Visible to the public Biblio

Filters: Keyword is Health Care  [Clear All Filters]
2021-03-29
Juyal, S., Sharma, S., Harbola, A., Shukla, A. S..  2020.  Privacy and Security of IoT based Skin Monitoring System using Blockchain Approach. 2020 IEEE International Conference on Electronics, Computing and Communication Technologies (CONECCT). :1—5.

Remote patient monitoring is a system that focuses on patients care and attention with the advent of the Internet of Things (IoT). The technology makes it easier to track distance, but also to diagnose and provide critical attention and service on demand so that billions of people are safer and more safe. Skincare monitoring is one of the growing fields of medical care which requires IoT monitoring, because there is an increasing number of patients, but cures are restricted to the number of available dermatologists. The IoT-based skin monitoring system produces and store volumes of private medical data at the cloud from which the skin experts can access it at remote locations. Such large-scale data are highly vulnerable and otherwise have catastrophic results for privacy and security mechanisms. Medical organizations currently do not concentrate much on maintaining safety and privacy, which are of major importance in the field. This paper provides an IoT based skin surveillance system based on a blockchain data protection and safety mechanism. A secure data transmission mechanism for IoT devices used in a distributed architecture is proposed. Privacy is assured through a unique key to identify each user when he registers. The principle of blockchain also addresses security issues through the generation of hash functions on every transaction variable. We use blockchain consortiums that meet our criteria in a decentralized environment for controlled access. The solutions proposed allow IoT based skin surveillance systems to privately and securely store and share medical data over the network without disturbance.

2021-02-23
Liu, W., Park, E. K., Krieger, U., Zhu, S. S..  2020.  Smart e-Health Security and Safety Monitoring with Machine Learning Services. 2020 29th International Conference on Computer Communications and Networks (ICCCN). :1—6.

This research provides security and safety extensions to a blockchain based solution whose target is e-health. The Advanced Blockchain platform is extended with intelligent monitoring for security and machine learning for detecting patient treatment medication safety issues. For the reasons of stringent HIPAA, HITECH, EU-GDPR and other regional regulations dictating security, safety and privacy requirements, the e-Health blockchains have to cover mandatory disclosure of violations or enforcements of policies during transaction flows involving healthcare. Our service solution further provides the benefits of resolving the abnormal flows of a medical treatment process, providing accountability of the service providers, enabling a trust health information environment for institutions to handle medication safely, giving patients a better safety guarantee, and enabling the authorities to supervise the security and safety of e-Health blockchains. The capabilities can be generalized to support a uniform smart solution across industry in a variety of blockchain applications.

2021-02-08
Mathur, G., Pandey, A., Goyal, S..  2020.  Immutable DNA Sequence Data Transmission for Next Generation Bioinformatics Using Blockchain Technology. 2nd International Conference on Data, Engineering and Applications (IDEA). :1–6.
In recent years, there is fast growth in the high throughput DNA sequencing technology, and also there is a reduction in the cost of genome-sequencing, that has led to a advances in the genetic industries. However, the reduction in cost and time required for DNA sequencing there is still an issue of managing such large amount of data. Also, the security and transmission of such huge amount of DNA sequence data is still an issue. The idea is to provide a secure storage platform for future generation bioinformatics systems for both researchers and healthcare user. Secure data sharing strategies, that can permit the healthcare providers along with their secured substances for verifying the accuracy of data, are crucial for ensuring proper medical services. In this paper, it has been surveyed about the applications of blockchain technology for securing healthcare data, where the recorded information is encrypted so that it becomes difficult to penetrate or being removed, as the primary goals of block-chaining technology is to make data immutable.
2021-01-28
Sammoud, A., Chalouf, M. A., Hamdi, O., Montavont, N., Bouallegue, A..  2020.  A secure three-factor authentication and biometrics-based key agreement scheme for TMIS with user anonymity. 2020 International Wireless Communications and Mobile Computing (IWCMC). :1916—1921.

