scholarly journals Firewall Best Practices for Securing Smart Healthcare Environment: A Review

2021 ◽  
Vol 11 (19) ◽  
pp. 9183
Author(s):  
Raja Waseem Anwar ◽  
Tariq Abdullah ◽  
Flavio Pastore

Smart healthcare environments are growing at a rapid pace due to the services and benefits offered to healthcare practitioners and to patients. At the same time, smart healthcare environments are becoming increasingly complex environments where a plethora of devices are linked with each other, to deliver services to patients, and they require special security measures to protect the privacy and integrity of user data. Moreover, these environments are exposed to various kinds of security risks, threats, and attacks. Firewalls are considered as the first line of defense for securing smart healthcare networks and addressing the challenges mentioned above. Firewalls are applied at different levels in networks, and range from conventional server-based to cloud-based firewalls. However, the selection and implementation of a proper firewall to get the maximum benefit is a challenging task. Therefore, understanding firewall types, the services offered, and analyzing underlying vulnerabilities are important design considerations that need addressing before implementing a firewall in a smart healthcare environment. The paper provides a comprehensive review and best practices of firewall types, with offered benefits and drawbacks, which may help to define a comprehensive set of policies for smart healthcare devices and environments.

2019 ◽  
Vol 17 (1/2) ◽  
pp. 191-197 ◽  
Author(s):  
Andrew Boyles Petersen

In the past year, transportation rental companies, including Bird, Lime, and Spin, have dropped hundreds of thousands of rental scooters across North America. Relying on mobile apps and scooter-mounted GPS units, these devices have access to a wide-variety of consumer data, including location, phone number, phone metadata, and more. Pairing corroborated phone and scooter GPS data with a last-mile transportation business model, scooter companies are able to collect a unique, highly identifying dataset on users. Data collected by these companies can be utilized by internal researchers or sold to advertisers and data brokers. Access to so much consumer data, however, poses serious security risks. ­Although Bird, Lime, and Spin posit electric scooters as environmentally friendly and accessible transportation, they also allow for unethical uses of user data through vaguely-worded terms of service. To promote more equitable transportation practices, this article will explore the implications of dockless scooter geotracking, as well as related infrastructure, privacy, and data security ramifications.


Author(s):  
Narander Kumar ◽  
Jitendra Kumar Samriya

Background: Cloud computing is a service that is being accelerating its growth in the field of information technology in recent years. Privacy and security are challenging issues for cloud users and providers. Obective: This work aims at ensuring secured validation of user and protects data during transmission for users in a public IoT-cloud environment. Existing security measures however fails by their single level of security, adaptability for large amount of data and reliability. Therefore, to overcome these issues and to achieve a better solution for vulnerable data. Method: The suggested method utilizes a secure transmission in cloud using key policy attribute based encryption (KPABE). Initially, user authentication is verified. Then the user data is encrypted with the help of KP-ABE algorithm. Finally, data validation and privacy preservation are done by Burrows-Abadi-Needham (BAN) logic. This verified, and shows that the proposed encryption is correct, secure and efficient to prevent unauthorized access and prevention of data leakage so that less chances of data/identity, theft of a user is the analysis and performed by KP-ABE, that is access control approach. Results: Here the method attains the maximum of 88.35% of validation accuracy with a minimum 8.78ms encryption time, which is better when, compared to the existing methods. The proposed mechanism is done by MATLAB. The performance of the implemented method is calculated based on the time of encryption and decryption, execution time and validation accuracy. Conclusion: Thus the proposed approach attains the high IoT-cloud data security and increases the speed for validation and transmission with high accuracy and used for cyber data science processing.


Author(s):  
Robert F. Mills ◽  
Gilbert L. Peterson ◽  
Michael R. Grimaila

The purpose of this chapter is to introduce the insider threat and discuss methods for preventing, detecting, and responding to the threat. Trusted insiders present one of the most significant risks to an organization. They possess elevated privileges when compared to external users, have knowledge about technical and non-technical control measures, and potentially can bypass security measures designed to prevent, detect, or react to unauthorized access. In this chapter, we define the insider threat and summarize various case studies of insider attacks in order to highlight the severity of the problem. We then discuss best practices for preventing, detecting, and mitigating insider attacks, to include application of risk management principles specific to the insider threat. Finally, we provide a survey of ongoing research into detecting irregular activities that are potentially harmful to an organization.


Sensors ◽  
2020 ◽  
Vol 20 (17) ◽  
pp. 4806
Author(s):  
Naor Kalbo ◽  
Yisroel Mirsky ◽  
Asaf Shabtai ◽  
Yuval Elovici

Over the last decade, video surveillance systems have become a part of the Internet of Things (IoT). These IP-based surveillance systems now protect industrial facilities, railways, gas stations, and even one’s own home. Unfortunately, like other IoT systems, there are inherent security risks which can lead to significant violations of a user’s privacy. In this review, we explore the attack surface of modern surveillance systems and enumerate the various ways they can be compromised with real examples. We also identify the threat agents, their attack goals, attack vectors, and the resulting consequences of successful attacks. Finally, we present current countermeasures and best practices and discuss the threat horizon. The purpose of this review is to provide researchers and engineers with a better understanding of a modern surveillance systems’ security, to harden existing systems and develop improved security solutions.


