Biblio

In recent years, business environments are undergoing disruptive changes across sectors [1]. Globalization and technological advances, such as artificial intelligence and the internet of things, have completely redesigned business activities, bringing to light an ever-increasing interest and attention towards the customer [2], especially in healthcare sector. In this context, researchers is paying more and more attention to the introduction of new technologies capable of meeting the patients’ needs [3, 4] and the Covid-19 pandemic has contributed and still contributes to accelerate this phenomenon [5]. Therefore, emerging technologies (i.e., AI-enabled solutions, service robots, conversational agents) are proving to be effective partners in improving medical care and quality of life [6]. Conversational agents, often identified in other ways as “chatbots”, are AI-enabled service robots based on the use of text [7] and capable of interpreting natural language and ensuring automation of responses by emulating human behavior [8, 9, 10]. Their introduction is linked to help institutions and doctors in the management of their patients [11, 12], at the same time maintaining the negligible incremental costs thanks to their virtual aspect [13–14]. However, while the utilization of these tools has significantly increased during the pandemic [15, 16, 17], it is unclear what benefits they bring to service delivery. In order to identify their contributions, there is a need to find out which activities can be supported by conversational agents.This paper takes a grounded approach [18] to achieve contextual understanding design and to effectively interpret the context and meanings related to conversational agents in healthcare interactions. The study context concerns six chatbots adopted in the healthcare sector through semi-structured interviews conducted in the health ecosystem. Secondary data relating to these tools under consideration are also used to complete the picture on them. Observation, interviewing and archival documents [19] could be used in qualitative research to make comparisons and obtain enriched results due to the opportunity to bridge the weaknesses of one source by compensating it with the strengths of others. Conversational agents automate customer interactions with smart meaningful interactions powered by Artificial Intelligence, making support, information provision and contextual understanding scalable. They help doctors to conduct the conversations that matter with their patients. In this context, conversational agents play a critical role in making relevant healthcare information accessible to the right stakeholders at the right time, defining an ever-present accessible solution for patients’ needs. In summary, conversational agents cannot replace the role of doctors but help them to manage patients. By conveying constant presence and fast information, they help doctors to build close relationships and trust with patients.

One of the main security issues in telecare medecine information systems is the remote user authentication and key agreement between healthcare professionals and patient's medical sensors. Many of the proposed approaches are based on multiple factors (password, token and possibly biometrics). Two-factor authentication protocols do not resist to many possible attacks. As for three-factor authentication schemes, they usually come with high resource consumption. Since medical sensors have limited storage and computational capabilities, ensuring a minimal resources consumption becomes a major concern in this context. In this paper, we propose a secure and lightweight three-factor authentication and key generation scheme for securing communications between healtcare professional and patient's medical sensors. Thanks to formal verification, we prove that this scheme is robust enough against known possible attacks. A comparison with the most relevant related work's schemes shows that our protocol ensures an optimised resource consumption level.

The recent advancements in ubiquitous sensing powered by Wireless Computing Technologies (WCT) and Cloud Computing Services (CCS) have introduced a new thinking ability amongst researchers and healthcare professionals for building secure and connected healthcare systems. The integration of Internet of Things (IoT) in healthcare services further brings in several challenges with it, mainly including encrypted communication through vulnerable wireless medium, authentication and access control algorithms and ownership transfer schemes (important patient information). Major concern of such giant connected systems lies in creating the data handling strategies which is collected from the billions of heterogeneous devices distributed across the hospital network. Besides, the resource constrained nature of IoT would make these goals difficult to achieve. Motivated by aforementioned deliberations, this paper introduces a novel approach in designing a security framework for edge-computing based connected healthcare systems. An efficient, multi-factor access control and ownership transfer mechanism for edge-computing based futuristic healthcare applications is the core of proposed framework. Data scalability is achieved by employing distributed approach for clustering techniques that analyze and aggregate voluminous data acquired from heterogeneous devices individually before it transits the to the cloud. Moreover, data/device ownership transfer scheme is considered to be the first time in its kind. During ownership transfer phase, medical server facilitates user to transfer the patient information/ device ownership rights to the other registered users. In order to avoid the existing mistakes, we propose a formal and informal security analysis, that ensures the resistance towards most common IoT attacks such as insider attack, denial of distributed service (DDoS) attack and traceability attacks.

