Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Cyber Security in Human Health and Medical Devices
share announcement

Cyber Security in Human Health and Medical Devices

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (20 January 2022) | Viewed by 20991

Special Issue Editors

Prof. Dr. Hassan Chizari

E-Mail Website
Guest Editor
Department of Technical Computing, School of Business and Technology, University of Gloucestershire, Cheltenham GL50 2RH, UK
Interests: security in IoT devices; wireless sensor networks; smart grid
Special Issues, Collections and Topics in MDPI journals
Prof. Dr. Kamal Bechkoum

E-Mail Website
Guest Editor
School of Computing and Engineering, University of Gloucestershire, Cheltenham GL50 4AZ, UK
Interests: artificial intelligence and machine learning; engineering design; cyber security; big data analytics
Special Issues, Collections and Topics in MDPI journals
Dr. Tariq Abdullah

E-Mail Website
Guest Editor
Department of Computing and Mathematics, College of Engineering and Technology, University of Derby, Derby DE22 1GB, UK
Interests: distributed systems; big data and data analytics; intelligent systems; business analytics

Special Issue Information

Dear Colleagues,

Cybersecurity has been a prominent research area for many years, and it has evolved and changed to address the raised gaps and concerns in the field. Among the many areas of cyber security, however, medical applications have received less treatment, even though the cybersecurity risk in them is quite high. There are many specific features for human health and medical device cybersecurity, such as extensive usage of legacy devices (e.g., windows XP-operated MRI machines), priority of health to privacy and confidentiality (e.g., sharing unprotected patients’ data with nurses on a USB stick), the concept of an emergency situation (e.g., overriding all cybersecurity measures in such an event) and cryptography for extreme devices (e.g., medical implants). The fast-paced environment with rotary shifts, part-time or hourly paid staffs and sharing devices among many operators adds more complexity to this problem. Although attacks such as WannaCry demonstrated how vulnerable this area of cybersecurity is, there is still a big gap in research to define and address the problems specified to human health and medical devices. In this Special Issue, researchers and scholars are invited to submit their work on the following topics focused on human health and medical devices to the journal: standards and regulations, privacy and accessibility, attack vectors, threat modelling, use cases and abuse cases, cryptography and confidentiality, blockchain, homomorphic encryption and other related topics.

Dr. Hassan Chizari
Prof. Dr. Kamal Bechkoum
Dr. Tariq Abdullah
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • standards and regulations
  • privacy and accessibility
  • attack vectors
  • threat modelling
  • use cases and abuse cases
  • cryptography and confidentiality
  • block chain
  • homomorphic encryption

Published Papers (5 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

15 pages, 2060 KiB  
Article
Homomorphic Encryption Based Privacy-Preservation for IoMT
by Mikail Mohammed Salim, Inyeung Kim, Umarov Doniyor, Changhoon Lee and Jong Hyuk Park
Appl. Sci. 2021, 11(18), 8757; https://doi.org/10.3390/app11188757 - 20 Sep 2021
Cited by 28 | Viewed by 3575
Abstract
Healthcare applications store private user data on cloud servers and perform computation operations that support several patient diagnoses. Growing cyber-attacks on hospital systems result in user data being held at ransom. Furthermore, mathematical operations on data stored in the Cloud are exposed to [...] Read more.
Healthcare applications store private user data on cloud servers and perform computation operations that support several patient diagnoses. Growing cyber-attacks on hospital systems result in user data being held at ransom. Furthermore, mathematical operations on data stored in the Cloud are exposed to untrusted external entities that sell private data for financial gain. In this paper, we propose a privacy-preserving scheme using homomorphic encryption to secure medical plaintext data from being accessed by attackers. Secret sharing distributes computations to several virtual nodes on the edge and masks all arithmetic operations, preventing untrusted cloud servers from learning the tasks performed on the encrypted patient data. Virtual edge nodes benefit from cloud computing resources to accomplish computing-intensive mathematical functions and reduce latency in device–edge node data transmission. A comparative analysis with existing studies demonstrates that homomorphically encrypted data stored at the edge preserves data privacy and integrity. Furthermore, secret sharing-based multi-node computation using virtual nodes ensures data confidentiality from untrusted cloud networks. Full article
(This article belongs to the Special Issue Cyber Security in Human Health and Medical Devices)
Show Figures

