A multivariant secure framework for smart mobile health application

This is an accepted manuscript of an article published by Wiley in Transactions on Emerging Telecommunications Technologies, available online: https://doi.org/10.1002/ett.3684 The accepted version of the publication may differ from the final published version.Wireless sensor network enables remote connectivity of technological devices such as smart mobile with the internet. Due to its low cost as well as easy availability of data sharing and accessing devices, the Internet of Things (IoT) has grown exponentially during the past few years. The availability of these devices plays a remarkable role in the new era of mHealth. In mHealth, the sensors generate enormous amounts of data and the context-aware computing has proven to collect and manage the data. The context aware computing is a new domain to be aware of context of involved devices. The context-aware computing is playing a very significant part in the development of smart mobile health applications to monitor the health of patients more efficiently. Security is one of the key challenges in IoT-based mHealth application development. The wireless nature of IoT devices motivates attackers to attack on application; these vulnerable attacks can be denial of service attack, sinkhole attack, and select forwarding attack. These attacks lead intruders to disrupt the application's functionality, data packet drops to malicious end and changes the route of data and forwards the data packet to other location. There is a need to timely detect and prevent these threats in mobile health applications. Existing work includes many security frameworks to secure the mobile health applications but all have some drawbacks. This paper presents existing frameworks, the impact of threats on applications, on information, and different security levels. From this line of research, we propose a security framework with two algorithms, ie, (i) patient priority autonomous call and (ii) location distance based switch, for mobile health applications and make a comparative analysis of the proposed framework with the existing ones.Published onlin

A software to manage rehabilitation sessions with a robotic walker

Dissertação de mestrado integrado em Informatics EngineeringCerebellar ataxia arises from damage or dysfunction that affects the cerebellum and its pathways. As a result, the motor abilities of individuals with this condition become weakened. Robotics-assisted therapy is still an emerging area, but it has several advantages that could boost the rehabilitation of these individuals. Considering this problematic, WALKit Smart Walker is being developed. Its main purpose is to improve the treatment of ataxic patients through intelligent and multidisciplinary rehabilitation sessions. Thus, it is equipped with several sensors that provide monitoring capabilities through a continuous evaluation of the end-user gait and posture. A vast amount of data is acquired during each session by the walker sensors. For health professionals to analyse this data and have feedback on the patient’s status throughout therapy, tools are needed to control, manage, and monitor sessions in a clear, practical and intuitive way. Therefore, the main goal of this dissertation is centred on implementing an effective way to store the acquired data, along with the development of software that satisfies these requirements. To address these goals, a polyglot persistence database system, composed of a relational and a non-relational database, was implemented to store the required data while maintaining efficiency. Furthermore, a web application was developed to provide, not only to health professionals, but also to patients themselves, the management of the rehabilitation sessions with the walker. The application provides an individual and temporal analysis of the sessions through interactive graphics adapted to each patient. Additionally, it allows the management of the several patients who are/were in treatment and the addition of clinical ratting scales, which are useful to assess their motor condition and adapt therapies as needed. In this way, professionals can have a better perception of the patient’s condition, and can show patients their evolution, possibly contributing to increase their motivation in therapy. Moreover, in the context of this dissertation, the embedded software of WALKit SmartW, which allows the therapy configuration, was optimized. This software had no security mechanisms, thus the main goal was on the implementation of techniques capable of making the software secure. Additionally, other functionalities such as feedback alerts, were added to the existing application. Throughout the development of this project, it was possible to have continuous feedback from health professionals of the Hospital of Braga. Usability tests and questionnaires were also applied, and the results were very promising, enhancing the need for a system with these characteristics. Professionals claimed the system may help in analysing the patient clinical status in an intuitive form while keeping them motivated during treatments.A ataxia cerebelar surge a partir de danos ou disfunções que afetam o cerebelo e as suas vias. Como resultado, as capacidades motoras dos indivíduos que possuem esta condição ficam fragilizadas. A terapia assistida por robôs é ainda uma área em desenvolvimento, no entanto apresenta diversas vantagens que poderão agilizar os tratamentos destes indivíduos. Atendendo a esta problemática, o WALKit SmartW encontra-se a ser desenvolvido. O seu principal propósito é auxiliar os tratamentos de pacientes ataxicos através de sessões de reabilitação inteligentes e multidisciplinares. Para tal, é composto por um conjunto de sensores que fornecem uma monitorização e avaliação contínua da marcha e da postura do utilizador. Uma grande quantidade de dados é adquirida ao longo de cada sessão através dos sensores. De forma a que os profissionais de saúde analisem estes dados e tenham feedback do estado do paciente ao longo da terapia, são necessárias ferramentas que permitam controlar, gerir e monitorizar as sessões, de forma clara, prática e intuitiva. O principal objetivo desta dissertação centra-se na implementação de uma estratégia eficiente para armazenar os dados, juntamente com o desenvolvimento de um software que satisfaça estes requisitos. Para cumprir estes objetivos, um sistema de base de dados com persistência poliglota, composto por uma base de dados relacional e uma não relacional, foi implementado para armazenar os dados mantendo a eficiência. Além disso, uma aplicação web foi desenvolvida para proporcionar, não só aos profissionais de saúde, como também aos próprios pacientes, a gestão das sessões de reabilitação com o andarilho. A aplicação disponibiliza uma análise individual e temporal das sessões através de gráficos interativos adaptados a cada paciente. Adicionalmente, possibilita também a gestão dos diversos pacientes que estão/estiveram em tratamento, e a adição de escalas de classificação clínica, que são úteis para avaliar a condição motora e adaptar as terapias conforme necessário. Desta forma, os profissionais conseguem ter uma melhor perceção acerca do estado do paciente, e os pacientes podem ver a sua evolução, contribuindo para aumentar a motivação na terapia. Ainda no contexto desta dissertação, otimizou-se a aplicação embebida no software do andarilho WALKit, que permite as configurações da terapia. O software era isento de qualquer mecanismo de segurança, pelo que o maior foco centrou-se na aplicação de técnicas capazes de o tornar seguro. Adicionalmente, outras funcionalidades, como alertas e configurações de algoritmos, foram adicionadas à aplicação existente. Ao longo do desenvolvimento deste projeto, foi possível obter o feedback contínuo de profissionais de saúde do Hospital de Braga. Testes e questionários de usabilidade foram também aplicados, e os resusltados foram bastante promissores, reforçando a necessidade de um sistema com estas características. Os profissionais afirmaram que o sistema irá ajudar a analisar o estado do paciente de forma intuitiva, mantendo-o motivado durante os tratamentos

