Secure and Efficient Biometric Data Streaming with IoT for Wearable Healthcare †
Abstract
1. Introduction
1.1. Problem Statement
1.2. Proposed Solution
1.3. Contribution
2. Methodology
2.1. Hardware Implementation
2.1.1. Wearable Device
- Sensor Integration: A MAX30100 sensor (Maxim Integrated, San Jose, CA, USA) [6] is interfaced with the MCU via the Inter-Integrated Circuit () bus to acquire real-time heart rate (HR) and pulse oximetry (SpO2) data.
- Sensor Setup: The MAX30100 sensor utilizes red and infrared light-emitting diode (IR LED) drivers in order to drive LED pulses for SpO2 and HR measurements. The LED current can be programmed from 0 mA to 50 mA with the supply of 3.3 V. The LED pulse width can be programmed from 200 µs to 1.6 ms to balance accurate measurements and power consumption [6].
- Operation: To improve measurement accuracy, our IoMT node processes raw data locally before transmission. From an initial sample of 16 measurements taken at 26 ms, the device filters out the 8 most extreme values as outliers and transmits the calculated average of the remaining data points.
2.1.2. Edge Gateway
- Continuously scanning for specific advertising packets.
- Decrypting the received payloads.
- Forwarding the data via Wireless Fidelity (WiFi).
2.2. Secure Communication Protocols
2.2.1. Encrypted BLE Advertising
2.2.2. Cloud Communication
2.3. Cloud and Software Stack
- 1.
- Mosquitto (MQTT Broker): Handles the incoming secure message streams from the edge gateway.
- 2.
- Telegraf (MQTT Agent): Acts as the data collection agent, subscribing to the broker and formatting the metrics for storage.
- 3.
- InfluxDB (Database): A high-performance time-series database used to store the streaming biometric data for real-time access and historical analysis.
- 4.
- Grafana (Visualization): Connected to InfluxDB, this platform renders real-time dashboards accessible via HyperText Transfer Protocol Secure (HTTPS), displaying HR and SpO2 trends to the end-user.
3. Results
3.1. Security and Performance Analysis
3.2. Energy Efficiency
- Permanent BLE Connection: A connection-oriented BLE pairing with interval 1 Hz results in a power consumption of 31 µWh per second, as detailed in Table 2. The autonomy of our IoMT node is restricted to just 1.98 h, by utilizing a 3.7 V/150 mAh lithium-ion polymer (LiPo) battery [10], making a permanent BLE link unsustainable for long-term monitoring.
- Advertising BLE Packets: In contrast, the implementation of BLE advertising with the same 1 Hz interval achieves a 12-fold power reduction, from 31.0677 µWh to 2.5784 µWh, as viewed in Table 2 and Table 3, whereas the conventional BLE pairing connection remains viable for approximately only 2 h when powered by the specified LiPo battery [10]. The proposed architecture demonstrates a significant enhancement in longevity, reaching 23.76 h of continuous operation.
- Optimizing Autonomy: Through the combined implementation of optimized sensor sampling and a reduction in LED current, the system achieved a 33-fold increase in operational autonomy compared with standard configurations maintaining a permanent BLE connection. This dual-optimization strategy involved integrating a connectionless advertising approach alongside a strategic decrease in the MAX30100 LED current from 20 mA to 8 mA. These adjustments significantly lowered the sensor’s power draw while maintaining an acceptable measurement accuracy, as detailed in Table 4. Consequently, utilizing the same LiPo battery, the system reached a continuous operational duration of 65.52 h (2.73 days).
3.3. Visualization Outcomes
4. Discussion
4.1. Decoupling Security from Connectivity
4.2. Cloud Integration and Scalability
4.3. Limitations and Resource Requirements
- Manpower and Deployment: Deploying this system requires specialized expertise in both embedded systems (for the BLE stack) and cloud engineering (Docker/MQTT). This technical barrier may require dedicated personnel for maintenance compared with off-the-shelf proprietary medical monitoring solutions.
