A data taxonomy for adaptive multifactor authentication in the internet of health care things

The health care industry has faced various challenges over the past decade as we move toward a digital future where services and data are available on demand. The systems of interconnected devices, users, data, and working environments are referred to as the Internet of Health Care Things (IoHT). IoHT devices have emerged in the past decade as cost-effective solutions with large scalability capabilities to address the constraints on limited resources. These devices cater to the need for remote health care services outside of physical interactions. However, IoHT security is often overlooked because the devices are quickly deployed and configured as solutions to meet the demands of a heavily saturated industry. During the COVID-19 pandemic, studies have shown that cybercriminals are exploiting the health care industry, and data breaches are targeting user credentials through authentication vulnerabilities. Poor password use and management and the lack of multifactor authentication security posture within IoHT cause a loss of millions according to the IBM reports. Therefore, it is important that health care authentication security moves toward adaptive multifactor authentication (AMFA) to replace the traditional approaches to authentication. We identified a lack of taxonomy for data models that particularly focus on IoHT data architecture to improve the feasibility of AMFA. This viewpoint focuses on identifying key cybersecurity challenges in a theoretical framework for a data model that summarizes the main components of IoHT data. The data are to be used in modalities that are suited for health care users in modern IoHT environments and in response to the COVID-19 pandemic. To establish the data taxonomy, a review of recent IoHT papers was conducted to discuss the related work in IoHT data management and use in next-generation authentication systems. Reports, journal articles, conferences, and white papers were reviewed for IoHT authentication data technologies in relation to the problem statement of remote authentication and user management systems. Only publications written in English from the last decade were included (2012-2022) to identify key issues within the current health care practices and their management of IoHT devices. We discuss the components of the IoHT architecture from the perspective of data management and sensitivity to ensure privacy for all users. The data model addresses the security requirements of IoHT users, environments, and devices toward the automation of AMFA in health care. We found that in health care authentication, the significant threats occurring were related to data breaches owing to weak security options and poor user configuration of IoHT devices. The security requirements of IoHT data architecture and identified impactful methods of cybersecurity for health care devices, data, and their respective attacks are discussed. Data taxonomy provides better understanding, solutions, and improvements of user authentication in remote working environments for security features

A Novel Secure Patient Data Transmission through Wireless Body Area Network: Health Tele-Monitoring

The security of sensitive data obtained from a patient has not been implemented properly because of energy issues of sensor nodes in Wireless Body Area Network (WBAN) and constrained resources such as computational power and low battery life. The main of this paper is to enhance the security level of data transmission between patient and health service provider by considering the availability of energy at sensor nodes. The proposed system consists of a hybrid Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC), which provides simple, fast and high cryptographic strength of data security. ECC is used for securing AES encryption keys, and AES algorithm is used for encrypting/decrypting text. A scenario where sensor nodes are continuously supplied energy from solar power is considered and based upon the energy availability; respective encryption technique is implemented. The result shows that the proposed EEHEE algorithm increases the encryption of the data file by more than 19% compared to the State of Art's solution. The proposed EEHEE system is 11% faster in encrypting data file and reduces the energy consumption by 34 % compared to the current best solution.  The proposed system concentrates on reducing the energy consumption in WBAN and increasing cryptographic strength to the system by using the hybrid symmetric and asymmetric algorithm. Thus, this study provides an efficient scheme to enhance security for real-time data transmission in telemedicine

Wearable Wireless Devices

No abstract available

Quality assessment technique for ubiquitous software and middleware

The new paradigm of computing or information systems is ubiquitous computing systems. The technology-oriented issues of ubiquitous computing systems have made researchers pay much attention to the feasibility study of the technologies rather than building quality assurance indices or guidelines. In this context, measuring quality is the key to developing high-quality ubiquitous computing products. For this reason, various quality models have been defined, adopted and enhanced over the years, for example, the need for one recognised standard quality model (ISO/IEC 9126) is the result of a consensus for a software quality model on three levels: characteristics, sub-characteristics, and metrics. However, it is very much unlikely that this scheme will be directly applicable to ubiquitous computing environments which are considerably different to conventional software, trailing a big concern which is being given to reformulate existing methods, and especially to elaborate new assessment techniques for ubiquitous computing environments. This paper selects appropriate quality characteristics for the ubiquitous computing environment, which can be used as the quality target for both ubiquitous computing product evaluation processes ad development processes. Further, each of the quality characteristics has been expanded with evaluation questions and metrics, in some cases with measures. In addition, this quality model has been applied to the industrial setting of the ubiquitous computing environment. These have revealed that while the approach was sound, there are some parts to be more developed in the future

