A policy enforcement framework for Internet of Things applications in the smart health

Smart Health

Volumn 3-4, Issue , 2017, Pages 39-74

  Sicari, S ^a   Rizzardi, A ^a   Grieco, L A ^b   Piro, G ^b   Coen Porisini, A ^a  

^a UNIVERSITY OF INSUBRIA   (Italy)

^b POLITECNICO DI BARI   (Italy)

Author keywords

Internet of Things; Policy enforcement; Security; Smart health

Indexed keywords

ARTICLE; COMPUTER LANGUAGE; COMPUTER SECURITY; DATA PROCESSING; HEALTH CARE SYSTEM; HEALTH SERVICE; HUMAN; INFORMATION PROCESSING; INFORMATION TECHNOLOGY; INTERNET OF THINGS; SMART HEALTH CARE SYSTEM;

EID: 85042006841     PISSN: None     EISSN: 23526483     Source Type: Journal    
DOI: 10.1016/j.smhl.2017.06.001     Document Type: Article

References (45)

1. Altolini, D., Lakkundi, V., Bui, N., Tapparello, C., Rossi, M. (2013). Low power link layer security for IoT: Implementation and performance analysis. In Proceedings of International Wireless Communications and Mobile Computing Conference (IWCMC), pp. 919–925.
2. Anwar, M., Imran, A. (2015). Access control for multi-tenancy in cloud-based health information systems. In Proceedings of IEEE International Conference on Cyber Security and Cloud Computing, pp. 104–110.
3. Ashraf, Q.M., Habaebi, M.H., Autonomic schemes for threat mitigation in internet of things. Journal of Network and Computer Applications 49:0 (2015), 112–127.
4. Atzori, L., Iera, A., Morabito, G., The internet of things: A survey. Comput Network 54:15 (2010), 2787–2805.
5. Babar, S., Stango, A., Prasad, N., Sen, J., Prasad, R. (2011). Proposed embedded security framework for internet of things (iot). In Proceedings of the 2nd International Conference on Wireless Communication, Vehicular Technology, Information Theory and Aerospace and Electronic Systems Technology, Wireless VITAE 2011, Chennai, India, pp. 1 – 5.
6. Bandyopadhyay, S., Sengupta, M., Maiti, S., Dutta, S. (2011). A survey of middleware for internet of things. In In Proceedings of the Third International Conferences, WiMo 2011 and CoNeCo 2011, Ankara, Turkey, pp. 288–296.
7. Barbagallo, D., Cappiello, C., Coen-Porisini, A., Colombo, P., Comerio, M., Paoli, F.D., Francalanci, C., Sicari, S. (2012). Towards the definition of a framework for service development in the agrofood domain: A conceptual model. In WEBIST 2012, Porto, Portugal.
8. Barua, M., Liang, X., Lu, R., Shen, X. (2011). Peace: An efficient and secure patient-centric access control scheme for ehealth care system. In Proceedings of IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 970–975.
9. Boswarthick, D., Elloumi, O., Hersent, O., M2M communications: A systems approach. 1st Edition, 2012, Wiley Publishing, New York, USA.
10. Catarinucci, L., de Donno, D., Mainetti, L., Palano, L., Patrono, L., Stefanizzi, M.L., Tarricone, L., An iot-aware architecture for smart healthcare systems. IEEE Internet of Things Journal 2:6 (2015), 515–526.
11. Chaqfeh, M.A., Mohamed, N. (2012). Challenges in middleware solutions for the internet of things. In 2012 International Conference on Collaboration Technologies and Systems (CTS), Denver, CO, pp. 21–26.
12. Coen Porisini, A., Colombo, P., Sicari, S. (2011). Privacy aware systems: from models to patterns. igi global Edition.
13. Dell'Amico, M., Serme, M.S.I.G., de Oliveira, A.S., Roudier, Y. (2013). Hipolds: A hierarchical security policy language for distributed systems. Information Security Technical Report 17 (3) pp. 81–92.
14. El-Aziz, A.A.A., Kannan, A. (2012). Access control for healthcare data using extended xacml-srbac model. In Proceedings of International Conference on Computer Communication and Informatics, pp. 1–4.
15. Emmerson, B., M2M: The Internet of 50 billion devices. Huawei Win-Win Magazine Journal 4 (2010), 19–22.
16. Ferraiolo, D., Atluri, V. and Gavrila, S. (2011). The policy machine: A novel architecture and framework for access control policy specification and enforcement. Journal of Systems Architecture 57 (4) pp. 412–424.
17. Goyal, V., Pandey, O., Sahai, A., Waters, B. (2006). Attribute-based encryption for fine-grained access control of encrypted data. In Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98.
18. Hersent, O., Boswarthick, D., Elloumi, O., The internet of things: Key applications and protocols. 2nd Edition, 2012, Wiley Publishing, New York, USA.
19. Islam, S.M.R., Kwak, D., Kabir, M.H., Hossain, M., Kwak, K.S., The internet of things for health care: A comprehensive survey. IEEE Access 3 (2015), 678–708, 10.1109/ACCESS.2015.2437951.
20. Khan, M.F.F., Sakamura, K. (2015). Fine-grained access control to medical records in digital healthcare enterprises. In Proceedings of International Symposium on Networks, Computers and Communications (ISNCC), pp. 1–6.
