An evaluation of break-the-glass access control model for medical data in wireless sensor networks

Wireless Sensor Networks (WSNs) have recently attracted a lot of attention in the research community because it is easy to deploy them in the physical environment and collect and disseminate environmental data from them. The collected data from sensor nodes can vary based on what kind of application is used for WSNs. Data confidentiality and access control to that collected data are the most challenging issues in WSNs because the users are able to access data from the different location via ad-hoc manner. Access control is one of the critical requirements to prevent unauthorised access from users. The current access control models in information systems cannot be applied straightforwardly because of some limitations namely limited energy, resource and memory, and low computation capability. Based on the requirements of WSNs, we proposed the Break-The-Glass Access Control (BTG-AC) model which is the modified and redesigned version of Break-The-Glass Role-Based Access Control (BTG-RBAC) model. The several changes within the access control engine are made in BTG-RBAC to apply and fit in WSNs. We developed the BTG-AC model in Ponder2 package. Also a medical scenario was developed to evaluate the BTG-AC model for medical data in WSNs. In this paper, detail design, implementation phase, evaluation result and policies evaluation for the BTG-AC model are presented. Based on the evaluation result, the BTG-AC model can be used in WSNs after several modifications have been made under Ponder2 Package

BTG-AC: Break-The-Glass Access Control Model for Medical Data in Wireless Sensor Networks

This article has been accepted for publication in IEEE Journal of Biomedical and Health Informatics following peer review. Available online at doi:10.1109/JBHI.2015.2510403.Wireless sensor networks (WSNs) have recently attracted much interest in the research community because of their wide range of applications. An emerging application for WSNs involves their use in healthcare where they are generally termed wireless medical sensor networks. In a hospital, outfitting every patient with tiny, wearable, wireless vital sign sensors would allow doctors, nurses, and other caregivers to continuously monitor the state of their patients. In such a scenario, patients are expected to be treated in reasonable time, so an access control model is needed, which will provide both real-time access to comprehensive medical records and detect unauthorized access to sensitive data. In emergency situations, a doctor or nurse needs to access data immediately. The loss in data availability can result in further decline in the patient's condition or can even lead to death. Therefore, the availability of data is more important than any security concern in emergency situations. To address that research issue for medical data in WSNs, we propose the break-the-glass access control (BTG-AC) model that is a modified and redesigned version of the break-the-glass role-based access control (BTG-RBAC) model to address data availability issue and to detect the security policy violations from both authorized and unauthorized users. Several changes within the access control engine are made in BTG-RBAC in order to make the new BTG-AC to apply and fit in WSNs. This paper presents the detailed design and development of the BTG-AC model based on a healthcare scenario. The evaluation results show that the concepts of BTG, prevention and detection mechanism, and obligation provide more flexible access than other current access control models in WSNs. Additionally, we compare the BTG-AC model with an adaptive access control (A2C) model, which has similar properties, for further evaluation. Alongside with the comparison, the advantages and disadvantages of BTG-AC over current WSN access control models are presented.Peer reviewe

A Survey of Access Control Models in Wireless Sensor Networks

Copyright 2014 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/)Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.Peer reviewe

Proceedings of Abstracts Engineering and Computer Science Research Conference 2019

© 2019 The Author(s). This is an open-access work distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. For further details please see https://creativecommons.org/licenses/by/4.0/. Note: Keynote: Fluorescence visualisation to evaluate effectiveness of personal protective equipment for infection control is © 2019 Crown copyright and so is licensed under the Open Government Licence v3.0. Under this licence users are permitted to copy, publish, distribute and transmit the Information; adapt the Information; exploit the Information commercially and non-commercially for example, by combining it with other Information, or by including it in your own product or application. Where you do any of the above you must acknowledge the source of the Information in your product or application by including or linking to any attribution statement specified by the Information Provider(s) and, where possible, provide a link to this licence: http://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/This book is the record of abstracts submitted and accepted for presentation at the Inaugural Engineering and Computer Science Research Conference held 17th April 2019 at the University of Hertfordshire, Hatfield, UK. This conference is a local event aiming at bringing together the research students, staff and eminent external guests to celebrate Engineering and Computer Science Research at the University of Hertfordshire. The ECS Research Conference aims to showcase the broad landscape of research taking place in the School of Engineering and Computer Science. The 2019 conference was articulated around three topical cross-disciplinary themes: Make and Preserve the Future; Connect the People and Cities; and Protect and Care