Figure 1

25 pages, 6607 KiB  
Article
Sample Reduction for Physiological Data Analysis Using Principal Component Analysis in Artificial Neural Network
by Cid Mathew Santiago Adolfo, Hassan Chizari, Thu Yein Win and Salah Al-Majeed
Appl. Sci. 2021, 11(17), 8240; https://doi.org/10.3390/app11178240 - 6 Sep 2021
Cited by 2 | Viewed by 2439
Abstract
With its potential, extensive data analysis is a vital part of biomedical applications and of medical practitioner interpretations, as data analysis ensures the integrity of multidimensional datasets and improves classification accuracy; however, with machine learning, the integrity of the sources is compromised when [...] Read more.
With its potential, extensive data analysis is a vital part of biomedical applications and of medical practitioner interpretations, as data analysis ensures the integrity of multidimensional datasets and improves classification accuracy; however, with machine learning, the integrity of the sources is compromised when the acquired data pose a significant threat in diagnosing and analysing such information, such as by including noisy and biased samples in the multidimensional datasets. Removing noisy samples in dirty datasets is integral to and crucial in biomedical applications, such as the classification and prediction problems using artificial neural networks (ANNs) in the body’s physiological signal analysis. In this study, we developed a methodology to identify and remove noisy data from a dataset before addressing the classification problem of an artificial neural network (ANN) by proposing the use of the principal component analysis–sample reduction process (PCA–SRP) to improve its performance as a data-cleaning agent. We first discuss the theoretical background to this data-cleansing methodology in the classification problem of an artificial neural network (ANN). Then, we discuss how the PCA is used in data-cleansing techniques through a sample reduction process (SRP) using various publicly available biomedical datasets with different samples and feature sizes. Lastly, the cleaned datasets were tested through the following: PCA–SRP in ANN accuracy comparison testing, sensitivity vs. specificity testing, receiver operating characteristic (ROC) curve testing, and accuracy vs. additional random sample testing. The results show a significant improvement in the classification of ANNs using the developed methodology and suggested a recommended range of selectivity (Sc) factors for typical cleaning and ANN applications. Our approach successfully cleaned the noisy biomedical multidimensional datasets and yielded up to an 8% increase in accuracy with the aid of the Python language. Full article
(This article belongs to the Special Issue Cyber Security in Human Health and Medical Devices)
Show Figures

Figure 1

18 pages, 2886 KiB  
Article
Trust No One? A Framework for Assisting Healthcare Organisations in Transitioning to a Zero-Trust Network Architecture
by Dan Tyler and Thiago Viana
Appl. Sci. 2021, 11(16), 7499; https://doi.org/10.3390/app11167499 - 16 Aug 2021
Cited by 12 | Viewed by 5410
Abstract
Traditional networks are designed to be hard on the outside and soft on the inside. It is this soft inside which has made the traditional perimeter model laughable to attackers, who can easily breach a network and run away with the data without [...] Read more.
Traditional networks are designed to be hard on the outside and soft on the inside. It is this soft inside which has made the traditional perimeter model laughable to attackers, who can easily breach a network and run away with the data without even having to deal with the hardened perimeter. The zero-trust security model, created by John Kindervag in 2010, addresses the security flaws of the traditional perimeter model and asserts that all network traffic on the inside should not be trusted by default. Other core principles of zero trust include verification and continuous monitoring of all communication, as well as encryption of all data in transit and data at rest, since the goal of zero trust is to focus on protecting data. Although the zero-trust model was created in 2010, with some of the associated security practices existing even before that, many healthcare organisations are still choosing to focus primarily on securing the perimeter instead of focusing on the vulnerabilities within them. The current COVID-19 pandemic which healthcare providers are struggling with further highlights the need for improvements to security within the network perimeter, as many healthcare providers and vaccine developers are still using vulnerable, outdated legacy systems which could become compromised and indirectly have a detrimental effect on patient care. Legacy systems which are technologically limited, as well as medical devices which cannot be controlled or managed by network administrators, create boundaries to transitioning to a zero-trust architecture. It is challenges like this that have been explored during the research phase of this project in order to gain a better understanding of how a health organisation can adopt zero-trust practices despite the limitations of their current architecture. From the information gathered during this research, a framework was developed to allow a health organisation to transition to a more secure architecture based on the concept of zero-trust. Aspects of the proposed framework were tested in Cisco Modelling Labs (CML), and the results were evaluated to ensure the validity of some of the recommendations laid out in the framework. The main objective of this research was to prove that if a host within the local area network (LAN) were to be compromised, the damage would be limited to that host and would not spread throughout the rest of the network. This was successful after the qualitative research performed in CML. One of the other takeaways from testing the framework in CML was that medical devices could be secured by placing firewalls directly in front of them. This placement of firewalls may seem like an unorthodox approach and was shown to increase latency, but the blocking of all unnecessary traffic on the rest of the network will result in a performance boost and should balance it out in a real-world application. Full article
(This article belongs to the Special Issue Cyber Security in Human Health and Medical Devices)
Show Figures

