Security And Privacy Issues in Healthcare Monitoring Systems: A Case Study

Handler, Daniel Tolboe; Hauge, Lotte; Spognardi, Angelo; Dragoni, Nicola

doi:10.5220/0006224603830388

Cited by 8 publications

(6 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Social engineering can affect all types of P2P PHSs, where an attacker can easily leverage the user layer to deceive patients (older adult patients are more vulnerable to this attack than others [ 135 ]). In the case of P2P PHSs, the threat impact could be one user at a time, with the probability of escalating and affecting others in the network.…”

Section: Resultsmentioning

confidence: 99%

“…P2P PHSs on a patient device can be configured with wearable smart sensors to allow health practitioners or an embedded machine learning model to monitor vital parameters (eg, heart rate variability). In the case of a successful MitM attack on such P2P PHSs, the practitioners or machine learning models may receive unreliable data, which could lead to poor therapeutic or diagnostic decisions and even loss of life [ 93 , 135 ]. An attacker can also share fake messages that an older adult has fallen in order to summon the next-of-kin or emergency services or use the patient's location or personal data for blackmail [ 93 , 135 ].…”

Section: Resultsmentioning

confidence: 99%

“…In the case of a successful MitM attack on such P2P PHSs, the practitioners or machine learning models may receive unreliable data, which could lead to poor therapeutic or diagnostic decisions and even loss of life [ 93 , 135 ]. An attacker can also share fake messages that an older adult has fallen in order to summon the next-of-kin or emergency services or use the patient's location or personal data for blackmail [ 93 , 135 ].…”

Section: Resultsmentioning

confidence: 99%

See 2 more Smart Citations

Security Engineering of Patient-Centered Health Care Information Systems in Peer-to-Peer Environments: Systematic Review

Yari¹,

Dehling²,

Kluge³

et al. 2021

J Med Internet Res

View full text Add to dashboard Cite

Background Patient-centered health care information systems (PHSs) enable patients to take control and become knowledgeable about their own health, preferably in a secure environment. Current and emerging PHSs use either a centralized database, peer-to-peer (P2P) technology, or distributed ledger technology for PHS deployment. The evolving COVID-19 decentralized Bluetooth-based tracing systems are examples of disease-centric P2P PHSs. Although using P2P technology for the provision of PHSs can be flexible, scalable, resilient to a single point of failure, and inexpensive for patients, the use of health information on P2P networks poses major security issues as users must manage information security largely by themselves. Objective This study aims to identify the inherent security issues for PHS deployment in P2P networks and how they can be overcome. In addition, this study reviews different P2P architectures and proposes a suitable architecture for P2P PHS deployment. Methods A systematic literature review was conducted following PRISMA (Preferred Reporting Items for Systematic Reviews and Meta-Analyses) reporting guidelines. Thematic analysis was used for data analysis. We searched the following databases: IEEE Digital Library, PubMed, Science Direct, ACM Digital Library, Scopus, and Semantic Scholar. The search was conducted on articles published between 2008 and 2020. The Common Vulnerability Scoring System was used as a guide for rating security issues. Results Our findings are consolidated into 8 key security issues associated with PHS implementation and deployment on P2P networks and 7 factors promoting them. Moreover, we propose a suitable architecture for P2P PHSs and guidelines for the provision of PHSs while maintaining information security. Conclusions Despite the clear advantages of P2P PHSs, the absence of centralized controls and inconsistent views of the network on some P2P systems have profound adverse impacts in terms of security. The security issues identified in this study need to be addressed to increase patients’ intention to use PHSs on P2P networks by making them safe to use.

show abstract

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Security Engineering of Patient-Centered Health Care Information Systems in Peer-to-Peer Environments: Systematic Review

Yari¹,

Dehling²,

Kluge³

et al. 2021

J Med Internet Res

View full text Add to dashboard Cite

show abstract

“…Though this work focuses on the proposed framework's design and practical implementation, we have endeavoured to analyse the threats facing the framework, and included our assessment of how risks are mitigated. For a more formalized insight on the threats facing remote health monitoring systems, readers are recommended to read the work by Handler et al [23]. Additionally, the work [24] contains a security analysis on blockchain technologies in particular.…”

Section: Security Analysismentioning

confidence: 99%

A Decentralized Peer-to-Peer Remote Health Monitoring System

Ali

Vecchio

Putra

et al. 2020

Sensors

View full text Add to dashboard Cite

Within the Internet of Things (IoT) and blockchain research, there is a growing interest in decentralizing health monitoring systems, to provide improved privacy to patients, without relying on trusted third parties for handling patients’ sensitive health data. With public blockchain deployments being severely limited in their scalability, and inherently having latency in transaction processing, there is room for researching and developing new techniques to leverage the security features of blockchains within healthcare applications. This paper presents a solution for patients to share their biomedical data with their doctors without their data being handled by trusted third party entities. The solution is built on the Ethereum blockchain as a medium for negotiating and record-keeping, along with Tor for delivering data from patients to doctors. To highlight the applicability of the solution in various health monitoring scenarios, we have considered three use-cases, namely cardiac monitoring, sleep apnoea testing, and EEG following epileptic seizures. Following the discussion about the use cases, the paper outlines a security analysis performed on the proposed solution, based on multiple attack scenarios. Finally, the paper presents and discusses a performance evaluation in terms of data delivery time in comparison to existing centralized and decentralized solutions.

show abstract

“…In our opinion, federated learning is the right solution for meeting the abovementioned requirements. Furthermore, when we will make our bot public, we will provide the user with privacy management tools as described in [47]:…”

Section: Privacy and Control Mechanismsmentioning

confidence: 99%

HealthAssistantBot: A Personal Health Assistant for the Italian Language

et al. 2020

View full text Add to dashboard Cite

In this article, we present HealthAssistantBot, an intelligent virtual assistant able to talk with patients in order to understand their symptomatology, suggest doctors, and monitor treatments and health parameters. In a simple way, by exploiting a natural language-based interaction, the system allows the user to create her health profile, to describe her symptoms, to search for doctors or to simply remember a treatment to follow. Specifically, our methodology exploits machine learning techniques to process users symptoms and to automatically infer her diseases. Next, the information obtained is used by our recommendation algorithm to identify the nearest doctor who can best treat the user's condition, considering the community data. In the experimental session we evaluated our HealthAssistantBot with both an offline and online evaluation. In the first case, we assessed the performance of our internal components, while in the second one we carried out a study involving 102 subjects who interacted with the conversational agent in a daily use scenario. Results are encouraging and showed the effectiveness of the strategy in supporting the patients in taking care of their health.

show abstract

Security And Privacy Issues in Healthcare Monitoring Systems: A Case Study

Cited by 8 publications

References 7 publications

Security Engineering of Patient-Centered Health Care Information Systems in Peer-to-Peer Environments: Systematic Review

Security Engineering of Patient-Centered Health Care Information Systems in Peer-to-Peer Environments: Systematic Review

A Decentralized Peer-to-Peer Remote Health Monitoring System

HealthAssistantBot: A Personal Health Assistant for the Italian Language

Contact Info

Product

Resources

About