A security framework for mHealth apps on Android platform
Android (operating system); Data privacy; Energy utilization; Health risks; mHealth; Android platforms; Android securities; Effectiveness and efficiencies; Experimental evaluation; Mobile applications development; Mobile Health (M-Health); Mobile operating systems; Security; Mobile security
Saved in:
Main Authors: | , , , , , , |
---|---|
Other Authors: | |
Format: | Article |
Published: |
Elsevier Ltd
2023
|
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Universiti Tenaga Nasional |
id |
my.uniten.dspace-23814 |
---|---|
record_format |
dspace |
spelling |
my.uniten.dspace-238142023-05-29T14:52:04Z A security framework for mHealth apps on Android platform Hussain M. Al-Haiqi A. Zaidan A.A. Zaidan B.B. Kiah M. Iqbal S. Iqbal S. Abdulnabi M. 57189372503 55886475800 35070838500 35070872100 24833455600 56719159400 18437324500 56453314400 Android (operating system); Data privacy; Energy utilization; Health risks; mHealth; Android platforms; Android securities; Effectiveness and efficiencies; Experimental evaluation; Mobile applications development; Mobile Health (M-Health); Mobile operating systems; Security; Mobile security Mobile Health (mHealth) applications are readily accessible to the average users of mobile devices, and despite the potential of mHealth applications to improve the availability, affordability and effectiveness of delivering healthcare services, they handle sensitive medical data, and as such, have also the potential to carry substantial risks to the security and privacy of their users. Developers of applications are usually unknown, and users are unaware of how their data are being managed and used. This is combined with the emergence of new threats due to the deficiency in mobile applications development or the design ambiguities of the current mobile operating systems. A number of mobile operating systems are available in the market, but the Android platform has gained the topmost popularity. However, Android security model is short of completely ensuring the privacy and security of users� data, including the data of mHealth applications. Despite the security mechanisms provided by Android such as permissions and sandboxing, mHealth applications are still plagued by serious privacy and security issues. These security issues need to be addressed in order to improve the acceptance of mHealth applications among users and the efficacy of mHealth applications in the healthcare systems. The focus of this research is on the security of mHealth applications, and the main objective is to propose a coherent, practical and efficient framework to improve the security of medical data associated with Android mHealth applications, as well as to protect the privacy of their users. The proposed framework provides its intended protection mainly through a set of security checks and policies that ensure protection against traditional as well as recently published threats to mHealth applications. The design of the framework comprises two layers: a Security Module Layer (SML) that implements the security-check modules, and a System Interface Layer (SIL) that interfaces SML to the Android OS. SML enforces security and privacy policies at different levels of Android platform through SIL. The proposed framework is validated via a prototypic implementation on actual Android devices to show its practicality and evaluate its performance. The framework is evaluated in terms of effectiveness and efficiency. Effectiveness is evaluated by demonstrating the performance of the framework against a selected set of attacks, while efficiency is evaluated by comparing the performance overhead in terms of energy consumption, memory and CPU utilization, with the performance of a mainline, stock version of Android. Results of the experimental evaluations showed that the proposed framework can successfully protect mHealth applications against a wide range of attacks with negligible overhead, so it is both effective and practical. � 2018 Elsevier Ltd Final 2023-05-29T06:52:03Z 2023-05-29T06:52:03Z 2018 Article 10.1016/j.cose.2018.02.003 2-s2.0-85044595076 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85044595076&doi=10.1016%2fj.cose.2018.02.003&partnerID=40&md5=31f09d63a47ac6fd605419dd96e87555 https://irepository.uniten.edu.my/handle/123456789/23814 75 191 217 Elsevier Ltd Scopus |
institution |
Universiti Tenaga Nasional |
building |
UNITEN Library |
collection |
Institutional Repository |
continent |
Asia |
country |
Malaysia |
content_provider |
Universiti Tenaga Nasional |
content_source |
UNITEN Institutional Repository |
url_provider |
http://dspace.uniten.edu.my/ |
description |
Android (operating system); Data privacy; Energy utilization; Health risks; mHealth; Android platforms; Android securities; Effectiveness and efficiencies; Experimental evaluation; Mobile applications development; Mobile Health (M-Health); Mobile operating systems; Security; Mobile security |
author2 |
57189372503 |
author_facet |
57189372503 Hussain M. Al-Haiqi A. Zaidan A.A. Zaidan B.B. Kiah M. Iqbal S. Iqbal S. Abdulnabi M. |
format |
Article |
author |
Hussain M. Al-Haiqi A. Zaidan A.A. Zaidan B.B. Kiah M. Iqbal S. Iqbal S. Abdulnabi M. |
spellingShingle |
Hussain M. Al-Haiqi A. Zaidan A.A. Zaidan B.B. Kiah M. Iqbal S. Iqbal S. Abdulnabi M. A security framework for mHealth apps on Android platform |
author_sort |
Hussain M. |
title |
A security framework for mHealth apps on Android platform |
title_short |
A security framework for mHealth apps on Android platform |
title_full |
A security framework for mHealth apps on Android platform |
title_fullStr |
A security framework for mHealth apps on Android platform |
title_full_unstemmed |
A security framework for mHealth apps on Android platform |
title_sort |
security framework for mhealth apps on android platform |
publisher |
Elsevier Ltd |
publishDate |
2023 |
_version_ |
1806423497403006976 |