Cyber Security in Smart Hospitals: A Investigational Case Study

Ranganayaki, R. Sreenidhi; P, Sreeja B; Gandhari, Saikiran; Ranganath, P. Teja; Kumar, Sandeep

doi:10.1109/smart52563.2021.9676266

Cited by 7 publications

(3 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…al. in [33] reviewed several literature that identify and discuss threats and concerns in healthcare systems. This paper focused to manage workflow of patient's data, secure collection, storage and transmission of clinical patient's data, software solution for viewing and processing of diagnostic data.…”

Section: Related Workmentioning

confidence: 99%

A Cyber Risk Assessment Approach to Federated Identity Management Framework Based Digital Healthcare System

Huda,

Islam,

Kottala

et al. 2023

Preprint

View full text Add to dashboard Cite

Integration of Medical Cyber Physical Systems (MCPS) and Internet-of-Medical Devices (IoMT) with conventional hospital networks have facilitated easy and speedy data collection, vertical and horizontal connectedness and collaborations among healthcare providers. Federated identity management (FIM) provides a solution towards the identity management challenge arising from this integration of millions of MCPSs to get personalized care and frictionless experiences for the patients, doctors, and employees. FIM protocols such as OAuth, Security Assertion Markup Language (SAML) are highly susceptible to cyber attacks like theft of barrier token, replay attack, message insertion, and Man-in-Middle attacks. IoMT devices have vulnerabilities in their firmware, operating systems, data encryption, data at store and data transmission. Combined vulnerabilities of FIM framework and IoMT devices creates major cyber risks for the current digital healthcare system. Therefore, a comprehensive and evidenced based cyber risk assessment is an urgent need for a cyber-safe digital health care system that can avoid frequent life threatening situations. This paper proposes a comprehensive and evidenced based cyber risk assessment approach for FIM and IoMT based collaborative digital healthcare systems. The novelty of the proposed approach is that it considers three dimensional vulnerabilities arising from existing IT communication protocols and infrastructure, IoMT and MCPS medical devices, protocols of FIM and their combined impact on hospitals and provides corresponding recommendations of security controls. The proposed approaches combine two industry standards including Cyber Resilience Review (CRR) asset management, NIST SP 800-30 to take advantage of both approaches. We have used a large number of IoMT and MCPS devices from multiple providers for threat modelling and produced evidence based cyber-risks using attack trees and detailed attack sequence diagrams to validate proposed approaches. The corresponding recommendation of security controls will support healthcare professionals and providers significantly for improving both the patient and medical device safety management within the FIM enabled healthcare ecosystem.

show abstract

Section: Related Workmentioning

confidence: 99%

A Cyber Risk Assessment Approach to Federated Identity Management Framework Based Digital Healthcare System

Huda,

Islam,

Kottala

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…The authors have detailed the examples of adversarial in detail by implementing the perturbations. In addition, Ranganayaki et al [13] have detailed and worked on introducing the hospitals security by reducing the cyber threats for ensuring a secure and efficient communication mechanism for smart hospitals. Furthermore, Mushtaq et al [14] introduced and discussed a number of security threats that can be encountered while ensuring a secure communication process among intelligent devices in smart hospitals.…”

Section: Motivation and Objectivementioning

confidence: 99%

A Computational Framework for Cyber Threats in Medical IoT Systems

et al. 2022

View full text Add to dashboard Cite

Smart social systems are ones where a number of individuals share and interact with each other via various networking devices. There exist a number of benefits to including smart-based systems in networks such as religions, economy, medicine, and other networks. However, the involvement of several cyber threats leads to adverse effects on society in terms of finance, business, liability, economy, psychology etc. The aim of this paper is to present a secure and efficient medical Internet of Things communication mechanism by preventing various cyber threats. The proposed framework uses Artificial Intelligence-based techniques such as Levenberg–Marquardt (LM) and Viterbi algorithms to prevent various social cyber threats during interaction and sharing of messages. The proposed mechanism is simulated and validated with various performance metrics compared with the traditional mechanism.

show abstract

“…And so, according to The Institute of Risk Management (2018), cyber risk is defined as “any risk of financial loss, disruption or damage to the reputation of an organization from some sort of failure of its information technology systems” (The Institute of Risk Management, 2018). Thus, managing cyber risk comprises many forms such as the utilization of cybersecurity protection for vulnerability mitigation (Bokan & Santos, 2021; Ranganayaki et al., 2021), understanding cyber risk losses on a network (see, e.g., Acemoglu et al., 2016; Santos et al., 2007), cyber‐insurance for minimizing the consequential financial risk (Federal Financial Institutions Examination Council, 2018; X. Zhang et al., 2023), and the use of risk management frameworks for risk identification and assessment (Meszaros & Buchalcevova, 2017; Millar, 2016; Paté‐Cornell et al., 2018; Rios Insua et al., 2021).…”

Section: Introductionmentioning

confidence: 99%

Framework for cyber risk loss distribution of hospital infrastructure: Bond percolation on mixed random graphs approach

2023

View full text Add to dashboard Cite

Networks like those of healthcare infrastructure have been a primary target of cyberattacks for over a decade. From just a single cyberattack, a healthcare facility would expect to see millions of dollars in losses from legal fines, business interruption, and loss of revenue. As more medical devices become interconnected, more cyber vulnerabilities emerge, resulting in more potential exploitation that may disrupt patient care and give rise to catastrophic financial losses. In this paper, we propose a structural model of an aggregate loss distribution across multiple cyberattacks on a prototypical hospital network. Modeled as a mixed random graph, the hospital network consists of various patient‐monitoring devices and medical imaging equipment as random nodes to account for the variable occupancy of patient rooms and availability of imaging equipment that are connected by bidirectional edges to fixed hospital and radiological information systems. Our framework accounts for the documented cyber vulnerabilities of a hospital's trusted internal network of its major medical assets. To our knowledge, there exist no other models of an aggregate loss distribution for cyber risk in this setting. We contextualize the problem in the probabilistic graph‐theoretical framework using a percolation model and combinatorial techniques to compute the mean and variance of the loss distribution for a mixed random network with associated random costs that can be useful for healthcare administrators and cybersecurity professionals to improve cybersecurity management strategies. By characterizing this distribution, we allow for the further utility of pricing cyber risk.

show abstract

Cyber Security in Smart Hospitals: A Investigational Case Study

Cited by 7 publications

References 11 publications

A Cyber Risk Assessment Approach to Federated Identity Management Framework Based Digital Healthcare System

A Cyber Risk Assessment Approach to Federated Identity Management Framework Based Digital Healthcare System

A Computational Framework for Cyber Threats in Medical IoT Systems

Framework for cyber risk loss distribution of hospital infrastructure: Bond percolation on mixed random graphs approach

Contact Info

Product

Resources

About