioning in FC-based environment via probabilities of the authentication information embedded in the smart contract.

Framework for Proposed Blockchain Model
Each fog node is assigned with the generated keys in the healthcare IoT model. The authorized PHD generated from the IoT devices are stored on the fog nodes using algorithm 1 .
The two healthcare IoT devices H _ Io T A and H _ Io T B perform authentication as follows Device H _ Io T A selects a number R nH _ Io T a from a cluster as 0 ≤ R na , 1 ≤log ( i d max/ 2 ) where i d max is the number length. The number and the healthcare message are encrypted with H _ Io T B a public key and transmit to H _ Io T B as denoted in step 1.
Step 1: The message 3 a receives at Healthcare IoT device A and decrypts to get the intended message.
Step 2: Step 3: Step 4: H _ Io T A decrypts the response received from H _ Io T B as The acceptance is subjected to equality of 3 H _ Io T b and H _ Io T B × R nH _ Io T b . If accepted, then H _ Io T A process the response and sends it to H _ Io T B .
Step 5: H _ Io T A receives ( n − 1 ) th message it decrypts and retrieves the information as follows:

H _ Io T c , So H _ Io T A calculates response 3 n and send to H _ Io T B as
Step 7: Healthcare IoT device B decrypts the message and obtain information as Then check for Step 9: If the above conditions are true then the corresponding healthcare IoT devices are mutually verified, authenticated, and identified adequately or else decline. The analytical model is further verified using mathematical equations and implementing the algorithm. Furthermore, the substitution and elimination method of equation solving, and checking are also used to verify the proposed system accuracy.
The proposed system model is selected with the best skill. That is, the proposed model has the best-estimated skill when making predictions.
To orchestrate the message exchanged between the fog nodes and the healthcare IoT devices, we have proposed an application to perform operations and actions through blockchain. Each healthcare IoT device is uniquely identified by a "device ID" and the stored healthcare data. The mapping of device ID for healthcare IoT devices is conducted by fog nodes for device identification using a configured data stored on the blockchain. Let m be the total number of healthcare IoT devices C k ( 1 ≤ K ≤ m ) be the configuration for the healthcare IoT device k , the transaction for IoT devices requested are described in Figure 9 . It shows the sequence diagram for the collection of healthcare IoT data. The fog node composes the configuration requests { con f ig 1 , con f ig 2 . . . . . . , c on f ig n for the healthcare IoT devices and sends the request to patients and doctors.

Model Implementation
In our proposed system, the healthcare IoT devices such as blood pressure monitor, ECG monitor are allowed to connect with the healthcare IoT network, P HD _ f ile is sent to relevant smart contracts for analysis. If the health condition is abnormal, then the alert sent to the IoT-fog network and the doctors. P HD _ f ile are stored to fog nodes and other distributed clusters. Healthcare IoT further participates to transfer the hash of the stored PHD to other fog nodes. The H _ IoT adds a digital signature to the PHD. We have cryptographic techniques and operations from the proposed algorithm. Here H _ IoT is treated as a sender and the fog node who is receiving the P HD _ f ile could be treated as a receiver. Once the fog server/fog node gets information then they can access the full P HD _ f ile as they have authorization over the network.

Experimental Evaluation and Setup
In this section, the execution of the proposed novel Advanced Signature-based Encryption algorithm (ASE) is evaluated and analyzed. The experimental evaluation is conducted in a real-time scenario for healthcare IoT. The performance of the FC-based Blockchain model that incorporates the proposed algorithm is analyzed through simulation and experiments. The baseline for this simulation is data authentication and healthcare IoT device identification for secure patient healthcare data transmission in an IoT-fog environment. To simulate the FC-based model, iFogSim as an open-source software tool, SimBlock for blockchain model implementation and the Python-based Spyder editor tool is used [ 40 , 41 ]. The proposed ASE algorithm will be implemented in the iFogSim simulator [42] . The numerical simulation is conducted for the proposed platform is compared with the existing platform.
See Table 1 for software and hardware specifications The algorithm is to be implemented using Netbeans and python with several main packages, modules, and classes.

