G. Nagarajan,Martin Margala,Siva Shankar S,Prasun Chakrabarti,RI Minu

DOI: https://doi.org/10.1016/j.compeleceng.2024.109129

IF: 4.152

2024-02-23

Computers & Electrical Engineering

Abstract:The Internet of Medical Things (IoMT) promises transformative benefits for patient care and remote monitoring but raises significant security and privacy concerns. Ensuring the trustworthiness and security of IoMT systems at the edge is a critical challenge. This research paper presents a novel framework to address the security and trust issues specific to IoMT environments. The primary objective of this framework is to establish a robust defense against intrusion attempts and to instill trust in edge networks, securing healthcare data and medical devices. To achieve this, the paper introduces an advanced Intrusion Detection System (IDS) optimized for edge networks in the context of IoMT. This paper emphasizes developing an evaluation methodology for appraising the trustworthiness of individual network components, developing an analytical technique for scrutinizing the participation of network entities in ongoing communications, establishing a means to quantify the trust level at the network's periphery or edge, and constructing an energy-efficient trust-based framework for the identification and mitigation of malicious entities operating within the IoMT. Through comprehensive testing, including real-world simulation scenarios, the paper evaluates the performance and effectiveness of the proposed framework, validating its ability to safeguard sensitive healthcare information and support the secure operation of IoMT devices.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Mohammad Ali Alipour,Saeid Ghasemshirazi,Ghazaleh Shirvani

DOI: https://doi.org/10.48550/arXiv.2210.01739

2022-10-21

Abstract:One of the most promising applications of the IoT is the Smart Grid (SG). Integrating SG's data communications network into the power grid allows gathering and analyzing information from power lines, distribution power stations, and end users. A smart grid (SG) requires a prompt and dependable connection to provide real-time monitoring through the IoT. Hence 5G could be considered a catalyst for upgrading the existing power grid systems. Nonetheless, the additional attack surface of information infrastructure has been brought about by the widespread adoption of ubiquitous connectivity in 5G, to which the typical information security system in the smart grid cannot respond promptly. Therefore, guaranteeing the Privacy and Security of a network in a threatening, ever-changing environment requires groundbreaking architectures that go well beyond the limitations of traditional, static security measures. With "Continuous Identity Authentication and Dynamic Access Control" as its foundation, this article analyzes the Zero Trust (ZT) architecture specific to the power system of IoT and uses that knowledge to develop a security protection architecture.

Cryptography and Security,Computers and Society,Networking and Internet Architecture

Han Zhang,Qian Wang,Xiaoli Zhang,Yi He,Bo Tang,Qi Li

DOI: https://doi.org/10.1109/mcom.001.2300390

IF: 9.03

2024-01-01

IEEE Communications Magazine

Abstract:Internet of things (IoT) networks allow cross-device interactions to achieve various intelligent applications, for example, smart homes and smart commercial spaces. However, cross-device interactions are often protected by inadequate authorization mechanisms, making them susceptible to various attacks, including connection-based attacks, application impersonation attacks, and so on. In this article, we propose a zero-trust IoT network architecture, OUTSIDE, designed to provide fine-grained authorization for IoT applications. It achieves the application-level authorization at the network layer by encoding the capability information of applications into verifiable tokens. Meanwhile, it enables a zero-trust service for per-packet verification, ensuring that every packet is sent by an authorized application with proper access privileges. Particularly, our architecture is versatile and compatible with various IoT protocols. We prototype and deploy OUTSIDE in Raspberry Pis and ESP32 microcontrollers running over the constrained application protocol (CoAP). The experimental results show that our architecture incurs negligible performance degradation.

Ali Ghubaish,Tara Salman,Maede Zolanvari,Devrim Unal,Abdulla Al-Ali,Raj Jain

DOI: https://doi.org/10.1109/JIOT.2020.3045653

2023-02-09

Abstract:The rapid evolutions in micro-computing, mini-hardware manufacturing, and machine to machine (M2M) communications have enabled novel Internet of Things (IoT) solutions to reshape many networking applications. Healthcare systems are among these applications that have been revolutionized with IoT, introducing an IoT branch known as the Internet of Medical Things (IoMT) systems. IoMT systems allow remote monitoring of patients with chronic diseases. Thus, it can provide timely patients' diagnostic that can save their life in case of emergencies. However, security in these critical systems is a major challenge facing their wide utilization. In this paper, we present state-of-the-art techniques to secure IoMT systems' data during collection, transmission, and storage. We comprehensively overview IoMT systems' potential attacks, including physical and network attacks. Our findings reveal that most security techniques do not consider various types of attacks. Hence, we propose a security framework that combines several security techniques. The framework covers IoMT security requirements and can mitigate most of its known attacks.

