Developer Driven Framework for Security and Privacy in the IoMT

Ceara Treacy; John Loane; Fergal McCaffery

doi:10.5220/0009828304430451

Developer Driven Framework for Security and Privacy in the IoMT

Ceara Treacy, John Loane, Fergal McCaffery

2020

Abstract

The Internet of Medical Things (IoMT), is a fast growing domain as healthcare moves out of structured health services into care in the community. As a result, the sensitive personal and health data associated with the IoMT can potentially flow through a diversity of apps, systems, devices and technologies, public and open networks. This exposes data in the IoMT to additional attack surfaces, which requires the hardening of the security and privacy of the data. Accordingly, the data is bound by regulatory safety, security and privacy requirements. Applying the regulatory compliant requirements is a struggle for developers in small to medium enterprises due to lack of knowledge, experience and understanding. This paper proposes a framework to assist in meeting regulatory compliance for security and privacy of data in flow in the IoMT, directed at developers in small to medium enterprises. The framework considers both security and privacy properties for data in flow protection in the IoMT. This framework expands on the established threat modeling steps to consider both security and privacy. To mitigate the identified security and privacy threats, the framework includes a set of categorised technical security and privacy controls developed through medical device security standards. The originality of this framework is the inclusion of security and privacy requirements in the extension of the traditional threat modeling process, as well as the security and privacy controls embedded in the medical security standards.

Download

Paper Citation

in Harvard Style

Treacy C., Loane J. and McCaffery F. (2020). Developer Driven Framework for Security and Privacy in the IoMT.In Proceedings of the 15th International Conference on Software Technologies - Volume 1: ICSOFT, ISBN 978-989-758-443-5, pages 443-451. DOI: 10.5220/0009828304430451

in Bibtex Style

@conference{icsoft20,
author={Ceara Treacy and John Loane and Fergal McCaffery},
title={Developer Driven Framework for Security and Privacy in the IoMT},
booktitle={Proceedings of the 15th International Conference on Software Technologies - Volume 1: ICSOFT,},
year={2020},
pages={443-451},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009828304430451},
isbn={978-989-758-443-5},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 15th International Conference on Software Technologies - Volume 1: ICSOFT,
TI - Developer Driven Framework for Security and Privacy in the IoMT
SN - 978-989-758-443-5
AU - Treacy C.
AU - Loane J.
AU - McCaffery F.
PY - 2020
SP - 443
EP - 451
DO - 10.5220/0009828304430451