Literature Review On Internet Of Things (IoT) In Health Care

IoT Healthcare Security

Write a Literature Review on Internet of Things (IoT) in Health Care.

The Internet of Things is commonly looked at as all the objects that communicate with the use of internet. The healthcare industry is taking best of its efforts towards reducing the overall expenses and deliver the services that are of high quality, are easily accessible, and affordable by all. Advanced technologies are a great help for such measures in the healthcare industry and hence a rapid adoption of data analysis, database management, data transmission in real time, hybrid cloud computing, and machine to machine communication are certain technologies that are bringing significant changes in the healthcare industry. With all this comes certain technological advances that are driving the market growth, such technological advancements are big data analytics, nanobots and robotic flight stimulated surgeries, and increase in patient awareness about the upgraded technologies. This is also giving rise to the demand of IoT networks in the healthcare sector that is increasing its popularity and leading to readmissions in the hospitals for treatment of chronic diseases.

Multiple devices are better connected and the Internet of Things (IoT) is giving number of opportunities to different industries including the healthcare industry. The Internet of Things technology is rapidly growing in Australia and it has all the potential to widely impact the country in the long-term. The IoT health applications help in tracking the health status to identify the early warnings of potential issues for making appropriate improvements. Other kind of IoT applications help in getting better access to people in remote locations or for people who face difficulty in frequently visiting the medical centres (Research, 2018).

The IoT health applications generate the value of data from Big Data devices, machine learning systems which have become very popular and accessible for purposes of data mining and forming patterns. This report identifies the potential and realistic security threats in IoT health care systems Security is a major problem area in the use of IoT in the healthcare industry. So the research question for this paper is that “With the rise in application of IoT in Australia, Is the country prepared enough to handle all the security threats related to IoT?”

The Internet of Things refers to the communication between everyday heterogeneous objects that have computing capabilities to enable interaction and exchange of data. This interaction and exchange of data happens with the help of various communication channels and for analysis purpose it passes through a cloud structure. The entire process happens without any human intervention. At the end of the process, an advanced service application helps in communicating the information to the user (Muffin, 2017). 

Security Challenges

New successful healthcare system possibilities are getting explored in Australia through applications of mobile data analysis, wearable medical devices and sources of online information. The healthcare providers are giving a way to opportunities for better business decision making by investing in the IoT in health technology. This also leads them to invest in IoT infrastructure and capabilities of big data analytics for building sustainable healthcare systems. The growth of IoT healthcare in Australia is also because of the technology developments that led to “bring your own healthcare device” experience. This made passive patient’s switch to being activated patients (Siwicki, 2017)

With the increasing adoption of IoT in the medical sector along with the new eHealth IoT applications and devices, the sector also has to manage and handle vital private information like the personal healthcare data. As these devices are smart and connected to global information networks for easy access, it can become a target of attackers. Hence, it is important to identify and analyse specific features of IoT security (Fanarof, 2016). These features include the security requirements, threat models, vulnerability, counter-measures, etc.

To achieve secure services of IoT applications and devices, focus should be made on below mentioned security requirements:

Confidentiality – to maintain privacy and restricted access to medical information for unauthorized users.

Integrity – to ensure no alteration is done to the medical data in transit by an adversary.

Authentication and authorization – to validate the identity of individual who is interacting. The authorization happens with only authorized nodes.

Freshness of data – It is important to ensure that the data remains fresh and no adversary makes any changes in the old messages.

Resiliency – In case of an attack on interconnected health devices, the device, network and all information should be protected by a certain security scheme.

Self-healing – A minimum level of security should be enabled in collaborating devices when a IoT healthcare medical device network runs out of energy or experiences a system failure.