Cryptography and Security

Saeid Ghasemshirazi,Ghazaleh Shirvani,Mohammad Ali Alipour

DOI: https://doi.org/10.48550/arXiv.2309.03582

2023-09-07

Cryptography and Security

Abstract:The escalating complexity of cybersecurity threats necessitates innovative approaches to safeguard digital assets and sensitive information. The Zero Trust paradigm offers a transformative solution by challenging conventional security models and emphasizing continuous verification and least privilege access. This survey comprehensively explores the theoretical foundations, practical implementations, applications, challenges, and future trends of Zero Trust. Through meticulous analysis, we highlight the relevance of Zero Trust in securing cloud environments, facilitating remote work, and protecting the Internet of Things (IoT) ecosystem. While cultural barriers and technical complexities present challenges, their mitigation unlocks Zero Trust's potential. Integrating Zero Trust with emerging technologies like AI and machine learning augments its efficacy, promising a dynamic and responsive security landscape. Embracing Zero Trust empowers organizations to navigate the ever-evolving cybersecurity realm with resilience and adaptability, redefining trust in the digital age.

Suleyman Uslu,Davinder Kaur,Mimoza Durresi,Arjan Durresi

DOI: https://doi.org/10.3390/s22249905

IF: 3.9

2022-12-16

Sensors

Abstract:Billions of Internet of Things (IoT) devices and sensors are expected to be supported by fifth-generation (5G) wireless cellular networks. This highly connected structure is predicted to attract different and unseen types of attacks on devices, sensors, and networks that require advanced mitigation strategies and the active monitoring of the system components. Therefore, a paradigm shift is needed, from traditional prevention and detection approaches toward resilience. This study proposes a trust-based defense framework to ensure resilient IoT services on 5G multi-access edge computing (MEC) systems. This defense framework is based on the trustability metric, which is an extension of the concept of reliability and measures how much a system can be trusted to keep a given level of performance under a specific successful attack vector. Furthermore, trustability is used as a trade-off with system cost to measure the net utility of the system. Systems using multiple sensors with different levels of redundancy were tested, and the framework was shown to measure the trustability of the entire system. Furthermore, different types of attacks were simulated on an edge cloud with multiple nodes, and the trustability was compared to the capabilities of dynamic node addition for the redundancy and removal of untrusted nodes. Finally, the defense framework measured the net utility of the service, comparing the two types of edge clouds with and without the node deactivation capability. Overall, the proposed defense framework based on trustability ensures a satisfactory level of resilience for IoT on 5G MEC systems, which serves as a trade-off with an accepted cost of redundant resources under various attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Fabio Federici,Davide Martintoni,Valerio Senni

DOI: https://doi.org/10.3390/electronics12030566

IF: 2.9

2023-01-22

Electronics

Abstract:This paper considers the domain of Industrial Internet of Things (IIoT) infrastructures and the recurring need for collaboration across teams and stakeholders by means of remote access. The paper describes a secure solution beyond the traditional perimeter-based security approach, which consists of an architecture that supports multi-level authorization to achieve fine-grained access control, better scalability, and maintainability. An implementation of the proposed solution, using open-source technologies, is also discussed and covers the protection of both the network and edge domains of a complex IIoT infrastructure. Finally, the paper presents a risk-driven and model-based process that is designed to support the migration of existing infrastructures to the solution architecture. The approach is validated, taking as a reference two relevant scenarios for the aerospace industry.

engineering, electrical & electronic,computer science, information systems,physics, applied

Maria Papaioannou,Marina Karageorgou,Georgios Mantas,Victor Sucasas,Ismael Essop,Jonathan Rodriguez,Dimitrios Lymberopoulos

DOI: https://doi.org/10.1002/ett.4049

IF: 3.6

2020-07-23

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Internet of medical things (IoMT) is an emerging technology aiming to improve the patient's quality of life by enabling personalized e‐health services without limitations on time and location. Nevertheless, IoMT devices (eg, medical sensors) that constitute the key underlying elements of the IoMT edge network are vulnerable to various types of security threats and thus, they pose a significant risk to patient's privacy and safety. Based on that and the fact that the security is a critical factor for the successful integration of IoMT technology into pervasive healthcare systems, there is an urgent need for novel security mechanisms to preserve the security of the IoMT edge network. Toward this direction, the first step is the comprehensive understanding of existing and potential threats to the IoMT edge network environment. Thus, in this article, we provide a categorization of security threats to the edge network environment based on the major security objectives that they target. Moreover, we present a categorization of security countermeasures, derived from the literature, against threats to IoMT edge networks. The authors' intent is to provide a foundation for organizing research efforts toward the development of proper security countermeasures for protecting IoMT edge networks against internal and external threats.</p>