E- Health systems, specifically, Telecare Medical Information Systems (TMIS), are deployed in order to provide patients with specific diseases with healthcare services that are usually based on remote monitoring. Therefore, making an efficient, convenient and secure connection between users and medical servers over insecure channels within medical services is a rather major issue. In this context, because of the biometrics' characteristics, many biometrics-based three factor user authentication schemes have been proposed in the literature to secure user/server communication within medical services. In this paper, we make a brief study of the most interesting proposals. Then, we propose a new three-factor authentication and key agreement scheme for TMIS. Our scheme tends not only to fix the security drawbacks of some studied related work, but also, offers additional significant features while minimizing resource consumption. In addition, we perform a formal verification using the widely accepted formal security verification tool AVISPA to demonstrate that our proposed scheme is secure. Also, our comparative performance analysis reveals that our proposed scheme provides a lower resource consumption compared to other related work's proposals.

2021-01-18
Pattanayak, S., Ludwig, S. A..  2019.  Improving Data Privacy Using Fuzzy Logic and Autoencoder Neural Network. 2019 IEEE International Conference on Fuzzy Systems (FUZZ-IEEE). :1–6.
Data privacy is a very important problem to address while sharing data among multiple organizations and has become very crucial in the health sectors since multiple organizations such as hospitals are storing data of patients in the form of Electronic Health Records. Stored data is used with other organizations or research analysts to improve the health care of patients. However, the data records contain sensitive information such as age, sex, and date of birth of the patients. Revealing sensitive data can cause a privacy breach of the individuals. This has triggered research that has led to many different privacy preserving techniques being introduced. Thus, we designed a technique that not only encrypts / hides the sensitive information but also sends the data to different organizations securely. To encrypt sensitive data we use different fuzzy logic membership functions. We then use an autoencoder neural network to send the modified data. The output data of the autoencoder can then be used by different organizations for research analysis.
2020-12-28
Zhang, C., Shahriar, H., Riad, A. B. M. K..  2020.  Security and Privacy Analysis of Wearable Health Device. 2020 IEEE 44th Annual Computers, Software, and Applications Conference (COMPSAC). :1767—1772.

Mobile wearable health devices have expanded prevalent usage and become very popular because of the valuable health monitor system. These devices provide general health tips and monitoring human health parameters as well as generally assisting the user to take better health of themselves. However, these devices are associated with security and privacy risk among the consumers because these devices deal with sensitive data information such as users sleeping arrangements, dieting formula such as eating constraint, pulse rate and so on. In this paper, we analyze the significant security and privacy features of three very popular health tracker devices: Fitbit, Jawbone and Google Glass. We very carefully analyze the devices' strength and how the devices communicate and its Bluetooth pairing process with mobile devices. We explore the possible malicious attack through Bluetooth networking by hacker. The outcomes of this analysis show how these devices allow third parties to gain sensitive information from the device exact location that causes the potential privacy breach for users. We analyze the reasons of user data security and privacy are gained by unauthorized people on wearable devices and the possible challenge to secure user data as well as the comparison of three wearable devices (Fitbit, Jawbone and Google Glass) security vulnerability and attack type.

2020-12-01
Attia, M., Hossny, M., Nahavandi, S., Dalvand, M., Asadi, H..  2018.  Towards Trusted Autonomous Surgical Robots. 2018 IEEE International Conference on Systems, Man, and Cybernetics (SMC). :4083—4088.

Throughout the last few decades, a breakthrough took place in the field of autonomous robotics. They have been introduced to perform dangerous, dirty, difficult, and dull tasks, to serve the community. They have been also used to address health-care related tasks, such as enhancing the surgical skills of the surgeons and enabling surgeries in remote areas. This may help to perform operations in remote areas efficiently and in timely manner, with or without human intervention. One of the main advantages is that robots are not affected with human-related problems such as: fatigue or momentary lapses of attention. Thus, they can perform repeated and tedious operations. In this paper, we propose a framework to establish trust in autonomous medical robots based on mutual understanding and transparency in decision making.