As the traditional security techniques do not ensure the security requirements of IoT healthcare devices, the new challenges require certain novel countermeasures. The challenges faced for having secure IoT health care services are:

1. Limitations in computation – The low speed processors embedded in the IoT health devices does not give high speed to the central processing unit of such devices. Also, computationally expensive operations are not possible through these devices, which means that these devices only act as a sensor or an actuator. This makes it a challenging task to find a secured solution that maximizes the security of the device and significantly reduces the resource consumption (Gil, et al., 2016).
2. Limitations in memory – Most of the IoT healthcare devices work with low memory and an embedded operating system or a system software is generally used to activate these devices. Hence, complicated security protocols may be difficult to be executed on such low on-device memory.
3. Limitations in energy – The typical small health devices of IoT healthcare conserve energy through the power saving mode as these devices have limited battery power. Example of such devices are body temperature devices and BP sensors. Hence, the limitation in the enerdy of IoT health devices makes it even more difficult to find a solution for energy aware security (Chapman & Uren, 2018).
4. Mobility – The mobility in the healthcare devices is maintained with the internet through IoT service providers. As in the case of a hearth monitor might be connected to the internet for providing information of the user to his concerned caregiver. These wearables might be connected to the caregiver’s home network as well as his office network. And as security configurations differ with different networks, therefore it is another challenege to develop a security algorithm that is mobility-compliant.
5. Scalability – With the increase in number of devices getting connected to the global information network, it becomes a challenging task to design a highly scalable security scheme (Ranger, 2016).
6. Communication – The local and global connection of the IoT health devices are done through various wireless channels, and characteristics of such wireless channels further reduces the traditional wired security schemes. It is a challenge to develop a security protocol that equally treats the wired and wireless channels.
7. Multiplicity of devices – There are range of devices available in the IoT healthcare network, that ranges from PCs to RFIDs and these have different capabilities of power, software, memory and computation. Hence, a single security scheme cannot accommodate all the devices.
8. Topology of dynamic network – The network topology of medical devices is dynamic as these devices join the IoT health network anytime anywhere. Hence, it is a difficult challenge to design a security model for such dynamic network topology.
9. Multi-protocol network – Multi protocols exists in the IoT connected medical devices as the local network medical devices communicate through a proprietary network protocol and communication between IoT devices and the IoT service providers happens over the IP networks. Thus, it becomes difficult to design a sound security solution for communications on a multi-protocol network (Director, 2018).
10. Dynamic security updates – The updated security patches required in the IoT health devices mitigate the potential vulnerabilities. It is another challenge to manage dynamic installation of security patches.
11. Tamper-resistant packages – These packages help to defend against physical attacks on the medical devices. These physical attacks can tamper the device to extract secrets or modify the programs or encrypt the programs with malicious nodes. Implementing these tamper-resistant packages is not an easy task.

The continuously evolving paradigm of IoT is giving rise to devices and services of IoT healthcare. Various security threats can be devised by an attacker to compromise the IoT medical devices and networks that exist currently and can exist in future. The treats that can hamper the IoT health devices are either tangible or predictable or even hard to predict. The three major properties classified for existing and potential threats are:

1. Information disruption based attacks – The health data that is stored or is in-transit, when attacked by an attacker can be manipulated to give wrong information. Such attacks include interruption, interception, modification, fabrication and replay. The interruption makes the communication links unavailable or to be lost. Interception intercepts with the confidentiality and data privacy of the medical information. Modification makes changes in the data and information to mislead and create confusion by gaining unauthorized access to the medical data. Fabrication is injecting of misleading and false data into the health information to threaten authenticity of the message. Replay is the attack that plays the existing message multiple times to threaten its freshness (Palmer, 2018).
2. Host properties based attacks – The host properties can have three types of attacks namely (1) User compromise; where the attacker steals the data of user’s health device to reveal sensitive information like the cryptographic keys, personal data or passwords. (2) Hardware compromise; the physical device is tempered to extract program codes, data and keys and to reprogram the device with malicious codes. (3) Software compromise; the vulnerabilities of the operating system or system software or the application is used to malfunction or dysfunction the status of IoT health devices (Islam, et al., 2015).
3. Network properties based attacks – Protocol and layer specific compromise happens in this type of attack. In the standard protocol compromise the attacker sends malicious protocols to threaten availability of service, integrity, authenticity and privacy of the message. In the network protocol stack attack, the attacker exploits the vulnerabilities of original protocol stack layers to launch malicious activities. In such attacks it is important to ensure security at each layer of the network protocol stack that will help to improve the performance of IoT healthcare networks under different environmental conditions in terms of longevity, security and connectivity (Lewis, 2017).

Taxonomy of Attack

The methodology applied for this report is the survey conducted with various IoT healthcare providers and the secondary research conducted to gain further information and knowledge.

