Threats and Risk on Using Digital Technologies for Remote Health Care Process
Authors: 
Pankaj Khatiwada, M Ali Fauzi, Bian Yang, Prosper Yeng, Jia-Chun Lin, and Luyi SunAuthors Info & Claims
Pankaj Khatiwada, M Ali Fauzi, Bian Yang, Prosper Yeng, Jia-Chun Lin, and Luyi SunAuthors Info & ClaimsOctober 2023
Pages 506 - 522
Abstract
This paper provides a comprehensive exploration of the threats and risk associated with the use of digital technology for remote healthcare. Through our "DigiRemote" research project, we aim to find out the challenges and risks involved in scaling remote health care, with specific focus on its technical and security dimensions. The article delves into the use of digital technologies, including Bluetooth-enabled IoMT devices, for monitoring health metrics in remote care settings. Emphasis is placed on understanding the threats in the generation, storage, and transfer of health data. By, utilizing the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege) model, we identified major threats, which are visually represented via heatmaps and bar graphs for ease of analysis. The DREAD (Damage, Reproducibility, Exploitability, Affected Users, and Discoverability) model assists in quantifying these threats, categorizing them into distinct risk levels, with detailed description of each threat category. In addition, we also suggest countermeasures for the highest-risk threats. This article serves as a pivotal resource for healthcare organizations and security professionals, shedding light on the risks of remote healthcare and providing mitigation strategies for both the implementation and post-implementation stages.
References
[1]
Mohamed Abomhara, Martin Gerdes, and Geir M Køien. 2015. A stride-based threat model for telehealth systems. Norsk informasjonssikkerhetskonferanse (NISK) 8, 1 (2015), 82–96.
[2]
James Barlow, Jane Hendy, and Theopisti Chrysanthaki. 2012. Scaling-up remote care in the United Kingdom: Lessons from a decade of policy intervention. In Essential Lessons for the Success of Telehomecare. Ios Press, 223–236.
[3]
Ishan Budhiraja, Sudhanshu Tyagi, Sudeep Tanwar, Neeraj Kumar, and Joel JPC Rodrigues. 2019. DIYA: Tactile internet driven delay assessment NOMA-based scheme for D2D communication. IEEE Transactions on Industrial Informatics 15, 12 (2019), 6354–6366.
[4]
Matteo Cagnazzo, Markus Hertlein, Thorsten Holz, and Norbert Pohlmann. 2018. Threat modeling for mobile health systems. In 2018 IEEE Wireless Communications and Networking Conference Workshops (WCNCW). IEEE, 314–319.
[5]
MESUT Çiçek. 2015. Wearable technologies and its future applications. International Journal of Electrical, Electronics and Data Communication 3, 4 (2015), 45–50.
[6]
Microsoft Corporation. [n. d.]. Threats - Microsoft Threat Modeling Tool - Azure — learn.microsoft.com. https://learn.microsoft.com/en-us/azure/security/develop/threat-modeling-tool-threats. [Accessed 13-10-2023].
[7]
Martin R Cowie and Carolyn SP Lam. 2021. Remote monitoring and digital health tools in CVD management. Nature Reviews Cardiology 18, 7 (2021), 457–458.
[8]
Integrated Measuring Devices.[n. d.]. Integrated Measuring Devices.https://dignio.com/no/page/devicer/. [Accessed 13-10-2023].
[9]
Ruby Dwivedi, Divya Mehrotra, and Shaleen Chandra. 2022. Potential of Internet of Medical Things (IoMT) applications in building a smart healthcare system: A systematic review. Journal of oral biology and craniofacial research 12, 2 (2022), 302–318.
[10]
Mohamed Elhoseny, Navod Neranjan Thilakarathne, Mohammed I Alghamdi, Rakesh Kumar Mahendran, Akber Abid Gardezi, Hesiri Weerasinghe, and Anuradhi Welhenge. 2021. Security and privacy issues in medical internet of things: overview, countermeasures, challenges and future directions. Sustainability 13, 21 (2021), 11645.
[11]
Bernard Fong, Alvis Cheuk Min Fong, and Chi Kwong Li. 2011. Telemedicine technologies: Information technologies in medicine and telehealth. John Wiley & Sons.