Xu, J., Bryant, D. G., Howard, A..  2018.  Would You Trust a Robot Therapist? Validating the Equivalency of Trust in Human-Robot Healthcare Scenarios 2018 27th IEEE International Symposium on Robot and Human Interactive Communication (RO-MAN). :442—447.

With the recent advances in computing, artificial intelligence (AI) is quickly becoming a key component in the future of advanced applications. In one application in particular, AI has played a major role - that of revolutionizing traditional healthcare assistance. Using embodied interactive agents, or interactive robots, in healthcare scenarios has emerged as an innovative way to interact with patients. As an essential factor for interpersonal interaction, trust plays a crucial role in establishing and maintaining a patient-agent relationship. In this paper, we discuss a study related to healthcare in which we examine aspects of trust between humans and interactive robots during a therapy intervention in which the agent provides corrective feedback. A total of twenty participants were randomly assigned to receive corrective feedback from either a robotic agent or a human agent. Survey results indicate trust in a therapy intervention coupled with a robotic agent is comparable to that of trust in an intervention coupled with a human agent. Results also show a trend that the agent condition has a medium-sized effect on trust. In addition, we found that participants in the robot therapist condition are 3.5 times likely to have trust involved in their decision than the participants in the human therapist condition. These results indicate that the deployment of interactive robot agents in healthcare scenarios has the potential to maintain quality of health for future generations.

Geiskkovitch, D. Y., Thiessen, R., Young, J. E., Glenwright, M. R..  2019.  What? That's Not a Chair!: How Robot Informational Errors Affect Children's Trust Towards Robots 2019 14th ACM/IEEE International Conference on Human-Robot Interaction (HRI). :48—56.

Robots that interact with children are becoming more common in places such as child care and hospital environments. While such robots may mistakenly provide nonsensical information, or have mechanical malfunctions, we know little of how these robot errors are perceived by children, and how they impact trust. This is particularly important when robots provide children with information or instructions, such as in education or health care. Drawing inspiration from established psychology literature investigating how children trust entities who teach or provide them with information (informants), we designed and conducted an experiment to examine how robot errors affect how young children (3-5 years old) trust robots. Our results suggest that children utilize their understanding of people to develop their perceptions of robots, and use this to determine how to interact with robots. Specifically, we found that children developed their trust model of a robot based on the robot's previous errors, similar to how they would for a person. We however failed to replicate other prior findings with robots. Our results provide insight into how children as young as 3 years old might perceive robot errors and develop trust.

2020-11-09
Farhadi, M., Haddad, H., Shahriar, H..  2019.  Compliance Checking of Open Source EHR Applications for HIPAA and ONC Security and Privacy Requirements. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 1:704–713.
Electronic Health Record (EHR) applications are digital versions of paper-based patient's health information. They are increasingly adopted to improved quality in healthcare, such as convenient access to histories of patient medication and clinic visits, easier follow up of patient treatment plans, and precise medical decision-making process. EHR applications are guided by measures of the Health Insurance Portability and Accountability Act (HIPAA) to ensure confidentiality, integrity, and availability. Furthermore, Office of the National Coordinator (ONC) for Health Information Technology (HIT) certification criteria for usability of EHRs. A compliance checking approach attempts to identify whether or not an adopted EHR application meets the security and privacy criteria. There is no study in the literature to understand whether traditional static code analysis-based vulnerability discovered can assist in compliance checking of regulatory requirements of HIPAA and ONC. This paper attempts to address this issue. We identify security and privacy requirements for HIPAA technical requirements, and identify a subset of ONC criteria related to security and privacy, and then evaluate EHR applications for security vulnerabilities. Finally propose mitigation of security issues towards better compliance and to help practitioners reuse open source tools towards certification compliance.
2020-11-04
Rajamäki, J., Nevmerzhitskaya, J., Virág, C..  2018.  Cybersecurity education and training in hospitals: Proactive resilience educational framework (Prosilience EF). 2018 IEEE Global Engineering Education Conference (EDUCON). :2042—2046.

