Healthcare 5.0 Security Framework: Applications, Issues and Future Research Directions

Healthcare 5.0 is a system that can be deployed to provide various healthcare services. It does these services by utilising a new generation of information technologies, such as Internet of Things (IoT), Artificial Intelligence (AI), Big data analytics, blockchain and cloud computing. Due to the introduction of healthcare 5.0, the paradigm has been now changed. It is disease-centered to patient-centered care where it provides healthcare services and supports to the people. However, there are several security issues and challenges in healthcare 5.0 which may cause the leakage or alteration of sensitive healthcare data. This demands that we need a robust framework in order to secure the data of healthcare 5.0, which can facilitate different security related procedures like authentication, access control, key management and intrusion detection. Therefore, in this review article, we propose the design of a secure generalized healthcare 5.0 framework. The details of various applications of healthcare 5.0 along with the security requirements and threat model of healthcare 5.0 are provided. Next, we discuss about the existing security mechanisms in healthcare 5.0 along with their performance comparison. Some future research directions are finally discussed for the researchers working in healthcare 5.0 domain.

industrializing which focused on value chain. Its main objective was responsiveness and end-to-end service coverage. Next, Healthcare 3.0 was introduced, which stood with the automation which focused on operating model. Its main objective was access, cost to serve and efficiency. After that, Healthcare 4.0 was introduced, which stood with the digitalization where the focus was shifted to business model. Its main objective was uniqueness, mass personalization and proactive healthcare. Currently, we are working with Healthcare 5.0, which stands with the personalization which focuses on customer model. Its main objective is lifelong partnership, customer well-being and quality of life [8]. Healthcare 5.0 suffers from different issues and challenges i.e., ''managing huge data volumes, absence of standards, data security threats, regulatory difficulties'', etc [9]. Different information security related attacks, i.e., ''replay, manin-the-middle (MiTM), impersonation, malware injection, Denial-of-Service (DoS)'', etc., are possible in healthcare 5.0 [10]. Due to these attacks, the sensitive healthcare data of different patients may be reveled, changed or deleted. Hence, we need a robust security framework to secure the data of healthcare 5.0. Therefore, in this review article, we focus on the designing of security framework for healthcare 5.0.

C. RESEARCH CONTRIBUTIONS
The main research contributions in the paper are highlighted below.
• Various application relevant to the healthcare 5.0 are discussed.
• Various issues and challenges of healthcare 5.0 are highlighted in this work. In addition, Further, various security requirements related to healthcare 5.0 along with their possible threats and attacks are discussed. A threat model relevant to healthcare 5.0 is also provided to build a robust framework for healthcare 5.0.
• Next, we provide a generalized secure healthcare 5.0 framework.
• A detailed comparative study among existing ''security schemes in healthcare 4.0 and healthcare 5.0'' is also provided.

D. OUTLINE
The remaining part of this review article is organised as follows. Various applications related to the healthcare 5.0 are discussed in Section II. The security requirements of healthcare 5.0 along with possible threats and attacks of healthcare 5.0 with the details of the proposed threat model relevant in healthcare 5.0 are given in Section III. The details of the designed secure generalized healthcare 5.0 framework are provided in Section IV. A discussion on various existing ''security schemes in healthcare 4.0 as well as healthcare 5.0'' along with their performance comparisons are provided in Section V. Furthermore, a detailed discussion on different issues and challenges of healthcare 5.0 are given in Section VI. Some future research directions are given in Section VII. Finally, the article is concluded in Section VIII.

II. APPLICATIONS OF HEALTHCARE 5.0
Healthcare 5.0 can be used for different facilities and services in the healthcare. Some of the important applications of healthcare 5.0 are given below [2], [6], [7], [11], and [12].