Experimental Results
The general Healthcare IoT system consists of an IoT device, fog computing nodes, and clients. There are several inbuilt sensors in the healthcare IoT layer connected with the internet. The proposed FC-based blockchain analytical model and ASE algorithms are used to send the PHD to fog storage for further analysis. The healthcare IoT devices allow the patients and doctors to collect the PHD at regular intervals for different frequencies. A blockchain model is added for the reliability of the healthcare IoT-Fog system. At last, a real-time cryptographically secured PHD which is irreversible and immutable is retrieved. Patients can share now the PHD data to support medical research and innovations by getting identification of H _ IoT devices in the Peer-2-Peer (P2P) network. iFogSim simulator is used for the experimental of the proposed model and algorithm. The fog node communication is connected through the Giga ethernet. The incoming PHD are processed at the fog nodes. The experimentations are performed for 1200 seconds in simulation. We set the idle CPU power at 100 watt and maximum power at 150 watts. We developed a PoW implementation for the IoT-Fog system, Ethereum was chosen as We presented a security analysis of the proposed architecture. Furthermore, this section discusses the details of the iFogSim simulator settings for the proposed algorithm implementation. See Figures 10-14 for the graphical user interface (GUI) built-in iFogSim [ 42 , 43 ]. The Figures represent physical topology configurations from configuration 1-configuration 5. These configurations will help in the future to get the preliminary idea of real-world implementation and deployment of the healthcare IoT-FC-cloud system. The ECG health data is taken as an input value to the proposed system model [ 44 , 45 ]. The ECG requires real-time monitoring of fewer than 300 milliseconds for one-way real-time data transmission. Whereas a certain application may tolerate less than 1 second for end-to-end ECG data transmission. In ECG data loss and error are intolerant. It is a high priority and sensitive data which needs to be updated every second.   Figure 10 shows the physical topology for configuration 1 built-in the iFogSim simulator [ 42 , 43 ]. Configuration 1 is solely based on the concept of a proposed system. Three ECG IoT devices are used in Figure 10 to send the healthcare data to the fog device. Configuration 2 in Figure 11 consists of 4 ECG IoT devices. These ECG devices transmit the classified PHD to Fog_device1 and Fog_device2. Configuration 3 in Figure 12 consists of 5 ECG IoT devices. These ECG devices transmit the classified PHD to Fog_device1 and Fog_device2. Figure 13 consists of 6 ECG IoT devices. These IoT devices transmit the classified PHD to Fog_device1 and Fog_device2. A total of 7 ECG_IoT devices are used in configuration 5 for PHD transmission to fog nodes. The 4 ECG_IoT devices transmit the data to Fog_device1 and 3 IoT devices transmit the data to Fog_device2.
See Figures 15 and 16 show the total time of execution and garbage collection along with heap used in fog nodes.       Tables 2-9 show the descriptions of the various devices and network link for the GUI in Figures 10-14 . The data size for the PHD was defined in terms of megabytes (MB). Figure 17 shows the throughput for FC nodes and cloud servers in Megabits per second (Mbps) for different physical topology configurations. The figure shows the throughput values for FC nodes is much greater when compared to the cloud servers. The throughput here is calculated by measuring the success rate of data packet transmission from fog nodes to end-user. Similarly, throughput values are also measured from one cloud server to end-users over a period at different configurations. The throughput increases with an increase in the number of healthcare IoT devices from Config.1-Config.5.   Figure 18 shows the energy consumption in FC and cloud execution for different physical topology configurations. By analyzing the figure, a conclusion can be drawn that the energy consumption in fog nodes is much lower than the energy consumption in cloud servers. The fast and excessive switching of processor speed due to a large amount of data generated by the healthcare IoT devices leads to inefficient utilization of data packet at the cloud and further increases the energy consumption. Here the high speed of processors in cloud servers causes larger values of energy consumption. The energy consumption increases with an increase in the number of healthcare IoT devices from Config.1-Config.5. Figure 19 shows the response time of FC and cloud servers in milliseconds (ms) for different physical topology configurations. The figure shows the response time of fog nodes is much lesser when compared to the cloud. The response time increases with an increase in the number of IoT devices from ConfIg.1-Config.5. The IoT devices in the Config.1, Config.2,  Config.3, Config.4, and Config.5 are increased from 3-7. The response time is calculated by considering the total amount of time taken by a fog node and cloud server to respond to a request for service by end-users or IoT devices. While calculating the response time, the transmission time for a moment can be ignored, the response time is the sum of service time and wait time. The wait time is the time spent by a data packet in the queue before being served. Figure 20 shows the execution time of simulation comparison in milliseconds between fog nodes and cloud servers in different physical topology