- System Architecture Constraints: Although the ESP32-C6’s hardware accelerator optimizes AES-128-CCM execution, the framework is ultimately bound by the strict payload limitations of BLE advertising. The mandatory cryptographic overhead (Nonce and MIC) reduces the effective data throughput per packet. This dictates the use of lightweight symmetric cryptography and enforces a hard constraint on the balance between data granularity, security depth, and battery longevity.
- Compliance and Certification Costs: Transitioning from a research prototype to a certified medical device requires substantial investment in regulatory compliance (such as HIPAA in the United States of America or GDPR/MDR in Europe). The cost of official security audits to validate the AES-128-CCM implementation and the integrity of the data pipeline often exceeds the cost of the hardware itself.
5. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
Abbreviations
| AES | Advance Encryption Standard |
| BLE | Bluetooth Low Energy |
| CBC-MAC | Cipher Block Chaining Message Authentication Code |
| CCM | Counter with CBC-Mac |
| GDPR | General Data Protection Regulation |
| HIPAA | Health Insurance Portability and Accountability Act |
| HR | Heart Rate |
| HTTPS | HyperText Transfer Protocol Secure |
| Inter-Integrated Circuit | |
| IoMT | Internet of Medical Things |
| IoT | Internet of Things |
| IR | Infrared |
| LED | Light-Emitting Diode |
| LiPo | Lithium-Ion Polymer |
| MCU | Microcontroller Unit |
| MDR | Medical Device Regulation |
| MIC | Message Integrity Check |
| MQTT | Message Queuing Telemetry Transport |
| MQTTS | Message Queuing Telemetry Transport over TLS |
| PoC | Proof-of-Concept |
| SoC | System on a Chip |
| SpO2 | Peripheral Oxygen Saturation |
| TLS | Transport Layer Security |
| VM | Virtual Machine |
| WiFi | Wireless Fidelity |
References
- Vishnu, S.; Ramson, S.J.; Jegan, R. Internet of medical things (IoMT)—An overview. In Proceedings of the 2020 5th International Conference on Devices, Circuits and Systems (ICDCS), Coimbatore, India, 5–6 March 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 101–104. [Google Scholar] [CrossRef]
- Koulouras, G.; Katsoulis, S.; Zantalis, F. Evolution of Bluetooth Technology: BLE in the IoT Ecosystem. Sensors 2025, 25, 996. [Google Scholar] [CrossRef] [PubMed]
- Hooshmand, M.; Zordan, D.; Del Testa, D.; Grisan, E.; Rossi, M. Boosting the battery life of wearables for health monitoring through the compression of biosignals. IEEE Internet Things J. 2017, 4, 1647–1662. [Google Scholar] [CrossRef]
- Liu, Q.; Zhang, Y.; Sun, Y. Intercepting Bluetooth Traffic from Wearable Health Devices. In Proceedings of the 2024 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA, 23 May 2024; IEEE: Piscataway, NJ, USA, 2024; pp. 267–273. [Google Scholar] [CrossRef]
- Seeed Studio. Getting Started with Seeed Studio XIAO ESP32C6. 2024. Available online: https://wiki.seeedstudio.com/xiao_esp32c6_getting_started/ (accessed on 3 February 2026).
- Maxim Integrated Products, Inc. MAX30100—Pulse Oximeter and Heart-Rate Sensor IC for Wearable Health. 2014. Available online: https://www.analog.com/media/en/technical-documentation/data-sheets/max30100.pdf (accessed on 3 February 2026).
- Banani, S.; Thiemjarus, S.; Wongthavarawat, K.; Ounanong, N. A dynamic light-weight symmetric encryption algorithm for secure data transmission via BLE beacons. J. Sens. Actuator Netw. 2021, 11, 2. [Google Scholar] [CrossRef]
- Katsoulis, S.; Koulouras, G.; Christakis, I. Energy-efficient data acquisition and control system using both lorawan and wi-fi communication for smart classrooms. In Proceedings of the 2024 13th International Conference on Modern Circuits and Systems Technologies (MOCAST), Sofia, Bulgaria, 26–28 June 2024; IEEE: Piscataway, NJ, USA, 2024; pp. 1–4. [Google Scholar] [CrossRef]
- Nordic Semiconductor. nRF Connect for Mobile. 2013. Available online: https://www.nordicsemi.com/Products/Development-tools/nRF-Connect-for-mobile (accessed on 3 February 2026).