A. HOSPITAL OPERATIONS MANAGEMENT
Hospital operations management is the administration of all hospital operations, including both clinical and non-clinical procedures, in order to maintain a productive workplace. It involves funding, hiring personnel, developing and enforcing policies, buying and maintaining medical equipment, managing health insurance and associated claims, and many other things. It aids in enhancing patient happiness and speeding up the improvement of healthcare service quality. There may be a number of bottlenecks in the hospital setting that could reduce the overall effectiveness and productivity of healthcare services. These bottlenecks could include the availability of physicians and nursing staff for emergency treatment, the ability to care for several sick people at once who really need it, the availability of medications prescribed in adequate dose units and amount, the accessibility of ambulances, hospital beds, ICU beds, lack of sample (i.e., blood) collection (specially in rural areas) and ventilators in emergency cases like COVID'19, etc. Healthcare 5.0 greatly aids in overcoming these operational issues. The hospital's operational team and healthcare professionals can be alerted by the smart medical devices deployed in various areas to supervise and coordinate the hospital's operations. Under these circumstances, the drone-based drugs supply and sample collection feature of Healthcare 5.0 seem very useful. The healthcare 5.0's smart healthcare devices assist in determining when the equipment parts are about to expire and alert the concerned team about the maintenance and or replacement if it is required. Additionally, clinicians may quickly locate specific medical equipment (such as an oxygen cylinder), which is urgently needed that reduces time spent looking for it and perhaps helps to save the patient's life. Healthcare 5.0 also aids in maintaining order and managing the workforce within the network. Hence healthcare 5.0 can be very beneficial to the hospital's general operation in this way [5], [7], [13].

B. REMOTE MONITORING OF PATIENTS
A method of treating and offering healthcare resources and services to patients who are far away is termed as remote patient monitoring. The healthcare profession has traditionally found it difficult to assist the elderly, the physically disabled, people living in rural areas, patients who are seriously ill and immobile at home, and extreme emergencies. Due to a lack of facilities and to stop the corona virus from spreading, remote patient care is still necessary (i.e., in COVID'19 pandemic) [14]. Due to a lack of surveillance, it frequently occurs that even patients who are cured are readmitted to the hospital after their discharging. Healthcare 5.0 uses IoT and associated technologies to provide remote patient monitoring and overcome the associated constrained. Moreover, there is also the facility of drone-based sample (i.e., blood) collection, which specially helps in the underprivileged rural residents.
In the healthcare 5.0, implantable or wearable smart healthcare devices assess patients' health-related factors and transmit that information to healthcare professionals (i.e., doctors) for medical treatment. In the event of aberrant health parameters, it also alerts the healthcare providers. With the aid of the healthcare 5.0 communication environment, underprivileged rural residents can also receive advice and medical care from top experts located all over the world. To ensure that no one is denied treatment, it also helps to lower hospitalisation and travel expenses [7], [13].

C. TREATMENT AND DETECTION OF DISEASES
In order to increase life expectancy and to enjoy a meaningful life, timely and precise disease detection, assessment, and medication are crucial. There is a need to constantly improve the medical facilities and services that are readily available to every person, despite the fact that numerous attempts have been made for a long time to handle various emergent health-related difficulties of all ages. Early disease symptoms can sometimes go unrecognised and undiagnosed, leading to chronic and severe sickness that is exceedingly challenging to treat and can even result in the patient's death. Heart attacks, cirrhosis of the liver, cancer, brain seizures, diabetes, asthma, and other illnesses necessitate rapid hospital treatment. With the aid of smart healthcare devices, which continuously monitor the patient's vital signs including blood pressure, temperature, blood sugar level, oxygen level, etc.. Then send the health related data to the practitioner (i.e., doctor) through the communication facility of healthcare 5.0. Healthcare 5.0 aids in recognising the first signs of any serious illness so that it can be handled with extreme caution. Healthcare 5.0's tools and technologies (i.e., machine learning or deep learning algorithms) do this task without any mistake or error. This lessens the likelihood of a number of the previously mentioned life-threatening conditions. This further helps in the prevention of the critical illnesses [9], [13]. However, such features were missing in the earlier versions of the healthcare system.

D. REMOTE SURGERY
Through the use of robotic arms and related technologies, skilled surgeons can operate on a patient from some remote location. The remote surgeon gives commands and controls to robots at the operating site. Through this facility, patients from all around the world can access the knowledge of specialised surgeons without going to the surgery location physically. The widespread adoption of healthcare 5.0 tools and technologies make this possible. It guarantees more accurate and precise real-time remote action and reactions. During times of war or some natural disasters, healthcare 5.0 also contributes to the preservation of numerous lives [13], [15].
The healthcare 5.0's activities and operations are well supported through the tactile Internet. Therefore, remote surgery can be performed without any issue or error. However, such features were not available in the previous versions of the healthcare system.