Healthcare is a vital component of every nation's critical infrastructure, yet it is one of the most vulnerable sector for cyber-attacks. To enforce the knowledge on information security processes and data protection procedures, educational and training schemes should be establishedfor information technology (IT) staff working in healthcare settings. However, only training IT staff is not enough, as many of cybersecurity threats are caused by human errors or lack of awareness. Current awareness and training schemes are often implemented in silos, concentrating on one aspect of cybersecurity at a time. Proactive Resilience Educational Framework (Prosilience EF) provides a holistic cyber resilience and security framework for developing and delivering a multilateral educational and training scheme based on a proactive approach to cybersecurity. The framework is built on the principle that education and training must be interactive, guided, meaningful and directly relevant to the user' operational environment. The framework addresses capacity mapping, cyber resilience level measuring, utilizing available and mapping missing resources, adaptive learning technologies and dynamic content delivery. Prosilience EF launches an iterative process of awareness and training development with relevant stakeholders (end users - hospitals, healthcare authorities, cybersecurity training providers, industry members), evaluating the framework via joint exercises/workshops andfurther developing the framework.

2020-10-16
Tungela, Nomawethu, Mutudi, Maria, Iyamu, Tiko.  2018.  The Roles of E-Government in Healthcare from the Perspective of Structuration Theory. 2018 Open Innovations Conference (OI). :332—338.

The e-government concept and healthcare have usually been studied separately. Even when and where both e-government and healthcare systems were combined in a study, the roles of e-government in healthcare have not been examined. As a result., the complementarity of the systems poses potential challenges. The interpretive approach was applied in this study. Existing materials in the areas of healthcare and e-government were used as data from a qualitative method viewpoint. Dimension of change from the perspective of the structuration theory was employed to guide the data analysis. From the analysis., six factors were found to be the main roles of e-government in the implementation and application of e-health in the delivering of healthcare services. An understanding of the roles of e-government promotes complementarity., which enhances the healthcare service delivery to the community.

2020-10-12
Khayat, Mohamad, Barka, Ezedin, Sallabi, Farag.  2019.  SDN\_Based Secure Healthcare Monitoring System(SDN-SHMS). 2019 28th International Conference on Computer Communication and Networks (ICCCN). :1–7.
Healthcare experts and researchers have been promoting the need for IoT-based remote health monitoring systems that take care of the health of elderly people. However, such systems may generate large amounts of data, which makes the security and privacy of such data to become imperative. This paper studies the security and privacy concerns of the existing Healthcare Monitoring System (HMS) and proposes a reference architecture (security integration framework) for managing IoT-based healthcare monitoring systems that ensures security, privacy, and reliable service delivery for patients and elderly people to reduce and avoid health related risks. Our proposed framework will be in the form of state-of-the-art Security Platform, for HMS, using the emerging Software Defined Network (SDN) networking paradigm. Our proposed integration framework eliminates the dependency on specific Software or vendor for different security systems, and allows for the benefits from the functional and secure applications, and services provided by the SDN platform.
MacMahon, Silvana Togneri, Alfano, Marco, Lenzitti, Biagio, Bosco, Giosuè Lo, McCaffery, Fergal, Taibi, Davide, Helfert, Markus.  2019.  Improving Communication in Risk Management of Health Information Technology Systems by means of Medical Text Simplification. 2019 IEEE Symposium on Computers and Communications (ISCC). :1135–1140.
Health Information Technology Systems (HITS) are increasingly used to improve the quality of patient care while reducing costs. These systems have been developed in response to the changing models of care to an ongoing relationship between patient and care team, supported by the use of technology due to the increased instance of chronic disease. However, the use of HITS may increase the risk to patient safety and security. While standards can be used to address and manage these risks, significant communication problems exist between experts working in different departments. These departments operate in silos often leading to communication breakdowns. For example, risk management stakeholders who are not clinicians may struggle to understand, define and manage risks associated with these systems when talking to medical professionals as they do not understand medical terminology or the associated care processes. In order to overcome this communication problem, we propose the use of the “Three Amigos” approach together with the use of the SIMPLE tool that has been developed to assist patients in understanding medical terms. This paper examines how the “Three Amigos” approach and the SIMPLE tool can be used to improve estimation of severity of risk by non-clinical risk management stakeholders and provides a practical example of their use in a ten step risk management process.
2020-10-06
Ibrahim, Romani Farid.  2019.  Mobile Transaction Processing for a Distributed War Environment. 2019 14th International Conference on Computer Science Education (ICCSE). :856—862.

