Title :
Systematic information flow control in mHealth systems
Author :
Bhardwaj, Chandrika
Author_Institution :
Dept. of Comput. Sci. & Eng., Indian Inst. of Technol., Delhi, Delhi, India
Abstract :
This paper argues that the security and integrity requirements of mHealth systems are best addressed by end-to-end information flow control (IFC). The paper extends proposals of decentralized IFC to a distributed smartphone-based mHealth system, identifying the basic threat model and the necessary trusted computing base. We show how the framework proposed can be integrated into an existing communication stack between a phalanx of sensors and an Android smartphone. The central idea of the framework involves systematically and automatically labelling data and metadata collected during medical encounters with security and integrity tags. These mechanisms provided can then be used for enforcing a wide variety of complex information flow control policies in diverse applications. The chief novelty over existing DIFC approaches is that users are relieved of having to create tags for each class of data and metadata that is collected in the system, thus making it user-friendly and scalable.
Keywords :
Android (operating system); data integrity; human computer interaction; medical information systems; mobile computing; security of data; Android smart phone; communication stack; complex information flow control policies; data class; data labelling; decentralized IFC; distributed smart phone-based m-Health system; end-to-end information flow control; integrity tags; m-health system integrity requirements; m-health system security requirements; medical encounters; meta data collection; scalable system; security tags; sensor phalanx; systematic information flow control; threat model; trusted computing base; user-friendly system;
Conference_Titel :
Communication Systems and Networks (COMSNETS), 2015 7th International Conference on
Conference_Location :
Bangalore
DOI :
10.1109/COMSNETS.2015.7098736