Security of personal data in the e-healthcare has always been challenging issue. The embedded and wearable devices used to collect these personal and critical data of the patients and users are sensitive in nature. Attribute-Based Encryption is believed to provide access control along with data security for distributed data among multiple parties. These resources limited devices do have the capabilities to secure the data while sending to the cloud but instead it increases the overhead and latency of running the encryption algorithm. On the top of if confidentiality is required, which will add more latency. In order to reduce latency and overhead, we propose a new load balancing algorithm that will distribute the data to nearby devices with available resources to encrypt the data and send it to the cloud. In this article, we are proposing a load balancing algorithm for E-Health system called (GALB). Our algorithm is based on Genetic Algorithm (GA). Our algorithm (GALB) distribute the tasks that received to the main gateway between the devices on E-health environment. The distribution strategy is based on the available resources in the devices, the distance between the gateway and the those devices, and the complexity of the task (size) and CP-ABE encryption policy length. In order to evaluate our algorithm performance, we compare the near optimal solution proposed by GALB with the optimal solution proposed by LP.

E- Health systems, specifically, Telecare Medical Information Systems (TMIS), are deployed in order to provide patients with specific diseases with healthcare services that are usually based on remote monitoring. Therefore, making an efficient, convenient and secure connection between users and medical servers over insecure channels within medical services is a rather major issue. In this context, because of the biometrics' characteristics, many biometrics-based three factor user authentication schemes have been proposed in the literature to secure user/server communication within medical services. In this paper, we make a brief study of the most interesting proposals. Then, we propose a new three-factor authentication and key agreement scheme for TMIS. Our scheme tends not only to fix the security drawbacks of some studied related work, but also, offers additional significant features while minimizing resource consumption. In addition, we perform a formal verification using the widely accepted formal security verification tool AVISPA to demonstrate that our proposed scheme is secure. Also, our comparative performance analysis reveals that our proposed scheme provides a lower resource consumption compared to other related work's proposals.

The edge and fog computing paradigms enable more responsive and smarter systems without relying on cloud servers for data processing and storage. This reduces network load as well as latency. Nonetheless, the addition of new layers in the network architecture increases the number of security vulnerabilities. In privacy-critical systems, the appearance of new vulnerabilities is more significant. To cope with this issue, we propose and implement an Ethereum Blockchain based architecture with edge artificial intelligence to analyze data at the edge of the network and keep track of the parties that access the results of the analysis, which are stored in distributed databases.

Privacy is a fundamental concern that confronts systems dealing with sensitive data. The lack of robust solutions for defining and enforcing privacy measures continues to hinder the general acceptance and adoption of these systems. Edge computing has been recognized as a key enabler for privacy enhanced applications, and has opened new opportunities. In this paper, we propose a novel privacy model based on context-aware edge computing. Our model leverages the context of data to make decisions about how these data need to be processed and managed to achieve privacy. Based on a scenario from the eHealth domain, we show how our generalized model can be used to implement and enact complex domain-specific privacy policies. We illustrate our approach by constructing real world use cases involving a mobile Electronic Health Record that interacts with, and in different environments.

Smart Spaces are composed of heterogeneous sensors and devices that collect and share information. This information may contain personal information of the users. Thus, securing the data and preserving the privacy are of paramount importance. In this paper, we propose techniques for information security and privacy protection for Smart Spaces based on the Smart-M3 platform. We propose a) a security framework, and b) a context-aware role-based access control scheme. We model our access control scheme using ontological techniques and Web Ontology Language (OWL), and implement it via CLIPS rules. To evaluate the efficiency of our access control scheme, we measure the time it takes to check the access rights of the access requests. The results demonstrate that the highest response time is approximately 0.2 seconds in a set of 100000 triples. We conclude that the proposed access control scheme produces low overhead and is therefore, an efficient approach for Smart Spaces.

Information and communication technologies have augmented interoperability and rapidly advanced varying industries, with vast complex interconnected networks being formed in areas such as safety-critical systems, which can be further categorised as critical infrastructures. What also must be considered is the paradigm of the Internet of Things which is rapidly gaining prevalence within the field of wireless communications, being incorporated into areas such as e-health and automation for industrial manufacturing. As critical infrastructures and the Internet of Things begin to integrate into much wider networks, their reliance upon communication assets by third parties to ensure collaboration and control of their systems will significantly increase, along with system complexity and the requirement for improved security metrics. We present a critical analysis of the risk assessment methods developed for generating attack graphs. The failings of these existing schemas include the inability to accurately identify the relationships and interdependencies between the risks and the reduction of attack graph size and generation complexity. Many existing methods also fail due to the heavy reliance upon the input, identification of vulnerabilities, and analysis of results by human intervention. Conveying our work, we outline our approach to modelling interdependencies within large heterogeneous collaborative infrastructures, proposing a distributed schema which utilises network modelling and attack graph generation methods, to provide a means for vulnerabilities, exploits and conditions to be represented within a unified model.