Threat Modeling for Mobile Health Systems - Prof. Dr. Norbert Pohlmann
Threat Modeling for Mobile Health Systems
M. Cagnazzo, M. Hertlein, T. Holz, N. Pohlmann:,
Mobile Health (mHealth) is on the rise and it is likely to reduce costs and improve the quality of healthcare. It tightly intersects with the Internet of (IoT) and comes with special challenges in terms of interoperability and security. This paper focuses on security challenges and offers a mitigation solution especially with a focus on authentication and encryption for resource constrained devices. It identifies assets in a prototyped mHealth ecosystem and classifies threats with the STRIDE methodology. Furthermore the paper identifies associated risk levels using DREAD and outlines possible mitigation strategies to provide a reasonable trustworthy environment.
Advances in mobile health (mHealth), respectively IoT-Health, are likely to reduce costs and improve the quality of healthcare. Especially with the paradigm shift from inpatient care towards ambulant and home care, mobile and ubiquitous technologies are an inevitable step. The shift is due toincreasing cost pressure, ageing society and shortage of skilled professionals. Mobile health applications can i-crease access to healthcare, encourage self-management and maintain treatment. Internet of Things (IoT) devices are used within healthcare systems and form mHealth environments.Wearables with various sensors, for example gyroscopic-, heart rate- or bioimpedance sensors are often deployed in the Body Area Network (BAN) of the patient. These devices come with a lot of challenges in terms of interoperability and security which need to be considered and treated seriously. ENISA identifies ”asset and configuration managementas a relevant technical measure” to prevent attacks. Furthermore, this paper addresses a key recommendati on from because it conducts risk and vulnerability assessmentfor a mHealth architecture which is deployed in a clinicalcontext. This paper discusses most recent related work in chapter II. Afterwards it introduces current developments and background knowledge for mHealth in chapter III-A and threat modeling in chapter III-B. After this we model the threats and define assets in chapter IV. We use a STRIDE-based approach to model threats. To assess the associated risks for specific threats we use the DREAD model. At the end of the paper possible mitigation strategies are discussed in chapter V and conclusions are drawn in chapter VI.