Systematic Analysis of Security Implementation for Internet of Health Things in Mobile Health Networks

Internet of Things (IoT) networks are fast-evolving and expanding into most aspects of human society. The rapid proliferation of smart devices, such as smart phones and wearables that have been adopted for personal use in everyday life, has produced a demand for utilities that can assist people with achieving goals for a successful lifestyle, i.e., to live healthier and more productive lives. With continued research and development into technology, the costs of building IoT networks, including the devices and the accessibility of information from these networks is reducing at a rapid rate, allowing for the feasibility of large volumes of data to be produced. This is of great importance to the health informatics field, as health data made available from personal devices such as wearables and sensors may be of significant value to stakeholders within the health service industry, such as insurance companies and hospitals or doctors. Data collected by these sensors are transmitted by the devices to a centralized server, which can be accessed and retrieved by those service providers for further processing, analysis, and use. Devices used for this purpose through the IoT network can be referred to as the Internet of Health Things (IoHT). This paper broadly reviews the current security protocols that are available, taking the approach of a horizontal and vertical perspective. Possible options to protect this sensitive data and to protect network security are proposed, with considerations of simplicity and ease of implementation, as well as cost factors involved to meet the constraints of personal health devices (PHD), which are often limited in terms of battery power and processing power.

[1]  David M. Liebovitz,et al.  Consumer Mobile Health Apps: Current State, Barriers, and Future Directions , 2017, PM & R : the journal of injury, function, and rehabilitation.

[2]  Matthew J. Campagna,et al.  A Cryptographic Suite for Embedded Systems (SuiteE) , 2012 .

[3]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[4]  Nidal Nasser,et al.  SEEM: Secure and energy-efficient multipath routing protocol for wireless sensor networks , 2007, Comput. Commun..

[5]  Sasan Adibi,et al.  A multilayer non-repudiation system: a Suite-B approach , 2015, Secur. Commun. Networks.

[6]  John K. Zao,et al.  Efficient authentication of resource-constrained IoT devices based on ECQV implicit certificates and datagram transport layer security protocol , 2016, SoICT.

[7]  Sasan Adibi,et al.  Link Technologies and BlackBerry Mobile Health (mHealth) Solutions: A Review , 2012, IEEE Transactions on Information Technology in Biomedicine.

[8]  John Viega,et al.  The State of Embedded-Device Security (Spoiler Alert: It's Bad) , 2012, IEEE Security & Privacy.

[9]  Mohsen Toorani,et al.  LPKI - A lightweight public key Infrastructure for the mobile environments , 2008, 2008 11th IEEE Singapore International Conference on Communication Systems.

[10]  Farrukh Aslam Khan,et al.  A Hybrid Security Mechanism for Intra-WBAN and Inter-WBAN Communications , 2013, Int. J. Distributed Sens. Networks.

[11]  James Jin Kang,et al.  A Review of Security Protocols in mHealth Wireless Body Area Networks (WBAN) , 2015, FNSS.

[12]  Colleen Swanson,et al.  SoK: Security and Privacy in Implantable Medical Devices and Body Area Networks , 2014, 2014 IEEE Symposium on Security and Privacy.

[13]  Peter Langendörfer,et al.  Adaptable Security in Wireless Sensor Networks by Using Reconfigurable ECC Hardware Coprocessors , 2010, Int. J. Distributed Sens. Networks.

[14]  Abdullah Al-Dhelaan,et al.  Integrated Protocols to Ensure Security Services in Wireless Sensor Networks , 2013, Int. J. Distributed Sens. Networks.