telecommunications

Raihan Ur Rasool,Hafiz Farooq Ahmad,Wajid Rafique,Adnan Qayyum,Junaid Qadir

DOI: https://doi.org/10.1016/j.jnca.2022.103332

IF: 7.574

2022-05-01

Journal of Network and Computer Applications

Abstract:Internet of Medical Things (IoMT) supports traditional healthcare systems by providing enhanced scalability, efficiency, reliability, and accuracy of healthcare services. It enables the development of smart hardware as well as software platforms that operate on the basis of communication systems and the algorithms that process the data collected by the sensors to support decision-making. Although IoMT is involved in large-scale services provisioning in the medical paradigm; however, the resource-constrained nature of these devices makes them vulnerable to immense security and privacy issues. These vulnerabilities are not only disastrous for IoMT but threaten the whole healthcare ecosystem, which can in turn bring human lives in danger. During the past few years, threat vectors against IoMT have been evolved in terms of scalability, complexity, and diversity, which makes it challenging to detect and provide stringent defense solutions against these attacks. In this paper, we classify security and privacy challenges against different IoMT variants based on their actual usage in the healthcare domain. We provide a comprehensive attack taxonomy on the overall IoMT infrastructure comprising different device variants as well as elaborate taxonomies of security protocols to mitigate attacks against different devices, algorithms and describe their strengths and weaknesses. We also outline the security and privacy requirements for the development of novel security solutions for all the attack types against IoMT. Finally, we provide a comprehensive list of current challenges and future research directions that must be considered while developing sustainable security solutions for the IoMT infrastructure.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Zhiqiang Wang,Xinyue Yu,Peiyang Xue,Yunhan Qu,Lei Ju

DOI: https://doi.org/10.3390/s23073774

2023-04-06

Abstract:With the rapid development of Internet of Things technology, cloud computing, and big data, the combination of medical systems and information technology has become increasingly close. However, the emergence of intelligent medical systems has brought a series of network security threats and hidden dangers, including data leakage and remote attacks, which can directly threaten patients' lives. To ensure the security of medical information systems and expand the application of zero trust in the medical field, we combined the medical system with the zero-trust security system to propose a zero-trust medical security system. In addition, in its dynamic access control module, based on the RBAC model and the calculation of user behavior risk value and trust, an access control model based on subject behavior evaluation under zero-trust conditions (ABEAC) was designed to improve the security of medical equipment and data. Finally, the feasibility of the system is verified through a simulation experiment.

Baozhan Chen,Siyuan Qiao,Jie Zhao,Dongqing Liu,Xiaobing Shi,Minzhao Lyu,Haotian Chen,Huimin Lu,Yunkai Zhai

DOI: https://doi.org/10.1109/jiot.2020.3041042

IF: 10.6

2021-07-01

IEEE Internet of Things Journal

Abstract:The key features of 5G network (i.e., high bandwidth, low latency, and high concurrency) along with the capability of supporting big data platforms with high mobility make it valuable in coping with emerging medical needs, such as COVID-19 and future healthcare challenges. However, enforcing the security aspect of a 5G-based smart healthcare system that hosts critical data and services is becoming more urgent and critical. Passive security mechanisms (e.g., data encryption and isolation) used in legacy medical platforms cannot provide sufficient protection for a healthcare system that is deployed in a distributed manner and fail to meet the need for data/service sharing across "cloud-edge-terminal" in the 5G era. In this article, we propose a security awareness and protection system that leverages zero-trust architecture for a 5G-based smart medical platform. Driven by the four key dimensions of 5G smart healthcare including "subject" (i.e., users, terminals, and applications), "object" (i.e., data, platforms, and services), "behavior," and "environment," our system constructs trustable dynamic access control models and achieves real-time network security situational awareness, continuous identity authentication, analysis of access behavior, and fine-grained access control. The proposed security system is implemented and tested thoroughly at industrial-grade, which proves that it satisfies the needs of active defense and end-to-end security enforcement of data, users, and services involved in a 5G-based smart medical system.

computer science, information systems,telecommunications,engineering, electrical & electronic