E. SECURE DRUG SUPPLYCHAIN MANAGEMENT
The planning and management of every step in drug distribution, from production to end point delivery is considered as drug supply chain management. This supply chain's security, safety and dependability must also be maintained because at any time it could be compromised or utilized inappropriately. The drug supply management process is streamlined and improved with the help of healthcare 5.0. Using smart devices like smart tags attached to the drug bags, the tools and technologies of healthcare 5.0 protects the security and safety of delivered medications from being counterfeited. These smart tags aid in the proper dispersion, tracking, and safeguarding of medications from counterfeiting, ensuring that patients are securely given with high-quality prescription medications. Smart devices alert the relevant authority in charge of managing drug supply change management in the event that someone tries to exchange drugs with the counterfeit medications [16]. Moreover, the drone-based drugs supply is another good feature, which is provided by healthcare 5.0. It was not available in the previous versions of the healthcare system.

III. SECURITY OF HEALTHCARE 5.0
The security requirements, threats and attacks of healthcare 5.0 and threat model of healthcare 5.0 are disucssed below [2].
• Confidentiality: This property offers protection from all types of data release attacks. It also goes by the names secrecy and privacy. In healthcare 5.0, both data transmission and storage secrecy must be attained. To protect the confidentiality of data that is stored and sent, mechanism like, data encryption should be used.
• Integrity: The data integrity that is transferred and stored is guaranteed by this attribute. It implies that the transferred and stored healthcare data should not be subject to any unapproved updates. Furthermore, no data should be added or removed without permission. We may employ some mechanisms like ''secure hash algorithms to ensure the integrity'' (i.e., using ''Secure Hash Algorithm (SHA-256)'' [23]).
• Authentication: It is a process of determining whether a person or object is legitimate. In the case of healthcare 5.0, it may involve ''device-to-device, user-to-device, or user-to-user authentication.'' We employ mechanisms like the ''two factor user authentication protocol'' or the ''three factor user authentication protocol'' for this task. The interacting individuals establish session keys for their secure transmission of information that usually happens when all authentication protocol stages have been successfully completed.
• Access control: It is a process of mitigating the unauthorised access attempts to the legitimate devices and resources of Healthcare 5.0. Different kinds of mechanisms can be applied, like device access control and user access control.
• Non-repudiation: It is yet another significant necessity. It gives the transferring party the assurance that they should not contest the veracity of anything like the transferred communications. This feature guarantees both the data's integrity and ''evidence of the data origin.'' Therefore, it is difficult to reject ''who sent the message'' or ''from where the message came.'' • Authorization: Healthcare 5.0 uses authorization to ensure that genuine parties, such as ''legitimate smart healthcare device'', deliver the data to other parties (for instance, a doctor).
• Freshness: It guarantees the messages being exchanged are fresh in order to reduce the re-transmission tries (i.e., mitigation of replay attacks).
• Availability: This attribute guarantees that the devices and the associated network services should be made accessible to the real devices/ entities even in the worst circumstances i.e., ''scenario of denial-of service (DoS) attacks.'' • Forward secrecy: It ensures that the messages sent and received are kept confidential. This means that if a smart healthcare device departs healthcare 5.0 system, then it must not get access to any messages, which may be sent in the future.
• Backward secrecy: It guarantees the messages, which were exchanged in the past, should remain private. It means that if a smart healthcare device or user that has just joined the network of healthcare 5.0 then he/ she must not have access to any of the previously exchanged messages.