The battlefield environment differs from the natural environment in terms of irregular communications and the possibility of destroying communication and medical units by enemy forces. Information that can be collected in a war environment by soldiers is important information and must reach top-level commanders in time for timely decisions making. Also, ambulance staff in the battlefield need to enter the data of injured soldiers after the first aid, so that the information is available for the field hospital staff to prepare the needs for incoming injured soldiers.In this research, we propose two transaction techniques to handle these issues and use different concurrency control protocols, depending on the nature of the transaction and not a one concurrency control protocol for all types of transactions. Message transaction technique is used to collect valuable data from the battlefield by soldiers and allows top-level commanders to view it according to their permissions by logging into the system, to help them make timely decisions. In addition, use the capabilities of DBMS tools to organize data and generate reports, as well as for future analysis. Medical service unit transactional workflow technique is used to provides medical information to the medical authorities about the injured soldiers and their status, which helps them to prepare the required needs before the wounded soldiers arrive at the hospitals. Both techniques handle the disconnection problem during transaction processing.In our approach, the transaction consists of four phases, reading, editing, validation, and writing phases, and its processing is based on the optimistic concurrency control protocol, and the rules of actionability that describe how a transaction behaves if a value-change is occurred on one or more of its attributes during its processing time by other transactions.

2020-09-28
Abie, Habtamu.  2019.  Cognitive Cybersecurity for CPS-IoT Enabled Healthcare Ecosystems. 2019 13th International Symposium on Medical Information and Communication Technology (ISMICT). :1–6.

Cyber Physical Systems (CPS)-Internet of Things (IoT) enabled healthcare services and infrastructures improve human life, but are vulnerable to a variety of emerging cyber-attacks. Cybersecurity specialists are finding it hard to keep pace of the increasingly sophisticated attack methods. There is a critical need for innovative cognitive cybersecurity for CPS-IoT enabled healthcare ecosystem. This paper presents a cognitive cybersecurity framework for simulating the human cognitive behaviour to anticipate and respond to new and emerging cybersecurity and privacy threats to CPS-IoT and critical infrastructure systems. It includes the conceptualisation and description of a layered architecture which combines Artificial Intelligence, cognitive methods and innovative security mechanisms.