Wearable Wireless Devices

No abstract available

Privacy in the Smart City - Applications, Technologies, Challenges and Solutions

Many modern cities strive to integrate information technology into every aspect of city life to create so-called smart cities. Smart cities rely on a large number of application areas and technologies to realize complex interactions between citizens, third parties, and city departments. This overwhelming complexity is one reason why holistic privacy protection only rarely enters the picture. A lack of privacy can result in discrimination and social sorting, creating a fundamentally unequal society. To prevent this, we believe that a better understanding of smart cities and their privacy implications is needed. We therefore systematize the application areas, enabling technologies, privacy types, attackers and data sources for the attacks, giving structure to the fuzzy term “smart city”. Based on our taxonomies, we describe existing privacy-enhancing technologies, review the state of the art in real cities around the world, and discuss promising future research directions. Our survey can serve as a reference guide, contributing to the development of privacy-friendly smart cities

Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey

Healthcare applications are considered as promising fields for wireless sensor networks, where patients can be monitored using wireless medical sensor networks (WMSNs). Current WMSN healthcare research trends focus on patient reliable communication, patient mobility, and energy-efficient routing, as a few examples. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. This paper discusses the security and privacy issues in healthcare application using WMSNs. We highlight some popular healthcare projects using wireless medical sensor networks, and discuss their security. Our aim is to instigate discussion on these critical issues since the success of healthcare application depends directly on patient security and privacy, for ethic as well as legal reasons. In addition, we discuss the issues with existing security mechanisms, and sketch out the important security requirements for such applications. In addition, the paper reviews existing schemes that have been recently proposed to provide security solutions in wireless healthcare scenarios. Finally, the paper ends up with a summary of open security research issues that need to be explored for future healthcare applications using WMSNs

Improved Secure and Low Computation Authentication Protocol for Wireless Body Area Network with ECC and 2d Hash Chain

Since technologies have been developing rapidly, Wireless Body Area Network (WBAN) has emerged as a promising technique for healthcare systems. People can monitor patients’ body condition and collect data remotely and continuously by using WBAN with small and compact wearable sensors. These sensors can be located in, on, and around the patient’s body and measure the patient’s health condition. Afterwards sensor nodes send the data via short-range wireless communication techniques to an intermediate node. The WBANs deal with critical health data, therefore, secure communication within the WBAN is important. There are important criteria in designing a security protocol for a WBAN. Sensor nodes in a WBAN have limited computation power, battery capacity, and limited memory. Therefore, there have been many efforts to develop lightweight but secure authentication protocols. In this thesis, a computationally efficient authentication protocol based on Elliptic Curves Cryptography (ECC) and 2D hash chain has been proposed. This protocol can provide high level security and require significantly low computation power on sensor nodes. In addition, a novel key selection algorithm has been proposed to improve efficiency of key usage and reduce computation cost. For this protocol, ECC is used for key exchange and key encryption. The scheme encrypts a key with ECC to create a pair of points and uses this pair of points as keys for an intermediate node and sensor nodes. 2D hash chain technique is used for generating 2D key pool for authentication procedure. This technique can generate many keys efficiently and effectively with hash functions. For security part, this protocol provides essential security features including mutual authentication, perfect forward security, session key establishment, and etc., while providing high level security. In experimental results, this protocol reduced sensor nodes’ computation cost significantly by using combination of ECC and 2D hash chain. Moreover, the computation cost on the intermediate node has been reduced to 48.2% of the existing approach by the new key selection algorithm at an initial authentication. After the initial authentication, the intermediate node’s computation cost is further reduced to 47.1% of the initial authentication by eliminating synchronization phase. In addition, communication cost which is the total packet size of all messages is 1280-bits, which is 5392-bits smaller than the existing approach, for entire authentication and after the initial authentication the cost is reduced to 768-bits