Adding security to mobile data collection

Mancini, Federico; Mughal, Khalid A.; Gejibo, Samson; Klungsøyr, Jørn

doi:10.1109/health.2011.6026793

Cited by 11 publications

(13 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…If the connection is HTTPS, the SecureHttpConnection will behave in the same way as a normal HttpsConnection object would. If however it is not HTTPS, any request headers or data written to the connections output stream will be encrypted prior to being sent to the server by using the protocol presented in [5]. The API is designed so that the client developer would use the SecureHttpConnection object in the same way as an HttpConnection object.…”

Section: Secure Data Upload and Downloadmentioning

confidence: 99%

“…The API is designed to be flexible and support both HTTPS and the protocol proposed in [5]. We offer a SecureHttpConnection class that can be wrapped around a HttpConnection.…”

Section: Secure Data Upload and Downloadmentioning

confidence: 99%

“…When this parameter is specified, our API can automatically generate some predefined requests that can be used for various operations: user registration; password recovery and server authentication as described in [5].…”

Section: Secure Data Upload and Downloadmentioning

confidence: 99%

“…The API is designed by considering several security challenges in mobile data collection where low-end mobile phones are deployed and the projects run on very constrained budgets. The details can be found in [5].…”

Section: Introductionmentioning

confidence: 99%

“…However, none of these systems has a complete security solution to guarantee data confidentiality, integrity, availability and privacy both on the client and on the server side. In this paper, we present the challenges in implementing the openXSecureAPI (which from now on we will refer to as simply API), based on the secure protocol proposed in [5], which can be used to add a security layer in existing Mobile Data Collection Systems (MDCS).…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Challenges in Implementing an End-to-End Secure Protocol for Java ME-Based Mobile Data Collection in Low-Budget Settings

Gejibo

Mancini

Mughal

et al. 2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Mobile devices are having a profound impact on how services can be delivered and how information can be shared. Sensitive information collected in remote communities can be relayed to local health care centers and from there to the decision makers who are thus empowered to make timely decisions. However, many of these systems do not systematically address very important security issues which are critical when dealing with such sensitive and private information. In this paper we analyze implementation challenges of a proposed security protocol based on the Java ME platform. The protocol presents a flexible secure solution that encapsulates data for storage and transmission without requiring significant changes in the existing mobile client application. The secure solution offers a cost-effective way for ensuring data confidentiality, both when stored on the mobile device and when transmitted to the server. In addition, it offers data integrity, off-line and on-line authentication, account and data recovery mechanisms, multiuser management and flexible secure configuration. A prototype of our secure solution has been integrated with openXdata.

show abstract

Section: Secure Data Upload and Downloadmentioning

confidence: 99%

“…The API is designed to be flexible and support both HTTPS and the protocol proposed in [5]. We offer a SecureHttpConnection class that can be wrapped around a HttpConnection.…”

Section: Secure Data Upload and Downloadmentioning

confidence: 99%

Section: Secure Data Upload and Downloadmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Challenges in Implementing an End-to-End Secure Protocol for Java ME-Based Mobile Data Collection in Low-Budget Settings

Gejibo

Mancini

Mughal

et al. 2012

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Form‐based security in mobile health data collection systems

Katarahweire

Mughal

Ngubiri

2021

Security and Privacy

View full text Add to dashboard Cite

Mobile Health Data Collection Systems (MHDCS) use electronic forms for data collection in place of paper surveys. Data is entered into the electronic forms by community health workers with smartphones. These systems are used in clinical trials and continuous monitoring of participants. Data collected in MHDCS is diverse with varying sensitivity levels. This therefore calls for the application of different security mechanisms to protect the data. In this paper, a data sensitivity classification model is proposed. It determines the sensitivity levels of form attributes depending on the context and sensitive parameters. The electronic form is the starting point of the data collection process. We augment the form with sensitivity levels and a mapping of security mechanisms to the sensitivity levels is made. Through threat modeling, we identify potential threats and possible mitigations. We demonstrate the feasibility of our approach by prototyping the proposed model into the Open Data Kit tool suite. Tests show that the security mitigations specified during form design are executed once the secure form is loaded on the mobile device during data collection. Our ultimate aim is to facilitate the addition of security requirements into the data collection processes right from the start of the design process.

show abstract