Risk-based adaptive security for smart IoT in eHealth

Emerging Internet of Things (IoTs) technologies provide many benefits to the improvement of eHealth. The successful deployment of IoTs depends on ensuring security and privacy that need to adapt to their processing capabilities and resource use. IoTs are vulnerable to attacks since communications are mostly wireless, unattended things are usually vulnerable to physical attacks, and most IoT components are constrained by energy, communications, and computation capabilities necessary for the implementation of complex security-supporting schemes. This paper describes a risk-based adaptive security framework for IoTs in eHealth that will estimate and predict risk damages and future benefits using game theory and context-awareness techniques. The paper also describes the validation case study.

[1]  K. Hausken Probabilistic Risk Analysis and Game Theory , 2002, Risk analysis : an official publication of the Society for Risk Analysis.

[2]  James A. Landay,et al.  Privacy risk models for designing privacy-sensitive ubiquitous computing systems , 2004, DIS '04.

[3]  F. Dressler,et al.  A Comprehensive and Comparative Metric for Information Security , 2005 .

[4]  Claudia Keser,et al.  Fuzzy Multi-Level Security: An Experiment on Quantified Risk-Adaptive Access Control , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[5]  F. Nachira,et al.  A Network of Digital Business Ecosystems for Europe : Roots , Processes and Perspectives , 2007 .

[6]  John A. Clark,et al.  MLS security policy evolution with genetic programming , 2008, GECCO '08.

[7]  Kenneth G. Paterson,et al.  Trust management for secure information flows , 2008, CCS.

[8]  M. Hadzic,et al.  Application of Digital Ecosystems in health domain , 2008, 2008 2nd IEEE International Conference on Digital Ecosystems and Technologies.

[9]  Jr. Louis Anthony Cox,et al.  Game Theory and Risk Analysis , 2009 .

[10]  Stefan Poslad,et al.  Ubiquitous Computing: Smart Devices, Environments and Interactions , 2009 .

[11]  Habtamu Abie Adaptive security and trust management for autonomic message-oriented middleware , 2009, 2009 IEEE 6th International Conference on Mobile Adhoc and Sensor Systems.

[12]  Marco Casassa Mont,et al.  Using security metrics coupled with predictive modeling and simulation to assess security processes , 2009, 2009 3rd International Symposium on Empirical Software Engineering and Measurement.

[13]  Marco Casassa Mont,et al.  Using security metrics coupled with predictive modeling and simulation to assess security processes , 2009, ESEM 2009.

[14]  Jorge Lobo,et al.  Automating role-based provisioning by learning from examples , 2009, SACMAT '09.

[15]  M. Naceur Azaiez,et al.  Game Theoretic Risk Analysis of Security Threats , 2009 .

[16]  Reijo Savola,et al.  Development of Measurable Security for a Distributed Messaging System , 2010 .

[17]  John Bigham,et al.  Self-healing and secure adaptive messaging middleware for business-critical systems , 2010 .

[18]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[19]  Carlo Maria Medaglia,et al.  An Overview of Privacy and Security Issues in the Internet of Things , 2010 .

[20]  Jorge Lobo,et al.  Risk-based access control systems built on fuzzy inferences , 2010, ASIACCS '10.

[21]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[22]  F. Mtenzi,et al.  Security Metrics for e-Healthcare Information Systems: A Domain Specific Metrics Approach , 2010 .

[23]  P. Maillé,et al.  Of Threats and Costs: A Game-Theoretic Approach to Security Risk Management , 2011 .

[24]  Ilangko Balasingham,et al.  Quality of Service, Adaptation, and Security Provisioning in Wireless Patient Monitoring Systems , 2011 .

[25]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[26]  Lisa Rajbhandari,et al.  Mapping between Classical Risk Management and Game Theoretical Approaches , 2011, Communications and Multimedia Security.

[27]  Peter Friess,et al.  Internet of Things Strategic Research Roadmap , 2011 .

[28]  Tansu Alpcan,et al.  Risk Management for IT Security: When Theory Meets Practice , 2012, 2012 5th International Conference on New Technologies, Mobility and Security (NTMS).

[29]  Jiafu Wan,et al.  Security in the Internet of Things: A Review , 2012, 2012 International Conference on Computer Science and Electronics Engineering.

[30]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.