Abstract
The popularity of smartphones has led to an increasing demand for health apps. As a result, the healthcare industry is embracing mobile technology and the security of mHealth is essential in protecting patient’s user data and WBAN in a clinical setting. Breaches of security can potentially be life-threatening as someone with malicious intentions could misuse mHealth devices and user information. In this article, threats to security for mHealth networks are discussed in a layered approach addressing gaps in this emerging field of research. Suite B and Suite E, which are utilized in many security systems, including in mHealth applications, are also discussed. In this paper, the support for mHealth security will follow two approaches; protecting patient-centric systems and associated link technologies. Therefore this article is focused on the security provisioning of the communication path between the patient terminal (PT; e.g., sensors) and the monitoring devices (e.g., smartphone, data-collector).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Barnaby Jack. http://en.wikipedia.org/wiki/Barnaby_Jack
The Good Hacker Barnaby Jack Dies. http://www.thedailybeast.com/articles/2013/07/26/the-good-hacker-barnaby-jack-dies.html. Accessed 17 Dec 2014
Adibi, S.: Link technologies and blackberry mobile health (mHealth) solutions: a review. IEEE Trans. Inf. Technol. Biomed. 16(4), 586–597 (2012)
Rushanan, M., Rubin, A.D., Kune, D.F., Swanson, C.M.: SoK: security and privacy in implantable medical devices and body area networks. In: 2014 IEEE Symposium on Security and Privacy, pp. 524–539, May 2014
Citrix. Mobile Analytics report (2015)
Android Central. How to use the Heart Rate Monitor on the Galaxy S5. http://www.androidcentral.com/how-use-heart-rate-monitor-galaxy-s5. Accessed 11 Feb 2015
mHealth news. Are you ready for sensors in healthcare? http://www.mhealthnews.com/content/infographic-are-you-ready-sensors-healthcare. Accessed 11 Feb 2015
FierceMobileHealthcare. mHealth devices must auto-collect data from cloud, sensors (2014). http://www.fiercemobilehealthcare.com/story/mhealth-devices-must-auto-collect-data-cloud-sensors/2014-01-30. Accessed 11 Feb 2015
Keeping valuable algorithms secret. http://security.stackexchange.com/questions/14671/keeping-valuable-algorithms-secret. Accessed 13 Jan 2015
Attack (computing). http://en.wikipedia.org/wiki/Attack_(computing). Accessed 20 Jan 2015
FIPS 140-2. http://en.wikipedia.org/wiki/FIPS_140-2. Accessed 20 Jan 2015
Project Ubertooth. http://ubertooth.sourceforge.net. Accessed 23 Dec 2014
Ubertooth Schedule. http://www.shmoocon.org/schedule#ubertooth/. Accessed 24 Dec 2014
Adibi, S., et al.: A multilayer non - repudiation system: a suite-B approach
Saleem, S., Ullah, S., Kwak, K.S.: A study of IEEE 802.15.4 security framework for wireless body area networks. Sensors (Basel) 11(2), 1383–1395 (2011)
Gagandeep, G., Aashima, A.: Study on Sinkhole attacks in wireless Ad hoc networks. Int. J. Comput. Sci. Eng. 4(6), 1078–1085 (2012)
PalSingh, V., Anand Ukey, A.S., Jain, S.: Signal strength based hello flood attack detection and prevention in wireless sensor networks. Int. J. Comput. Appl. 62(15), 1–6 (2013)
X.800: Security architecture for Open Systems Interconnection for CCITT applications. http://www.itu.int/rec/T-REC-X.800-199103-I/en. Accessed 20 Jan 2015
Confidentiality, Integrity, Availability: The three components of the CIA Triad. http://security.blogoverflow.com/2012/08/confidentiality-integrity-availability-the-three-components-of-the-cia-triad/. Accessed 19 Jan 2015
Uluagac, A.S., Lee, C.P., Beyah, R.A., Copeland, J.A.: Designing secure protocols for wireless sensor networks. In: Li, Y., Huynh, D.T., Das, S.K., Du, D.-Z. (eds.) WASA 2008. LNCS, vol. 5258, pp. 503–514. Springer, Heidelberg (2008)
X.805: Security architecture for systems providing end-to-end communications. http://www.itu.int/rec/T-REC-X.805-200310-I/en. Accessed 20 Jan 2015
Sunyaev, A., Dehling, T., Taylor, P.L., Mandl, K.D.: Availability and quality of mobile health app privacy policies. J. Am. Med. Inform. Assoc. 1–4 (2014)
Crytographic Protocol. http://en.wikipedia.org/wiki/Cryptographic_protocol. Accessed 12 Jan 2015
Garloff, K.; Symmetric vs. asymmetric algorithms (2000). http://users.suse.com/~garloff/Writings/mutt_gpg/node3.html. Accessed 11 Feb 2015
Jarmusz, S.: Symmetric vs. Asymmetric Encryption: Which Way is Better? http://blog.atmel.com/2013/03/11/symmetric-vs-asymmetric-encryption-which-way-is-better/. Accessed 11 Feb 2015
