Book review: Applied cryptography: Protocols, algorithms, and source code in C

Securing internet of medical things systems: Limitations, issues and recommendations

Despite recent advances in multiple sclerosis (MS) care, many patients only infrequently access health care services, or are unable to access them easily, for reasons such as mobility restrictions, travel costs, consultation and treatment time constraints, and a lack of locally available MS expert services. Advances in mobile communications have led to the introduction of electronic health (eHealth) technologies, which are helping to improve both access to and the quality of health care services. As the Internet is now readily accessible through smart mobile devices, most people can take advantage of eHealth apps. The development of digital applications and remote communication technologies for patients with MS has increased rapidly in recent years. These apps are intended to complement traditional in-clinic approaches and can bring significant benefits to both patients with MS and health care providers (HCPs). For patients, such eHealth apps have been shown to improve outcomes and increase access to care, disease information, and support. These apps also help patients to participate actively in self-management, for example, by tracking adherence to treatment, changes in bladder and bowel habits, and activity and mood. For HCPs, MS eHealth solutions can simplify the multidisciplinary approaches needed to tailor MS management strategies to individual patients; facilitate remote monitoring of patient symptoms, adverse events, and outcomes; enable the efficient use of limited resources and clinic time; and potentially allow more timely intervention than is possible with scheduled face-to-face visits. These benefits are important because MS is a long-term, multifaceted chronic condition that requires ongoing monitoring, assessment, and management. We identified in the literature 28 eHealth solutions for patients with MS that fall within the four categories of screening and assessment, disease monitoring and self-management, treatment and rehabilitation, and advice and education. We review each solution, focusing on any clinical evidence supporting their use from prospective trials (including ASSESS MS, Deprexis, MSdialog, and the Multiple Sclerosis Performance Test) and consider the opportunities, barriers to adoption, and potential pitfalls of eHealth technologies in routine health care.

/pdf/the-use-of-digital-and-remote-communication-technologies-as-kqcrjztzm4.pdf

The Use of Digital and Remote Communication Technologies as a Tool for Multiple Sclerosis Management: Narrative Review.

Currently, rapidly developing digital technological innovations affect and change the integrated information management processes of all sectors. The high efficiency of these innovations has inevitably pushed the health sector into a digital transformation process to optimize the technologies and methodologies used to optimize healthcare management systems. In this transformation, the Internet of Things (IoT) technology plays an important role, which enables many devices to connect and work together. IoT allows systems to work together using sensors, connection methods, internet protocols, databases, cloud computing, and analytic as infrastructure. In this respect, it is necessary to establish the necessary technical infrastructure and a suitable environment for the development of smart hospitals. This study points out the optimization factors, challenges, available technologies, and opportunities, as well as the system architecture that come about by employing IoT technology in smart hospital environments. In order to do that, the required technical infrastructure is divided into five layers and the system infrastructure, constraints, and methods needed in each layer are specified, which also includes the smart hospital’s dimensions and extent of intelligent computing and real-time big data analytic. As a result of the study, the deficiencies that may arise in each layer for the smart hospital design model and the factors that should be taken into account to eliminate them are explained. It is expected to provide a road map to managers, system developers, and researchers interested in optimization of the design of the smart hospital system.

/pdf/analysis-of-factors-affecting-iot-based-smart-hospital-3axlvfp326.pdf

Analysis of factors affecting IoT-based smart hospital design

Internet of Things (IoT) can be seen as a pervasive network of networks: numerous heterogeneous entities both physical and virtual interconnected with any other entity or entities through unique addressing schemes, interacting with each other to provide/request all kinds of services. IoT technology is expected to pave the way for groundbreaking applications in a diversity of areas such as healthcare, security and surveillance, transportation, and industry, and integrate advanced technologies of communication, networking, cloud computing, sensing and actuation. Given the enormous number of connected devices that are potentially vulnerable, highly significant risks emerge around the issues of security, privacy, and governance; calling into question the whole future of IoT. IoT applications are expected to affect many aspects of people's lives, bringing about many conveniences; however, if security and privacy cannot be ensured, this can lead to a number of undesired consequences. This survey focuses on the security aspects of IoT, and discusses up-to-date IoT security solutions.

Security in internet of things: A survey

Miniaturization of computer hardware and the demand for network capable devices has resulted in the emergence of a new class of technology called wearable computing. Wearable devices have many purposes like lifestyle support, health monitoring, fitness monitoring, entertainment, industrial uses, and gaming. Wearable devices are hurriedly being marketed in an attempt to capture an emerging market. Owing to this, some devices do not adequately address the need for security. To enable virtualization and connectivity wearable devices sense and transmit data, therefore it is essential that the device, its data and the user are protected. In this paper the use of novel Integrated Circuit Metric (ICMetric) technology for the provision of security in wearable devices has been suggested. ICMetric technology uses the features of a device to generate an identification which is then used for the provision of cryptographic services. This paper explores how a device ICMetric can be generated by using the accelerometer and gyroscope sensor. Since wearable devices often operate in a group setting the work also focuses on generating a group identification which is then used to deliver services like authentication, confidentiality, secure admission and symmetric key generation. Experiment and simulation results prove that the scheme offers high levels of security without compromising on resource demands.

