A Priority-based Fair Queuing (PFQ) Model for Wireless Healthcare System

Healthcare is a very active research area, primarily due to the increase in the elderly population that leads to increasing number of emergency situations that require urgent actions. In recent years some of wireless networked medical devices were equipped with different sensors to measure and report on vital signs of patient remotely. The most important sensors are Heart Beat Rate (ECG), Pressure and Glucose sensors. However, the strict requirements and real-time nature of medical applications dictate the extreme importance and need for appropriate Quality of Service (QoS), fast and accurate delivery of a patient’s measurements in reliable e-Health ecosystem. As the elderly age and older adult population is increasing (65 years and above) due to the advancement in medicine and medical care in the last two decades; high QoS and reliable e-health ecosystem has become a major challenge in Healthcare especially for patients who require continuous monitoring and attention. Nevertheless, predictions have indicated that elderly population will be approximately 2 billion in developing countries by 2050 where availability of medical staff shall be unable to cope with this growth and emergency cases that need immediate intervention. On the other side, limitations in communication networks capacity, congestions and the humongous increase of devices, applications and IOT using the available communication networks add extra layer of challenges on E-health ecosystem such as time constraints, quality of measurements and signals reaching healthcare centres. Hence this research has tackled the delay and jitter parameters in E-health M2M wireless communication and succeeded in reducing them in comparison to current available models. The novelty of this research has succeeded in developing a new Priority Queuing model ‘’Priority Based-Fair Queuing’’ (PFQ) where a new priority level and concept of ‘’Patient’s Health Record’’ (PHR) has been developed and integrated with the Priority Parameters (PP) values of each sensor to add a second level of priority. The results and data analysis performed on the PFQ model under different scenarios simulating real M2M E-health environment have revealed that the PFQ has outperformed the results obtained from simulating the widely used current models such as First in First Out (FIFO) and Weight Fair Queuing (WFQ). PFQ model has improved transmission of ECG sensor data by decreasing delay and jitter in emergency cases by 83.32% and 75.88% respectively in comparison to FIFO and 46.65% and 60.13% with respect to WFQ model. Similarly, in pressure sensor the improvements were 82.41% and 71.5% and 68.43% and 73.36% in comparison to FIFO and WFQ respectively. Data transmission were also improved in the Glucose sensor by 80.85% and 64.7% and 92.1% and 83.17% in comparison to FIFO and WFQ respectively. However, non-emergency cases data transmission using PFQ model was negatively impacted and scored higher rates than FIFO and WFQ since PFQ tends to give higher priority to emergency cases. Thus, a derivative from the PFQ model has been developed to create a new version namely “Priority Based-Fair Queuing-Tolerated Delay” (PFQ-TD) to balance the data transmission between emergency and non-emergency cases where tolerated delay in emergency cases has been considered. PFQ-TD has succeeded in balancing fairly this issue and reducing the total average delay and jitter of emergency and non-emergency cases in all sensors and keep them within the acceptable allowable standards. PFQ-TD has improved the overall average delay and jitter in emergency and non-emergency cases among all sensors by 41% and 84% respectively in comparison to PFQ model

