Imposing holistic privacy and data security on person centric ehealth monitoring infrastructures

Telemetric monitoring of vital parameters of patients with chronic diseases is recognized to improve their medical condition and hence their quality of life. It also improves treatment adjustments, reaction time in acute cases and helps to reduce duration and costs of hospitalization. As a result of this, there are plenty of products and solutions for personal health monitoring available today that acquire physiological data in real-time. In order for such systems to be widely acceptable and utilized by the medical community and the patients, they must be developed satisfying the security requirements imposed by real-time data communication and protection of sensitive physiological data and measurements, data integrity and confidentiality, and protection of the monitored patient's privacy. The work presented in this paper intends to fill the security gap, which makes these devices and the data acquired by them, vulnerable to any kind of attacks. By utilizing MPEG-21 standard's primitives, we show that protection of transmitted medical information and enhancement of patient's privacy is accomplished, since there is selective and controlled access to medical data that sent toward the hospital's servers.

[1]  J. Gialelis,et al.  Wireless wearable body area network supporting person centric health monitoring , 2008, 2008 IEEE International Workshop on Factory Communication Systems.

[2]  Stelvio Cimato,et al.  Encyclopedia of Cryptography and Security , 2005 .

[3]  Emil Jovanov,et al.  Guest Editorial Introduction to the Special Section on M-Health: Beyond Seamless Mobility and Global Wireless Health-Care Connectivity , 2004, IEEE Transactions on Information Technology in Biomedicine.

[4]  Radu Sion,et al.  A personal mobile DRM manager for smartphones , 2009, Comput. Secur..

[5]  Georg A Brox MPEG-21 as an access control tool for the National Health Service Care Records Service , 2005, Journal of telemedicine and telecare.

[6]  Dimitrios Serpanos,et al.  Security Framework for Pervasive Healthcare Architectures Utilizing MPEG-21 IPMP Components , 2009, International journal of telemedicine and applications.

[7]  A. M. Abdullah,et al.  Wireless lan medium access control (mac) and physical layer (phy) specifications , 1997 .

[8]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[9]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[10]  Sandeep K. S. Gupta,et al.  Security solutions for pervasive healthcare , 2007 .

[11]  Ian Burnett,et al.  An Introduction to MPEG-21 , 2006 .

[12]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).