Risk-driven security metrics development for an e-health IoT application

Reijo M. Savola, Pekka Savolainen, Antti Evesti, Habtamu Abie, Markus Sihvonen

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    12 Citations (Scopus)

    Abstract

    Security and privacy for e-health Internet-of-Things applications is a challenge arising due to the novelty and openness of the solutions. We analyze the security risks of an envisioned e-health application for elderly persons' day-to-day support and chronic disease self-care, from the perspectives of the service provider and end-user. In addition, we propose initial heuristics for security objective decomposition aimed at security metrics definition. Systematically defined and managed security metrics enable higher effectiveness of security controls, enabling informed risk-driven security decision-making.
    Original languageEnglish
    Title of host publicationInformation Security for South Africa (ISSA), 2015
    PublisherIEEE Institute of Electrical and Electronic Engineers
    Pages1 - 6
    ISBN (Electronic)978-1-4799-7755-0, 978-1-4799-7754-3
    DOIs
    Publication statusPublished - 23 Nov 2015
    MoE publication typeA4 Article in a conference publication
    Event14th International Information Security South Africa Conference, ISSA 2015 - Johannesburg, South Africa
    Duration: 12 Aug 201514 Aug 2015
    Conference number: 14

    Conference

    Conference14th International Information Security South Africa Conference, ISSA 2015
    Abbreviated titleISSA 2015
    CountrySouth Africa
    CityJohannesburg
    Period12/08/1514/08/15

    Keywords

    • android
    • risk analysis
    • security effectiveness
    • security metrics

    Fingerprint Dive into the research topics of 'Risk-driven security metrics development for an e-health IoT application'. Together they form a unique fingerprint.

  • Cite this

    Savola, R. M., Savolainen, P., Evesti, A., Abie, H., & Sihvonen, M. (2015). Risk-driven security metrics development for an e-health IoT application. In Information Security for South Africa (ISSA), 2015 (pp. 1 - 6). IEEE Institute of Electrical and Electronic Engineers. https://doi.org/10.1109/ISSA.2015.7335061