Secure Data Aggregation and Access Control in Cloud Assisted eHealth Care System

Recently electronic health (eHealth) care system has drawn a lot of attention from the research community and the industry to face the challenge of rapidly growing elderly population and ever rising health care spending. The health care sector is also driven by the need to reduce costs while simultaneously increasing the service of quality for patients, especially extending health care to patient's residence. Advances in wireless body area networks (WBANs) have made it possible to monitor patient's physiological signals (such as electrocardiogram (ECG), blood oxygen levels) and other health related information (such as physical activity levels) in a residential setting or a mobile setting. Integrating this technology with existing 3G or 4G wireless technologies permits real-time mobile and permanent monitoring of patients, even during their daily normal activities. In such a heterogeneous wireless environment, we can use Ad-hoc network instead of traditional infrastructure-based wireless networks that can reduces cost of deployment, enhances network performance, increases the overall network coverage area as well as reduces the service cost. However, secure communication with data integrity and confidentiality in this type of network is a very challenging task due to different wireless technologies and subscription from various service providers. In addition, instead of storing the PHI at local health-service provider, the recent advancement of cloud computing allows us to store all personal health information (PHI) at cloud-storage and ensures availability with reduce the capital and operational expenditures. However, they also bear new risks and raise challenges with respect to security and privacy aspects. Stored data confidentiality with patient-centric access control is considered as one of the biggest challenges raised by cloud-storage used in eHealth care system. To address these challenges, in this thesis, we first identify unique features of the eHealth care system with security and privacy consideration. We then propose a light weight secure data forwarding scheme for the WBNs environment. A hybrid approach, integrated with public and private key cryptography was adopted to ensure the effectiveness of the scheme. Due to critical and real-time nature of the health application, WBANs also need to provide acceptable Quality of Service(QoS) in order to provide an efficient, valuable and fully reliable assistance to patients. Taking QoS as an evaluation metric, we study packet scheduling schemes for realtime transmission in WBAN and classified real-time and non real-time traffic to minimize the waiting time of eHealth application's data traffic. Secondly, we propose an Agent-based Secure and Trustworthy packet-forwarding Protocol (ASTP) for a cooperative mobile social network. In a cooperative mobile social network environment patient equipped with WBANs forms an on-demand adhoc network and use multi-hop routing to enhance network performance, minimize the cost of deployment, increase the coverage area as well as reduce the overall service cost. We use Semi-agent-symmetric trust metric, considering neighbor nodes' previous and recent activities and incorporate with proper security tools that enhanced the overall performance. Renewable pseudo-identities are used to ensure patients' identity privacy. Security analysis and experimental results demonstrate that ASTP improves the average packet delivery ratio and maintains the require security and privacy at the cost of an acceptable communication delay. Considering patients living in rural area, thirdly we introduce a delay-tolerant secure long-term health care scheme, RuralCare, for collecting patient’s sensitive PHI by using conventional transportation vehicles (e.g., cars, buses) as relay nodes. These vehicles are expected to store, carry, and forward the PHI to the health-service-provider located mostly at the city area following an opportunistic routing. RuralCare improves network performance by providing incentive to the cooperative vehicles, and encompasses identity based cryptography to ensure security and privacy of the PHI during the routing period by using short digital signature and pseudo-identity. Network fairness and resistance to different possible attacks are also ensured by RCare. Extensive security and performance analyses demonstrate that RuralCare is able to achieve desired security requirements with effectiveness in terms of high delivery ratio. Finally, to store patients’ sensitive PHI at the cloud storage and ensure availability with reducing the capital and operational expenditures, we propose a patient-centric personal health information sharing and access control scheme (ESPAC). ESPAC relieves the health service provider’s (HSP) additional burden for PHI storage, management, and maintenance by incorporating cloud storage services to electronic Health (eHealth) care system. ESPAC adopts attribute based encryption and assigns different attributes to PHI access requesters based on their roles and relation to the patient. To ensure authenticated PHI access with minimum computation, we further enhance the proposed scheme ESPAC as M-ESPAC by introducing multi-parties proxy re-encryption protocol. Light weight partial and block PHI audits make the M-ESPAC efficient to ensure stored PHI integrity and availability. Extensive performance and security analyses demonstrate that proposed schemes are able to achieve desired security requirements with acceptable computation and storage costs. The research results of the thesis should be useful for the implementation of secure and privacy-preserving eHealth care system with patient centric access control of stored PHIs

