IOT in Healthcare: Remote Health Monitoring System Presented by: Isha Gupta Group Member: Vertika Upadhyay
Remote Mobile Health Monitoring System User – friendly Easy information sharing between patients and doctors Real – time response for abnormal situation As we know that technology is expanding and Internet is marking its presence in every field. In Healthcare IOT comes in the form of Remote mobile health monitoring systems. So unlike the traditional way where the patient visits the doctor, gets the paper test results and consults the doctor, RMHMS helps the patient avoid that These are small devices that the patient can carry. 2. Heart rate 3. Heart attack – notify The proposed RMHM system provides two working modes: (1) Normal status monitoring - The information and data from patients will be recorded in a smart phone, which can display the curves. For this mode, the information will be sent to a remote server either when a Wi-Fi network is available, or when the doctor sends a request. (2) Emergent response - If there are abnormal phenomena, the smart phone will send out an alarm message and will turn into emergency mode. The status and information will then be continuously updated with real-time positioning.
System Architecture
Portable Terminal Small, efficient, lightweight, battery operated devices Captures physiologic signals Data transmission Storage capabilities Detects abnormal activities Connected to 2-tier by Wireless Sensor Networks Portable terminal is the bottom most tier and it is worn by the patients. ergonomic, small, and lightweight, with powerful battery support and should not hinder in daily activity. The sensor has both data transmission and storage capabilities. It captures comprehensive physiological data such as ECG, heart rate, respiration rate, temperature and activity level. If abnormal signal is detected when the patient is moving, system alarms to avoid unexpected situation. The portable terminal communicates with a designated smart phone via Bluetooth protocol at a data transmission rate of 1 Mb/s. Since its wireless signal is very strong, the data sampling can be implemented even during aggravating activities and harsh environments.
Visualization Terminal Smart Phone / Laptop / Computer / Tablet Convenient for users to observe their own status. Display data acquired by the portable terminal Detect person’s location incase of emergency through GPS (if available) A smart phone is adopted as the hardware platform for the visualization terminal. This makes it convenient for users to observe their own status. Physiologic data acquired by the portable terminal can be displayed here. This layer can also issue voice alarm or vibration if required. If GPS is enabled on the device then it can also detect person’s position or after connecting to web server it can be displayed on the website in case of emergency situation.
Remote Server Client/Server software: it mainly realizes data receiving. When the smart phone sends data to the server, PC software parses and stores the data into the database. Browser/Server software: as the core of PC program, it transfers the physiological data and position information from the database and displays them on the webpage. It consists of 2 parts: Client server and Browser server software network configuration and management functions. It can also implement the terminal registration, initialization and security customization Authorized doctors can use portable devices or computers to access the webpage via Internet, wherever available. Vital signs and position information of multiple patients can be viewed graphically. When specific values exceed their respective thresholds, the server can also give alarming messages.
Simple work flow. After verification and configuration by the interface program, data sent from the portable terminal will be processed for specific application. Verification function determines whether the data are sent from its only matched terminal. Configuration function can carry out time synchronization to ensure real-time performance and data effectiveness.
Current Healthcare Projects CodeBlue - Harvard Sensor Network Lab Alarm-Net - University of Virginia UbiMon (Ubiquitous monitoring environment for wearable and implantable sensors) MobiCare PAM (Personal Ambient Monitoring) MEDiSN - Johns Hopkins University
Security Threats Monitoring and Eavesdropping Threats to Information When in Transit Routing Threats Masquerade and Replay Threats Location Threats Activity Tracking Threats Denial-of-Service (DOS) Threats Most common threat By patient vital sign snooping, an adversary can easily discover the patient information Msg modification - if an attacker able to modify the patient data during the communication and send the modified data to medical staff, it may cause an overdose of medicine being administered to the patient.
