Toward energy-efficient and trustworthy eHealth monitoring system

The rapid technological convergence between Internet of Things (IoT), Wireless Body Area Networks (WBANs) and cloud computing has made e-healthcare emerge as a promising application domain, which has significant potential to improve the quality of medical care. In particular, patient-centric health monitoring plays a vital role in e-healthcare service, involving a set of important operations ranging from medical data collection and aggregation, data transmission and segregation, to data analytics. This survey paper firstly presents an architectural framework to describe the entire monitoring life cycle and highlight the essential service components. More detailed discussions are then devoted to {\em data collection} at patient side, which we argue that it serves as fundamental basis in achieving robust, efficient, and secure health monitoring. Subsequently, a profound discussion of the security threats targeting eHealth monitoring systems is presented, and the major limitations of the existing solutions are analyzed and extensively discussed. Finally, a set of design challenges is identified in order to achieve high quality and secure patient-centric monitoring schemes, along with some potential solutions.

[1]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[2]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[3]  Youki Kadobayashi,et al.  STARS: A Simple and Efficient Scheme for Providing Transparent Traceability and Anonymity to Reputation Systems , 2010, DPM/SETOP.

[4]  Jin Li,et al.  Defending against Key Abuse Attacks in KP-ABE Enabled Broadcast Systems , 2009, SecureComm.

[5]  Kui Ren,et al.  Distributed Privacy-Preserving Access Control in Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[6]  Wenjing Lou,et al.  Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance , 2009, IEEE INFOCOM 2009.

[7]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[8]  Kui Ren,et al.  DP²AC: Distributed Privacy-Preserving Access Control in Sensor Networks , 2009, IEEE INFOCOM 2009.

[9]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[10]  Youki Kadobayashi,et al.  Toward cost-sensitive self-optimizing anomaly detection and response in autonomic networks , 2011, Comput. Secur..

[11]  Meng Zhang,et al.  Towards trustworthy medical devices and body area networks , 2013, 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC).

[12]  A. Ramachandran,et al.  Computing Cryptographic Algorithms in Portable and Embedded Devices , 2007, 2007 IEEE International Conference on Portable Information Devices.

[13]  James A. Hendler,et al.  Information accountability , 2008, CACM.

[14]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[15]  Sungyoung Lee,et al.  An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare , 2011, J. Networks.

[16]  Wenjing Lou,et al.  Dependable and Secure Sensor Data Storage with Dynamic Integrity Assurance , 2009, INFOCOM.

[17]  Oscar Garcia Morchon,et al.  Efficient distributed security for wireless medical sensor networks , 2008, 2008 International Conference on Intelligent Sensors, Sensor Networks and Information Processing.

[18]  H. S. Ng,et al.  Security issues of wireless sensor networks in healthcare applications , 2006 .

[19]  Xiaohui Liang,et al.  Enabling pervasive healthcare through continuous remote health monitoring , 2012, IEEE Wireless Communications.

[20]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[21]  Kyung Sup Kwak,et al.  Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[22]  Garth V. Crosby,et al.  Wireless Body Area Networks for Healthcare: A Survey , 2012 .

[23]  Zonghua Zhang,et al.  An Efficient Admission Control Algorithm for Virtual Sensor Networks , 2014, 2014 IEEE Intl Conf on High Performance Computing and Communications, 2014 IEEE 6th Intl Symp on Cyberspace Safety and Security, 2014 IEEE 11th Intl Conf on Embedded Software and Syst (HPCC,CSS,ICESS).

[24]  Anil K. Jain,et al.  Biometric cryptosystems: issues and challenges , 2004, Proceedings of the IEEE.

[25]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[26]  Michael K. Reiter,et al.  The Practical Subtleties of Biometric Key Generation , 2008, USENIX Security Symposium.

[27]  Yajin Zhou,et al.  The impact of vendor customizations on android security , 2013, CCS.

[28]  Azzedine Boukerche,et al.  A Secure Mobile Healthcare System using , 2009 .

[29]  Kevin Fu,et al.  Trustworthy Medical Device Software , 2011 .

[30]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[31]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[32]  T. Kavitha,et al.  Security Vulnerabilities In Wireless Sensor Networks: A Survey , 2010 .

[33]  Soufiene Djahel,et al.  Mitigating Packet Dropping Problem in Mobile Ad Hoc Networks: Proposals and Challenges , 2011, IEEE Communications Surveys & Tutorials.

[34]  Ashish Goel,et al.  Set k-cover algorithms for energy efficient monitoring in wireless sensor networks , 2003, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[35]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[36]  Cong Wang,et al.  A privacy-aware cloud-assisted healthcare monitoring system via compressive sensing , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[37]  Zonghua Zhang,et al.  RADAR: A reputation-driven anomaly detection system for wireless mesh networks , 2010, Wirel. Networks.

[38]  Cory Cornelius,et al.  On Usable Authentication for Wireless Body Area Networks , 2010 .

[39]  Roel Maes,et al.  Physically Unclonable Functions , 2012, Springer Berlin Heidelberg.

[40]  Vladimir Stojanovic,et al.  A signal-agnostic compressed sensing acquisition system for wireless and implantable sensors , 2010, IEEE Custom Integrated Circuits Conference 2010.

[41]  Kevin Fu,et al.  Absence Makes the Heart Grow Fonder: New Directions for Implantable Medical Device Security , 2008, HotSec.

[42]  Kevin Fu,et al.  They can hear your heartbeats: non-invasive security for implantable medical devices , 2011, SIGCOMM.

[43]  Colleen Swanson,et al.  SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks , 2014, 2014 IEEE Symposium on Security and Privacy.

[44]  Jie Liu,et al.  Improving energy efficiency of personal sensing applications with heterogeneous multi-processors , 2012, UbiComp '12.

[45]  Benton H. Calhoun,et al.  Energy Efficient Design for Body Sensor Nodes , 2011 .

[46]  Jun Zhou,et al.  PSMPA: Patient Self-Controllable and Multi-Level Privacy-Preserving Cooperative Authentication in Distributedm-Healthcare Cloud Computing System , 2015, IEEE Transactions on Parallel and Distributed Systems.

[47]  Soufiene Djahel,et al.  Fast and Efficient Countermeasure for MAC Layer Misbehavior in MANETs , 2012, IEEE Wireless Communications Letters.

[48]  Kevin Fu,et al.  Controlling for cybersecurity risks of medical device software , 2013, Commun. ACM.

[49]  Fan Ye,et al.  Mobile crowdsensing: current state and future challenges , 2011, IEEE Communications Magazine.

[50]  Ann Cavoukian Sensors and In-Home Collection of Health Data: A Privacy by Design Approach , 2010 .

[51]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[52]  Wenyuan Xu,et al.  Ghost Talk: Mitigating EMI Signal Injection Attacks against Analog Sensors , 2013, 2013 IEEE Symposium on Security and Privacy.