Toward energy-efficient and trustworthy eHealth monitoring system

The rapid technological convergence between Internet of Things (IoT), Wireless Body Area Networks (WBANs) and cloud computing has made e-healthcare emerge as a promising application domain, which has significant potential to improve the quality of medical care. In particular, patient-centric health monitoring plays a vital role in e-healthcare service, involving a set of important operations ranging from medical data collection and aggregation, data transmission and segregation, to data analytics. This survey paper firstly presents an architectural framework to describe the entire monitoring life cycle and highlight the essential service components. More detailed discussions are then devoted to {em data collection} at patient side, which we argue that it serves as fundamental basis in achieving robust, efficient, and secure health monitoring. Subsequently, a profound discussion of the security threats targeting eHealth monitoring systems is presented, and the major limitations of the existing solutions are analyzed and extensively discussed. Finally, a set of design challenges is identified in order to achieve high quality and secure patient-centric monitoring schemes, along with some potential solutions

Wireless biomedical sensor networks: the technology

The increase in research in the area of wireless sensor networks (WSN) has brought a whole new meaning to medical devices. This is mainly due to advances in microcontroller technologies. The WSN are cited as one of the major technologies of this century and hence it assumes importance in areas such as health, psychology, fire prevention, security and even the military. The great advantage of this technology is the ability to track, monitor, study, understand and act on a particular phenomenon or event. The primary purpose of a wireless health system is reliable data transfer with minimum delay. This work is a synthesis of vast research done as Wireless Biomedical Sensor Networks (WBSN), including experimental and non-experimental investigations as well as data from the theoretical and empirical literature which incorporates a wide range of purposes: definition of concepts, review theories and evidence analysis of methodological problems, seeking to generate a consistent and understandable overview of WBSN. Such systems are already being marketed, some are still under investigation. It is also the aim of this study to identify the characteristics of a WSN applied to health.info:eu-repo/semantics/publishedVersio

Performance assessment of real-time data management on wireless sensor networks

Technological advances in recent years have allowed the maturity of Wireless Sensor Networks (WSNs), which aim at performing environmental monitoring and data collection. This sort of network is composed of hundreds, thousands or probably even millions of tiny smart computers known as wireless sensor nodes, which may be battery powered, equipped with sensors, a radio transceiver, a Central Processing Unit (CPU) and some memory. However due to the small size and the requirements of low-cost nodes, these sensor node resources such as processing power, storage and especially energy are very limited. Once the sensors perform their measurements from the environment, the problem of data storing and querying arises. In fact, the sensors have restricted storage capacity and the on-going interaction between sensors and environment results huge amounts of data. Techniques for data storage and query in WSN can be based on either external storage or local storage. The external storage, called warehousing approach, is a centralized system on which the data gathered by the sensors are periodically sent to a central database server where user queries are processed. The local storage, in the other hand called distributed approach, exploits the capabilities of sensors calculation and the sensors act as local databases. The data is stored in a central database server and in the devices themselves, enabling one to query both. The WSNs are used in a wide variety of applications, which may perform certain operations on collected sensor data. However, for certain applications, such as real-time applications, the sensor data must closely reflect the current state of the targeted environment. However, the environment changes constantly and the data is collected in discreet moments of time. As such, the collected data has a temporal validity, and as time advances, it becomes less accurate, until it does not reflect the state of the environment any longer. Thus, these applications must query and analyze the data in a bounded time in order to make decisions and to react efficiently, such as industrial automation, aviation, sensors network, and so on. In this context, the design of efficient real-time data management solutions is necessary to deal with both time constraints and energy consumption. This thesis studies the real-time data management techniques for WSNs. It particularly it focuses on the study of the challenges in handling real-time data storage and query for WSNs and on the efficient real-time data management solutions for WSNs. First, the main specifications of real-time data management are identified and the available real-time data management solutions for WSNs in the literature are presented. Secondly, in order to provide an energy-efficient real-time data management solution, the techniques used to manage data and queries in WSNs based on the distributed paradigm are deeply studied. In fact, many research works argue that the distributed approach is the most energy-efficient way of managing data and queries in WSNs, instead of performing the warehousing. In addition, this approach can provide quasi real-time query processing because the most current data will be retrieved from the network. Thirdly, based on these two studies and considering the complexity of developing, testing, and debugging this kind of complex system, a model for a simulation framework of the real-time databases management on WSN that uses a distributed approach and its implementation are proposed. This will help to explore various solutions of real-time database techniques on WSNs before deployment for economizing money and time. Moreover, one may improve the proposed model by adding the simulation of protocols or place part of this simulator on another available simulator. For validating the model, a case study considering real-time constraints as well as energy constraints is discussed. Fourth, a new architecture that combines statistical modeling techniques with the distributed approach and a query processing algorithm to optimize the real-time user query processing are proposed. This combination allows performing a query processing algorithm based on admission control that uses the error tolerance and the probabilistic confidence interval as admission parameters. The experiments based on real world data sets as well as synthetic data sets demonstrate that the proposed solution optimizes the real-time query processing to save more energy while meeting low latency.Fundação para a Ciência e Tecnologi