Security Threats Monitoring and Eavesdropping Threats to Information When in Transit Routing Threats Selective Forwarding Sinkhole Threat Sybil Attack Mostly on Architectures with multi-hop environment a. Selective Forwarding Does not forward all the info between the node. For ex. Allergy info, b. Sinkhole Threat Attack one of the nodes and replace it with a malicious one c. Sybil Attack Sets up multiple fake identities and present itself in diff ways to diff neighboring nodes. Masquerade and Replay Threats Location Threats Activity Tracking Threats Denial-of-Service (DOS) Threats
Security Threats Monitoring and Eavesdropping Threats to Information When in Transit Routing Threats Masquerade and Replay Threats Location Threats Activity Tracking Threats Denial-of-Service (DOS) Threats 4. In general wireless rely nodes are unguarded, so it may happen that a rogue rely node can provide unrestricted access to an attacker who can then cause a masquerade DOS attacks. Broadcast false alarms. Use patients old info and pose replay threads putting patient’s life in danger 5. Hack into the location tracking sys of the device and cause problems during emergencies when the patient needs to be visited immediately 6. Attack the device and track the user’s activities. Eg. For an athlete, it can modify an athletes health data and bring the athlete under suspicion in doping test
Security Threats Denial-of-Service (DOS) Threats 2. Simultaneously transmit packets leading to collision Exhaust the network activity Disrupt the priority setting of the network layer 4. Flooding attacks generally are used to drain the memory resources by sending the control signals. In de-synchronized attack, attacker may disturbs the established link between two legitimate two ends nodes (i.e., body sensor and base station) by re-synchronizing their transmission.
Regulations and Laws Privacy laws by National Committee for Vital and Health Statistics (NCVHS) American Health Insurance Portability and Accountability Act of 1996 (HIPAA) Health Information Technology for Economic and Clinical Health Act (HITECH) HIPAA regulates many different rules to be followed by doctors, hospitals, healthcare organization and other health related professionals. The HITECH Act includes provisions to enlarge the use of information technology (IT) to store, capture, transmit, properly share and use health data
Existing Security Mechanism Cryptography Key Management Secure Routing Resilience to Node Capture Secure Localization Trust Management Robustness to Communication DOS
Existing Security Mechanism Cryptography Asymmetric cryptography Symmetric cryptography Key Management Secure Routing Resilience to Node Capture Secure Localization Trust Management Robustness to Communication DOS Cryptography Strong cryptographic functions (i.e., encryption, authentication, integrity, etc.) are paramount requirements for developing any secure healthcare application. Asymmetric crypto systems are often too expensive for medical sensors and symmetric crypto systems are not versatile enough Imp factors that need to be considered Energy: how much energy is needed to perform the crypto functions. Memory: how much memory (i.e., read only memory and random access memory) is needed for security mechanisms. Execution-time: how much time is required to execute the security mechanisms. Key Mngt Protocols to set up and distribute keys across networks. Trusted Server A single point trusted server to distribute keys down a hierarchical network Single point failed or attacked, sys down Key Pre-distribution Symmetric key distribution. Secret key shared amongst network nodes. Easy to implement, and offer relatively less computational complexity Suitable for resource constrained sensor networks Self-enforcing Uses Public Key infrastructure. advantages, such as, strong security, scalability, and memory efficiency Most common public key solutions like RSA and Diffie-Hellman -> Computationally expensive for WSN. Preferred is Elliptic Curve crypto Secure Routing Many protocols have been proposed to secure the routing networks but each have their vulnerabilities. Imp to prevent DOS, issues with Mobility of the device Resilience Most common Medical sensors are placed on a patient’s body, whereas, the environmental sensors are placed on hospital premises. an attacker might be able to capture a sensor node, get its cryptographic information and alter the sensor programming accordingly. Later, he/she can place the compromised node into the network. One possible solution to prevent this attack is to use tamper resistant hardware; however, tamper resistant hardware is not a cost effective solution. Location Sensors need to know the location of the device. Trust Trust between the data shred between two nodes. DOS Broadcast a high energy signal – completing jamming with entire network Or Delay the communication. Most of the DOS countermeasures are suitable for static WSN, still need to investigate for mobile WSN.