B. POSSIBLE THREATS AND ATTACKS OF HEALTHCARE 5.0
The following types of passive/active attacks can be possible in healthcare 5.0 [5], [22], and [24].
• Eavesdropping: The sniffing of transmitted signals is used for eavesdropping attempts. Later, further attacks like credential guessing and impersonation attacks can be launched using the intercepted messages.
• Traffic analysis: The adversary in this nefarious act intercepts messages to learn what kind of conversation is occurring on the route. The opponent, for instance, can learn which side is speaking with whom and for how long.
• Replay attack: In this threatening attempt, the opponent keeps a record of the messages, which are transmitted and then tries to play them back to deceive the receiving side [25].
• Man-in-the-middle (MiTM) attack: In this malicious attempt, the adversary intercepts the communications being sent prior. Then he/ she tries to amend or delete them before sending them to the addressee [26].
• Impersonation attack: In this malicious act, A first attempts to determine ''sender's identity'' with the help of intercepted messages. He/ she then attempts to change or generate new messages before sending them to the target recipient. Following receipt of such messages, the recipient assumes that the messages are from the original sender [27]. However, in reality, A has sent them [25].
• Denial-of-Service (DoS) attack: In this hostile act, A prevents authorised users from using the services of healthcare 5.0. A accomplishes this by setting up an attacker system (or a system running malicious malware), which delivers bogus requests or attack packets to the legitimate healthcare 5.0 devices or services. As a result, the servers or devices cannot offer the service to the original users. The variation of DoS known as ''Distributed DoS (DDoS)'' can be carried out through numerous attacking systems i.e., botnets [28], [29], [30].
• Attacks associated with blockchain: As healthcare 5.0 consists of blockchain, therefore, some attacks associated with blockchain 5.0, i.e., 51% attack and selfish mining are possible. That usually happens if we do not choose a consensus algorithm carefully. When an opponent has a lot of hashing power, these kinds of harmful activities could occur [31]. A 51% attack, in particular, necessitates that A carries more than half of the hashing power. The 51% attack is typically used against crypto currencies, where A engages in malicious behaviours like ''double spending.'' Apart from that, another well-known weakness in the blockchain-based system is termed as ''selfish mining.'' Here malicious miners A can take use of this to steal block rewards. The ''Proof-of-Work (PoW)'' is vulnerable to a 51% attack, according to the recent observations and discoveries. Therefore, it is advised that we choose the ''consensus algorithm'' cleverly. Hence, to mitigate these issues, we should employ consensus algorithms, such as ''Ripple Protocol Consensus Algorithm (RPCA)'' and ''practical Byzantine Fault Tolerance (pBFT)'' [25].
• Malware attack: A remote sitting adversary uses the execution of malicious malware scripts in the remote systems to carry out malware attacks. These malicious operations include information theft, the encryption of sensitive data and the hijacking of the smart healthcare devices [22].
• Database attack: Healthcare 5.0 stores healthcare information on a server, or cloud server. The possibility of database-related cyber attacks exists in this communication context. The use of exploits like ''Structured Query Language (SQL) injection attack'' and ''Cross-Site Scripting (XSS) attack'' can reveal the sensitive medical data. In a SQL injection attack, the attacker attempts to insert malicious code into the ''existing SQL queries'' to trick the database administrator into disclosing the confidential data [32]. While in an XSS attack, A attempts to insert malicious scripts into legitimate and trustworthy websites in order to steal sensitive data i.e., ''identity and password information'' [2], [33].
• Physical device stolen attack: Because they cannot be monitored continuously, smart healthcare devices are vulnerable to physical theft by the enemy. Then, using complex ''power analysis attacks,'' it will be possible to use these stolen healthcare devices to extract confidential material from them [34], [35]. Additionally, the risk increases if A attempts to use the knowledge obtained to execute additional attacks like ''MiTM, illegal session key computation, impersonation attacks, etc.'' [36], [37].
• Privileged-insider attack: The registration authority's privileged insider user, who has access to the private registration data for multiple users and devices, may cause issues in this illegal activity. ''A privileged insider user'' may pose as an A and uses the different users' and devices' obtained registration information to execute prospective attacks on healthcare 5.0. The examples are ''offline password guessing attacks, impersonation attack and unauthorised session key computation attack [38], [39].
• Stolen verifier attack: In this malicious activity, an adversary A tries to deduce the sensitive information of legitimate entities i.e., smart healthcare devices, users. Usually, A uses the secret data stored at the servers. By making the use of this information A launches other potential attacks, i.e., MiTM, impersonation, session key computation, physical device stolen, etc., on the system. To mitigate this attack, it is recommended to store the secret registration information of various entities in the secured region of the database [37].
• Online/offline password guessing attack: In this attack, an A tries to obtain the passwords of legitimate uses of the Healthcare 5.0. A does this task with the help of exchanged messages and information stored at the cloud servers. Using this deduced information, A proceeds for the guessing of password either in the online way or in the offline way. To mitigate this attack, it is recommended to store the secret registration information of various entities in the secured region of the database [37]. Moreover, we should be careful when we exchange any message. In the exchanged messages, we should not exchange any secret information in the plaintext; otherwise, this may be helpful for A to launch the unauthorised attempts of online/ offline password guessing [40].
C. THREAT MODEL OF HEALTHCARE 5.0 For the scenario of healthcare 5.0, widely followed model, like, Dolev-Yao threat model is taken into consideration [41].
As per the DY model, the entities, for example, smart health-care devices, servers, users smartphones communicate over the Internet, which is an insecure channel. This communication, which happens through this channel is accessible to everyone even to the hackers (online attackers A) also. Thus A can get access to the exchanged messages, and he/she gets the opportunity to update/ delete/ disclose/ delay them. A also can try to deploy botnet (a network of attacker systems) to launch different attacks (i.e., malware) on the systems and devices of healthcare 5.0. Therefore, we need some security mechanisms to detect and mitigate aforementioned attacks. Due to the introduction of these attacks, the online connected devices and servers are always under high risks. For example, the smart healthcare devices may be hijacked or may be shut down. Subsequently, their stored healthcare data can be leaked or altered. A can also capture some of the deployed smart healthcare devices physically. A then can deduce secret values (for instance, secret keys, session keys, identities of users and devices), which are stored in their memory with the help of steps of sophisticated power analysis attack [34], [35].
A also has ability clone other smart healthcare devices, which seem like the captured smart healthcare devices with more devastating attack features, (i.e., ability to launch routing attacks) [42], [43]. A then uses these malicious devices to perform a number of attacks to disrupt the network's ongoing communication.