Identity Management and Authorization Infrastructure in Secure Mobile Access to Electronic Health Records

We live in an age of the mobile paradigm of anytime/anywhere access, as the mobile device is the most ubiquitous device that people now hold. Due to their portability, availability, easy of use, communication, access and sharing of information within various domains and areas of our daily lives, the acceptance and adoption of these devices is still growing. However, due to their potential and raising numbers, mobile devices are a growing target for attackers and, like other technologies, mobile applications are still vulnerable. Health information systems are composed with tools and software to collect, manage, analyze and process medical information (such as electronic health records and personal health records). Therefore, such systems can empower the performance and maintenance of health services, promoting availability, readability, accessibility and data sharing of vital information about a patients overall medical history, between geographic fragmented health services. Quick access to information presents a great importance in the health sector, as it accelerates work processes, resulting in better time utilization. Additionally, it may increase the quality of care. However health information systems store and manage highly sensitive data, which raises serious concerns regarding patients privacy and safety, and may explain the still increasing number of malicious incidents reports within the health domain. Data related to health information systems are highly sensitive and subject to severe legal and regulatory restrictions, that aim to protect the individual rights and privacy of patients. Along side with these legislations, security requirements must be analyzed and measures implemented. Within the necessary security requirements to access health data, secure authentication, identity management and access control are essential to provide adequate means to protect data from unauthorized accesses. However, besides the use of simple authentication models, traditional access control models are commonly based on predefined access policies and roles, and are inflexible. This results in uniform access control decisions through people, different type of devices, environments and situational conditions, and across enterprises, location and time. Although already existent models allow to ensure the needs of the health care systems, they still lack components for dynamicity and privacy protection, which leads to not have desire levels of security and to the patient not to have a full and easy control of his privacy. Within this master thesis, after a deep research and review of the stat of art, was published a novel dynamic access control model, Socio-Technical Risk-Adaptable Access Control modEl (SoTRAACE), which can model the inherent differences and security requirements that are present in this thesis. To do this, SoTRAACE aggregates attributes from various domains to help performing a risk assessment at the moment of the request. The assessment of the risk factors identified in this work is based in a Delphi Study. A set of security experts from various domains were selected, to classify the impact in the risk assessment of each attribute that SoTRAACE aggregates. SoTRAACE was integrated in an architecture with requirements well-founded, and based in the best recommendations and standards (OWASP, NIST 800-53, NIST 800-57), as well based in deep review of the state-of-art. The architecture is further targeted with the essential security analysis and the threat model. As proof of concept, the proposed access control model was implemented within the user-centric architecture, with two mobile prototypes for several types of accesses by patients and healthcare professionals, as well the web servers that handles the access requests, authentication and identity management. The proof of concept shows that the model works as expected, with transparency, assuring privacy and data control to the user without impact for user experience and interaction. It is clear that the model can be extended to other industry domains, and new levels of risks or attributes can be added because it is modular. The architecture also works as expected, assuring secure authentication with multifactor, and secure data share/access based in SoTRAACE decisions. The communication channel that SoTRAACE uses was also protected with a digital certificate. At last, the architecture was tested within different Android versions, tested with static and dynamic analysis and with tests with security tools. Future work includes the integration of health data standards and evaluating the proposed system by collecting users’ opinion after releasing the system to real world.Hoje em dia vivemos em um paradigma móvel de acesso em qualquer lugar/hora, sendo que os dispositivos móveis são a tecnologia mais presente no dia a dia da sociedade. Devido à sua portabilidade, disponibilidade, fácil