A Trust-Based Adaptive Access Control Model for Wireless Sensor Networks

Wireless Sensor Networks (WSNs) have recently attracted much interest in the research community because of their wide range of applications. One emerging application for WSNs involves their use in healthcare where they are generally termed Wireless Medical Sensor Networks (WMSNs). In a hospital, fitting patients with tiny, wearable, wireless vital sign sensors would allow doctors, nurses and others to continuously monitor the state of those in their care. In the healthcare industry, patients are expected to be treated in reasonable time and any loss in data availability can result in further decline in the patient’s condition or can even lead to death. Therefore, the availability of data is more important than security concerns. The overwhelming priority is to take care of the patient, but the privacy and confidentiality of that patient’s medical records cannot be neglected. In current healthcare applications, there are many problems concerning security policy violations such as unauthorised denial of use, unauthorised information modification and unauthorised information release of medical data in the real world environment. Current WSN access control models used the traditional Role-Based Access Control (RBAC) or cryptographic methods for data access control but the systems still need to predefine attributes, roles and policies before deployment. It is, however, difficult to determine in advance all the possible needs for access in real world applications because there may be unanticipated situations at any time. This research proceeds to study possible approaches to address the above issues and to develop a new access control model to fill the gaps in work done by the WSN research community. Firstly, the adaptive access control model is proposed and developed based on the concept of discretionary overriding to address the data availability issue. In the healthcare industry, there are many problems concerning unauthorised information release. So, we extended the adaptive access control model with a prevention and detection mechanism to detect security policy violations, and added the concept of obligation to take a course of action when a restricted access is granted or denied. However, this approach does not consider privacy of patients’ information because data availability is prioritised. To address the conflict between data availability and data privacy, this research proposed the Trust-based Adaptive Access Control (TBA2C) model that integrates the concept of trust into the previous model. A simple user behaviour trust model is developed to calculate the behaviour trust value which measures the trustworthiness of the users and that is used as one of the defined thresholds to override access policy for data availability purpose, but the framework of the TBA2C model can be adapted with other trust models in the research community. The trust model can also protect data privacy because only a user who satisfies the relevant trust threshold can get restricted access in emergency and unanticipated situations. Moreover, the introduction of trust values in the enforcement of authorisation decisions can detect abnormal data access even from authorised users. Ponder2 is used to develop the TBA2C model gradually, starting from a simple access control model to the full TBA2C. In Ponder2, a Self-Managed Cell (SMC) simulates a sensor node with the TBA2C engine inside it. Additionally, to enable a full comparison with the proposed TBA2C model, the Break-The-Glass Role Based Access Control (BTGRBAC) model is redesigned and developed in the same platform (Ponder2). The proposed TBA2C model is the first to realise a flexible access control engine and to address the conflict between data availability and data privacy by combining the concepts of discretionary overriding, the user behaviour trust model, and the prevention and detection mechanism

A Priority-based Fair Queuing (PFQ) Model for Wireless Healthcare System

Healthcare is a very active research area, primarily due to the increase in the elderly population that leads to increasing number of emergency situations that require urgent actions. In recent years some of wireless networked medical devices were equipped with different sensors to measure and report on vital signs of patient remotely. The most important sensors are Heart Beat Rate (ECG), Pressure and Glucose sensors. However, the strict requirements and real-time nature of medical applications dictate the extreme importance and need for appropriate Quality of Service (QoS), fast and accurate delivery of a patient’s measurements in reliable e-Health ecosystem. As the elderly age and older adult population is increasing (65 years and above) due to the advancement in medicine and medical care in the last two decades; high QoS and reliable e-health ecosystem has become a major challenge in Healthcare especially for patients who require continuous monitoring and attention. Nevertheless, predictions have indicated that elderly population will be approximately 2 billion in developing countries by 2050 where availability of medical staff shall be unable to cope with this growth and emergency cases that need immediate intervention. On the other side, limitations in communication networks capacity, congestions and the humongous increase of devices, applications and IOT using the available communication networks add extra layer of challenges on E-health ecosystem such as time constraints, quality of measurements and signals reaching healthcare centres. Hence this research has tackled the delay and jitter parameters in E-health M2M wireless communication and succeeded in reducing them in comparison to current available models. The novelty of this research has succeeded in developing a new Priority Queuing model ‘’Priority Based-Fair Queuing’’ (PFQ) where a new priority level and concept of ‘’Patient’s Health Record’’ (PHR) has been developed and integrated with the Priority Parameters (PP) values of each sensor to add a second level of priority. The results and data analysis performed on the PFQ model under different scenarios simulating real M2M E-health environment have revealed that the PFQ has outperformed the results obtained from simulating the widely used current models such as First in First Out (FIFO) and Weight Fair Queuing (WFQ). PFQ model has improved transmission of ECG sensor data by decreasing delay and jitter in emergency cases by 83.32% and 75.88% respectively in comparison to FIFO and 46.65% and 60.13% with respect to WFQ model. Similarly, in pressure sensor the improvements were 82.41% and 71.5% and 68.43% and 73.36% in comparison to FIFO and WFQ respectively. Data transmission were also improved in the Glucose sensor by 80.85% and 64.7% and 92.1% and 83.17% in comparison to FIFO and WFQ respectively. However, non-emergency cases data transmission using PFQ model was negatively impacted and scored higher rates than FIFO and WFQ since PFQ tends to give higher priority to emergency cases. Thus, a derivative from the PFQ model has been developed to create a new version namely “Priority Based-Fair Queuing-Tolerated Delay” (PFQ-TD) to balance the data transmission between emergency and non-emergency cases where tolerated delay in emergency cases has been considered. PFQ-TD has succeeded in balancing fairly this issue and reducing the total average delay and jitter of emergency and non-emergency cases in all sensors and keep them within the acceptable allowable standards. PFQ-TD has improved the overall average delay and jitter in emergency and non-emergency cases among all sensors by 41% and 84% respectively in comparison to PFQ model