21. Laplante, P.A., Laplante, N., The internet of things in healthcare: Potential applications and challenges. IT Professional 18:3 (2016), 2–4.
22. Miorandi, D., Sicari, S., De Pellegrini, F., Chlamtac, I., Survey internet of things: Vision, applications and research challenges. Ad Hoc Network 10:7 (2012), 1497–1516.
23. Neisse, R., Steri, G., Baldini, G. (2014). Enforcement of security policy rules for the internet of things. In Proceedings of IEEE WiMob, Larnaca, Cyprus, pp. 120–127.
24. Ni, Q., Trombetta, A., Bertino, E., Lobo, J. (2007). Privacy-aware role based access control. In Proceedings of the 12th ACM Symposium on Access Control Models and Technologies, ACM, New York, USA.
25. Palattella, M., Accettura, N., Vilajosana, X., Watteyne, T., Grieco, L., Boggia, G., Dohler, M., Standardized protocol stack for the internet of (important) things. IEEE Communications Surveys Tutorials 15:3 (2013), 1389–1406.
26. Premarathne, U., Abuadbba, A., Alabdulatif, A., Khalil, I., Tari, Z., Zomaya, A., Buyya, R., Hybrid cryptographic access control for cloud-based ehr systems. IEEE Cloud Computing 3:4 (2016), 58–64.
27. Pussewalage, H.S.G., Oleshchuk, V.A. (2016). An attribute based access control scheme for secure sharing of electronic health records. In Proceedings of IEEE International Conference on e-Health Networking, Applications and Services (Healthcom), pp. 1–6. http://dx.doi.org/10.1109/HealthCom.2016.7749516.
28. Rao, J., Sardinha, A., Sadeh, N., A meta-control architecture for orchestrating policy enforcement across heterogeneous information sources. Web Semantics: Science, Services and Agents on the World Wide Web 7:1 (2009), 40–56.
29. Roman, R., Zhou, J., Lopez, J., On the features and challenges of security and privacy in distributed internet of things. Computer Networks 57:10 (2013), 2266–2279.
30. Sicari, S., Grieco, L.A., Boggia, G., Coen-Porsini, A., Dydap: A dynamic data aggregation scheme for privacy aware wireless sensor networks. Journal of Systems and Software 88:1 (2012), 152–166.
31. Sicari, S., Rizzardi, A., Grieco, L.A., Coen-Porisini, A., Security, privacy and trust in internet of things: The road ahead. Computer Networks 76 (2015), 146–164.
32. Sicari, S., Rizzardi, A., Miorandi, D., Cappiello, C., Coen-Porisini, A., A secure and quality-aware prototypical architecture for the Internet of Things. Information Systems 58 (2016), 43–55.
33. Sicari, S., Rizzardi, A., Miorandi, D., Cappiello, C., Coen-Porisini, A., Security policy enforcement for networked smart objects. Computer Networks 108 (2016), 133–147.
34. Sicari, S., Coen-Porisini, A., Riggio, R. (2013). Dare: evaluating data accuracy using node reputation, Elsevier Computer Networks 57, (15), pp. 3098–3111.
35. Sicari, S., Grieco, L., Rizzardi, A., Boggia, G., Coen-Porisini, A. (2013). SETA: A secure sharing of tasks in clustered wireless sensor networks. In Proceedings of the 9th IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob 2013, Lyon, France, pp. 239–246.
36. Sicari, S., Hailes, S., Turgut, D., Sharaffedine, S., Desai, D.U. (2013). Privacy and Trust Management in the Internet of Things era- SePriT, 11th Edition, Special Issue of Ad Hoc networks, Elsevier.
37. Sicari, S., Rizzardi, A., Coen-Porisini, A., Cappiello, C. (2014). A NFP model for internet of things applications. In Proceedings of the 10th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), IEEE, Larnaca, Cyprus, pp. 265–272.
38. Sicari, S., Rizzardi, A., Coen-Porisini, A., Grieco, L.A., Monteil, T. (2015). Secure om2m service platform. In Proceedings of IEEE International Conference on Autonomic Computing (ICAC), pp. 313–318.
39. Ullah, K., Shah, M.A., Zhang, S. (2016). Effective ways to use Internet of Things in the field of medical and smart health care. In Proceedings of IEEE International Conference on Intelligent Systems Engineering (ICISE), pp. 372–379.
40. Ulltveit-Moe, N., Oleshchuk, V., Decision-cache based XACML authorisation and anonymisation for XML documents. Computer Standards Interfaces 34:6 (2012), 527–534.
41. Weber, R.H., Internet of things - new security and privacy challenges. Computer Law Security Review 26:1 (2010), 23–30.
42. Wu, Z., Wang, L., An innovative simulation environment for cross-domain policy enforcement. Simulation Modelling Practice and Theory 19:7 (2011), 1558–1583.
43. Xu, B., Xu, L.D., Cai, H., Xie, C., Hu, J., Bu, F., Ubiquitous data accessing method in iot-based information system for emergency medical services. IEEE Transactions on Industrial Informatics 10:2 (2014), 1578–1586.
44. Yan, Z., Zhang, P., Vasilakos, A.V., A survey on trust management for internet of things. Journal of Network and Computer Applications 42:0 (2014), 120–134.
45. YIN, Y., Zeng, Y., Chen, X., Fan, Y., The internet of things in healthcare: An overview. Journal of Industrial Information Integration 1 (2016), 3–13.