Metrics-driven security objective decomposition for an E-health application with adaptive security management

Reijo Savola, Habtamu Abie

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

18 Citations (Scopus)

Abstract

Emerging E-health applications utilizing IoT (Internet of Things) solutions should be sufficiently secure and robust. Adaptive security management techniques enable maintenance of sufficient security level during changing context, threats and usage scenarios. Systematic adaptive security management is based on security metrics. We analyze security objective decomposition strategies for an IoT E-health application. These strategies enable development of meaningful security metrics. Adaptive security solutions need security metrics to be able to adapt the relevant security parameters according to contextual and threat changes, which are typical for patient-centric IoT solutions used in various environments. In order to achieve this we have developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of IoT security solutions.
Original languageEnglish
Title of host publicationASPI '13 Proceedings of the International Workshop on Adaptive Security
Place of PublicationNew York
PublisherAssociation for Computing Machinery ACM
ISBN (Print)978-1-4503-2543-1
DOIs
Publication statusPublished - 2013
MoE publication typeA4 Article in a conference publication
EventInternational Workshop on Adaptive Security, ASPI 2013 - Zurich, Switzerland
Duration: 8 Sep 201312 Sep 2013

Workshop

WorkshopInternational Workshop on Adaptive Security, ASPI 2013
Abbreviated titleASPI 2013
CountrySwitzerland
CityZurich
Period8/09/1312/09/13

Fingerprint

Health
Decomposition
Internet of things

Keywords

  • adaptive security
  • e-health
  • game theory
  • IoT
  • security metrics

Cite this

Savola, R., & Abie, H. (2013). Metrics-driven security objective decomposition for an E-health application with adaptive security management. In ASPI '13 Proceedings of the International Workshop on Adaptive Security [6] New York: Association for Computing Machinery ACM. https://doi.org/10.1145/2523501.2523507
Savola, Reijo ; Abie, Habtamu. / Metrics-driven security objective decomposition for an E-health application with adaptive security management. ASPI '13 Proceedings of the International Workshop on Adaptive Security. New York : Association for Computing Machinery ACM, 2013.
@inproceedings{bb24db0587e04d89bf8725c381bf4a19,
title = "Metrics-driven security objective decomposition for an E-health application with adaptive security management",
abstract = "Emerging E-health applications utilizing IoT (Internet of Things) solutions should be sufficiently secure and robust. Adaptive security management techniques enable maintenance of sufficient security level during changing context, threats and usage scenarios. Systematic adaptive security management is based on security metrics. We analyze security objective decomposition strategies for an IoT E-health application. These strategies enable development of meaningful security metrics. Adaptive security solutions need security metrics to be able to adapt the relevant security parameters according to contextual and threat changes, which are typical for patient-centric IoT solutions used in various environments. In order to achieve this we have developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of IoT security solutions.",
keywords = "adaptive security, e-health, game theory, IoT, security metrics",
author = "Reijo Savola and Habtamu Abie",
note = "CA2: TK813 SDA: ICT",
year = "2013",
doi = "10.1145/2523501.2523507",
language = "English",
isbn = "978-1-4503-2543-1",
booktitle = "ASPI '13 Proceedings of the International Workshop on Adaptive Security",
publisher = "Association for Computing Machinery ACM",
address = "United States",

}

Savola, R & Abie, H 2013, Metrics-driven security objective decomposition for an E-health application with adaptive security management. in ASPI '13 Proceedings of the International Workshop on Adaptive Security., 6, Association for Computing Machinery ACM, New York, International Workshop on Adaptive Security, ASPI 2013, Zurich, Switzerland, 8/09/13. https://doi.org/10.1145/2523501.2523507

Metrics-driven security objective decomposition for an E-health application with adaptive security management. / Savola, Reijo; Abie, Habtamu.

ASPI '13 Proceedings of the International Workshop on Adaptive Security. New York : Association for Computing Machinery ACM, 2013. 6.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - Metrics-driven security objective decomposition for an E-health application with adaptive security management

AU - Savola, Reijo

AU - Abie, Habtamu

N1 - CA2: TK813 SDA: ICT

PY - 2013

Y1 - 2013

N2 - Emerging E-health applications utilizing IoT (Internet of Things) solutions should be sufficiently secure and robust. Adaptive security management techniques enable maintenance of sufficient security level during changing context, threats and usage scenarios. Systematic adaptive security management is based on security metrics. We analyze security objective decomposition strategies for an IoT E-health application. These strategies enable development of meaningful security metrics. Adaptive security solutions need security metrics to be able to adapt the relevant security parameters according to contextual and threat changes, which are typical for patient-centric IoT solutions used in various environments. In order to achieve this we have developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of IoT security solutions.

AB - Emerging E-health applications utilizing IoT (Internet of Things) solutions should be sufficiently secure and robust. Adaptive security management techniques enable maintenance of sufficient security level during changing context, threats and usage scenarios. Systematic adaptive security management is based on security metrics. We analyze security objective decomposition strategies for an IoT E-health application. These strategies enable development of meaningful security metrics. Adaptive security solutions need security metrics to be able to adapt the relevant security parameters according to contextual and threat changes, which are typical for patient-centric IoT solutions used in various environments. In order to achieve this we have developed a context-aware Markov game theoretic model for security metrics risk impact assessment to measurably evaluate and validate the run-time adaptivity of IoT security solutions.

KW - adaptive security

KW - e-health

KW - game theory

KW - IoT

KW - security metrics

U2 - 10.1145/2523501.2523507

DO - 10.1145/2523501.2523507

M3 - Conference article in proceedings

SN - 978-1-4503-2543-1

BT - ASPI '13 Proceedings of the International Workshop on Adaptive Security

PB - Association for Computing Machinery ACM

CY - New York

ER -

Savola R, Abie H. Metrics-driven security objective decomposition for an E-health application with adaptive security management. In ASPI '13 Proceedings of the International Workshop on Adaptive Security. New York: Association for Computing Machinery ACM. 2013. 6 https://doi.org/10.1145/2523501.2523507