Smarter Healthcare? How Challenging Can It Be?

This essay provides a summary and a review of the main ideas discussed in the following article: S. Alromaihi, W. Elmedany and C. Balakrishna, “Cyber Security Challenges of Deploying IoT in Smart Cities for Healthcare Applications,” 2018 6th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), Barcelona, Spain, 2018, pp. 140–145, doi: 10.1109/W-FiCloud.2018.00028.

The use of Internet of Things (IoT) technologies proved to be effective in supporting advancements in traffic control, waste management and environment monitoring, as part of the initiative of building “smart cities”. We learned to gather and process information from many sources and analyze it in a way that says something about an area of interest related to a city. Moreover, we managed to focus on the wellbeing of its residents by creating applications that monitor different aspects related to an individual’s health, such as glucose monitors, heart rate trackers or mobility assistance. With access to numerous confidential information as well as limitations around memory and computation power, these healthcare IoT applications make an important target for cyberattacks and challenge developers to find ways to mitigate them before causing any problems.

But first, let’s see where these issues may technically come from. Structured in 4 layers — perceptual, network, support and application, the applications incorporating IoT are susceptible to attacks at any part of its architectural design. The layer that consists of sensors extracting real world data from the environment may be accessible to unwanted “visitors” because of their not-very-complex authentication algorithms or their physical exposure to the public. The transmission of data between pre-established points of interest at the network layer creates circumstances for Denial of Service attacks that may come in the form of noise signals, eavesdropping or spoofing. Storing the information collected from the outside world, the support layer provides its equal share of challenges to IoT as unauthorized access to the systems may impact the privacy of the patients’ data. Last, but certainly not least, the application layer may suffer from several security issues, including code injection attacks that will affect the way the information is processed by the specific device and result in misinformation on the health condition of the individual.

With these cyber threads in mind, we will go over three examples of healthcare applications that may be put in perspective how impactful any of the previously mentioned attacks would be in our lives. Mass-casualty incident monitoring is one of the implementations of smart healthcare that makes triage protocols and decisions from first responders more efficient as the scalability of IoT systems provides a great advantage over traditional approaches to these situations in hospitals. Aging monitoring counts on real-time information gathered from the patient’s environment through embedded sensors in order to assess their mental and physical status that may be changing due to age. Mobility assistance is the last instance I would like to put up for review in this essay, as it depicts the capacity of these smart devices to help humans make decisions about their movement assisted by canes or wheelchairs.

The list provided above is, undoubtedly, short when thinking about all the applications that have been discovered and implemented to improve our health conditions. Nonetheless, those examples got us thinking about the challenges faced by designers in their pursuit of building systems protected from the threads of the cyber world. How those can be addressed?

As with all elements accessing health data, privacy is the number one concern and the broadcast communication promoted by IoT devices doesn’t make things any easier. Tracking of location, listening to the communications and the unwanted permission to visualize the information are all valid worries that are currently addressed through very rigorous specifications and policies to allow or deny access to certain resources. In addition to these regulations, tech-heavy tricks such as attenuating signals outside premises (resulting in many packages to be lost for the eavesdropper) or randomly delaying messages to hide the actual time of the event, may be used to mitigate this issue.

Security in terms of the attacks described earlier in the essay comes as a challenge as well. Redundancy, immediate recovery and adaptability to new types of algorithms that breach the system are significant attributes to an IoT device that has to face disruptions from malicious attacks while still providing qualitative and continuous treatment to the person they are attached to.

With cryptographic keys representing one of the most important actors in systems based on sensors, key establishment becomes a central element in ensuring that the IoT application that is used will accomplish the goals it was designed for. All the key distribution protocols that were proposed over time were centered around the need to balance security, scalability and resource efficiency.

In conclusion, healthcare has witnessed fascinating advancements thanks to the capacity of technology to make interaction between devices so efficient and natural. Smarter health systems impacted the status of people all over the world, but also put them face to face with the reality that their health condition depends on privacy, cyber security and other issues. Looking forward in our intent to integrate these IoT technologies more seamlessly in our daily activities, the article at hand emphasized the importance of treating a system as a whole rather than focusing on individual components, as this perspective will reveal a lot about its security posture. Also, it is crucial to develop a stronger collaboration between governing bodies and health-related institutions, that should result in more specific solutions to challenges imposed by IoT applications. As always, further research and new developments will create the perfect space to understand all these threats better and learn to mitigate them in a way that keeps the amazing accomplishments brought by these technologies alive.