Back to search

IKTPLUSS-IKT og digital innovasjon

Adaptive Security for Smart Internet of Things in eHealth

Awarded: NOK 13.8 mill.

The main focus of the ASSET project has been to build innovative and creative solutions for estimation and prediction of security and privacy risks impact, security metrics, and light-weight abilities of smart things. We analysed the context-aware threat of IoT in general and patient monitoring scenarios in particular. We also analysed security objective decomposition strategies for an IoT eHealth application. The main focus has been for meaningful security metrics for adaptive security solutions to be ab le to adapt the relevant security parameters according to contextual and threat changes. We developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of Io T security solutions. We also optimized algorithms for light-weight self-abilities, lightweight cryptography for secure aggregation, and cooperative security at the physical layer. We addressed privacy for internet of things technologies by focusing on th e most "primitive" members, bare sensors and RFIDs. We adopted a strategy of incrementally adjusting existing protocols for deployment in the area of wireless medical sensors body area networks, and provided trust management methods as a complementary to such hard security solutions, soft mean for security provisioning. The other main focus has been on the task to develop innovative reasoning techniques to security metrics and contextual information. The main context has been to determine the context in terms of the human location, the rate of change of location and the transportation mode via a smart phone and augmented with (foot) wearable sensors. Yet another focus has been the identification of three foundational quality criteria of security metri cs: correctness, measurability, and meaningfulness. These form the basis for credibility and sufficiency for security metrics and associated measurements, and for our proposed model for conceptual security metrics quality criteria. We also analysed the sc enarios for compression and encryption of analog signals in medical BAN, where redundancy removal is a central issue. We have set up the simulation testbed and validated in terms of energy consumption with a prediction method and the way it is affected by antenna orientation. . Currently we are extending, validating, and prototyping the adaptive security methods for IoT, and are planning to use them in a simulated eHealth patient monitoring scenario in Oslo University Hospital.

Emerging Internet of Things (IoT) technologies provide many benefits to the improvement of eHealth. The IoTs successful deployment depends on ensuring security and privacy that need to adapt to their processing capabilities and resource use. IoTs are, how ever, vulnerable to attacks since communications are mostly wireless, unattended things are usually vulnerable to physical attacks, and most IoT components are constrained by energy, communications, and computation capabilities necessary for the implement ation of complex security-supporting schemes. Most current security models and mechanisms that address the IoT's problems and allow a system to detect and recover from errors or attacks are hard to change, reuse, and analyse; thus making infrastructures t hat are inflexible, lost investments, damages resulting from mechanisms not matching the threats, etc. Therefore, ASSET will build risk-based adaptive security methods and mechanisms that increase security to an appropriate level. The security methods a nd mechanisms will adapt to the dynamic changing conditions of IoT, including usability, threats, diversity, and heterogeneity. ASSET's case study will lead to the design of adaptive strategies for the dynamic interplay between security and data transmiss ion in a mobile patient monitoring system. This will use information of link quality, data transmission rate, and processing capabilities of sensor nodes and smart phones. The security adaptation will take into account the various quality of service (QoS) metrics. This will allow us to verify the necessary security and trust for the emerging IoT in many e-Health applications in general and in the case study patient monitoring in particular. This will constitute a key innovator for future e-Health solution s in the Norwegian hospitals and health services.

Publications from Cristin

No publications found

No publications found

Funding scheme:

IKTPLUSS-IKT og digital innovasjon