Rachida Hireche,Houssem Mansouri,Al-Sakib Khan Pathan

DOI: https://doi.org/10.3390/jcp2030033

2022-08-17

Journal of Cybersecurity and Privacy

Abstract:The Internet of Medical Things (IoMT) has become a strategic priority for future e-healthcare because of its ability to improve patient care and its scope of providing more reliable clinical data, increasing efficiency, and reducing costs. It is no wonder that many healthcare institutions nowadays like to harness the benefits offered by the IoMT. In fact, it is an infrastructure with connected medical devices, software applications, and care systems and services. However, the accelerated adoption of connected devices also has a serious side effect: it obscures the broader need to meet the requirements of standard security for modern converged environments (even beyond connected medical devices). Adding up different types and numbers of devices risks creating significant security vulnerabilities. In this paper, we have undertaken a study of various security techniques dedicated to this environment during recent years. This study enables us to classify these techniques and to characterize them in order to benefit from their positive aspects.

computer science, information systems, interdisciplinary applications, software engineering

Faisal Alsubaei,Abdullah Abuhussein,Vivek Shandilya,Sajjan Shiva

DOI: https://doi.org/10.1016/j.iot.2019.100123

IF: 5.711

2019-12-01

Internet of Things

Abstract:The emergence of the Internet of Medical Things (IoMT) has introduced a monumental change in facilitating the management of diseases, improving diseases diagnosis and treatment methods, and reducing healthcare cost and errors. This change has greatly impacted the quality of healthcare for both patients and all frontline healthcare workers. However, the IoMT is far from being immune to security and privacy breaches due to the wide variety IoMT vendors and products available on the market as well as the massive number of devices transmitting sensitive medical data wirelessly to the cloud. The lack of security awareness among healthcare users (e.g., patients, medical staff) aggravates the deficiencies and can facilitate attacks that jeopardize the patients’ lives. Therefore, ensuring the security and privacy of the IoMT becomes an urgent issue worthy of further investigation and resolution. Security cannot be planned for, managed, monitored, or controlled if it cannot be measured. However, security assessment poses problems for novice IoMT adopters when choosing security measures that are both sufficient and robust. Accordingly, we developed a web-based IoMT Security Assessment Framework (IoMT-SAF) based on a novel ontological scenario-based approach to recommend security features in IoMT and assess protection and deterrence in IoMT solutions. IoMT-SAF supports the selection of a solution that matches the stakeholder&#x27;s security objectives and supports the decision-making process. The novelty of IoMT-SAF lies in its granularity, extensibility, as well as its ability to adapt to new stakeholders, and conformance to technology and medical standards.

Maha Ali Allouzi,Javed I. Khan

DOI: https://doi.org/10.48550/arXiv.2104.11580

2021-04-23

Cryptography and Security

Abstract:In this work, we defined an attack vector for networks utilizing the Internet of Medical Things (IoMT) devices and compute the probability distribution of IoMT security threats based on Markov chain and Common Vulnerability Scoring System (CVSS). IoMT is an emerging technology that improves patients' quality of life by permitting personalized e-health services without restrictions on time and site. The IoMT consists of embedded objects, sensors, and actuators that transmit and receive medical data. These Medical devices are vulnerable to different types of security threats, and thus, they pose a significant risk to patient's privacy and safety. Because security is a critical factor for successfully merging IoMT into pervasive healthcare systems, there is an urgent need for new security mechanisms to prevent threats on the IoMT edge network. Toward this direction, the first step is defining an attack vector that an attacker or unauthorized user can take advantage of to penetrate and tamper with medical data. In this article, we specify a threat model for the IoMT edge network. We identify any vulnerabilities or weaknesses within the IoMT network that allow unauthorized privileges and threats that can utilize these weaknesses to compromise the IoMT edge network. Finally, we compute the probability distribution of IoMT threats based on the Markov transition probability matrix.

Mahmud Hasan

2024-10-24

Abstract:Zero Trust Architecture (ZTA) represents a transformative approach to modern cybersecurity, directly addressing the shortcomings of traditional perimeter-based security models. With the rise of cloud computing, remote work, and increasingly sophisticated cyber threats, perimeter defenses have proven ineffective at mitigating risks, particularly those involving insider threats and lateral movement within networks. ZTA shifts the security paradigm by assuming that no user, device, or system can be trusted by default, requiring continuous verification and the enforcement of least privilege access for all entities. This paper explores the key components of ZTA, such as identity and access management (IAM), micro-segmentation, continuous monitoring, and behavioral analytics, and evaluates their effectiveness in reducing vulnerabilities across diverse sectors, including finance, healthcare, and technology. Through case studies and industry reports, the advantages of ZTA in mitigating insider threats and minimizing attack surfaces are discussed. Additionally, the paper addresses the challenges faced during ZTA implementation, such as scalability, integration complexity, and costs, while providing best practices for overcoming these obstacles. Lastly, future research directions focusing on emerging technologies like AI, machine learning, blockchain, and their integration into ZTA are examined to enhance its capabilities further.