configurations. The figure shows the execution time for fog nodes is much lesser when compared to the cloud. The execution time of simulation increases with an increase in the number of IoT devices from ConfIg.1-Config.5. The IoT devices in the Config.1, Config.2, Config.3, Config.4, and Config.5 are increased from 3-7 Software and simulator like SimBlock and iFogSim are used for verification of healthcare IoTs. We have designed five different configurations set up in the iFogSim simulator to check the number of PHD successfully sent to patients and doctors after authentication and verification. Figure 21 shows the comparisons of packet error using the ASE algorithm between fog nodes and cloud servers at different time intervals. The figure shows the packet error in fog nodes is much lesser when compared to the cloud. The simulation of the ASE algorithm is conducted in iFogSim to record the number of packet error during real-time data transmission between healthcare IoT, FC nodes, end-users, and cloud servers.
The minimum number of packet errors in fog and cloud are 7 and 16. Whereas, the maximum packet error in fog and cloud are 35 and 58. The obtained results indicated the better performance of the proposed ASE algorithm in the   Figure 23 shows the comparison of reliability in fog-ASE and cloud-ASE at different time intervals. The figure shows the comparison of reliability in fog nodes is much greater when compared to the cloud. The classified ECG healthcare data is taken as an input value to the proposed system [ 44 , 45 ]. The minimum percentage values of the ASE algorithm for reliability in FC and cloud using iFogSim simulator are 86% and 82%. Whereas the maximum percentage values of the ASE algorithm for reliability in FC and cloud environment are 95% and 87%.
The obtained reliability results indicated the better performance of the proposed ASE algorithm in the FC environment. The algorithm for reliability percentage is tested on five different physical topology configurations at different time intervals in minutes. Figure 24 shows the number of blocks processed in fog and cloud along with the time required to process the blocks. The figure shows that the processing time for blocks in fog nodes is much lesser when compared to the cloud. The minimum processing time of the ASE algorithm for healthcare IoT in FC and cloud using the iFogSim simulator is 223 milliseconds   Figure 25 shows the running time of the ASE algorithm for Proof-of-Work (PoW) with varying difficulty level in fog and cloud. The figure shows that the difficulty level in fog nodes is much lesser when compared to the cloud. The minimum running time of the ASE algorithm for PoW with difficulty level 2 in FC and cloud using the iFogSim simulator is 113 seconds and 207 seconds. Whereas the maximum running time of the ASE algorithm for PoW with difficulty level 10 in FC and cloud environment is 571 seconds and 723 seconds. The running time of the algorithm for PoW is tested on five different physical topology configurations at different difficulty levels. The running time of the ASE algorithm increases with an increase in the difficulty levels. Figure 26 shows the malicious node percentage in fog and cloud along with the detection accuracy in percentage. The figure shows that the detection accuracy in fog nodes is much greater when compared to the cloud. The minimum detection accuracy of the ASE algorithm for malicious node percentage 5 in FC and cloud using iFogSim simulator is 61% and 59%. Whereas the maximum detection accuracy of the ASE algorithm for malicious node percentage 25 in FC and cloud environment is 91% and 83%. The ASE algorithm for detection accuracy percentage is tested on five different physical topology configurations at different malicious node percentage. The detection accuracy increases with an increase in malicious node percentage. Figure 27 shows the comparison of reliability percentage for performance evaluation of the proposed ASE algorithm with the other existing state-of-the-art techniques such as FogBus, Femto cloud, BFAN, and BeeKeeper. Different existing algo-  rithms are considered for benchmarking using the iFogSim simulator in five different physical topology configurations. The minimum reliability percentage is 69% for BeeKeeper. Whereas the minimum reliability percentage for the ASE algorithm is 86%. Similarly, the maximum reliability percentage is 87% for both FogBus and BeeKeeper. Whereas the maximum reliability percentage for the proposed ASE algorithm is 95%. The ASE algorithm easily outperforms the other techniques. The proposed algorithm yields marked improvement over the other techniques. Figure 28 shows the comparison of malicious node percentage vs detection accuracy for performance evaluation of the proposed ASE algorithm with the other existing state-of-the-art techniques. Different existing algorithms are considered for benchmarking using the iFogSim simulator in five different physical topology configurations. The minimum detection accuracy is 52% for BFAN at malicious node percentage 5. Whereas the minimum detection accuracy for the ASE algorithm is 61% at malicious node percentage 5. Similarly, the maximum detection accuracy is 74% for BFAN at malicious node percentage 25. Whereas the maximum detection accuracy for the proposed ASE algorithm is 91% at malicious node percentage 25. The ASE algorithm easily outperforms the other techniques. From Figure 28 for the detection accuracy percentage, the proposed algorithm yields marked improvement over the other techniques.

