A survey on wireless body area networks: architecture, security challenges and research opportunities.

In the era of communication technologies, wireless healthcare networks enable innovative applications to enhance the quality of patients’ lives, provide useful monitoring tools for caregivers, and allows timely intervention. However, due to the sensitive information within the Wireless Body Area Networks (WBANs), insecure data violates the patients’ privacy and may consequently lead to improper medical diagnosis and/or treatment. Achieving a high level of security and privacy in WBAN involves various challenges due to its resource limitations and critical applications. In this paper, a comprehensive survey of the WBAN technology is provided, with a particular focus on the security and privacy concerns along with their countermeasures, followed by proposed research directions and open issues

Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications

The use of wireless sensor networks (WSN) in healthcare applications is growing in a fast pace. Numerous applications such as heart rate monitor, blood pressure monitor and endoscopic capsule are already in use. To address the growing use of sensor technology in this area, a new field known as wireless body area networks (WBAN or simply BAN) has emerged. As most devices and their applications are wireless in nature, security and privacy concerns are among major areas of concern. Due to direct involvement of humans also increases the sensitivity. Whether the data gathered from patients or individuals are obtained with the consent of the person or without it due to the need by the system, misuse or privacy concerns may restrict people from taking advantage of the full benefits from the system. People may not see these devices safe for daily use. There may also possibility of serious social unrest due to the fear that such devices may be used for monitoring and tracking individuals by government agencies or other private organizations. In this paper we discuss these issues and analyze in detail the problems and their possible measures

A Cloud-based Healthcare Framework for Security and Patients’ Data Privacy Using Wireless Body Area Networks

AbstractThe recent developments in remote healthcare systems have witnessed significant interests from IT industry (Microsoft, Google, VMware etc) that provide ubiquitous and easily deployable healthcare systems. These systems provide a platform to share medical information, applications, and infrastructure in a ubiquitous and fully automated manner. Communication security and patients’ data privacy are the aspects that would increase the confidence of users in such remote healthcare systems. This paper presents a secure cloud-based mobile healthcare framework using wireless body area networks (WBANs). The research work presented here is twofold: first, it attempts to secure the inter-sensor communication by multi-biometric based key generation scheme in WBANs; and secondly, the electronic medical records (EMRs) are securely stored in the hospital community cloud and privacy of the patients’ data is preserved. The evaluation and analysis shows that the proposed multi-biometric based mechanism provides significant security measures due to its highly efficient key generation mechanism

Remote patient monitoring using safe and secure WBAN technology

In the recent years, we have witnessed a tremendous growth and development in the field of wireless communication technology and sensors. Resulting into opening new dimensions in various research fields. The integration of Nano scale devices with low power consumption circuits brought a new evolution in wireless networks. This blend of technologies led to the formation of a new field in WSN (Wireless Sensor Networks) known as WBAN (Wireless Body Area Network). WBAN is based on small sensors designed to operate and function mainly on the human body. As we are dealing with human lives, security and privacy are major concerns as patients’ data is at the stakes. Authentication is an important factor in securing information from unauthorized usage. Now-a-days a lot of research has been done in order to improve the overall authentication mechanisms in WBAN. In this poster, we are surveying the security challenges in WBAN with a focus on the authentication phase. A list of several methods along with their schemes has been studied and recapitulated. ECG is one the most popular schemes used in WBAN, benefiting from its uniqueness. However, it comes with challenges as creating an extract trait could get complicated. ECG could be aided by the help of combining fingerprint which will result in a non-destructive method of biometric authentication compared with single ECG trait

Biometric behavior authentication exploiting propagation characteristics of wireless channel

Massive expansion of wireless body area networks (WBANs) in the field of health monitoring applications has given rise to the generation of huge amount of biomedical data. Ensuring privacy and security of this very personal data serves as a major hurdle in the development of these systems. An effective and energy friendly authentication algorithm is, therefore, a necessary requirement for current WBANs. Conventional authentication algorithms are often implemented on higher levels of the Open System Interconnection model and require advanced software or major hardware upgradation. This paper investigates the implementation of a physical layer security algorithm as an alternative. The algorithm is based on the behavior fingerprint developed using the wireless channel characteristics. The usability of the algorithm is established through experimental results, which show that this authentication method is not only effective, but also very suitable for the energy-, resource-, and interface-limited WBAN medical applications

Firefighter and victims protecting solution based on wireless body area network nodes

Interconnectivity between Web systems and sensor networks is used to provide smart services for the Internet of Things. These services are based on data collection and processing to obtain useful information about the supervised environment. With this information it is possible to provide smart services, but some of them must be considered as protected by the legislation regarding privacy of personal data. In order to face this issue, security and privacy mechanisms must be used. So as to deal with the limited resources in sensor networks, these mechanisms must be as lightweight as possible to preserve the enough Quality of Service. However, these mechanisms must fulfill security and privacy requirements defined by the regulations. This paper describes a Wireless Body Area Network application providing services to protect firefighter work in hazardous environments. The firefighter wears a special shirt with sensors embedded. These sensors are able to monitor not only the firefighter health status, but also they can be connected to external sensors in order to monitor the health status of the victims. These external sensors are part of the equipment carried by the firefighter to face the emergencies and save lives. Thus, they are able to obtain external medical aid