Fimiani, Gianluca.  2018.  Supporting Privacy in a Cloud-Based Health Information System by Means of Fuzzy Conditional Identity-Based Proxy Re-encryption (FCI-PRE). 2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA). :569–572.
Healthcare is traditionally a data-intensive domain, where physicians needs complete and updated anamnesis of their patients to take the best medical decisions. Dematerialization of the medical documents and the consequent health information systems to share electronic health records among healthcare providers are paving the way to an effective solution to this issue. However, they are also paving the way of non-negligible privacy issues that are limiting the full application of these technologies. Encryption is a valuable means to resolve such issues, however the current schemes are not able to cope with all the needs and challenges that the cloud-based sharing of electronic health records imposes. In this work we have investigated the use of a novel scheme where encryption is combined with biometric authentication, and defines a preliminary solution.
Guo, Hao, Li, Wanxin, Nejad, Mark, Shen, Chien-Chung.  2019.  Access Control for Electronic Health Records with Hybrid Blockchain-Edge Architecture. 2019 IEEE International Conference on Blockchain (Blockchain). :44–51.
The global Electronic Health Record (EHR) market is growing dramatically and expected to reach \$39.7 billions by 2022. To safe-guard security and privacy of EHR, access control is an essential mechanism for managing EHR data. This paper proposes a hybrid architecture to facilitate access control of EHR data by using both blockchain and edge node. Within the architecture, a blockchain-based controller manages identity and access control policies and serves as a tamper-proof log of access events. In addition, off-chain edge nodes store the EHR data and apply policies specified in Abbreviated Language For Authorization (ALFA) to enforce attribute-based access control on EHR data in collaboration with the blockchain-based access control logs. We evaluate the proposed hybrid architecture by utilizing Hyperledger Composer Fabric blockchain to measure the performance of executing smart contracts and ACL policies in terms of transaction processing time and response time against unauthorized data retrieval.
2020-08-28
Yau, Yiu Chung, Khethavath, Praveen, Figueroa, Jose A..  2019.  Secure Pattern-Based Data Sensitivity Framework for Big Data in Healthcare. 2019 IEEE International Conference on Big Data, Cloud Computing, Data Science Engineering (BCD). :65—70.
With the exponential growth in the usage of electronic medical records (EMR), the amount of data generated by the healthcare industry has too increased exponentially. These large amounts of data, known as “Big Data” is mostly unstructured. Special big data analytics methods are required to process the information and retrieve information which is meaningful. As patient information in hospitals and other healthcare facilities become increasingly electronic, Big Data technologies are needed now more than ever to manage and understand this data. In addition, this information tends to be quite sensitive and needs a highly secure environment. However, current security algorithms are hard to be implemented because it would take a huge amount of time and resources. Security protocols in Big data are also not adequate in protecting sensitive information in the healthcare. As a result, the healthcare data is both heterogeneous and insecure. As a solution we propose the Secure Pattern-Based Data Sensitivity Framework (PBDSF), that uses machine learning mechanisms to identify the common set of attributes of patient data, data frequency, various patterns of codes used to identify specific conditions to secure sensitive information. The framework uses Hadoop and is built on Hadoop Distributed File System (HDFS) as a basis for our clusters of machines to process Big Data, and perform tasks such as identifying sensitive information in a huge amount of data and encrypting data that are identified to be sensitive.
2020-08-24
Dong, Kexiong, Luo, Weiwei, Pan, Xiaohua, Yin, Jianwei.  2019.  An Internet Medical Care-Oriented Service Security Open Platform. 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :489–492.
As an inevitable trend of information development of hospitals, Internet hospitals provide a series of convenient online services for patients such as registration, consultation, queuing, payment and medicine pick-up. However, hospitals have to face huge challenges, and deploy an Internet medical care-oriented service security open platform to ensure the security of personal privacy data and avoid malicious attacks from the Internet, so as to prevent illegal stealing of medical data. The service security open platform provides visualized control for the unified and standardized connection process and data access process.
2020-08-13
Augusto, Cristian, Morán, Jesús, De La Riva, Claudio, Tuya, Javier.  2019.  Test-Driven Anonymization for Artificial Intelligence. 2019 IEEE International Conference On Artificial Intelligence Testing (AITest). :103—110.
In recent years, data published and shared with third parties to develop artificial intelligence (AI) tools and services has significantly increased. When there are regulatory or internal requirements regarding privacy of data, anonymization techniques are used to maintain privacy by transforming the data. The side-effect is that the anonymization may lead to useless data to train and test the AI because it is highly dependent on the quality of the data. To overcome this problem, we propose a test-driven anonymization approach for artificial intelligence tools. The approach tests different anonymization efforts to achieve a trade-off in terms of privacy (non-functional quality) and functional suitability of the artificial intelligence technique (functional quality). The approach has been validated by means of two real-life datasets in the domains of healthcare and health insurance. Each of these datasets is anonymized with several privacy protections and then used to train classification AIs. The results show how we can anonymize the data to achieve an adequate functional suitability in the AI context while maintaining the privacy of the anonymized data as high as possible.
2020-07-24
Tan, Syh-Yuan, Yeow, Kin-Woon, Hwang, Seong Oun.  2019.  Enhancement of a Lightweight Attribute-Based Encryption Scheme for the Internet of Things. IEEE Internet of Things Journal. 6:6384—6395.