Conclusion
The current trend of healthcare is mostly found in the digitization of data. Where smart contracts will play a major role. The IoT data need to be processed and monitored steadily. Healthcare IoT generates a large variety and veracity of PHD. Processing this amount of data leads to insecure transmission between IoT devices and users. Therefore, in this paper, we address the issue of healthcare IoT data authentication and IoT device identification. Next, we present a novel solution to process the PHD with improved security.
Traditional cloud servers work in a centralized manner to filter the PHD. These centralized servers are prone to a single point of failures. Moreover, healthcare IoT devices can be attacked by outside intruders, hackers, and malicious agents. This leads to the tampering of data. A large number of heterogeneous IoT devices leads to unreliable and unauthenticated PHD. Therefore, to overcome this above-mentioned problem we have proposed a three-tier FC-based blockchain architecture, a mathematical framework, an Advanced Signature-Based Encryption Algorithm (ASE), and an analytical model for healthcare IoT device identification and PHD authentication for secure healthcare IoT data transmission. The solution and implementation of the proposed work are conducted in iFogSim, SimBlock, and Python Editor tool.
The proposed algorithm improves the detection accuracy for malicious node along with reliability. Furthermore, the ASE algorithm reduces the packet error for PHD transmission between healthcare IoT and end-users. When compared for performance evaluation and analysis of results the proposed algorithm easily outperforms the existing state-of-the-art techniques and approaches such as Fog Bus, BeeKeeper, Femto cloud, and FBAN.
It has been established that the application of the proposed model and algorithm addresses a problem for PHD authentication and healthcare IoT device identification by minimizing the packet error and malicious node percentage. The proposed approach has a deeper impact on healthcare IoT and FC for throughput and execution time as the time-sensitive PHD can be transferred to patients and doctors in a single hop-count with minimum service delay. The processing of the healthcare data at the edge of IoT networks is secured in a decentralized manner using the blockchain technique. The future work includes testing the algorithm to reduce the complexity of the healthcare IoT-FC system with the increase in the number of IoT and fog devices. The proposed approach is also useful for telesurgery and Augmented Reality (AR). Moreover, the proposed technique in future can also be used for other IoT applications like onshore and offshore oil and gas monitoring. In future research, we will be testing the ASE algorithm to overcome the scalability limitation of blockchain when used with healthcare IoT and FC.

Declaration of Competing Interest
The authors indicate that they have no conflicts of interest.