Empirical Studies on Secure Development and Usage of Mobile Health Applications

Mobile technologies, comprising portable devices, context-sensitive software applications, and wireless networking protocols, are being increasingly adopted to exploit services offered for pervasive computing platforms. The utilisation of mobile health (mHealth) apps in the healthcare domain has become a promising tool to improve and support delivering health services in a pervasive manner. mHealth apps enable health professionals and providers to monitor their patients remotely (e.g., managing patients with chronic diseases). mHealth apps enable expanding healthcare coverage (e.g., reaching places where little or no healthcare is available). Furthermore, mHealth apps were used to reduce the spread of disease and infection (e.g., the Covid-19 tracking apps). The use of mHealth apps will enhance the quality of healthcare, reduce the cost, and more convenient for patients. The security of mHealth apps becomes a significant concern due to the privacy and integrity of health-critical data. The interest of attackers in healthcritical data (medical records, clinical reports, disease symptoms, etc.) has increased due to its value in the ‘black market’ as well as the social, legal, and financial consequences of compromised data. This thesis focuses on understanding the security of mHealth apps based on (a) developers' and (b) end-users perspectives by conducting a set of empirical studies. To empirically investigate the existing research, a systematic literature review (SLR) was conducted to gain a deeper understanding of the security challenges, which hinder the development of secure mHealth apps. Based on the findings of the SLR, first, we conducted a survey-based study - involving 97 mHealth apps developers from 25 countries and six continents to investigate the practitioners’ perspectives on security challenges, practices, and motivational factors that help developers to ensure the security of mHealth apps. Second, we conducted survey research - involving 101 endusers from two Saudi Arabian health providers to examine their security awareness about using clinical mHealth apps. We complement the end-users research by conducting an attack simulation study - involving 105 end-users from 14 countries and five continents to investigate their security behaviours when using mHealth apps. The empirical studies in this thesis contribute to (i) providing developers' perspectives on critical challenges, best practices, and motivating factors that support the engineering and development of emerging and next-generation secure mHealth apps; (ii) providing empirical evidence and a set of guidelines to facilitate researchers, practitioners, and stakeholders to develop and adopt secure mHealth apps for clinical practices and public health; (iii) providing empirical evidence using action-driven measurement on human security behaviour when using mHealth apps, and presented the potential mechanisms that lead end-users to make improper security decisions.Thesis (Ph.D.) -- University of Adelaide, School of Computer Science, 202

A framework for guiding the interdisciplinary design of mHealth intervention apps for physical activity behaviour change

The global pandemic of noncommunicable diseases and its associated premature mortality rates and socioeconomic burden have led to increasingly intensified efforts towards designing and delivering health promotion interventions aimed at addressing the leading modifiable health risk behaviours, such as physical inactivity. Developing physical activity behaviour change interventions that target individuals at the dual intra-interpersonal socioecological levels of health promotion has become a key objective worldwide. Digital and mobile technology is revolutionising the ways in which health behaviour change interventions are delivered to individuals across the world, with mobile health applications (mHealth apps) increasingly recognised as a powerful means of promoting physical activity behaviour change. However, with the growth and opportunities of mHealth apps, come several design challenges. Key design challenges concern the integration of theory, the incorporation of evidence-based behaviour change techniques, the application of persuasive systems design principles, and the importance of multi- and interdisciplinary collaborative design, development and evaluation approaches. These key challenges influence the output product design and effectiveness of mHealth physical activity behaviour change intervention apps. There exists a paucity of approaches for guiding and supporting the multi- and interdisciplinary collaborative design, development and evaluation of mHealth physical activity behaviour change intervention apps. To address this gap, this research study proposes an Interdisciplinary mHealth App Design Framework, framed by a novel boundary object view. This view considers the diverse communities of practice, boundary objects and supporting artefacts, process activities, and knowledge sharing practices necessary and relevant to the design of effective mHealth physical activity behaviour change intervention apps. The framework’s development is guided by a Design Science Research (DSR) approach. Its core components are based on the findings of a critical theoretical analysis of twenty existing multi- and interdisciplinary digital health development approaches. Once developed, the framework is evaluated using a qualitative DSR linguistic interpretivist approach, with semi-structured interviews as the research instrument. The thematic analysis findings from interviews with thirty-one international academic researchers and industry practitioners informs the iterative modification and revision of an enhanced Interdisciplinary mHealth App Design Framework, constituting the main DSR artefact contribution of the research study. In addition, four theoretical contributions are made to the mHealth intervention app design body of knowledge, and a practical contribution is made through the provision of guideline recommendations for academics and industry practitioners. Methodological contributions are also made in terms of applying DSR, adopting a hybrid cognitive reasoning strategy, and employing a qualitative linguistic interpretivist approach to evaluation within a DSR project.Thesis (PhD) -- Faculty of Commerce, Information Systems, 202