Internet of Things (IoT) Based Healthcare Systems: Privacy and Security Dr. Saman Mirza Abdullah Software Engineering, Koya University Ishik University, Computer Engineering saman.mirza@koyauniversity.org saman.mirza@ishik.edu.iq

Outline A background on IoT Security in IoT; Standards and Technologies. Requirements of IoT Security Challenges facing IoT security 11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Things (IoT) Definition The Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. 11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Things (IoT) Background Devices communication through Internet or other types of networks. Machine to machine communication, which means that machines (objects) that can work autonomously, without any connectivity. Internet of Objects (IoO) here refers to inert and passive objects that do not generate any data by themselves. 11/12/2018 Internet of Things (IoT): Requirements and Challenges

Key Characteristics of IoT Typically IoTs are embedded computing devices that exhibit the following qualities: Unique identity. Ability to wirelessly communicate. Ability to sense. Ability to be controlled remotely. Data collection and analysis. Leverage mobility, cloud, and big data 11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Things (IoT) Statistical Figures on IoT Projects-2018 11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Things (IoT) Statistical Figures on IoT Projects-2018 11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Things (IoT) Type of Projects Smart City. Connected Industry. Connected Buildings. Connected Cars. Smart Energy. Healthcare systems. Smart Supply chain. Smart Agriculture. Smart Retail. Others. Projects related to the ambient 11/12/2018 IoT based Healthcare systems: Security and Privacy

11/12/2018 IoT based Healthcare systems: Security and Privacy

11/12/2018 IoT based Healthcare systems: Security and Privacy

11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Health Things (IoHT) Sensors Basically, an IoT-based healthcare can collected the following information through biomedical sensors and wearable devices. Electrocardiography (ECG). Heart rate. Electroencephalogram (EEG) Diabetes. Oxygen rate in blood Airflow (breathing). Body temperature Glucometer, Blood pressure Patient position Electromyography (EMG) 11/12/2018 IoT based Healthcare systems: Security and Privacy

Internet of Health Things (IoHT) Framework The data input from patients can be collected through sensors and processed by applications developed for a user terminal Such as computers, smart phones, smart watches or, even, a specific embedded device. The user terminal is connected to a gateway through short coverage communication protocols, Bluetooth low energy (BLE), Bluetooth, or 6LoWPAN (IPv6 over Low Power Wireless Personal Area Networks). This gateway connects to a (clinical) server or cloud services for data processing and storage. In the other hand, patients’ data can be stored in a health information system using electronic health records and, when the patient visits a medical doctor, he/she can easily access the clinic history of the patient. 11/12/2018 IoT based Healthcare systems: Security and Privacy

Legislation 11/12/2018 IoT based Healthcare systems: Security and Privacy

IoHT Challenges Security and Privacy The core requirement for securing IoT based health care are: Authentication ; is user identification Authorization; Access controlling. Securing the communication channels. (Conventional cryptographic techniques) 11/12/2018 IoT based Healthcare systems: Security and Privacy

IoHT Challenges Security and Privacy The first challenge is managing credentials and controlling access to applications and patient’s confidential information. Hospitals need to open their devices to receive responses from patients. When a communication done within unsecure Wi-Fi, the man in the middle attack my happen. Strong authentication (digitally information / bio-information) 11/12/2018 IoT based Healthcare systems: Security and Privacy

IoHT Challenges Security and Privacy Many IoT Applications are vulnerable to code injection attacks which permit the attacker to take full control of the program and memory vulnerabilities. To take place: Targeted program must has memory corruption. (changing memory place) There must be a writable and executable region of memory. Way to redirect the processor to execute the injected code. Example is Buffer over flow. This issue is related to the Software Security. 11/12/2018 IoT based Healthcare systems: Security and Privacy

IoHT Challenges Security and Privacy Implementing and deploying cryptographic protocols in IoT health cloud correctly IoT in Healthcare systems should be very fast and transfer should be done at real-time for urgent cases. IoT Systems should be able to achieve a concurrent user authentication. Cryptography computation need more power. 11/12/2018 IoT based Healthcare systems: Security and Privacy

IoHT Challenges Security and Privacy Data privacy is very crucial in the context of IoT-based health cloud. Healthcare cloud applications are designed and developed based on acquiring data from IoT devices. Confidential information is collected from devices, aggregated through smartphones and tablets and uploaded to the cloud, or transmitted to tablets or smartphones from the cloud. These patient information could also be transferred to third parties. 11/12/2018 IoT based Healthcare systems: Security and Privacy

11/12/2018 IoT based Healthcare systems: Security and Privacy

Thanks Dr. Saman Mirza Abdullah Software Engineering, Koya University saman.mirza@koyauniversity.org