manuseamento, poder de comunicação, acesso e partilha de informação referentes a várias áreas e domínios das nossas vidas, a aceitação e integração destes dispositivos é cada vez maior. No entanto, devido ao seu potencial e aumento do número de utilizadores, os dispositivos móveis são cada vez mais alvos de ataques, e tal como outras tecnologias, aplicações móveis continuam a ser vulneráveis. Sistemas de informação de saúde são compostos por ferramentas e softwares que permitem recolher, administrar, analisar e processar informação médica (tais como documentos de saúde eletrónicos). Portanto, tais sistemas podem potencializar a performance e a manutenção dos serviços de saúde, promovendo assim a disponibilidade, acessibilidade e a partilha de dados vitais referentes ao registro médico geral dos pacientes, entre serviços e instituições que estão geograficamente fragmentadas. O rápido acesso a informações médicas apresenta uma grande importância para o setor da saúde, dado que acelera os processos de trabalho, resultando assim numa melhor eficiência na utilização do tempo e recursos. Consequentemente haverá uma melhor qualidade de tratamento. Porém os sistemas de informação de saúde armazenam e manuseiam dados bastantes sensíveis, o que levanta sérias preocupações referentes à privacidade e segurança do paciente. Assim se explica o aumento de incidentes maliciosos dentro do domínio da saúde. Os dados de saúde são altamente sensíveis e são sujeitos a severas leis e restrições regulamentares, que pretendem assegurar a proteção dos direitos e privacidade dos pacientes, salvaguardando os seus dados de saúde. Juntamente com estas legislações, requerimentos de segurança devem ser analisados e medidas implementadas. Dentro dos requerimentos necessários para aceder aos dados de saúde, uma autenticação segura, gestão de identidade e controlos de acesso são essenciais para fornecer meios adequados para a proteção de dados contra acessos não autorizados. No entanto, além do uso de modelos simples de autenticação, os modelos tradicionais de controlo de acesso são normalmente baseados em políticas de acesso e cargos pré-definidos, e são inflexíveis. Isto resulta em decisões de controlo de acesso uniformes para diferentes pessoas, tipos de dispositivo, ambientes e condições situacionais, empresas, localizações e diferentes alturas no tempo. Apesar dos modelos existentes permitirem assegurar algumas necessidades dos sistemas de saúde, ainda há escassez de componentes para accesso dinâmico e proteção de privacidade , o que resultam em níveis de segurança não satisfatórios e em o paciente não ter controlo directo e total sobre a sua privacidade e documentos de saúde. Dentro desta tese de mestrado, depois da investigação e revisão intensiva do estado da arte, foi publicado um modelo inovador de controlo de acesso, chamado SoTRAACE, que molda as diferenças de acesso inerentes e requerimentos de segurança presentes nesta tese. Para isto, o SoTRAACE agrega atributos de vários ambientes e domínios que ajudam a executar uma avaliação de riscos, no momento em que os dados são requisitados. A avaliação dos fatores de risco identificados neste trabalho são baseados num estudo de Delphi. Um conjunto de peritos de segurança de vários domínios industriais foram selecionados, para classificar o impacto de cada atributo que o SoTRAACE agrega. O SoTRAACE foi integrado numa arquitectura para acesso a dados médicos, com requerimentos bem fundados, baseados nas melhores normas e recomendações (OWASP, NIST 800-53, NIST 800-57), e em revisões intensivas do estado da arte. Esta arquitectura é posteriormente alvo de uma análise de segurança e modelos de ataque. Como prova deste conceito, o modelo de controlo de acesso proposto é implementado juntamente com uma arquitetura focada no utilizador, com dois protótipos para aplicações móveis, que providênciam vários tipos de acesso de pacientes e profissionais de saúde. A arquitetura é constituída também por servidores web que tratam da gestão de dados, controlo de acesso e autenticação e gestão de identidade. O resultado final mostra que o modelo funciona como esperado, com transparência, assegurando a privacidade e o controlo de dados para o utilizador, sem ter impacto na sua interação e experiência. Consequentemente este modelo pode-se extender para outros setores industriais, e novos níveis de risco ou atributos podem ser adicionados a este mesmo, por ser modular. A arquitetura também funciona como esperado, assegurando uma autenticação segura com multi-fator, acesso e partilha de dados segura baseado em decisões do SoTRAACE. O canal de comunicação que o SoTRAACE usa foi também protegido com um certificado digital. A arquitectura foi testada em diferentes versões de Android, e foi alvo de análise estática, dinâmica e testes com ferramentas de segurança. Para trabalho futuro está planeado a integração de normas de dados de saúde e a avaliação do sistema proposto, através da recolha de opiniões de utilizadores no mundo real