IV. PROPOSED GENERALIZED FRAMEWORK: SECURE HEALTHCARE 5.0 FRAMEWORK
The architecture of the proposed generalized secure healthcare 5.0 framework is given in Figure 2. In this architecture, we have patients, who have implantable and wearable medical devices (i.e., smart healthcare devices), which monitor their health parameters. The data, which is collected through the implantable and wearable medical devices is helpful to the medical experts i.e., doctors and nursing staff. The doctors can provide the remote prescription to the patients with the help of the application (APP), which doctors have in their smartphone/ tablet. The nursing staff can also monitors the health of the patients on the basis of received values of health parameters i.e., heart rate, SP-O2 level, level of blood sugar, etc. In the similar the health information is also available to the relatives of the patients. During the pandemic time (i.e., COVID '19), it is difficult for the patients to visit the hospitals physically. In these circumstances, the medical drone can collect the samples (blood, urine, etc.,) of the patients and then deliver them to the laboratory for the testing purpose.
The medical drones can also delivery medicines and other healthcare related products to the patients at their home. We also have some deployed smart ambulances, which act as per the alerts send by the system, for example, the ambulance can be called immediately in case of any severe health issue. The patients, which is collected through the smart healthcare devices is stored over the peer-to-peer cloud server (P2PCS) network in the form of a blockchain. Usually, it is like, the private blockchain and maintained the health records in the form of encrypted transactions inside the blocks. It is always preferable to use stored healthcare data for the data analytics purpose. For that purpose, the data, which is stored in the blockchain can be utilized to predict about the patient's illness. For this tasks, some artificial intelligence (AI) based technique (i.e., machine learning/ deep learning algorithm) can be used. Then treatment can be provided to the patients as per his / her health conditions. The health related data, which is exchanged among the smart health devices, servers and users (i.e., doctors) is vulnerable to various information security related attacks as the entire data exchanges through the Internet. The online attackers (i.e., hackers) are always in search of some vulnerabilities in the deployed system to exploit them. Various attacks i.e., replay, manin-the-middle, impersonation, credentials guessing, hijacking of smart healthcare device, malware injection, stolen verifier, privileged insider, unauthorised session key computation, denial of service (DoS), distributed denial of service (DDoS), spurious flooding, etc. Therefore, security experts try to deploy some security mechanisms to make the system secure against the discussed attacks.
The following security mechanisms can be deployed.
• Authentication and key establishment protocols: These protocols are required to provide the secure mutual authentication and key establishment among the communicating entities of healthcare 5.0. After the successful completion of mutual authentication, entities establish session keys for their secure exchange of data.
• Access control and key establishment protocols: These protocols are required to achieve secure access control among the communicating entities of healthcare 5.0. After the successful completion of access control process, entities establish session keys for their secure exchange of data.
• Key distribution and management protocols: These protocols are required for the secure key distribution as well as key management among the communicating entities of healthcare 5.0. Usually the trusted registration authority does the registration of entities (i.e., smart healthcare devices, users, servers) of the healthcare 5.0 and store registration credentials in their memory/ database. These stored credentials are further utilized in the processes of secure authentication/ access control. • Intrusion detection protocols: To make the system more secure authentication, access control and key distribution protocols are not enough. Sometimes the deployed security mechanisms get failed and intrusions get entry into the system. Under these circumstances, the smart healthcare devices, servers and users may be attacked by the hackers through various attacks, i.e., remote hijacking, malware injection, DoS/ DDoS, spurious flooding, etc. To stop these malicious activities, we need deploy some intrusion detection protocols to protect the devices, servers and users of healthcare 5.0. Usually intrusion detection system protects in two ways, i.e., at the network level and at the system (host) level. These two kinds of intrusion detection systems are called as network based intrusion detection system and host based intrusion detection system.
Some of the important features of architecture of secure healthcare 5.0 system are given below.
• Main entities: In the given architecture of secure healthcare 5.0 system, the main entities are users (i.e., doctor, nurse, relative of patient), who want to access the data of healthcare 5.0 for their various purposes. More-over, there are various devices, i.e., implantable medical devices, wearable medical devices, medical drones, smart ambulance, and cloud servers of peer-to-peer cloud server network. These devices have communication capabilities and exchange the information as per the various needs. Cloud servers store the data of healthcare 5.0 in the form of different blocks of blockchain. This data is further analysed to obtain useful outcomes i.e., prediction related to some illness. There are also some unauthorised entities i.e., hackers, who want to launch some cyber attack on the communication of healthcare 5.0. The various potential attacks are possible, i.e., unauthorized data leakage, unauthorized data alteration/ deletion, and denial of or distributed denial of service attacks (DoS or DDoS). Therefore, we need some security mechanisms to protect the data of healthcare 5.0.
• Available services: In healthcare 5.0, there are various services available, i.e., remote health monitoring, in which secure access of healthcare data of various patients to the legitimate users like, doctors, nurse, relative of patient is provided. This data is further maintained in the form of blocks in the blockchain, which can later used to obtain important outcomes, i.e. prediction VOLUME 10, 2022 about the illness of a patient. Moreover, there are other important services available, i.e., drone-based sample collection and medicine delivery, smart ambulance for patient's shifting, telemedicine consultation.
• Secure data flow management: For the secure data flow management, various security mechanism can be deployed. For example, for secure authentication, a mechanism of 2-factor or 3-factor user authentication can be used. Apart from that for the secure access control, mechanisms, like, device access control or user access control can be used. For this task methods, like, certificate-based access control or certificate-less access control mechanisms can be deployed. Moreover to protect against the potential intrusion, schemes like, machine learning-based or deep learning-based intrusion detection can be used. For this task, methods, like, signature-based detection, anomaly-based detection or hybrid detection can be deployed.

