Towards Design and Development of a Data Security and Privacy Risk Management Framework for WBAN Based Healthcare Applications

Paul, Pangkaj Chandra; Loane, John; McCaffery, Fergal; Regan, Gilbert

doi:10.3390/asi4040076

Cited by 7 publications

(7 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Inadequate software security practices can leave WBAN devices vulnerable to exploitation [62]. Outdated firmware, lack of software updates, and unpatched vulnerabilities can be exploited by attackers [63].…”

Section: Insufficient Software Securitymentioning

confidence: 99%

Current security and privacy posture in wireless body area networks

Auko¹

2023

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

Wireless Body Area Networks (WBANs) have emerged as a promising technology for remote health monitoring and healthcare applications. However, ensuring the security and privacy of sensitive health data in WBANs is crucial to foster user trust and prevent unauthorized access or data breaches. This paper provides an overview of the key challenges, techniques, and research gaps in WBAN security and privacy. The findings indicate that the challenges in WBAN security and privacy include resource constraints, compatibility issues, privacy concerns, dynamic network environments, security and usability trade-offs, emerging threat landscape, and user awareness and education. To address these challenges, various security techniques have been developed, such as authentication and authorization mechanisms, encryption, access control, secure communication protocols, intrusion detection systems, and privacy-preserving data handling techniques. Despite the progress made, there are research gaps that require further investigation. These research gaps include the development of secure and lightweight authentication mechanisms, privacy-preserving data analysis techniques, trust and security management frameworks, resilience to insider threats, security of data aggregation and fusion, user-centric security designs, and addressing legal and ethical considerations. Addressing these research gaps and challenges requires collaboration between researchers, device manufacturers, policymakers, and end-users. Ongoing research and innovation are necessary to develop robust security techniques, privacy-enhancing technologies, and user-friendly solutions tailored for WBANs. Additionally, compliance with privacy regulations, user education, and awareness are critical for responsible and ethical use of WBANs.

show abstract

Section: Insufficient Software Securitymentioning

confidence: 99%

Current security and privacy posture in wireless body area networks

Auko¹

2023

World J. Adv. Res. Rev.

View full text Add to dashboard Cite

show abstract

“…According to the study analysis, each of the three main assets has multiple types. HIoT can be wearables [ 90 , 91 ], mHealth [ 92 ], WBAN [ 93 ] or Medical IoT/miniaturized wireless biomedical devices (MWBDs) [ 45 ]. IdM can be conventional, centralized, federated, user-centric, and decentralized [ 94 ].…”

Section: Taxonomymentioning

confidence: 99%

“…These studies can be classified into security risk studies that propose security risk management frameworks, or studies that conducted a risk assessment, risk analysis, threat modelling, security risk evaluation, and security risk penetration in the three main assets (HIoT, IdM, and BC). HIoT studies either studied HIoT/MIoT generally or focused on one of the HIoT branches, such as wearables [ 90 , 91 ], WBAN [ 93 ], mHealth [ 92 ], or miniaturized wireless biomedical devices (MWBDs) [ 45 ].…”

Section: Risk Management Frameworkmentioning

confidence: 99%

“…To apply the proposed security risk management framework on HIoT BC-IdM systems, it is recommended to form a technical team consisting of members from the healthcare setting, HIoT users, SP members, BC experts, IdM experts, and security risk assessment experts, such as data protection officers (DPO). The team members should work together throughout the testing process of the system, as recommended by [ 93 ]. They should ensure the security and privacy of HIoT users’ data and identity, as well as HIoT user safety, which might be at risk because of HIoT security breaches [ 46 ].…”

Section: Risk Management Frameworkmentioning

confidence: 99%

“… [S31] Security Requirements of Internet of Things-Based Healthcare System: a Survey Study [ 102 ] Review study showing cybersecurity and cyber resiliency requirements. [S32] Towards Design and Development of a Data Security and Privacy Risk Management Framework for WBAN Based Healthcare Applications [ 93 ] Security and privacy risk management framework for WBAN based on AAMI TIR57:2016 (Beta version after validation). …”

Section: Table A1mentioning

confidence: 99%

See 2 more Smart Citations

Cybersecurity Risk Management Framework for Blockchain Identity Management Systems in Health IoT

Alamri

Crowley

Richardson

2022

Sensors

View full text Add to dashboard Cite

Blockchain (BC) has recently paved the way for developing Decentralized Identity Management (IdM) systems for different information systems. Researchers widely use it to develop decentralized IdM systems for the Health Internet of Things (HIoT). HIoT is considered a vulnerable system that produces and processes sensitive data. BC-based IdM systems have the potential to be more secure and privacy-aware than centralized IdM systems. However, many studies have shown potential security risks to using BC. A Systematic Literature Review (SLR) conducted by the authors on BC-based IdM systems in HIoT systems showed a lack of comprehensive security and risk management frameworks for BC-based IdM systems in HIoT. Conducting a further SLR focusing on risk management and supplemented by Grey Literature (GL), in this paper, a security taxonomy, security framework, and cybersecurity risk management framework for the HIoT BC-IdM systems are identified and proposed. The cybersecurity risk management framework will significantly assist developers, researchers, and organizations in developing a secure BC-based IdM to ensure HIoT users’ data privacy and security.

show abstract