Conceptual framework for the security of mobile health applications on Android platform

被引:68
作者
Hussain, Muzammil [1 ]
Zaidan, A. A. [2 ]
Zidan, B. B. [2 ]
Iqbal, S. [1 ]
Ahmed, M. M. [3 ]
Albahri, O. S. [2 ]
Albahri, A. S. [2 ]
机构
[1] Univ Management & Technol, Sch Syst & Technol, Dept Comp Sci, Lahore, Pakistan
[2] Univ Pendidikan Sultan Idris, Fac Arts Comp & Creat Ind, Dept Comp, Tanjong Malim, Perak, Malaysia
[3] CUST, Dept Comp Sci, Islamabad, Pakistan
来源
TELEMATICS AND INFORMATICS | 2018年 / 35卷 / 05期
关键词
POLICY ENFORCEMENT; TELEMEDICINE; MALWARE; METHODOLOGY; FEATURES; PRIVACY; RECORDS; USAGE;
D O I
10.1016/j.tele.2018.03.005
中图分类号
G25 [图书馆学、图书馆事业]; G35 [情报学、情报工作];
学科分类号
1205 ; 120501 ;
摘要
Mobile Health (mHealth) applications are readily accessible to the average user of mobile devices, and despite the potential of mHealth applications to improve the availability, affordability and effectiveness of delivering healthcare services, they handle sensitive medical data, and as such, have also the potential to carry substantial risks to the security and privacy of their users. Developers of applications are usually unknown, and users are unaware of how their data are being managed and used. This is combined with the emergence of new threats due to the deficiency in mobile applications development or the design ambiguities of the current mobile operating systems. A number of mobile operating systems are available in the market, but the Android platform has gained the topmost popularity. However, Android security model is short of completely ensuring the privacy and security of users' data, including the data of mHealth applications. Despite the security mechanisms provided by Android such as permissions and sandboxing, mHealth applications are still plagued by serious privacy and security issues. These security issues need to be addressed in order to improve the acceptance of mHealth applications among users and the efficacy of mHealth applications in the healthcare systems. Thus, this paper presents a conceptual framework to improve the security of medical data associated with Android mHealth applications, as well as to protect the privacy of their users. Based on the literature review that suggested the need for the intended security framework, three-distinct and successive phases are presented, each of which is described in a separate section. First, discussed the design process of the first phase to develop a security framework for mHealth apps to ensure the security and privacy of sensitive medical data. The second phase is discussed who to achieve the implementation of a prototypic proof-of-concept version of the framework. Finally, the third phase ending discussed the evaluation process in terms of effectiveness and efficiency for the proposed framework.
引用
收藏
页码:1335 / 1354
页数:20
相关论文
共 164 条
[1]  
Aafer Y, 2013, L N INST COMP SCI SO, V127, P86
[2]   A New Sensors-Based Covert Channel on Android [J].
Al-Haiqi, Ahmed ;
Ismail, Mahamod ;
Nordin, Rosdiadee .
SCIENTIFIC WORLD JOURNAL, 2014,
[3]   Meeting the Security Requirements of Electronic Medical Records in the ERA of High-Speed Computing [J].
Alanazi, H. O. ;
Zaidan, A. A. ;
Zaidan, B. B. ;
Kiah, M. L. Mat ;
Al-Bakri, S. H. .
JOURNAL OF MEDICAL SYSTEMS, 2015, 39 (01)
[4]  
Alanazi HO, 2010, J MED PLANTS RES, V4, P2059
[5]  
Albano P., 2011, 2011 International Conference on Broadband, Wireless Computing, Communication and Applications, P380, DOI 10.1109/BWCCA.2011.62
[6]  
Anokwa Yaw., 2012, Proceedings of the Fifth International Conference on Information and Communication Technologies and Development, ICTD '12, P13, DOI [DOI 10.1145/2160673, DOI 10.1145/2160673.2160676]
[7]  
[Anonymous], 2014, Vienna University of Technology
[8]  
[Anonymous], 2012, INT C DET INTR MALW
[9]  
[Anonymous], 2013, Proceedings of the 22Nd USENIX Conference on Security, SEC'13
[10]  
[Anonymous], 2012, INT C DETECTION INTR
12345678910