Recently, the integration of state-of-the-art technologies, such as modern sensors, networks, and cloud computing, has revolutionized the conventional healthcare system. However, security concerns have increasingly been emerging due to the integration of technologies. Therefore, the security and privacy issues associated with e-health data must be properly explored. In this paper, to investigate the security and privacy of e-health systems, we identified major components of the modern e-health systems (i.e., e-health data, medical devices, medical networks and edge/fog/cloud). Then, we reviewed recent security and privacy studies that focus on each component of the e-health systems. Based on the review, we obtained research taxonomy, security concerns, requirements, solutions, research trends, and open challenges for the components with strengths and weaknesses of the analyzed studies. In particular, edge and fog computing studies for e-health security and privacy were reviewed since the studies had mostly not been analyzed in other survey papers.
As WSNs combine with a diversity of next-generation technologies, wireless sensor networks (WSNs) have gained considerable attention as a promising ubiquitous technology. Even though several studies on WSNs are being undertaken, few systematically analyze the security issues relating to them. Moreover, recent systems tend to be implemented without sufficient consideration about owns security requirements, which can lead to lethal threats. Systems that do not consider security requirements may provide attackers the opportunity to reduce the overall efficiency and performance of the system. This means that inadequately applied security requirements can result in defective security of systems. Therefore, in this study, we emphasized the importance of security requirements to raise awareness regarding them. In addition, we analyzed literature that could be improved by including WSNs security requirements such as characteristics, constraints, and threats. Furthermore, we adopted a systematic methodology by referring to reliable literature and performed a different analysis from previous studies. We derived and mapped the different security factors based on the literature and illustrated the relationships of each security factor. Finally, our research compared with studies of a similar type to evaluate whether it provided a significant contribution. In other words, in this study, we analyzed various factors related to WSNs security based on reviewing the literature and show our contribution, such as a systematic analysis framework and factor mapping compared with traditional studies. Though there are some considerations, we expect that this research derived the essential security requirements in any WSNs environments. INDEX TERMS Wireless sensor network, security requirement, next-generation technologies.
Due to the rapid development of Internet of Things (IoT), IoT platforms that can provide common functions for things are becoming increasingly important. However, access control frameworks in diverse IoT platforms have been developed for individual security goals, designs, and technologies. In particular, current OAuth-based access control frameworks that are widely used in IoT research have not been providing interoperability among IoT platforms even though sharing resources and services is a critical issue for IoT platforms. Therefore, we analyze the main requirements for an IoT access control framework to properly design our framework and propose an interoperable access control framework based on OAuth 2.0 and Role. Our approach describes a new extended authorization grant flow to issue an Interoperable Access Token (IAT) that has a global access scope across IoT platforms using multiple pairs of clients’ credentials. With the IAT and proposed framework, we can access client-specific domains in heterogeneous IoT platforms, then valuable resources (e.g., data and services) in the domains can be accessed by validating the roles, which will greatly simplify permission management. Furthermore, IAT supports a simple token management (e.g., token issuance, refreshing, and revocation) by managing only one token for diverse IoT platforms. In addition, we implement our interoperable access control framework on Mobius and FIWARE, which are promising open-source IoT platforms, and test an interoperability scenario to demonstrate our approach with the implementation. Furthermore, the proposed framework is compared with other IoT access control approaches based on the selected requirements in this paper.
With the continuous improvement of Internet of Things (IoT) technologies, various IoT platforms are under development. However, each IoT platform is developed based on its own device identification system. That is, it is challenging to identify each sensor device between heterogeneous IoT platforms owing to the resource request format (e.g., device identifier) varying between platforms. Moreover, despite the considerable research focusing on resource interoperability between heterogeneous IoT platforms, little attention is given to sensor device identification systems in diverse IoT platforms. In order to overcome this problem, the current work proposes an IoT device name system (DNS) architecture based on the comparative analysis of heterogeneous IoT platforms (i.e., oneM2M, GS1 ‘Oliot’, IBM ‘Watson IoT’, OCF ‘IoTivity’, FIWARE). The proposed IoT DNS analyzes and translates the identification system of the device and resource request format. In this process, resource requests between heterogeneous IoT platforms can be reconfigured appropriately for the resources and services requested by the user, and as a result, users can use heterogeneous IoT services. Furthermore, in order to illustrate the aim of the proposed architecture, the proposed IoT DNS is implemented and tested on a microcomputer. The experimental results show that a oneM2M-based device successfully performs a resource request to a Watson IoT and FIWARE sensor devices.
Internet of Things has become a fundamental paradigm in our everyday lives. However, standards and technologies are often designed without considering interoperability, which is a critical issue for Internet of Things. Internet of Things environment requires interoperability to share resources (e.g. data and services) between heterogeneous Internet of Things domains. The open authorization (OAuth) 2.0 framework that is actively used in Internet of Things (as well as in conventional web environments) also did not focus on interoperability. In other words, the systems that implement the same OAuth 2.0 standard cannot interoperate without additional support. For this reason, we propose an authorization framework as a service. Authorization framework as a service provides an additional authorization layer to support standard authorization capabilities as an interoperable secure wrapper between different domains. Besides, authorization framework as a service supports the four extended authorization grant flow types to issue an interoperable access token, which has a global access scope across multiple heterogeneous domains. With the authorization framework as a service, interoperability can be supported for heterogeneous domains, and token management can also be simple because an interoperable access token can represent several existing access tokens that have local access scopes. Furthermore, this article presents a feasible interoperability scenario, implementation, and security considerations for authorization framework as a service, focusing on Internet of Things platforms.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.