[12]
Shafiq Hussain, Asif Kamal, Shabir Ahmad, Ghulam Rasool, and Sajid Iqbal. 2014. Threat modelling methodologies: a survey. Sci. Int.(Lahore) 26, 4 (2014), 1607–1609.
[13]
Pankaj Khatiwada and Bian Yang. 2022. An Overview on Security and Privacy of Data in IoMT Devices: Performance Metrics, Merits, Demerits, and Challenges. pHealth 2022 (2022), 126–136.
[14]
Hong Li, Torbjørg Træland Meum, and Miria Grisot. 2023. Introducing Digital Technologies for Remote Care in Norway and China: The DigiRemote Project. Procedia Computer Science 219 (2023), 1478–1484.
[15]
Mikaëla Ngamboé, Paul Berthier, Nader Ammari, Katia Dyrda, and José M Fernandez. 2021. Risk assessment of cyber-attacks on telemetry-enabled cardiac implantable electronic devices (CIED). International Journal of Information Security 20 (2021), 621–645.
[16]
Brian Ondiege, Malcolm Clarke, and Glenford Mapp. 2017. Exploring a new security framework for remote patient monitoring devices. Computers 6, 1 (2017), 11.
[17]
Valérie Paris, Luke Slawomirski, Allison Colbert, N Delaunay, and J Oderkirk. 2017. New health technologies managing access, value and sustainability. New Heal Technol (2017), 19–44.
[18]
Nataliya Shevchenko, Timothy A Chick, Paige O’Riordan, Thomas P Scanlon, and Carol Woody. 2018. Threat modeling: a summary of available methods. Technical Report. Carnegie Mellon University Software Engineering Institute Pittsburgh United ….
[19]
Adam Shostack. 2014. Threat modeling: Designing for security. John Wiley & Sons.
[20]
Emma E Thomas, Monica L Taylor, Annie Banbury, Centaine L Snoswell, Helen M Haydon, Victor M Gallegos Rejas, Anthony C Smith, and Liam J Caffery. 2021. Factors influencing the effectiveness of remote patient monitoring interventions: a realist review. BMJ open 11, 8 (2021), e051844.
[21]
Tzu Wei Tseng, Chia Tung Wu, and Feipei Lai. 2019. Threat analysis for wearable health devices and environment monitoring internet of things integration system. IEEE Access 7 (2019), 144983–144994.
[22]
Ashok Vegesna, Melody Tran, Michele Angelaccio, and Steve Arcona. 2017. Remote patient monitoring via non-invasive digital technologies: a systematic review. Telemedicine and e-Health 23, 1 (2017), 3–17.
Index Terms
- Threats and Risk on Using Digital Technologies for Remote Health Care Process
Recommendations
Towards a Realistic Risk Assessment Methodology for Insider Threats of Information Misuse
FIT '14: Proceedings of the 2014 12th International Conference on Frontiers of Information TechnologyThe problem of insider threats is not new to organizations and research community. Organization cannot afford any kinds of attacks on their confidential information and resources either from insiders or out-siders. The damage done by insiders is more ...
An Enhanced Threat Identification Approach for Collusion Threats
METRISEC '11: Proceedings of the 2011 Third International Workshop on Security Measurements and MetricsColluding threat agents are a serious and difficult problem to deal with in any organization. Collusion is possible at any level and with any entity inside or outside the organization. Traditional methods cannot effectively deal with legitimate users ...
Assessing vulnerability exploitability risk using software properties
Attacks on computer systems are now attracting increased attention. While the current trends in software vulnerability discovery indicate that the number of newly discovered vulnerabilities continues to be significant, the time between the public ...
Comments
Information & Contributors
Information
Published In
October 2023
722 pages
Copyright © 2023 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 27 December 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
SIET 2023
SIET 2023: International Conference on Sustainable Information Engineering and Technology
October 24 - 25, 2023
Badung, Bali, Indonesia
Acceptance Rates
Overall Acceptance Rate 45 of 57 submissions, 79%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 266Total Downloads
- Downloads (Last 12 months)266
- Downloads (Last 6 weeks)43
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatGet Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in