2014 ◽  
Vol 2 (3-4) ◽  
pp. 79-90 ◽  
Author(s):  
Roy F. Chemaly ◽  
Sarah Simmons ◽  
Charles Dale ◽  
Shashank S. Ghantoji ◽  
Maria Rodriguez ◽  
...  

In recent years the storage of cloud platform was increased a lot. Large set of personal and business data can be stored and accessed at anywhere at any time. Data’s are stored in a secured manner using various secured and optimized algorithms. Over this data theft and modifications are done in a highly manner. Therefore this creates a various security risks and data theft problems in cloud. There is need of security technique to overcome this problem. A proposed technique called cloud data centre technique is a new model for securing data from different attacks and security risks. This technique incorporate the FEBER and CUSCUM algorithms, which will monitor the user activity and then identify the legitimacy and prevent from any unauthorized user access. This data center technique can be used to detect and avoid data theft attacks by malicious insiders. The anonymous and miss use of data also prevented in a very good manner while compared to other techniques


2014 ◽  
Vol 12 (10) ◽  
pp. 3990-3996
Author(s):  
Amritesh Kumar Sharma ◽  
Arun Kumar Singh ◽  
Pankaj P. Singh

New technologies have always created new areas of concern for information security teams. Usually it provides time for the development of effective security controls. The rapid growth of the smartphone in market and the use of these devices for so many sensitive data have led to the emergence of security threat. A malicious user or malware on a device can create a number of risks for an organization, and so the fact that these devices are not necessarily connected does not translate to a lack of security risks. This paper will discuss why it is important to secure an Android device, what some of the potential vulnerabilities are, and security measures that can be introduced to provide a baseline of security of data on Google’s mobile OS


Author(s):  
Haider Ali Khan ◽  
Raed Abdulla ◽  
Sathish Kumar Selvaperumal ◽  
Ammar Bathich

Internet of things (IoT) makes it attainable for connecting different various smart objects together with the internet. The evolutionary medical model towards medicine can be boosted by IoT with involving sensors such as environmental sensors inside the internal environment of a small room with a specific purpose of monitoring of person's health with a kind of assistance which can be remotely controlled. RF identification (RFID) technology is smart enough to provide personal healthcare providing part of the IoT physical layer through low-cost sensors. Recently researchers have shown more IoT applications in the health service department using RFID technology which also increases real-time data collection. IoT platform which is used in the following research is Blynk and RFID technology for the user's better health analyses and security purposes by developing a two-level secured platform to store the acquired data in the database using RFID and Steganography. Steganography technique is used to make the user data more secure than ever. There were certain privacy concerns which are resolved using this technique. Smart healthcare medical box is designed using SolidWorks health measuring sensors that have been used in the prototype to analyze real-time data.


Author(s):  
Martin Hromada ◽  
David Rehak ◽  
Neil Walker

In general, energy infrastructure is a basic but very complex system of elements, interconnections, functional inputs and outputs, which creates the need to break down subsystems, systems, and infrastructure areas. The aim of this chapter is therefore to discuss the possible implementation of approaches to risk assessment and risk management in relation to the application of technical security measures. This chapter of the book will therefore discuss risk analysis methods where the transition from general approaches to risk analysis, through risk identification methods and procedures and the assessment of major industrial and technological risks, to specific risk analysis methodologies for electricity infrastructures, will be presented. An important part of the chapter is also the introduction of practical approaches and methodologies that are accepted as “best practices” in connection with ensuring the technical security of electricity infrastructures.


Author(s):  
Xuan Tung Truong

The usage of small drones/UAVs is becoming increasingly important in recent years. Consequently, there is a rising potential of small drones being misused for illegal activities such as terrorism, smuggling of drugs, etc. posing high-security risks. Hence, tracking and surveillance of drones are essential to prevent security breaches. This paper resolves the problem of detecting small drones in surveillance videos using deep learning algorithms. Single Shot Detector (SSD) object detection algorithm and MobileNet-v2 architecture as the backbone were used for our experiments. The pre-trained model was re-trained on custom drone synthetic dataset by using transfer learning’s fine-tune technique. The results of detecting drone in our experiments were around 90.8%. The combination of drone detection, Dlib correlation tracking algorithm and centroid tracking algorithm effectively detects and tracks the small drone in various complex environments as well as is able to handle multiple target appearances.


Sign in / Sign up

Export Citation Format

Share Document