Metrics-driven security objective decomposition for an E-health application with adaptive security management

Reijo Savola, Habtamu Abie

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    26 Citations (Scopus)

    Abstract

    Emerging E-health applications utilizing IoT (Internet of Things) solutions should be sufficiently secure and robust. Adaptive security management techniques enable maintenance of sufficient security level during changing context, threats and usage scenarios. Systematic adaptive security management is based on security metrics. We analyze security objective decomposition strategies for an IoT E-health application. These strategies enable development of meaningful security metrics. Adaptive security solutions need security metrics to be able to adapt the relevant security parameters according to contextual and threat changes, which are typical for patient-centric IoT solutions used in various environments. In order to achieve this we have developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of IoT security solutions.
    Original languageEnglish
    Title of host publicationASPI '13 Proceedings of the International Workshop on Adaptive Security
    Place of PublicationNew York
    PublisherAssociation for Computing Machinery ACM
    ISBN (Print)978-1-4503-2543-1
    DOIs
    Publication statusPublished - 2013
    MoE publication typeA4 Article in a conference publication
    EventInternational Workshop on Adaptive Security, ASPI 2013 - Zurich, Switzerland
    Duration: 8 Sept 201312 Sept 2013

    Workshop

    WorkshopInternational Workshop on Adaptive Security, ASPI 2013
    Abbreviated titleASPI 2013
    Country/TerritorySwitzerland
    CityZurich
    Period8/09/1312/09/13

    Keywords

    • adaptive security
    • e-health
    • game theory
    • IoT
    • security metrics

    Fingerprint

    Dive into the research topics of 'Metrics-driven security objective decomposition for an E-health application with adaptive security management'. Together they form a unique fingerprint.

    Cite this