Irum, S., Ali, A., Khan, F.A., Abbas, H.: A hybrid security mechanism for intra-WBAN and inter-WBAN communications. Int. J. Distrib. Sens. Netw. 2013, 1–11 (2013)
Faisal, M., Al-Muhtadi, J., Al-Dhelaan, A.: Integrated protocols to ensure security services in wireless sensor networks. Int. J. Distrib. Sens. Netw. 2013, 1–13 (2013)
Krohn, R., Metcalf, D.: mHealth Innovation: Best Practices from The Mobile Frontier, p. 204. HIMSS, Chicago (2014)
Ullah, S., Mohaisen, M., Alnuem, M.A.: A review of IEEE 802.15.6 MAC, PHY, and security specifications. IJDSN 2013 (2013)
IEEE Standards Association. 802.15.6 - IEEE Standard for Local and metropolitan area networks - Part 15.6: Wireless Body Area Networks (2012)
Toorani, M.: On Vulnerabilities of the Security Association in the IEEE 802.15.6 Standard, Jan 2015
Zheng, J., Jamalipour, A.: Wireless Sensor Networks: A Networking Perspective, pp. 1–489. Wiley, Hoboken (2008)
Toorani, M., Shirazi, A.A.B.: LPKI - a lightweight public key infrastructure for the mobile environments. In: 2008 11th IEEE Singapore International Conference on Communication Systems, ICCS 2008, pp. 162–166 (2008)
Sahoo, P.K.: Efficient security mechanisms for mHealth applications using wireless body sensor networks. Sensors (Basel) 12(9), 12606–12633 (2012)
Nasser, N., Chen, Y.: SEEM: secure and energy-efficient multipath routing protocol for wireless sensor networks. Comput. Commun. 30(11–12), 2401–2412 (2007)
Australian Government Department of Defence. DSD approval for the use of Suite B cryptography for CONFIDENTIAL and above. http://www.asd.gov.au/publications/dsdbroadcast/20130100-suite-b-crypto-approved.htm. Accessed 31 Dec 2014
Sanderson, R.: Trusted Computing Using IPsec Minimum Essential Interoperability Protocols (2011)
NSA Suite B Cryptography. http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography. Accessed 31 Dec 2014
Cisco Next-Generation Cryptography: Enable Secure Communications and Collaboration
Zaverucha, G.; ECQV Implicit Certificates and the Cryptographic Suite for Embedded Systems (Suite E)
Cryptographic Suite for Embedded Systems (Suite E). http://tools.ietf.org/html/draft-campagna-suitee-01. Accessed 03 Feb 2015
Vanstone, S., Campagna, M.: A cryptographic suite for embedded systems suite E. In: 6th ETSI Security Workshop
Security service (telecommunication). http://en.wikipedia.org/wiki/Security_service_(telecommunication). Accessed 20 Jan 2015
ANT+. http://en.wikipedia.org/wiki/ANT+. Accessed 18 Dec 2014
ANT (network). http://en.wikipedia.org/wiki/ANT_(network). Accessed 11 Feb 2015
What is ZigBee? http://www.wisegeek.org/what-is-zigbee.htm. Accessed 24 Dec 2014
Crosby, G.V., Ghosh, T., Murimi, R., Chin, C.A.: Wireless body area networks for healthcare: a survey. IJASUC 3(3) (2012)
Bluetooth Low Energy Technology Makes New Applications Possible. http://www.connectblue.com/press/articles/bluetooth-low-energy-technology-makes-new-applications-possible/. Accessed 13 Jan 2015
How Bluetooth Works. http://electronics.howstuffworks.com/bluetooth2.htm. Accessed 24 Dec 2014
Nilsson, R., Saltzstein, B.: Bluetooth Low Energy vs. Classic Bluetooth: Choose the Best Wireless Technology for Your Application. Medical Electronics Design (2012)
Bluetooth vs. Bluetooth Low Energy: What’s the Difference? http://www.link-labs.com/bluetooth-vs-bluetooth-low-energy/. Accessed 24 Dec 2014
ISO/IEEE_11073. http://en.wikipedia.org/wiki/ISO/IEEE_11073. Accessed 01 Feb 2015
IEEE. IEEE Std 11073-00103 Section 5.4 (2012)
Portilla, J., Otero, A., de la Torre, E., Riesgo, T., Stecklina, O., Peter, S., Langendörfer, P.: Adaptable security in wireless sensor networks by using reconfigurable ECC hardware coprocessors. Int. J. Distrib. Sens. Netw. 2010, 1–12 (2010)
Inductive Charging. http://en.wikipedia.org/wiki/Inductive_charging. Accessed 05 Jan 2015
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kang, J., Adibi, S. (2015). A Review of Security Protocols in mHealth Wireless Body Area Networks (WBAN). In: Doss, R., Piramuthu, S., ZHOU, W. (eds) Future Network Systems and Security. FNSS 2015. Communications in Computer and Information Science, vol 523. Springer, Cham. https://doi.org/10.1007/978-3-319-19210-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-19210-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19209-3
Online ISBN: 978-3-319-19210-9
eBook Packages: Computer ScienceComputer Science (R0)