Article Preview
Top1. Introduction
The health care domain consists of a cornerstone for the welfare of society. In the recent years there has been gaining much attention the convergence of emerging technologies such as the Big Data, the CC paradigm and the M2M communication architectural models. In the health care domain, sophisticated algorithms and novel processing techniques introduce benefits by mining Big Data and extracting knowledge while the CC paradigm establishes private back-end infrastructures, capable to handle massive quantities of clinical health data. The M2M architectural model, which is exploited in the health sector is comprised of mobile nodes, sensors and actuators interconnected to wireless networks through distributed base stations in the hospital’s physical environment. Thus, a type of wireless sensor networks (WSNs) (Rawat et al., 2014), the WBANs and their potential, unfold. The WBANs consist of a variety of on-body and implanted medical devices and sensors responsible for the continuous measurement of vital signs such as the temperature, the respiratory rate, the blood pressure and the arterial oxygen saturation.
The collection rate of clinical health data by sensors (Boubiche et al., 2018), necessitates the deployment of a highly scalable backend infrastructure to support the deployment of the medical applications’ logic as well as the data storage. Thus, the interconnection of WBANs with a private cloud infrastructure consists of a viable solution that enables scalability, availability better QoS through fast resource allocation, increased data storage and high computational power for the provision of a multithreaded eHealth or mHealth application. However, the distributed nature and mobile ad-hoc networks for the purpose of data propagation to backend endpoints of M2M architecture endanger the overall operation. By integrating CC backend endpoints, the already existing attack surface interacts with WBANs’ threats. These threats lay on the vulnerabilities of the M2M communications’ routing protocols and authentication schemes, as well as on specific characteristics such as the swiftly changing network topology and unattended clinical areas. Thus, the threat landscape is expanded.
Bearing in mind that the ulterior aim of the CC environment is to offer storing and processing capabilities on the basis of a high level of privacy and security without risking the disclosure of clinical health data, a risk assessment should be established prior its deployment. The proposed risk assessment correlates threats and security challenges of WBANs and CC environment in view of determining the total attack surface and estimating the probability of occurrence of an attack. Then, the mechanisms and processes providing the healthcare service (i.e. mHealth application) are safeguarded by countermeasures against the identified attack surface, in alignment with the principles of the Confidentiality, Integrity and Availability (CIA triad) (Juliadotter & Choo, 2015).
Accordingly, every technical component which is orchestrated in the context of the healthcare infrastructure’s operation, should be accompanied by a security component or countermeasure in order to minimize the total attack surface. Due to the diversity of these measures, the criterion which should be met by every countermeasure is to pose the minimum performance constraints over the other alternatives. Beyond the orchestration of countermeasures, the collection of clinical health data should be implemented in compliance with national norms and regulations due to the individuals’ rights and freedoms. Thus, the WBANs, as well as the CC environment should operate according constrains and legal instructions inaugurated by national regulations.
The remainder of the paper is organized as follows. Section 2 introduces the background on securing critical infrastructures and assessing their security level such as those in health care while Section 3 outlines the architectural elements of WBAN-CC infrastructure apparatus. Section 4 analyses the threats’ taxonomy while Section 5 reviews the attack-tree upon which the risk assessment is implemented. Section 6 contains the description of the risk assessment while examination of countermeasures is carried it out in section 7. The conclusions are drawn in Section 8.