ASSET - Adaptive Security for Smart Internet of Things in eHealth
Emerging technologies for the Internet of Things (IoT) have the potential to provide many benefits to improve eHealth where the Things include smart phones, tablets, sensors, sensor nodes, and actuator nodes. The IoTs successful deployment depends on ensuring security and privacy, which need to adapt to their processing capabilities and resource use.
The primary goal of the ASSET project is to research and develop risk-based adaptive security methods and mechanisms for IoT in eHealth using game theory and context-awareness that increase security to an appropriate level. The security methods and mechanisms will adapt to dynamic changing conditions of IoT, including usability, threats, and diversity/heterogeneity.
The secondary goal is to increase understanding of, and thus ability to develop, interoperable techniques and algorithms which will predict and measure the risk of damages and future benefits and adapt their decisions upon those predictions.
ASSET's case study will lead to the design of adaptive strategies for the dynamic interplay between security and data transmission in a mobile patient monitoring system. This will use information of link quality, data transmission rate, and processing capabilities of sensor nodes and smart phones. The security adaptation will take into account the latency, energy consumption and reliability as quality of service (QoS) metrics.
- Build models for estimating and predicting risks and benefits using game theory and context awareness
- Build methodology for security measurement and metrics for validating the effectiveness of the adaptation based on best practice
- Prototype the adaptive methods for authentication and access control for IoT and use them in a simulated eHealth patient monitoring scenario in Oslo University Hospital
- Build light-weight abilities in smart things that will allow them to detect in real-time unknown security and privacy threats, respond to them, and adapt to the environment and changing degree of security and privacy breaches.
The ASSET project is financed by The Research Council of Norway in the VERDIKT (Core Competence and Value Creation in ICT) program
Benefit to society
Through development of adaptive and context-aware security for the next generation of IoTs, the project will enable health organizations both in public and private sector to design and implement context-aware security and privacy protection and thus adaptive to patients’ needs. This will improve end user’s confidence in service providers. The project builds risk-based adaptive security models that dynamically detect in real-time unknown security and privacy threats, respond to them, and adapt to the environment and changing degree of security and privacy breaches. This will allow health organizations to securely and adaptively track objects and people (staff and patients), identify and authenticate people, patient mobility, and automatic sensing and collection of real time patient health data which will reduce the delay for treatment of critical patients thereby enhancing traditional medical services.
Project results (preliminary)
Popular presentations and press
- Kan vi stole på Sensorlegen?
- SENSORER I HELSEVESENET Skal gjøre helsevesenet tryggere
- Kan vi stole på sensorlegen?
- 1 PhD Research Fellowship at NR (Norwegian Computing Center)
- 1 PhD Research Fellowship at GUC (Gjøvik University College)
- 2 Master's Students at NR (Norwegian Computing Center)
Dissemination and networking activities
- 3rd International Workshop on on Monitoring and Measurability of Software and Network Security held in conjunction with The 10th European Conference on Software Architecture (ECSA 2016), September 5-9, 2016, Istanbul, Turkey
- 2nd International Workshop on Measurability of Security in Software Architectures held in conjunction with The 8th European Conference on Software Architecture (ECSA 2014), August 25, 2014, in Vienna, Austria
- Call For Papers: Special Issue on Adaptive Security for IoTof International Journal of Pervasive computing and Communications (IJPCC)
- International Workshop on Adaptive Security & Privacy management for the Internet of Things (ASPI 2013) in conjunction with UbiComp 2013, September 8-12, 2013, in Zurich, Switzerland
- Workshop on Security Tools and Techniques for Internet of Things (SeTTIT) 2013 in conjunction with 8th International Conference on Body Area Networks, September 30–October 2, 2013 Boston, Massachusetts, United States
- Security of Cloud Communications and Networking in IEEE ICC 2012 Industry Forums
- International Workshop on,Networking Implantable Medical Devices - NIMD 2012
- Computing and the cloud - 23rd February
- Workshop on “Security Tools and Techniques for Internet of Things” - 24th September 2012 Co-located with the BodyNets conference