Figure 1

19 pages, 2243 KiB  
Article
Cybersecurity and Privacy Risk Assessment of Point-of-Care Systems in Healthcare—A Use Case Approach
by Marc Jofre, Diana Navarro-Llobet, Ramon Agulló, Jordi Puig, Gustavo Gonzalez-Granadillo, Juan Mora Zamorano and Ramon Romeu
Appl. Sci. 2021, 11(15), 6699; https://doi.org/10.3390/app11156699 - 21 Jul 2021
Cited by 8 | Viewed by 4947
Abstract
Point-of-care systems are generally used in healthcare to respond rapidly and prevent critical health conditions. Hence, POC systems often handle personal health information; and consequently, their cybersecurity and privacy requirements are of crucial importance. While, assessing these requirements is a significant task. In [...] Read more.
Point-of-care systems are generally used in healthcare to respond rapidly and prevent critical health conditions. Hence, POC systems often handle personal health information; and consequently, their cybersecurity and privacy requirements are of crucial importance. While, assessing these requirements is a significant task. In this work, we propose a use case approach to assess specifications of cybersecurity and privacy requirements of POC systems in a structured and self-contained form. Such an approach is appropriate since use cases are one of the most common means adopted by developers to derive requirements. As a result, we detail a use case approach in the framework of a real-based healthcare IT infrastructure that includes a health information system, integration engines, application servers, web services, medical devices, smartphone apps and medical modalities (all data simulated) together with the interaction with participants. Since our use case also sustains the analysis of cybersecurity and privacy risks in different threat scenarios, it also supports decision making and the analysis of compliance considerations. Full article
(This article belongs to the Special Issue Cyber Security in Human Health and Medical Devices)
Show Figures

Figure 1

21 pages, 3214 KiB  
Article
FAIDM for Medical Privacy Protection in 5G Telemedicine Systems
by Tzu-Wei Lin and Chien-Lung Hsu
Appl. Sci. 2021, 11(3), 1155; https://doi.org/10.3390/app11031155 - 27 Jan 2021
Cited by 11 | Viewed by 3590
Abstract
5G networks have an efficient effect in energy consumption and provide a quality experience to many communication devices. Device-to-device communication is one of the key technologies of 5G networks. Internet of Things (IoT) applying 5G infrastructure changes the application scenario in many fields [...] Read more.
5G networks have an efficient effect in energy consumption and provide a quality experience to many communication devices. Device-to-device communication is one of the key technologies of 5G networks. Internet of Things (IoT) applying 5G infrastructure changes the application scenario in many fields especially real-time communication between machines, data, and people. The 5G network has expanded rapidly around the world including in healthcare. Telemedicine provides long-distance medical communication and services. Patient can get help with ambulatory care or other medical services in remote areas. 5G and IoT will become important parts of next generation smart medical healthcare. Telemedicine is a technology of electronic message and telecommunication related to healthcare, which is implemented in public networks. Privacy issue of transmitted information in telemedicine is important because the information is sensitive and private. In this paper, 5G-based federated anonymous identity management for medical privacy protection is proposed, and it can provide a secure way to protect medical privacy. There are some properties below. (i) The proposed scheme provides federated identity management which can manage identity of devices in a hierarchical structure efficiently. (ii) Identity authentication will be achieved by mutual authentication. (iii) The proposed scheme provides session key to secure transmitted data which is related to privacy of patients. (iv) The proposed scheme provides anonymous identities for devices in order to reduce the possibility of leaking transmitted medical data and real information of device and its owner. (v) If one of devices transmit abnormal data, proposed scheme provides traceability for servers of medical institute. (vi) Proposed scheme provides signature for non-repudiation. Full article
(This article belongs to the Special Issue Cyber Security in Human Health and Medical Devices)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-5
Back to TopTop