System design and performance analysis of wireless body area networks

One key solution to provide affordable and proactive healthcare facilities to overcome the fast world population growth and a shortage of medical professionals is through health monitoring systems capable of early disease detection and real-time data transmission leading to considerable improvements in the quality of human life. Wireless body area networks (WBANs) are proposed as promising approaches to providing better mobility and flexibility experience than traditional wired medical systems by using low-power, miniaturised sensors inside, around, or off the human body and are employed to monitor physiological signals. However, the design of reliable and energy efficient in-body communication systems is still a major research challenge since implant devices are characterised by strict requirements on size, energy consumption and safety. Moreover, there is still no agreement regarding QoS support in WBANs. The first part of this work concentrates on the design and performance evaluation of WBAN communication systems involving the ‘in-body to in-body’ and ‘in-body to on-body’ scenarios. The essential step is to derive the statistical WBAN path loss (PL) models, which characterise the signal propagation energy loss transmitting via intra-body region. Moreover, from the point of view of human body safety evaluation, the obtained specific absorption rate (SAR) values are compared with the latest Institute of Electrical and Electronics Engineers (IEEE) 802.15.6 Task Group technical standard and the International Commission on Non-Ionizing Radiation Protection (ICNIRP) safety guidelines. Link budget analysis is then presented using a range of energy-efficient modulation schemes, and the results are given including the transmission distance, data rate and transmitting power in individual sections. On the other hand, major quality of service (QoS) support challenges in WBANs are discussed and investigated. To achieve higher lifetime and lower network energy consumption, different data routing protocol methods, including incremental relaying and the two-relay based routing technique are taken into account. A set of key QoS metrics for linear mathematical models is given along with the related subjective functions. The incremental relaying routing protocol promises significant enhancements in in-body WBAN network lifetime by minimising the overall communication distance while the two-relay based routing method achieves better performance in terms of emergency data transmission and high traffic condition, QoS-aware WBANs design. Moreover, to handle real-time high data transmission applications such as capsule endoscope image transmission, a flexible QoS-aware wireless body area sensor networks (WBASNs) model is proposed and evaluated that can bring novel solutions for a realistic multi-user hospital environment regarding information packet collision probability, manageable numbers of sensor nodes and a wide range of data rates

Congestion control mechanism for sensor-cloud Infrastructure

 This thesis has developed a sensor-Cloud system that integrates WBANs with Cloud computing to enable real-time sensor data collection, storage, processing, sharing and management. As the main contribution of this study, a congestion detection and control protocol is proposed to ensure acceptable data flows are maintained during the network lifetime