/pdf/on-the-security-of-consumer-wearable-devices-in-the-internet-5b4b7bmcct.pdf

On the security of consumer wearable devices in the Internet of Things.

Wireless Sensor Networks (WSNs) have the potential of being employed in a variety of applications ranging from battlefield surveillance to everyday applications such as smart homes and patient monitoring. Security is a major challenge that all applications based on WSNs are facing nowadays. Firstly, due to the wireless nature of WSNs, and secondly due to their ability to operate in unattended environments makes them even more vulnerable to various sorts of attacks. Among these attacks is node capture attack in WSNs, whose threat severity can range from a single node being compromised in the network to the whole network being compromised as a result of that single node compromise. In this paper, we propose the use of ICMetric technology to provide resilience against node compromise in WSN. ICmetrics generates the security attributes of the sensor node based on measurable hardware and software characteristics of the integrated circuit. These properties of ICmetrics can help safeguard WSNs from various node capture attacks.

/pdf/improving-resilience-against-node-capture-attacks-in-3lkpu22qh0.pdf

Improving Resilience Against Node Capture Attacks in Wireless Sensor Networks Using ICmetrics

Convergence of technologies from several domains of computing and healthcare have aided in the creation of devices that can help health professionals in monitoring their patients remotely. An increase in networked healthcare devices has resulted in incidents related to data theft, medical identity theft and insurance fraud. In this paper, we discuss the design and implementation of a secure lightweight wearable health sensing system. The proposed system is based on an emerging security technology called Integrated Circuit Metric (ICMetric) that extracts the inherent features of a device to generate a unique device identification. In this paper, we provide details of how the physical characteristics of a health sensor can be used for the generation of hardware “fingerprints”. The obtained fingerprints are used to deliver security services like authentication, confidentiality, secure admission and symmetric key generation. The generated symmetric key is used to securely communicate the health records and data of the patient. Based on experimental results and the security analysis of the proposed scheme, it is apparent that the proposed system enables high levels of security for health monitoring in resource optimized manner.

/pdf/securing-health-sensing-using-integrated-circuit-metric-n2ezjrf2d6.pdf

Securing health sensing using integrated circuit metric.

This paper presents a scheme for the generation of strong session based ICMetrics key pairs for security critical embedded system applications ICMetrics generates the security attributes of the sensor node based on measurable hardware and software characteristics of the integrated circuit In the proposed scheme a random session ID is assigned by a trusted party to each participating network entity, which remains valid for a communication session Our work is based on the design of a key derivation function that uses an ICMetrics secret key and a session token assigned by the trusted party to derive strong cryptographic key pairs for each entity These session tokens also serve the purpose of identification/authentication between the trusted parties and the respective nodes in each network The main strength of our proposed scheme rests on the randomness feature incorporated via the random session ID's, which makes the generated strong private/public key pair highly resistant against exhaustive search and rainbow table attacks Our proposed approach makes use of key stretching using random session tokens via SHA-2 and performs multiple iterations of the proposed key derivation function to generate strong high entropy session key pairs of sufficient length The randomness of the assigned ID's and the session based communication hinders the attacker's ability to launch various sorts of cryptanalytic attacks, thereby making the generated keys very high in entropy The randomness feature has also been very carefully tuned according to the construction principles of ICMetrics, so that it doesn't affect the original ICMetrics data The second part of the proposed scheme generates a corresponding public session key by computing the Hermite Normal Form of the high entropy private session key

/pdf/a-scheme-for-the-generation-of-strong-icmetrics-based-2ct7dtk7de.pdf

A Scheme for the Generation of Strong ICMetrics Based Session Key Pairs for Secure Embedded System Applications

Cryptography has become an essential for providing security in embedded system applications. The employed cryptographic primitives should provide strong protection such that the security of the system is not compromised at any point in the lifecycle of a secure operation. This particularly includes the secure generation and maintenance of cryptographic keys. In general this assumption is difficult to accomplish, since there are attacks that come under this umbrella ranging from brute force attacks on the key to capturing the node to extract the key. In this paper we investigate and analyze ICMetrics and its counterpart scheme referred to as the scheme for the generation of strong high entropy ICMetrics session key pairs. ICMetrics is a key technology that computes the secret key based on hardware/ software properties of a device, thereby providing resilience against node capture attacks, while high entropy key pair generation scheme is employed to strengthen the generated ICMetrics basis number, so as to safeguard the generated strong key pairs from brute force and rainbow table attacks.

/pdf/resilience-against-brute-force-and-rainbow-table-attacks-marp3m8s9j.pdf

Ruhma Tahir

Papers

On the security of consumer wearable devices in the Internet of Things.

Improving Resilience Against Node Capture Attacks in Wireless Sensor Networks Using ICmetrics

Securing health sensing using integrated circuit metric.

A Scheme for the Generation of Strong ICMetrics Based Session Key Pairs for Secure Embedded System Applications

Resilience against brute force and rainbow table attacks using strong ICMetrics session key pairs