V. SECURITY SCHEMES IN HEALTHCARE 4.0 AND HEALTHCARE 5.0
In this section, we provide the details of the security schemes applicable to healthcare 4.0 and healthcare 5.0.

A. EXISTING SECURITY SCHEMES IN HEALTHCARE 4.0
In the following, we discuss the following recent schemes proposed in healthcare 4.0. Next, we discuss the performance comparison of the discussed schemes.
• Qahtan et al. [50] presented the formulation of fuzzy weighted with zero inconsistency (FWZIC) scheme under the spherical fuzzy environment. Their scheme combined ''GRATOPSIS and the BES optimization.'' They also presented a new security and privacy mechanism i.e., multi-criteria decision-making (MCDM) for blockchain-enabled IoT healthcare Industry 4.0.
• Aggarwal et al. [45] presented a blockchain-enabled unmanned aerial vehicle (UAV) path planning system for Healthcare 4.0. They also provided a identity management and privacy preservation scheme for the sharing of medical data in healthcare 4.0. They have also provided a comparative study of their scheme and other potential schemes to found out about the performance improvement of their scheme over the other schemes.
• Qiu et al. [46] proposed a user-centric data storage and sharing scheme in cloud-based medical cyber-physical systems (MCPS). Their scheme tried to protect the safety and privacy of users' electronic health record (EHR) data. It could secure the data and maintained its privacy even even in case of cloud servers and keys are compromised. They had also evaluated the feasibility of their scheme on mobile-edge computing (MEC) on a smartphone to observe its performance improvement over the standard encryption algorithms.
• Bhattacharya et al. [47] proposed a blockchain-based scheme for deep learning as-a-service to store patient's EHR data in a secured way. They presented a lattice based signature mechanism for the assurance of privacy and authentication of EHR records of various patients.
The performance comparison of security schemes in healthcare 4.0 is given in Table 1. From the information given in Table 1, it is clear that the scheme of Bhattacharya et al. [47] covers most of desired security and funtionality features. However, blockchain related implementation is missing in all schemes.

