Cyber Security Issues in Assisted Living - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Cyber Security Issues in Assisted Living

Description:

Integrating the systems of many vendors is challenging but can ... Camera phones and 2D barcodes. Illinois. Security Lab. 9. Functionalities. Reliability ... – PowerPoint PPT presentation

Number of Views:71
Avg rating:3.0/5.0
Slides: 13
Provided by: jodiep7
Category:

less

Transcript and Presenter's Notes

Title: Cyber Security Issues in Assisted Living


1
Cyber Security Issues in Assisted Living
  • Carl A. Gunter
  • University of Illinois

2
Issues
  • Reliability
  • System failures frustrate users and jeopardize
    outcomes.
  • Usability
  • Complicated tasks will be avoided by users and
    risk errors.
  • Interoperability
  • Integrating the systems of many vendors is
    challenging but can provides richer services at
    lower cost.
  • Security
  • Privacy and access rights of stakeholders must be
    respected.
  • Regulatory (HIPPA) requirements must be satisfied.

3
Architecture
  • Drop-Box architecture
  • Medical Devices
  • Monitoring Service
  • Clinician Service
  • Home-Network Protection
  • USB token-based approach
  • Web service-based approach
  • Web service standards SOAP, WS-Security,
    WS-Reliability
  • Security
  • (End-to-End Confidentiality
  • and Integrity)
  • Reliability
  • Security
  • (Availability)
  • Usability
  • Interoperability

4
Drop-Box Architecture

Monitoring Service
Clinician
Medical Device
Store Forward
Enc Health status
Enc Reminder
Open specifications enable the monitoring service
and multiple clinicians to interoperate with
devices from many vendors.
5
Security
  • WS-Security
  • OASIS Standard v 1.0 (2004) provides end-to-end
    message level security.
  • It is possible to encrypt an element of a message.

SOAP Envelope
SOAP Envelope
  • Double Encryption of SOAP Messages
  • Step 1 Encrypt medical information using an
    end-to-end key (patient-doctor key)
  • Step 2 Encrypt the whole message using a
    transmission key (patient-monitoring server key)

SOAP Body
SOAP Element Routing Information
SOAP Element Medical Information
SOAP Element Medical Information
6
Reliability
  • WS-Reliability
  • OASIS Standard V1.1 (2004)

7
Home-Network Protection
  • Home-network resources should be protected
  • Availability access control to home network
    router
  • Confidentiality, Integrity
  • WPA (WiFi Protected Access 2) - Personal
  • WPA-Personal (or WPA-PSK) does not require an
    authentication server (c.f., WPA-Enterprise)
  • All major operating systems (Windows, Linux, Mac)
    and Wireless AP products support WPA-Personal

8
Tools for Secret Sharing
  • Possible devices to create a location-limited
    channels
  • USB storage tokens
  • Infrared channels
  • Audio channels
  • Camera phones and 2D barcodes

9
Functionalities
Home Network Protection Usability
Reliability
End-to-End Secure Communication
Interoperability
10
Architecture
  • Drop Box and AMY (Auth. Manager for You)

From Alice To Dr. Brown BloodSugarRate 135
From Alice To Dr. Brown

From Alice To Dr. Brown BloodSugarRate 135
11
Testbed
Implementation H/W - One Linux Server / Two
Windows Clients - Digital Pulse Oximeter
(Bluetooth-enabled) S/W - Java 2 SE 5.0 -
Apache AXIS (SOAP) - Apache WSS4J
(WS-Security) - Apache Sandesha
(WS-Reliability) Network - LAN, WPA
12
Test Bed
Implementation Environment
  • - Java 2 SE 5.0
  • Apache AXIS (SOAP)
  • Apache WSS4J
  • (WS-Security)
  • Apache Sandesha
  • (WS-Reliability)
  • - Linux Server, Windows Clients
  • - WPA Wireless Network Environment of Siebel
    Center

Windows (Notebook)
Desktop (Linux)
Windows (Notebook)
13
Conclusions
  • Security considerations will be a significant
    barrier to many applications of assisted living.
  • The drop box architecture provides a flexible
    approach to a significant range of applications.
  • Many extensions of our basic framework are
    possible, but some applications may require a
    different approach.
Write a Comment
User Comments (0)
About PowerShow.com