The exercise between interdisciplinary groups provided policy recommendations for improving the internet security in Australia. These recommendations are to create and enforce standards for security of technology, security challenges to be dealt with international agreements, and to bring improvements in risk awareness. The country needs to develop policy domains that keep pace with the changes in technology. These policies need to set security standards that efficiently help in responding to attacks. There is an underlying tension between the approaches of risk based and compliance based interventions for bringing improvement in the cyber security. There are multiple solutions being identified by the authorities in Australia, but those are not immediately executable and hence are to be considered with secondary and tertiary effects before implementation. Many future exercises are required to be performed for developing policy that might include cyber security strategy of the government of Australia, challenge the assumptions of roles and responsibilities, authorities of government, and provide incentives to various stakeholders from government and non-government participants to build and successfully implement the solutions for cyber security (Mikolic-Torreira, et al., 2016). 

It is noticed that the cyber security standards of Australia need to address three goals for exploring collectively for development of cohesive solutions. The standards set in the policy need to be more stringent for the healthcare devices, devices on vehicles and other group of products that can affect the public safety. The threshold of standards can be lower for the household appliances, and pedometers and the other such products that can be hacked and have a low risk to health and safety of the user. The second goal is that the standards need to be different for devices with different capabilities. The third identified goal is to bring changes in the cyber security standards related to IoT as soon as possible due to frequent changes in technology that might make it lag behind the threats and new developments. All these policy goals need also to identify the methodology and mechanism to achieve synergy and cooperation between various sectors, stakeholders and the government. Another aspect to be considered is the buy-in from the consumers and about educating the users about maintaining safety and safety operations about the IoT devices (Heydon & Zeichner, 2015).

Methodology

The security in the IoT healthcare devices is a matter of concern as it is related to life and death of an individual. This can bring massive changes in the security standards of IoT. Like the U.S. Senate bill, requires the vendors to meet minimum security standards for selling IoT devices to federal government including the healthcare facilities. The key requirement is for the vendors of IoT healthcare devices to maintain higher security standards. The healthcare provider organizations can buy patched supply equipment from the vendors. Security issues that are identified after manufacturing of the device can modify the original firmware controlling the device as the device has a lifecycle (Braue, 2017).

For future research there is a huge opportunity for improvements in the privacy and security in the cloud based health care. These are no ideal encryption scheme that can protect the data while machine learning activity and providing access to authorized personal. However, there are two schemes, namely ABE and FHE that can be further researched upon for successful implementation as these have appealing characteristics, but are difficult to be implemented on wearable devices due to its heavy weight. With the improvement a hybrid scheme of ABE-FHE could be considered that can help in providing security to cloud based healthcare data (M2M Connectivity, 2018).

Also, there is no end-to-end system that can contain all the components to work on wearable sensors, machine learning, cloud based storage, and communication ranges. Hence work should be done on developing such a system in the IoT based healthcare. Such system also should have provision for emergency healthcare with diagnostic machine learning, monitoring of health signs, and manage long range communications through LPWANs that help in communicating with the emergency service providers about urgent help required by a patient.

Future research also should be done on understanding the method to implement the developed solutions and mitigate the possibilities of unintended consequences. The consequences that can be considered can be the impact on the industries in Australia, various innovations happening around the technology, the imports and exports, various procedures for the investigations of offences, and the ability of the Australian government in terms of options to be explored for responding to various security events (Braue, 2018).

Conclusion

The future of the healthcare sector in Australia might highly rely on the factors that depend on its decision about leveraging the latest technologies of robotics, automation and management of data. The various technological advancements happening across the globe today, need to lay the foundation for capitalising on these technologies, hence, the technologies in healthcare in Australia needs to be prepared for potential disruptions in the digital information by the latest technologies like artificial intelligence, virtual reality and augmented reality. The future healthcare organizations need to be more adaptable and be developed with all these opportunities as the expectations of the consumer keeps changing with the advancements in technology.

Findings and Analysis

Various researches have shown that cloud technology is the best technology to store data and for storage and organizing of big data in the healthcare as well. Also, a significant amount of better work analysis and data processing can also be performed in an efficient manner in the cloud technology as compared to the data processing on the wearble devices that have very limited resources. But the security risk associated with the use of cloud technology is huge in terms of using it in IoT healthcare devices. Hence, the report presents different works that focus on the security improvements in the cloud technology. The report identifies that the policies of access control and encryption can help in enhancing the security of cloud technology for data storage of medical devices. But as no set standard is available for immediate application, hence, an immediate research should be done in this regard for mitigating the data risk in IoT based health care system.

