Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks

Internet of Things (IoT) devices are rapidly becoming ubiquitous while IoT services are becoming pervasive. Their success has not gone unnoticed and the number of threats and attacks against IoT devices and services are on the increase as well. Cyber-attacks are not new to IoT, but as IoT will be deeply interwoven in our lives and societies, it is becoming necessary to step up and take cyber defense seriously. Hence, there is a real need to secure IoT, which has consequently resulted in a need to comprehensively understand the threats and attacks on IoT infrastructure. This paper is an attempt to classify threat types, besides analyze and characterize intruders and attacks facing IoT device…

Sharing With Care - Multidisciplinary Teams and Secure Access to Electronic Health Records

Published: Proceedings of the 11th International Joint Conference on Biomedical Engineering Systems and Technologies Vol 5 2018

An Access Control Model to Facilitate Healthcare Information Access in Context of Team Collaboration

The delivery of healthcare relies on the sharing of patients information among a group of healthcare professionals (so-called multidisciplinary teams (MDTs)). At present, electronic health records (EHRs) are widely utilized system to create, manage and share patient healthcare information among MDTs. While it is necessary to provide healthcare professionals with privileges to access patient health information, providing too many privileges may backfire when healthcare professionals accidentally or intentionally abuse their privileges. Hence, finding a middle ground, where the necessary privileges are provided and malicious usage are avoided, is necessary. This thesis highlights the access c…

Security and privacy in the Internet of Things: Current status and open issues

The Internet of Things at large will foster billions of devices, people and services to interconnect and exchange information and useful data. As IoT systems will be ubiquitous and pervasive, a number of security and privacy issues will arise. Credible, economical, efficient and effective security and privacy for IoT are required to ensure exact and accurate confidentiality, integrity, authentication, and access control, among others. In this paper, the IoT vision, existing security threats, and open challenges in the domain of IoT are discussed. The current state of research on IoT security requirements is discussed and future research directions with respect to IoT security and privacy ar…

Access Control Model for Cooperative Healthcare Environments: Modeling and Verification

Integrated use of electronic health records (EHRs) seem both promising and necessary in improving the quality and delivery of health services. This allows healthcare providers access to information they require to provide rapid patient care. Of course, when sensitive information is shared among a group of people within or across organizations, enforceable security and privacy control over the information flow is a key aspect. In this study, an access control model for cooperative healthcare environments is presented. A work-based access control (WBAC) model is proposed by introducing the concept of team role and modifying the user-role assignment model from previous work. Verification indic…

UML/OCL-based modeling of work-based access control policies for collaborative healthcare systems

A work-based access control (WBAC) model is proposed by introducing the team role concept and modifying the user-role assignment model from a previous work. The main goals of WBAC are flexibility, easy manageability, security, as well as suitability to support cooperative work of dynamic teams in healthcare environments. One of the major challenges of WBAC regards authorization constraints in terms of organizational policies. In this article, we show how Unified Modeling Language (UML) and Object Constraints Language (OCL) are utilized to design and analyze the authorization constraints of WBAC in cooperative engagements with complex scenarios in the collaborative healthcare domain. We also…

Towards Risk-aware Access Control Framework for Healthcare Information Sharing

Towards an Access Control Model for Collaborative Healthcare Systems

In this study, an access control model for collaborative healthcare systems is proposed. Collaboration requirements, patient data confidentiality and the need for flexible access for healthcare providers through the actual work they must fulfill as part of their duties are carefully addressed. The main goal is to provide an access control model that strikes a balance between collaboration and safeguarding sensitive patient information.