Cryptography and Security

Christos-Minas Mathas,Costas Vassilakis,Nicholas Kolokotronis

DOI: https://doi.org/10.1109/SERVICES48979.2020.00047

2021-09-04

Abstract:In modern internet-scale computing, interaction between a large number of parties that are not known a-priori is predominant, with each party functioning both as a provider and consumer of services and information. In such an environment, traditional access control mechanisms face considerable limitations, since granting appropriate authorizations to each distinct party is infeasible both due to the high number of grantees and the dynamic nature of interactions. Trust management has emerged as a solution to this issue, offering aids towards the automated verification of actions against security policies. In this paper, we present a trust- and risk-based approach to security, which considers status, behavior and associated risk aspects in the trust computation process, while additionally it captures user-to-user trust relationships which are propagated to the device level, through user-to-device ownership links.

Cryptography and Security

Khalid Al-hammuri,Fayez Gebali,Awos Kanan

2023-11-29

Abstract:Managing access between large numbers of distributed medical devices has become a crucial aspect of modern healthcare systems, enabling the establishment of smart hospitals and telehealth infrastructure. However, as telehealth technology continues to evolve and Internet of Things (IoT) devices become more widely used, they are also becoming increasingly exposed to various types of vulnerabilities and medical errors. In healthcare information systems, about 90\% of vulnerabilities emerged from misuse cases and human errors. As a result, there is a need for additional research and development of security tools to prevent such attacks. This article proposes a zero-trust-based context-aware framework for managing access to the main components of the cloud ecosystem, including users, devices and output data. The main goal and benefit of the proposed framework is to build a scoring system to prevent or alleviate misuse cases while using distributed medical devices in cloud-based healthcare information systems. The framework has two main scoring schemas to maintain the chain of trust. First, it proposes a critical trust score based on cloud-native micro-services of authentication, encryption, logging, and authorizations. Second, creating a bond trust scoring to assess the real-time semantic and syntactic analysis of attributes stored in a healthcare information system. The analysis is based on a pre-trained machine learning model to generate the semantic and syntactic scores. The framework also takes into account regulatory compliance and user consent to create a scoring system. The advantage of this method is that it is applicable to any language and adapts to all attributes as it relies on a language model, not just a set of predefined and limited attributes. The results show a high F1 score of 93.5%, which proves that it is valid for detecting misuse cases.

Cryptography and Security

Bharanidharan Shanmugam,Sami Azam,Pritika Pritika

DOI: https://doi.org/10.3390/technologies11010031

2023-02-14

Technologies

Abstract:The adaptation of the Internet of Medical Things (IoMT) has provided efficient and timely services and has transformed the healthcare industry to a great extent. Monitoring patients remotely and managing hospital records and data have become effortless with the advent of IoMT. However, security and privacy have become a significant concern with the growing number of threats in the cyber world, primarily for personal and sensitive user data. In terms of IoMT devices, risks appearing from them cannot easily fit into an existing risk assessment framework, and while research has been done on this topic, little attention has been paid to the methodologies used for the risk assessment of heterogeneous IoMT devices. This paper elucidates IoT, its applications with reference to in-demand sectors, and risks in terms of their types. By the same token, IoMT and its application area and architecture are explained. We have also discussed the common attacks on IoMT. Existing papers on IoT, IoMT, risk assessment, and frameworks are reviewed. Finally, the paper analyzes the available risk assessment frameworks such as NIST, ISO 27001, TARA, and the IEEE213-2019 (P2413) standard and highlights the need for new approaches to address the heterogeneity of the risks. In our study, we have decided to follow the functions of the NIST and ISO 270001 frameworks. The complete framework is anticipated to deliver a risk-free approach for the risk assessment of heterogeneous IoMT devices benefiting its users.

Ahmed A. Mawgoud,Ahmed I. Karadawy,Benbella S. Tawfik

DOI: https://doi.org/10.6084/m9.figshare.13311479.v2

2020-11-30

Abstract:The rapid growth of the Internet of Things technology in healthcare domain led to the appearance of many security threats and risks. It became very challenging to provide full protection with the expansion in using sensor objects in medical field, this led to the Internet of Medical Things definition, the security part in IoMT poses a perilous problem that keeps growing, because of the data sensitivity and critical information. The lack of providing a secure environment in IoMT may lead to patients privacy issues, not only leaving the data privacy of the patients at risk but also their lives can be in danger. In this paper, we provide a discussion on both definition and architecture of the Internet of Medical Things and Propose a new authentication approach through machine learning, to enhance the security level.

Cryptography and Security