Security and Privacy Preservation in Mobile Social Networks

Social networking extending the social circle of people has already become an important integral part of our daily lives. As reported by ComScore, social networking sites such as Facebook and Twitter have reached 82 percent of the world's online population, representing 1.2 billion users around the world. In the meantime, fueled by the dramatic advancements of smartphones and the ubiquitous connections of Bluetooth/WiFi/3G/LTE networks, social networking further becomes available for mobile users and keeps them posted on the up-to-date worldwide news and messages from their friends and families anytime anywhere. The convergence of social networking, advanced smartphones, and stable network infrastructures brings us a pervasive and omnipotent communication platform, named mobile social network (MSN), helping us stay connected better than ever. In the MSN, multiple communication techniques help users to launch a variety of applications in multiple communication domains including single-user domain, two-user domain, user-chain domain, and user-star domain. Within different communication domains, promising mobile applications are fostered. For example, nearby friend search application can be launched in the two-user or user-chain domains to help a user find other physically-close peers who have similar interests and preferences; local service providers disseminate advertising information to nearby users in the user-star domain; and health monitoring enables users to check the physiological signals in the single-user domain. Despite the tremendous benefits brought by the MSN, it still faces many technique challenges among of which security and privacy protections are the most important ones as smartphones are vulnerable to security attacks, users easily neglect their privacy preservation, and mutual trust relationships are difficult to be established in the MSN. In this thesis, we explore the unique characteristics and study typical research issues of the MSN. We conduct our research with a focus on security and privacy preservation while considering human factors. Specifically, we consider the profile matching application in the two-user domain, the cooperative data forwarding in the user-chain domain, the trustworthy service evaluation application in the user-star domain, and the healthcare monitoring application in the single-user domain. The main contributions are, i) considering the human comparison behavior and privacy requirements, we first propose a novel family of comparison-based privacy-preserving profile matching (PPM) protocols. The proposed protocols enable two users to obtain comparison results of attribute values in their profiles, while the attribute values are not disclosed. Taking user anonymity requirement as an evaluation metric, we analyze the anonymity protection of the proposed protocols. From the analysis, we found that the more comparison results are disclosed, the less anonymity protection is achieved by the protocol. Further, we explore the pseudonym strategy and an anonymity enhancing technique where users could be self-aware of the anonymity risk level and take appropriate actions when needed; ii) considering the inherent MSN nature --- opportunistic networking, we propose a cooperative privacy-preserving data forwarding (PDF) protocol to help users forward data to other users. We indicate that privacy and effective data forwarding are two conflicting goals: the cooperative data forwarding could be severely interrupted or even disabled when the privacy preservation of users is applied, because without sharing personal information users become unrecognizable to each other and the social interactions are no longer traceable. We explore the morality model of users from classic social theory, and use game-theoretic approach to obtain the optimal data forwarding strategy. Through simulation results, we show that the proposed cooperative data strategy can achieve both the privacy preservation and the forwarding efficiency; iii) to establish the trust relationship in a distributed MSN is a challenging task. We propose a trustworthy service evaluation (TSE) system, to help users exchange their service reviews toward local vendors. However, vendors and users could be the potential attackers aiming to disrupt the TSE system. We then consider the review attacks, i.e., vendors rejecting and modifying the authentic reviews of users, and the Sybil attacks, i.e., users abusing their pseudonyms to generate fake reviews. To prevent these attacks, we explore the token technique, the aggregate signature, and the secret sharing techniques. Simulation results show the security and the effectiveness of the TSE system can be guaranteed; iv) to improve the efficiency and reliability of communications in the single-user domain, we propose a prediction-based secure and reliable routing framework (PSR). It can be integrated with any specific routing protocol to improve the latter's reliability and prevent data injection attacks during data communication. We show that the regularity of body gesture can be learned and applied by body sensors such that the route with the highest predicted link quality can always be chose for data forwarding. The security analysis and simulation results show that the PSR significantly increases routing efficiency and reliability with or without the data injection attacks

Kablosuz vücut alan ağları için servis kalitesi destekli yeni bir ortam erişim kontrol protokolü