Secure publish-subscribe protocols for heterogeneous medical wireless body area networks

Security and privacy issues in medical wireless body area networks (WBANs) constitute a major unsolved concern because of the challenges posed by the scarcity of resources in WBAN devices and the usability restrictions imposed by the healthcare domain. In this paper, we describe a WBAN architecture based on the well-known publish-subscribe paradigm. We present two protocols for publishing data and sending commands to a sensor that guarantee confidentiality and fine-grained access control. Both protocols are based on a recently proposed ciphertext policy attribute-based encryption (CP-ABE) scheme that is lightweight enough to be embedded into wearable sensors. We show how sensors can implement lattice-based access control (LBAC) policies using this scheme, which are highly appropriate for the eHealth domain. We report experimental results with a prototype implementation demonstrating the suitability of our proposed solution.This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You)

BANZKP: a Secure Authentication Scheme Using Zero Knowledge Proof for WBANs

-Wireless body area network(WBAN) has shown great potential in improving healthcare quality not only for patients but also for medical staff. However, security and privacy are still an important issue in WBANs especially in multi-hop architectures. In this paper, we propose and present the design and the evaluation of a secure lightweight and energy efficient authentication scheme BANZKP based on an efficient cryptographic protocol, Zero Knowledge Proof (ZKP) and a commitment scheme. ZKP is used to confirm the identify of the sensor nodes, with small computational requirement, which is favorable for body sensors given their limited resources, while the commitment scheme is used to deal with replay attacks and hence the injection attacks by committing a message and revealing the key later. Our scheme reduces the memory requirement by 56.13 % compared to TinyZKP [13], the comparable alternative so far for Body Area Networks, and uses 10 % less energy

User-Centric Security and Privacy Mechanisms in Untrusted Networking and Computing Environments

Our modern society is increasingly relying on the collection, processing, and sharing of digital information. There are two fundamental trends: (1) Enabled by the rapid developments in sensor, wireless, and networking technologies, communication and networking are becoming more and more pervasive and ad hoc. (2) Driven by the explosive growth of hardware and software capabilities, computation power is becoming a public utility and information is often stored in centralized servers which facilitate ubiquitous access and sharing. Many emerging platforms and systems hinge on both dimensions, such as E-healthcare and Smart Grid. However, the majority information handled by these critical systems is usually sensitive and of high value, while various security breaches could compromise the social welfare of these systems. Thus there is an urgent need to develop security and privacy mechanisms to protect the authenticity, integrity and confidentiality of the collected data, and to control the disclosure of private information. In achieving that, two unique challenges arise: (1) There lacks centralized trusted parties in pervasive networking; (2) The remote data servers tend not to be trusted by system users in handling their data. They make existing security solutions developed for traditional networked information systems unsuitable. To this end, in this dissertation we propose a series of user-centric security and privacy mechanisms that resolve these challenging issues in untrusted network and computing environments, spanning wireless body area networks (WBAN), mobile social networks (MSN), and cloud computing. The main contributions of this dissertation are fourfold. First, we propose a secure ad hoc trust initialization protocol for WBAN, without relying on any pre-established security context among nodes, while defending against a powerful wireless attacker that may or may not compromise sensor nodes. The protocol is highly usable for a human user. Second, we present novel schemes for sharing sensitive information among distributed mobile hosts in MSN which preserves user privacy, where the users neither need to fully trust each other nor rely on any central trusted party. Third, to realize owner-controlled sharing of sensitive data stored on untrusted servers, we put forward a data access control framework using Multi-Authority Attribute-Based Encryption (ABE), that supports scalable fine-grained access and on-demand user revocation, and is free of key-escrow. Finally, we propose mechanisms for authorized keyword search over encrypted data on untrusted servers, with efficient multi-dimensional range, subset and equality query capabilities, and with enhanced search privacy. The common characteristic of our contributions is they minimize the extent of trust that users must place in the corresponding network or computing environments, in a way that is user-centric, i.e., favoring individual owners/users

A comprehensive survey of wireless body area networks on PHY, MAC, and network layers solutions

Recent advances in microelectronics and integrated circuits, system-on-chip design, wireless communication and intelligent low-power sensors have allowed the realization of a Wireless Body Area Network (WBAN). A WBAN is a collection of low-power, miniaturized, invasive/non-invasive lightweight wireless sensor nodes that monitor the human body functions and the surrounding environment. In addition, it supports a number of innovative and interesting applications such as ubiquitous healthcare, entertainment, interactive gaming, and military applications. In this paper, the fundamental mechanisms of WBAN including architecture and topology, wireless implant communication, low-power Medium Access Control (MAC) and routing protocols are reviewed. A comprehensive study of the proposed technologies for WBAN at Physical (PHY), MAC, and Network layers is presented and many useful solutions are discussed for each layer. Finally, numerous WBAN applications are highlighted