Existing Security Mechanism Cryptography Key Management Trusted Server Key Pre-distribution Self - Enforcing Key Mngt Protocols to set up and distribute keys across networks. Trusted Server A single point trusted server to distribute keys down a hierarchical network Single point failed or attacked, sys down Key Pre-distribution Symmetric key distribution. Secret key shared amongst network nodes. Easy to implement, and offer relatively less computational complexity Suitable for resource constrained sensor networks Self-enforcing Uses Public Key infrastructure. advantages, such as, strong security, scalability, and memory efficiency Most common public key solutions like RSA and Diffie-Hellman -> Computationally expensive for WSN. Preferred is Elliptic Curve crypto Secure Routing Resilience to Node Capture Secure Localization Trust Management Robustness to Communication DOS
Existing Security Mechanism Cryptography Key Management Secure Routing Resilience to Node Capture Secure Localization Trust Management Robustness to Communication DOS Secure Routing Many protocols have been proposed to secure the routing networks but each have their vulnerabilities. Imp to prevent DOS, issues with Mobility of the device Resilience Most common Medical sensors are placed on a patient’s body, whereas, the environmental sensors are placed on hospital premises. an attacker might be able to capture a sensor node, get its cryptographic information and alter the sensor programming accordingly. Later, he/she can place the compromised node into the network. One possible solution to prevent this attack is to use tamper resistant hardware; however, tamper resistant hardware is not a cost effective solution. Location Sensors need to know the location of the device. Trust Trust between the data shred between two nodes. DOS Broadcast a high energy signal – completing jamming with entire network Or Delay the communication. Most of the DOS countermeasures are suitable for static WSN, still need to investigate for mobile WSN.
Security Issues Public Key Cryptography Symmetric Key Cryptography Secure Routing Security and Quality-of-Service 1. public key operation may be practical in medical sensors. But private key operations are still too expensive in term of time complexity 2. efficient and flexible key distribution protocols need to be designed for healthcare application using WMSNs 3. susceptible to routing loop attacks, grey-hole attacks, and Sybil attacks like in CodeBlue
Security Issues Public Key Cryptography Symmetric Key Cryptography Public key authentication required Expensive Private key operations Symmetric Key Cryptography Secure Routing Security and Quality-of-Service 1. public key operation may be practical in medical sensors. But private key operations are still too expensive in term of time complexity
Security Issues Public Key Cryptography Symmetric Key Cryptography Not perfect for Key distribution Secure Routing Security and Quality-of-Service 2. efficient and flexible key distribution protocols need to be designed for healthcare application using WMSNs
Security Issues Public Key Cryptography Symmetric Key Cryptography Secure Routing Routing loop attacks Grey-hole/Sinkhole attacks Sybil attacks 3. susceptible to routing loop attacks, grey-hole attacks, and Sybil attacks like in CodeBlue Security and Quality-of-Service
Security Issues Public Key Cryptography Symmetric Key Cryptography Secure Routing Security and Quality-of-Service 1. public key operation may be practical in medical sensors. But private key operations are still too expensive in term of time complexity 2. efficient and flexible key distribution protocols need to be designed for healthcare application using WMSNs 3. susceptible to routing loop attacks, grey-hole attacks, and Sybil attacks like in CodeBlue
Conclusion Need of a well-planned security mechanism Implement a secure healthcare monitoring system using medical sensors Many security and privacy issues still need to be explored 1. a well-planned security mechanism must be designed for the successful deployment of such a wireless application. 2. if a technology is safe, then people will trust it. Otherwise, its use will not be practical, and could even endanger the patient’s life 3. many security and privacy issues in healthcare applications using wireless medical sensor networks still need to be explored
References Remote Mobile Health Monitoring System Based on Smart Phone and Browser/Server Structure - Yunzhou Zhang, Huiyu Liu, Xiaolin Su, Pei Jiang, and Dongfei Wei (2015) Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey - Pardeep Kumar and Hoon-Jae Lee (2011)