06.03.2018 tarihli ve 30352 sayılı Resmi Gazetede yayımlanan “Yükseköğretim Kanunu İle Bazı Kanun Ve Kanun Hükmünde Kararnamelerde Değişiklik Yapılması Hakkında Kanun” ile 18.06.2018 tarihli “Lisansüstü Tezlerin Elektronik Ortamda Toplanması, Düzenlenmesi ve Erişime Açılmasına İlişkin Yönerge” gereğince tam metin erişime açılmıştır.Kablosuz Vücut Alan Ağları (KVAA) kişisel alanda kullanılan, kablosuz ortamda haberleşen, algılayıcı düğümlerin oluşturduğu ağ modeli olarak tanımlanmaktadır. KVAA'lar medikal uygulamalar başta olmak üzere çok yaygın kullanım alanına sahiptir. Özellikle medikal uygulamalardaki verilerin hayati önem taşımasından dolayı KVAA'larda servis kalitesini sağlamak önemli bir konu haline gelmiştir. Bu yüzden KVAA'larda servis kalitesi üzerine birçok çalışma gerçekleştirilmiştir. Literatürdeki yapılan çalışmaların en büyük eksikliği, bir standarda sahip olmadıklarından dolayı farklı çalışma parametrelerine sahip olmalarıdır. Değişik çalışmaların ortak bir standart ile düzenlenmesi ihtiyacı ortaya çıkmıştır. Bu probleme çözüm bulmak amacıyla, tez çalışmasında kişisel sağlık bilgisinin standardını tanımlayan, ISO (International Organisation for Standardisation) & IEEE (Institute of Electrical and Electronics Engineers) gibi dünyanın en önemli iki kurumunun desteklediği ISO/IEEE 11073 standardını esas alan bir Ortam Erişim Kontrol (OEK) protokolü geliştirilmiştir. Tez çalışmasında, önerilen OEK protokolünün tasarımında ISO/IEEE 11073 standartlarına göre servis kalitesi desteğini sağlamak amacıyla katmanlararası mimariden yararlanılmıştır. Önerilen tez çalışmasında servis kalitesi sağlamak amacıyla yeni bir zaman-dilimi tahsis şeması, öncelik mekanizması, kabul kontrol mekanizması ve katmanlararası yapı geliştirilmiştir. Geliştirilen OEK protokolünün modellenmesi ve benzetimi OPNET Modeler yazılımı kullanılarak yapılmıştır. Önerilen OEK protokolü, IEEE 802.15.4 ve IEEE 802.15.6 gibi standart haline gelmiş protokoller ve yakın zamanda literatürde sunulan çalışmalar ile karşılaştırılmıştır. Yapılan değerlendirmelere göre, geliştirilen OEK protokolünü diğer protokollerden uçtan-uca gecikmeye göre 5-6 kat daha az gecikme, 3-4 kata kadar daha yüksek iş çıkarma oranı elde edilmiştir ve %0.0001 paket kayıp oranı başarısı sağlanmıştır.Wireless Body Area Networks (WBANs) are defined as network model that consisting of the sensor nodes, communicating wirelessly and used in personal area. WBANs have a very widespread usage area in medical applications principally. Especially, supporting Quality of Service (QoS) has become an important issue in WBANs because of the vital importance of data in medical applications. Therefore, many studies were performed on the QoS in WBANs. The most lack of the studies in literature is having different operating parameters due to the absence of any standard. The requirement of standardization for various studies has emerged. In order to find out a solution to this problem, we present a ISO/IEEE 11073-based Medium Access Control (MAC) protocol in this thesis that standard is supporting by two large associations as ISO (International Organisation for Standardisation) & IEEE (Institute of Electrical and Electronics Engineers) and defines standard of personal health information. In this thesis, the proposed MAC protocol utilizes a cross-layer architecture due to support QoS according to ISO/IEEE 11073 standard. In order to provide QoS, a new slot allocation scheme, a priority mechanism, an admission control mechanism and a cross-layer architecture are developed in the proposed thesis. The developed MAC protocol has been modelled and simulated by OPNET Modeler software. The proposed MAC protocol is compared to the standard technologies of IEEE 802.15.4 and IEEE 802.15.6, and recent protocols that is presented in the literature. According to the evaluations, the developed MAC protocol has better results for end-to-end delay is about 5-6 times lower latency, 3-4 times higher throughput then other protocols and achieves %0.0001 packet loss ratio