- Adafruit. Lithium Ion Polymer Battery—3.7 v 150 mAh. 2024. Available online: https://www.adafruit.com/product/1317 (accessed on 3 February 2026).

| Offset | Field | Size | Description |
|---|---|---|---|
| 0–1 | Company ID | 2 bytes | 16-bit vendor identifier |
| 2–5 | Counter (nonce part) | 4 bytes | 32-bit incremental counter |
| 6–7 | Ciphertext (HR, SpO2) | 2 bytes | Encrypted values |
| 8–15 | Authentication Tag | 8 bytes | CCM MAC Tag |
| Cycle | Duration | Average Current | Energy Consumption |
|---|---|---|---|
| Boot and Initialization | 19 ms | 30 mA | 0.5858 µWh |
| Delay to let sensor wake up | 10 ms | 30 mA | 0.3083 µWh |
| Active Sampling | 26 ms | 50 mA | 1.3361 µWh |
| Encryption and Transmission | 10 ms | 32 mA | 0.3289 µWh |
| Idle | 935 ms | 30 mA | 28.8292 µWh |
| Total * | 1 s | 31.0677 µWh |
| Cycle | Duration | Average Current | Energy Consumption |
|---|---|---|---|
| Boot and Initialization | 19 ms | 30 mA | 0.5858 µWh |
| Delay to let sensor wake up | 10 ms | 30 mA | 0.3083 µWh |
| Active Sampling | 26 ms | 50 mA | 1.3361 µWh |
| Encryption and Transmission | 10 ms | 32 mA | 0.3289 µWh |
| Deep Sleep | 935 ms | 20 µA | 0.0192 µWh |
| Total * | 1 s | 2.5784 µWh |
| Cycle | Duration | Average Current | Energy Consumption |
|---|---|---|---|
| Boot and Initialization | 19 ms | 30 mA | 0.5858 µWh |
| Delay to let sensor wake up | 10 ms | 30 mA | 0.3083 µWh |
| Active Sampling | 16 ms | 38 mA | 0.6249 µWh |
| Encryption and Transmission | 10 ms | 32 mA | 0.3289 µWh |
| Deep Sleep | 1945 ms | 20 µA | 0.04 µWh |
| Total * | 2 s | 1.8879 µWh |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2026 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license.
Share and Cite
Tournatzis, N.; Katsoulis, S.; Panagou, I.C.; Nannos, E.; Christakis, I.; Koulouras, G. Secure and Efficient Biometric Data Streaming with IoT for Wearable Healthcare. Eng. Proc. 2026, 124, 33. https://doi.org/10.3390/engproc2026124033
Tournatzis N, Katsoulis S, Panagou IC, Nannos E, Christakis I, Koulouras G. Secure and Efficient Biometric Data Streaming with IoT for Wearable Healthcare. Engineering Proceedings. 2026; 124(1):33. https://doi.org/10.3390/engproc2026124033
Chicago/Turabian StyleTournatzis, Nikolaos, Stylianos Katsoulis, Ioannis Chrysovalantis Panagou, Evangelos Nannos, Ioannis Christakis, and Grigorios Koulouras. 2026. "Secure and Efficient Biometric Data Streaming with IoT for Wearable Healthcare" Engineering Proceedings 124, no. 1: 33. https://doi.org/10.3390/engproc2026124033
APA StyleTournatzis, N., Katsoulis, S., Panagou, I. C., Nannos, E., Christakis, I., & Koulouras, G. (2026). Secure and Efficient Biometric Data Streaming with IoT for Wearable Healthcare. Engineering Proceedings, 124(1), 33. https://doi.org/10.3390/engproc2026124033

