Risk-driven security metrics development for an e-health IoT application

Savola, Reijo; Savolainen, Pekka; Evesti, Antti; Abie, Habtamu; Sihvonen, Markus

doi:10.1109/issa.2015.7335061

Cited by 21 publications

(11 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Clinicians and other healthcare professionals might not see security from the same perspective as IT professionals and are mainly driven by the need to deliver excellent patient care [3]. Security metrics can help stakeholders to learn about the insight and trends in their organisation and to measure how the organisation is performing against their peers in the industry [4]. The healthcare sector had numerous security breaches over the last few years and the trend has been increasing.…”

Section: Introductionmentioning

confidence: 99%

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Ahmed

Naqvi

Josephs

2019

2019 13th International Symposium on Medical Information and Communication Technology (ISMICT)

View full text Add to dashboard Cite

Cybersecurity incidents are on the rise in the healthcare sector and it is becoming a growing concern for the senior executives. The attack surface is expanding due to the large number of connected medical devices and the proliferation of portable devices such as smart phones, tablets and USB devices. In this paper, we will discuss some of the security challenges facing this sector and propose a set of cybersecurity metrics that could be used to enhance the protection of the IT systems.

show abstract

Section: Introductionmentioning

confidence: 99%

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Ahmed

Naqvi

Josephs

2019

2019 13th International Symposium on Medical Information and Communication Technology (ISMICT)

View full text Add to dashboard Cite

show abstract

“…At the IoT application layer, the key requirements vary according to the type/sector for which the IoT application is developed. For example, key requirements for health‐monitoring applications are robustness, durability, accuracy, precision, reliability, security, privacy, availability, and responsiveness . Low latency is a key requirement in critical and real‐time applications, whereas network utilization and energy efficiency have a high priority in less critical applications such as building automation .…”

Section: Related Workmentioning

confidence: 99%

“…For example, key requirements for health-monitoring applications are robustness, durability, accuracy, precision, reliability, security, privacy, availability, and responsiveness. 23,32,33 Low latency is a key requirement in critical and real-time applications, 10,23 whereas network utilization and energy efficiency have a high priority in less critical applications such as building automation. 23,34 In our work, we considered the most common QoS metrics for all layers of the IoT reference architecture.…”

Section: Qos Metrics Through the Layersmentioning

confidence: 99%

Service level agreement specification for end‐to‐end IoT application ecosystems

et al. 2019

View full text Add to dashboard Cite

Summary With an ever‐increasing variety and complexity of Internet of Things (IoT) applications delivered by increasing numbers of service providers, there is a growing demand for an automated mechanism that can monitor and regulate the interaction between the parties involved in IoT service provision and delivery. This mechanism needs to take the form of a contract, which, in this context, is referred to as a service level agreement (SLA). As a first step toward SLA monitoring and management, an SLA specification is essential. We believe that current SLA specification formats are unable to accommodate the unique characteristics of the IoT domain, such as its multilayered nature. Therefore, we propose a grammar for a syntactical structure of an SLA specification for IoT. The grammar is built based on a proposed conceptual model that considers the main concepts that can be used to express the requirements for hardware and software components of an IoT application on an end‐to‐end basis. We followed the goal question metric approach to evaluate the generality and expressiveness of the proposed grammar by reviewing its concepts and their predefined lists of vocabularies against two use cases with a considerable number of participants whose research interests are mainly related to IoT. The results of the analysis show that the proposed grammar achieved 91.70% of its generality goal and 93.43% of its expressiveness goal.

show abstract

“…However, with the Internet of Things (IoT) this monitoring can be extended easily to the patient's daily environment (home, workplace, etc. ).This model allows considering a broad spectrum of application for self-care with medical measurements [1] and the preventive and Low-Cost Diagnostics. In short, we can imagine many applications for the e-health with IoT environment.…”

Section: Motivationmentioning

confidence: 99%

“…Additionally, we need a certain metric to quantify the risk and other parameters. Savola et al [1] Propose heuristics for security metrics development, based on the risk-analysis results achieved through two view-points: the service provider's business perspective, and the end-user's perspective. Nevertheless, these analyzes don't focus on privacy and assume that data reside in a well-managed shared database on the service provider's premises.…”

mentioning

confidence: 99%

Exploring Formal Strategy Framework for the Security in IoT towards e-Health Context using Computational Intelligence

Ould-Yahia

Banerjee

Bouzefrane

et al. 2017

Studies in Big Data

View full text Add to dashboard Cite

This chapter proposes a novel strategic framework and computationally intelligent model to measure possible vulnerabilities for security context in e-health. The essential input is provided from interconnected wireless sensors under Internet of Health (IoT) paradigm and intelligent social insects that could sense the possibility of threats for a patient moving in different physical locations during his medical diagnosis. Social insect ants can sense and communicate through a chemical, known as pheromone, remotely from their nest towards collection of food. Modeling the pheromone dynamics can be a precise measure to quantify the different e-health security issues like Sinkhole threat or sybil attack under IoT environment. The proposed pheromone alert is presented and compared statistically in terms of precision, recall to identify the classification of possible vulnerability.

show abstract

Risk-driven security metrics development for an e-health IoT application

Cited by 21 publications

References 14 publications

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Cybersecurity Metrics for Enhanced Protection of Healthcare IT Systems

Service level agreement specification for end‐to‐end IoT application ecosystems

Exploring Formal Strategy Framework for the Security in IoT towards e-Health Context using Computational Intelligence

Contact Info

Product

Resources

About