B. EXISTING SECURITY SCHEMES IN HEALTHCARE 5.0
In the following, we discuss the following recent schemes proposed in healthcare 5.0. Next, we discuss the performance comparison of the discussed schemes.
• Ghosh et al. [44] provided a public blockchain network (PBCN) oriented architecture, which includes a layer of validation service providers (VSPs). In the their architecture, multiple validation devices (VDs) participate in the communication. However, some of them could have bad motives, such as inaccurate information validation and information fabrication. They proposed B2H, which was able to predict a malicious validation device and penalizing them as per the situation. Their architecture helped the end-users for the association of limited number of VDs. In their mechanism, an end-user had multiple chooses for the selection of a VSP, which the information validation has done through VDs. Their scheme i.e., B2H helped the end-user for the selection of an optimal VSP. Their scheme reduced the validation latency of PBCN-based system, which was provided to fulfil the healthcare needs of the Society 5.0.
• Bhavin et al. [7] examined various security architectures for the security of ''electronic health records (EHRs). They have introduced ''quantum computing (QC)'' for the conventional encryption mechanism. Further, they suggested a ''blockchain-based architecture for healthcare 5.0.'' It enabled users to access database data as per their assigned roles. Furthermore, they have used ''quantum blind signature'' for the creation of blocks on the ''hyperledger Fabric blockchain.'' This mechanism was used to defend the encryption scheme from the potential quantum attacks, which are possible in the future. They have computed important results i.e., ''transaction throughput, resource usage, and network traffic.'' • Shamshad et al. [48] looked at a case study of an ''artificial intelligence (AI), cloud computing, big data technologies, industrial cyber-physical systems (I-CPSs)'' based healthcare ecosystem, which could be used for healthcare 5.0 applications. They emphasised its problems with physical and cyber security. They then created a ''system-wide key establishment scheme'', which was effective and physically secure. Their scheme made the use of ''effective cryptographic primitives'', i.e., ''fuzzy extractor, hash function, and XOR operator.'' Because of the use of ''physically unclonable function (PUF),'' the their scheme was resistant to physical attacks as well as cyber attacks. They have also conducted the formal and informal security analyses of their scheme, which identified that their scheme could prevent many potential physical and cyber attacks. A widely endorsed NS3 simulator tool was used to test the effectiveness of their scheme during the realistic network demonstration.
It was also observed that their scheme clearly superior in terms of ''computing overhead, communication overhead, and functionality characteristics'' when compared to the other related existing schemes.
• Gupta et al. [49] highlighted the security, privacy, and communication issues of healthcare 5.0 enabled telesurgery system. They introduced ''Blockchaindriven Intelligent Scheme for Telesurgery System (BITS)'' for the secure and effective functioning of telesurgery system. Further, they demonstrated how the presented BITS scheme could solve the aforementioned security, privacy and communication issues of the associated system.
The performance comparison of security schemes in healthcare 5.0 is given in Table 2. From the information given in Table 2, it is clear that the scheme of Shamshad et al. [48] provides most of the desirable features. Moreover it also seems secure against the various potential attacks. However, its blockchain implementation is not given. The scheme of Bhavin et al. [7] seems promising from the future perspective. As it was designed with help of ''quantum cryptography (i.e., quantum blind signature).'' However, security analysis of this scheme is not satisfactorily done. They did not discuss anything about the defense of blockchain related attacks.

