Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Ramon Martí, DMAG, Universitat Pompeu Fabra 1 BAN Security Services MobiHealth Plenary Session Santorini 2003/05/26-27.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "© Ramon Martí, DMAG, Universitat Pompeu Fabra 1 BAN Security Services MobiHealth Plenary Session Santorini 2003/05/26-27."— Presentation transcript:

1 © Ramon Martí, DMAG, Universitat Pompeu Fabra 1 BAN Security Services MobiHealth Plenary Session Santorini 2003/05/26-27

2 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 2 MobiHealth Security MobiHealth security architecture End-user security

3 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 3 MobiHealth architecture

4 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 4 MH security architecture proposal

5 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 5 MobiHealth security architecture

6 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 6 MobiHealth Security MobiHealth security architecture End-user security

7 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 7 Security requirements addressed by the MobiHealth Security Architecture Confidentiality  BAN devices (sensors/actuators) MBU confidentiality  Provided by Bluetooth/(ZigBee)  Not foreseen for wired sensors  BAN external confidentiality  Confidentiality provided by SSL/TLS (e.g. HTTPS)  Back End System (Server) external confidentiality  Confidentiality provided by SSL/TLS (e.g. HTTPS)  External traffic characteristics confidentiality  Not foreseen  Can be provided partially by the SSL/TLS protocol

8 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 8 Security requirements addressed by the MobiHealth Security Architecture Authentication  Sensor authentication to BAN  Provided by Bluetooth/(ZigBee)  Not foreseen for wired sensors  BAN authentication  MBU authentication to SH through user/password  MBU authentication to WSB through HTTP user/password proxy authentication  Back End System (Server) authentication to BAN  HTTPS (SSL/TLS) through a server certificate  Back End System (Server) authentication to End-User Application  HTTPS (SSL/TLS) through a server certificate  End-User Application authentication to Back End System  HTTP User/Password

9 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 9 Security requirements addressed by the MobiHealth Security Architecture Data storage  Permanent local storage of sensor data  Secure storage in BANData Repository  Not foreseen in BAN, GPRS/UMTS Operator, etc. if not required  Temporary local storage of sensor data  Allowed secure temporary storage for buffering, out-of-coverage recovery, etc.  Keep log of sensor data  Not foreseen  To be provided by the BAN OS / Back-End System if required  Keep log of BAN external transmissions  Not foreseen  To be provided by the SSL/TLS communications module if required

10 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 10 Security requirements addressed by the MobiHealth Security Architecture Anonymity  Patients anonymity  No use of patients identification but BAN identification  Patients identification could be sent encrypted  Identifiers could be used for patients identification Time stamping  Time stamping  Not foreseen  Timestamps should be included in packets if required

11 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 11 MobiHealth PKI Server

12 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 12 MobiHealth PKI Server https://hayek.upf.es/pub/MobiHealth X.509 certificates creation Restricted access:  User/Password access  Hospital technical personnel/manager in charge of MBU setup and personalisation

13 © Ramon Martí, DMAG, Universitat Pompeu Fabra Page 13 UPF Next Steps Finishing & Delivering Deliverable 2.5 Finishing Integration and Testing of MBU with HTTP Connect + HTTP Proxy authentication + HTTPS connection Standardisation activities Collaboration to Barcelona Trial W-LAN tests BAN security integration Data Simulation Safety/Availability study

Download ppt "© Ramon Martí, DMAG, Universitat Pompeu Fabra 1 BAN Security Services MobiHealth Plenary Session Santorini 2003/05/26-27."

Similar presentations

Telefónica Móviles España WP3 meeting 2.5 - 3G Communication Infrastructure.

Telefónica Móviles España WP3 meeting G Communication Infrastructure.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
TF Mobility Group 22nd September 20031 A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.

TF Mobility Group 22nd September A comparison of each national solution was made against Del C – “requirements”, the following solutions were assessed.
Doc.: IEEE 802.11-04/0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.

PKI 2: Protezione del traffico Web tramite SSL Fabrizio Grossi.
CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 16 Jonathan Katz.
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Internet Information Server 6.0. Overview  What’s New in IIS 6.0?  Built-in Accounts and IIS 6.0  IIS Pass-Through Authentication  Securing Web Traffic.

Internet Information Server 6.0. Overview  What’s New in IIS 6.0?  Built-in Accounts and IIS 6.0  IIS Pass-Through Authentication  Securing Web Traffic.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Telefónica Móviles España WP3 meeting 2.5 - 3G Communication Infrastructure Madrid, November 12 & 13, 2002.

Telefónica Móviles España WP3 meeting G Communication Infrastructure Madrid, November 12 & 13, 2002.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Cosmos Security Feature Overview Product Planning Group Samsung IT Solutions Business 12 July 2010.

Cosmos Security Feature Overview Product Planning Group Samsung IT Solutions Business 12 July 2010.
What makes web pages look like web pages 1-19-2012 LS 560 Spring 2012, section 901.

What makes web pages look like web pages LS 560 Spring 2012, section 901.

Similar presentations

Ads by Google