In this paper, we present the enhancement of a lightweight key-policy attribute-based encryption (KP-ABE) scheme designed for the Internet of Things (IoT). The KP-ABE scheme was claimed to achieve ciphertext indistinguishability under chosen-plaintext attack in the selective-set model but we show that the KP-ABE scheme is insecure even in the weaker security notion, namely, one-way encryption under the same attack and model. In particular, we show that an attacker can decrypt a ciphertext which does not satisfy the policy imposed on his decryption key. Subsequently, we propose an efficient fix to the KP-ABE scheme as well as extending it to be a hierarchical KP-ABE (H-KP-ABE) scheme that can support role delegation in IoT applications. An example of applying our H-KP-ABE on an IoT-connected healthcare system is given to highlight the benefit of the delegation feature. Lastly, using the NIST curves secp192k1 and secp256k1, we benchmark the fixed (hierarchical) KP-ABE scheme on an Android phone and the result shows that the scheme is still the fastest in the literature.

2020-07-20
Nausheen, Farha, Begum, Sayyada Hajera.  2018.  Healthcare IoT: Benefits, vulnerabilities and solutions. 2018 2nd International Conference on Inventive Systems and Control (ICISC). :517–522.
With all the exciting benefits of IoT in healthcare - from mobile applications to wearable and implantable health gadgets-it becomes prominent to ensure that patients, their medical data and the interactions to and from their medical devices are safe and secure. The security and privacy is being breached when the mobile applications are mishandled or tampered by the hackers by performing reverse engineering on the application leading to catastrophic consequences. To combat against these vulnerabilities, there is need to create an awareness of the potential risks of these devices and effective strategies are needed to be implemented to achieve a level of security defense. In this paper, the benefits of healthcare IoT system and the possible vulnerabilities that may result are presented. Also, we propose to develop solutions against these vulnerabilities by protecting mobile applications using obfuscation and return oriented programming techniques. These techniques convert an application into a form which makes difficult for an adversary to interpret or alter the code for illegitimate purpose. The mobile applications use keys to control communication with the implantable medical devices, which need to be protected as they are the critical component for securing communications. Therefore, we also propose access control schemes using white box encryption to make the keys undiscoverable to hackers.
2020-06-26
Salman, Ahmad, El-Tawab, Samy.  2019.  Efficient Hardware/Software Co-Design of Elliptic-Curve Cryptography for the Internet of Things. 2019 International Conference on Smart Applications, Communications and Networking (SmartNets). :1—6.

The Internet of Things (IoT) is connecting the world in a way humanity has never seen before. With applications in healthcare, agricultural, transportation, and more, IoT devices help in bridging the gap between the physical and the virtual worlds. These devices usually carry sensitive data which requires security and protection in transit and rest. However, the limited power and energy consumption make it harder and more challenging to implementing security protocols, especially Public-Key Cryptosystems (PKC). In this paper, we present a hardware/software co-design for Elliptic-Curve Cryptography (ECC) PKC suitable for lightweight devices. We present the implementation results for our design on an edge node to be used for indoor localization in a healthcare facilities.

2020-06-01
Dhas, Y. Justin, Jeyanthi, P..  2019.  A Review on Internet of Things Protocol and Service Oriented Middleware. 2019 International Conference on Communication and Signal Processing (ICCSP). :0104–0108.
This paper surveys a review of Internet of Things (IoT) protocols, Service oriented Middleware in IoT. The modern development of IoT, expected to create many divorce application in health care without human intervention. Various protocols are involved in the applications development. Researchers are doing research for desirable protocol with all functionalities. Middleware for an IoT provides interoperability between the devices or applications. The engineering of an IoT dependent on Service Oriented Architecture (SOA), it operates as middleware. We survey the existing SOA based IoT middleware and its functionalities.