VI. ISSUES AND CHALLENGES OF HEALTHCARE 5.0
Healthcare 5.0 is applicable for various applications and support the people and society in various ways. However, it also has several issues and challenges, which need to be handled carefully. Some of issues and challenges of healthcare 5.0 are given below [2], [5], [7], [9].
• Managing huge data volumes: Large volumes of medical data are exchanged over the healthcare 5.0 from a variety of networked devices. Traditional mechanisms and algorithms cannot process this data. Healthcare 5.0 examines the gathered data to offer an early illness diagnosis. Hence there is a need to establish a technique to manage the enormous volume of data in order to improve the decision-making and diagnosing capabilities of the system. However, to manage huge data more easily, we can deploy some machine learning algorithms and more sophisticated algorithms, which seem a potential solution for this issue.
• Absence of standards: In the healthcare 5.0 communication environment, there are the communications among the smart healthcare devices, servers, service provides and users. The different equipments (i.e., smart healthcare devices) are largely purchased from various vendors. Due to the lower cost, some gadgets use bluetooth, while others are online. When transferring data to distant servers, these variances could raise some issues. The security of the data and the stability of the systems are at risk due to the incompatibility of systems problem.
To resolve these issues, we should check for the devices for dangers that employees use to access data.
• Utilization of smart healthcare devices while using outdated infrastructure: Healthcare 5.0 is a fantastic breakthrough for the healthcare sector, but if it is connected with out-of-date infrastructure, it won't be functioned well. It's challenging to search some right person to upgrade the infrastructure of healthcare facilities with outdated technology. Because of this issue, the majority of IT graduates do not want to work in the medical industry. As a solution to this issue, it is always desirable to make sure that deployed infrastructure should be updated to the newest technologies to draw in the best talent. The information technology devices and appliances should be replaced every ten years as per the suggestions of the industry experts.
• Data security threats: Cyber attacks are quite likely to compromise healthcare data of healthcare 5.0. The danger of exposure is greatly increased when the healthcare 5.0's data is added to the already existing pool of clinically sensitive medical data. Data breaches are more likely happen when more devices are connected to the external systems and also to one another [51].
• Data unification: Healthcare 5.0 is the collection of heterogeneous devices. If the data from these devices cannot be combined and computed to produce useful and meaningful conclusions then it seems useless. All the healthcare 5.0 devices must be compatible with one another and enable data transmission to all users of the technology, including payers and healthcare service providers, in order to fully acquire the potential advantages of it can safeguard all different kinds of communication devices in such an environment. More in-depth research is therefore required in this area.
D. HETEROGENEITY OF HEALTHCARE 5.0 SYSTEMS Healthcare 5.0 system is considerably different from traditional healthcare system since it uses a wide range of devices, including ''RFID tags, desktop computers, full-edge laptops, and personal digital assistants.'' Additionally, these devices function in accordance with several communication protocol principles. The fact that these devices differ in terms of their available storage, processing power, communication range, and operating system is also very important to note. From this point forward, we must create a security framework, which can support and defend various devices and underpinning technology types.

E. COMPATIBILITY FOR CROSS-PLATFORMS EXISTENCE IN HEALTHCARE 5.0
When attempting to establish a security framework for healthcare 5.0, the heterogeneity of inbuilt networks poses a challenge. This characteristic makes it easier for different application domains to connect. But it also makes it difficult to design a security framework for healthcare 5.0 that works well. For instance, security framework for healthcare 5.0 needs to be strong and compatible. For example, when a smart home application needs to get data from a smart healthcare device, then the application may get access to the data from the target network without any issue. At the same time, it's crucial to keep in mind that data saved in the cloud servers need strong defense schemes. Therefore, to ensure continuous connectivity across various platforms of healthcare 5.0, we need to create robust and effective security framework for healthcare 5.0.

F. LACK OF LEGAL AND REGULATORY FRAMEWORKS
Most of the tools and technologies, which are used in healthcare 5.0 are in their very early phase. Since healthcare 5.0 handles sensitive healthcare data, therefore, it always has privacy related issues. Moreover, there is the lacking of legal and regulatory frameworks. If somethings wrong happens then it is very difficult to take care about certain things i.e., who will handle this, how this will be handled. Therefore, there is the essential need of design and implementation of legal and regulatory frameworks to mitigate the legal problems of healthcare 5.0 [3].
G. E-HEALTH POLICIES Healthcare 5.0 is the amalgamation of various technologies and domains, i.e., medical science, machine learning, IoT, blockchain, tactile Internet, 5G communication technologies, etc. Under these circumstances, it is very important to tell that what should be our e-health policies. How the e-health policies should be designed, in what ways policies should be implemented. Therefore, we need some proper mechanisms for the designing of e-health policies in healthcare 5.0 [3].

H. LACK OF FUNDING
Healthcare 5.0 is the amalgamation of various tools and technologies as discussed earlier. For the proper deployment of these tools and technologies, we need some money. However, the countries, which do not have enough funding or have funding issues can not afford the use of these novel and advanced technologies, which seems very costly for them. Therefore, how to tackle these issues has become very important. Can we go for the invention of some cost effective solutions for healthcare 5.0 seem another important future research direction [3].

VIII. CONCLUDING REMARKS
The design of a secure healthcare 5.0 framework has been presented in this article. The details of various application of healthcare 5.0 were then provided. Next, the security requirements of healthcare 5.0 along with possible threats and attacks of healthcare 5.0 were also given. The details of threat model of healthcare 5.0 has been provided. Furthermore, the summary of existing security schemes in healthcare 4.0 and healthcare 5.0 was given, which was also included in their performance comparison. Finally, some future research directions of healthcare 5.0 were provided.