Immunochromatographic diagnostic test analysis using Google Glass.

We demonstrate a Google Glass-based rapid diagnostic test (RDT) reader platform capable of qualitative and quantitative measurements of various lateral flow immunochromatographic assays and similar biomedical diagnostics tests. Using a custom-written Glass application and without any external hardware attachments, one or more RDTs labeled with Quick Response (QR) code identifiers are simultaneously imaged using the built-in camera of the Google Glass that is based on a hands-free and voice-controlled interface and digitally transmitted to a server for digital processing. The acquired JPEG images are automatically processed to locate all the RDTs and, for each RDT, to produce a quantitative diagnostic result, which is returned to the Google Glass (i.e., the user) and also stored on a central server along with the RDT image, QR code, and other related information (e.g., demographic data). The same server also provides a dynamic spatiotemporal map and real-time statistics for uploaded RDT results accessible through Internet browsers. We tested this Google Glass-based diagnostic platform using qualitative (i.e., yes/no) human immunodeficiency virus (HIV) and quantitative prostate-specific antigen (PSA) tests. For the quantitative RDTs, we measured activated tests at various concentrations ranging from 0 to 200 ng/mL for free and total PSA. This wearable RDT reader platform running on Google Glass combines a hands-free sensing and image capture interface with powerful servers running our custom image processing codes, and it can be quite useful for real-time spatiotemporal tracking of various diseases and personal medical conditions, providing a valuable tool for epidemiology and mobile health

User-Centric Security and Privacy Mechanisms in Untrusted Networking and Computing Environments

Our modern society is increasingly relying on the collection, processing, and sharing of digital information. There are two fundamental trends: (1) Enabled by the rapid developments in sensor, wireless, and networking technologies, communication and networking are becoming more and more pervasive and ad hoc. (2) Driven by the explosive growth of hardware and software capabilities, computation power is becoming a public utility and information is often stored in centralized servers which facilitate ubiquitous access and sharing. Many emerging platforms and systems hinge on both dimensions, such as E-healthcare and Smart Grid. However, the majority information handled by these critical systems is usually sensitive and of high value, while various security breaches could compromise the social welfare of these systems. Thus there is an urgent need to develop security and privacy mechanisms to protect the authenticity, integrity and confidentiality of the collected data, and to control the disclosure of private information. In achieving that, two unique challenges arise: (1) There lacks centralized trusted parties in pervasive networking; (2) The remote data servers tend not to be trusted by system users in handling their data. They make existing security solutions developed for traditional networked information systems unsuitable. To this end, in this dissertation we propose a series of user-centric security and privacy mechanisms that resolve these challenging issues in untrusted network and computing environments, spanning wireless body area networks (WBAN), mobile social networks (MSN), and cloud computing. The main contributions of this dissertation are fourfold. First, we propose a secure ad hoc trust initialization protocol for WBAN, without relying on any pre-established security context among nodes, while defending against a powerful wireless attacker that may or may not compromise sensor nodes. The protocol is highly usable for a human user. Second, we present novel schemes for sharing sensitive information among distributed mobile hosts in MSN which preserves user privacy, where the users neither need to fully trust each other nor rely on any central trusted party. Third, to realize owner-controlled sharing of sensitive data stored on untrusted servers, we put forward a data access control framework using Multi-Authority Attribute-Based Encryption (ABE), that supports scalable fine-grained access and on-demand user revocation, and is free of key-escrow. Finally, we propose mechanisms for authorized keyword search over encrypted data on untrusted servers, with efficient multi-dimensional range, subset and equality query capabilities, and with enhanced search privacy. The common characteristic of our contributions is they minimize the extent of trust that users must place in the corresponding network or computing environments, in a way that is user-centric, i.e., favoring individual owners/users