27-10-2012, 05:26 PM
DATA SECURITY AND PRIVACY IN WIRELESS BODY AREA NETWORKS
DATA SECURITY AND PRIVACY.pdf (Size: 199.99 KB / Downloads: 79)
ABSTRACT
The wireless body area network has emerged
as a new technology for e-healthcare that allows
the data of a patient’s vital body parameters and
movements to be collected by small wearable or
implantable sensors and communicated using
short-range wireless communication techniques.
WBAN has shown great potential in improving
healthcare quality, and thus has found a wide
range of applications from ubiquitous health
monitoring and computer assisted rehabilitation
to emergency medical response systems. The
security and privacy protection of the data collected
from a WBAN, either while stored inside
the WBAN or during their transmission outside
of the WBAN, is a major unsolved concern, with
challenges coming from stringent resource constraints
of WBAN devices, and the high demand
for both security/privacy and practicality/usability.
In this article we look into two important
data security issues: secure and dependable distributed
data storage, and fine-grained distributed
data access control for sensitive and private
patient medical data. We discuss various practical
issues that need to be taken into account
while fulfilling the security and privacy requirements.
Relevant solutions in sensor networks
and WBANs are surveyed, and their applicability
is analyzed.
INTRODUCTION
Recently, with the rapid development in wearable
medical sensors and wireless communication,
wireless body area networks (WBANs)
have emerged as a promising technique that will
revolutionalize the way of seeking healthcare
[1–3], which is often termed e-healthcare. Instead
of being measured face-to-face, with WBANs
patients’ health-related parameters can be monitored
remotely, continuously, and in real time,
and then processed and transferred to medical
databases. This medical information is shared
among and accessed by various users such as
healthcare staff, researchers, government agencies,
and insurance companies.
APPLICATION SCENARIO
We exemplify the security needs in WBANs by a
distributed healthcare application scenario.
Suppose Peter is injured when traveling far
away from his hometown. At first, the emergency
paramedic reads Peter’s implanted RFID
tag to obtain his profile and medical records,
and a WBAN consisting of wearable medical
sensors is established and associated with
Peter. Later, various healthcare workers can
directly access the vital sign readings from the
WBAN in real time, in order to provide better
medical care. For instance, a nurse inquires on
Peter’s health status from his WBAN and
uploads an electronic report to the local server
in Peter’s room.
Peter’s PDA has been configured with an initial
access policy (AP) that controls who has
access to his medical data within his WBAN.
The AP automatically adapts to contexts, such as
accommodating the reception staff, doctor, and
nurse. Peter can also modify the AP at his own
will; for example, his sensitive AIDS record is
only allowed to be shared with his nurses but not
doctors.
REQUIREMENTS FOR DISTRIBUTED DATA STORAGE SECURITY
Confidentiality: In order to prevent patient-related
data from leaking during storage periods, the
data needs to always be kept confidential at a
node or local server. Data confidentiality should
be resilient to device compromise attacks; that
is, compromising one node helps the attacker to
gain nothing or little from the data stored at that
node or elsewhere.
Dynamic integrity assurance: In WBANs the
patient-related data is vital, and modified data
would lead to disastrous consequences. Thus,
data integrity shall be dynamically protected all
the time. In particular, we shall be able to not
only detect modification of data at end users,
but also check and detect that during storage
periods, in order to discover potential malicious
modification in advance and alert the user.
Dependability: Dependability is another critical
concern in WBANs, because failure to
retrieve correct data may become a life-threatening
matter. In order to tackle the threats caused
by network dynamics, fault tolerance is required,
that is, having patient-related data readily
retrievable even under Byzantine node failure or
malicious modifications.