The report also identifies several areas for future research like, the state of the art technology in the wearable sensors, research can be done for improving the standards of communication through wired and wireless channels. Huge opportunity appears from the designing and development of a hybrid encryption scheme that is lightweight and can be easily used in the cloud storage. Also, research in machine learning also shows great opportunity for the researchers to bring in significant improvements in the security challenges associated with the IoT based health care in Australia

References

Braue, 2018. “Truly frightening” IoT security should motivate CSOs to reconsider their endpoint strategies, Available at: https://www.cso.com.au/article/634729/truly-frightening-iot-security-should-motivate-csos-reconsider-their-endpoint-strategies/

Braue, D., 2017. Medical, consumer device makers are trying, at least, to improve IoT security: consultant, Available at: https://www.cso.com.au/article/627916/medical-consumer-device-makers-trying-least-improve-iot-security-consultant/

Chapman, E. & Uren, T., 2018. The Internet of Insecure Things, Available at: https://www.aspi.org.au/report/InternetOfInsecureThings

Director, M., 2018. Is health prepared for IoMT innovation?, Available at: https://www.healthcareit.com.au/article/health-prepared-iomt-innovation

Fanarof, A., 2016. ?How IoT and data analytics technologies can improve Australia’s healthcare system, Available at: https://www.cio.com.au/article/608306/how-iot-data-analytics-technologies-can-improve-australia-healthcare-system/

Gil, D., Ferrández, A., Mora, H. & Peral, J., 2016. Internet of Things: A Review of Surveys Based on Context Aware Intelligent Services. PMC journal, 16(7).

Heydon, G. & Zeichner, F., 2015. Enabling the Internet of Things for Australia, Available at: https://www.commsalliance.com.au/__data/assets/pdf_file/0004/58702/Enabling-the-Internet-of-Things-for-Australia.pdf

Islam, S., Kwak, D., Kabir, M. & Hossain, M., 2015. The Internet of Things for Health Care: A Comprehensive Survey, Available at: https://ieeexplore.ieee.org/document/7113786/

Lewis, M., 2017. Security of the Internet of Things (IoT) in healthcare, Available at: https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/february/security-of-the-internet-of-things-iot-in-healthcare/

M2M Connectivity, 2018. Implementing the IoT in Healthcare, Available at: https://m2mconnectivity.com.au/implementing-the-iot-in-healthcare/

Mikolic-Torreira, I. et al., 2016. Exploring Cyber Security Policy Options in Australia, Available at: https://nsc.crawford.anu.edu.au/sites/default/files/publication/nsc_crawford_anu_edu_au/2017-08/issues_and_options_paper-3_2_0.pdf

Muffin, M., 2017. Healthcare Internet of Things Provides A Roadmap For Australia’s Remote and Chronic Condition Patients, Available at: https://www.medmuffin.com/2017/08/21/healthcare-internet-of-things-provides-a-roadmap-for-australias-remote-and-chronic-condition-patients/

Palmer, D., 2018. IoT security warning: Cyber-attacks on medical devices could put patients at risk, Available at: https://www.zdnet.com/article/iot-security-warning-cyber-attacks-on-medical-devices-could-put-patients-at-risk/

Ranger, S., 2016. Internet of Things: Finding a way out of the security nightmare, Available at: https://www.zdnet.com/article/internet-of-things-finding-a-way-out-of-the-security-nightmare/

Research, G. V., 2018. Internet of Things (IoT) in Healthcare Market Size, Share & Trend Analysis Report By Component, By Connectivity Technology, By Application, By End-use, By Region, And Segment Forecasts, 2012 – 2022, Available at: https://www.grandviewresearch.com/industry-analysis/internet-of-things-iot-healthcare-market

Siwicki, B., 2017. Hospitals, don’t wait to address these little-known IoT security issues, Available at: https://www.healthcareitnews.com/news/hospitals-dont-wait-address-these-little-known-iot-security-issues

Order an Essay Now & Get These Features For Free:

Turnitin Report

Formatting

Title Page

Citation

Outline

Place an Order