A security framework for mHealth apps on Android platform

Android (operating system); Data privacy; Energy utilization; Health risks; mHealth; Android platforms; Android securities; Effectiveness and efficiencies; Experimental evaluation; Mobile applications development; Mobile Health (M-Health); Mobile operating systems; Security; Mobile security

Saved in:
Bibliographic Details
Main Authors: Hussain M., Al-Haiqi A., Zaidan A.A., Zaidan B.B., Kiah M., Iqbal S., Abdulnabi M.
Other Authors: 57189372503
Format: Article
Published: Elsevier Ltd 2023
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Tenaga Nasional
id my.uniten.dspace-23814
record_format dspace
spelling my.uniten.dspace-238142023-05-29T14:52:04Z A security framework for mHealth apps on Android platform Hussain M. Al-Haiqi A. Zaidan A.A. Zaidan B.B. Kiah M. Iqbal S. Iqbal S. Abdulnabi M. 57189372503 55886475800 35070838500 35070872100 24833455600 56719159400 18437324500 56453314400 Android (operating system); Data privacy; Energy utilization; Health risks; mHealth; Android platforms; Android securities; Effectiveness and efficiencies; Experimental evaluation; Mobile applications development; Mobile Health (M-Health); Mobile operating systems; Security; Mobile security Mobile Health (mHealth) applications are readily accessible to the average users of mobile devices, and despite the potential of mHealth applications to improve the availability, affordability and effectiveness of delivering healthcare services, they handle sensitive medical data, and as such, have also the potential to carry substantial risks to the security and privacy of their users. Developers of applications are usually unknown, and users are unaware of how their data are being managed and used. This is combined with the emergence of new threats due to the deficiency in mobile applications development or the design ambiguities of the current mobile operating systems. A number of mobile operating systems are available in the market, but the Android platform has gained the topmost popularity. However, Android security model is short of completely ensuring the privacy and security of users� data, including the data of mHealth applications. Despite the security mechanisms provided by Android such as permissions and sandboxing, mHealth applications are still plagued by serious privacy and security issues. These security issues need to be addressed in order to improve the acceptance of mHealth applications among users and the efficacy of mHealth applications in the healthcare systems. The focus of this research is on the security of mHealth applications, and the main objective is to propose a coherent, practical and efficient framework to improve the security of medical data associated with Android mHealth applications, as well as to protect the privacy of their users. The proposed framework provides its intended protection mainly through a set of security checks and policies that ensure protection against traditional as well as recently published threats to mHealth applications. The design of the framework comprises two layers: a Security Module Layer (SML) that implements the security-check modules, and a System Interface Layer (SIL) that interfaces SML to the Android OS. SML enforces security and privacy policies at different levels of Android platform through SIL. The proposed framework is validated via a prototypic implementation on actual Android devices to show its practicality and evaluate its performance. The framework is evaluated in terms of effectiveness and efficiency. Effectiveness is evaluated by demonstrating the performance of the framework against a selected set of attacks, while efficiency is evaluated by comparing the performance overhead in terms of energy consumption, memory and CPU utilization, with the performance of a mainline, stock version of Android. Results of the experimental evaluations showed that the proposed framework can successfully protect mHealth applications against a wide range of attacks with negligible overhead, so it is both effective and practical. � 2018 Elsevier Ltd Final 2023-05-29T06:52:03Z 2023-05-29T06:52:03Z 2018 Article 10.1016/j.cose.2018.02.003 2-s2.0-85044595076 https://www.scopus.com/inward/record.uri?eid=2-s2.0-85044595076&doi=10.1016%2fj.cose.2018.02.003&partnerID=40&md5=31f09d63a47ac6fd605419dd96e87555 https://irepository.uniten.edu.my/handle/123456789/23814 75 191 217 Elsevier Ltd Scopus
institution Universiti Tenaga Nasional
building UNITEN Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Tenaga Nasional
content_source UNITEN Institutional Repository
url_provider http://dspace.uniten.edu.my/
description Android (operating system); Data privacy; Energy utilization; Health risks; mHealth; Android platforms; Android securities; Effectiveness and efficiencies; Experimental evaluation; Mobile applications development; Mobile Health (M-Health); Mobile operating systems; Security; Mobile security
author2 57189372503
author_facet 57189372503
Hussain M.
Al-Haiqi A.
Zaidan A.A.
Zaidan B.B.
Kiah M.
Iqbal S.
Iqbal S.
Abdulnabi M.
format Article
author Hussain M.
Al-Haiqi A.
Zaidan A.A.
Zaidan B.B.
Kiah M.
Iqbal S.
Iqbal S.
Abdulnabi M.
spellingShingle Hussain M.
Al-Haiqi A.
Zaidan A.A.
Zaidan B.B.
Kiah M.
Iqbal S.
Iqbal S.
Abdulnabi M.
A security framework for mHealth apps on Android platform
author_sort Hussain M.
title A security framework for mHealth apps on Android platform
title_short A security framework for mHealth apps on Android platform
title_full A security framework for mHealth apps on Android platform
title_fullStr A security framework for mHealth apps on Android platform
title_full_unstemmed A security framework for mHealth apps on Android platform
title_sort security framework for mhealth apps on android platform
publisher Elsevier Ltd
publishDate 2023
_version_ 1806423497403006976