Vulnerability assessment as a service for fog-centric ICT ecosystems: A healthcare use case

  • Yannis NikoloudakisEmail author
  • Evangelos Pallis
  • George Mastorakis
  • Constandinos X. Mavromoustakis
  • Charalabos Skianis
  • Evangelos K. Markakis
Part of the following topical collections:
  1. Special issue on Fog Computing for Healthcare


Modern ICT ecosystems such as healthcare environments (hospitals, care-centers etc.), operate in different abstraction layers (cloud, fog, extreme-edge) and comprise large numbers of network entities such as terminals, devices, sensors or even specialized appliances (virtual or physical). It is common in such environments, that several network entities with intermittent connectivity, join and leave the network in an unstructured and unsupervised manner (Wi-Fi access-points, BYOD policies, IoT, etc.). Such devices of frivolous nature, or even trusted devices/terminals, are prone to security vulnerabilities, since they are operated by regular, non-expert users who are not aware of any security aspects whatsoever. To effectively manage and proactively protect such large, complex and multilayered networks, dedicated personnel (system administrators, security specialists etc.) must be employed and specialized appliances must be deployed. On the other hand, modern cyber-warfare has become even more elaborate and insightful. Thus, ICT infrastructures must continuously evolve and adapt to the everchanging cyber-threats, which is a rather cumbersome and expensive task to accomplish. Towards addressing the above-mentioned issues, this paper proposes a cross-layered system, which leverages the Software Defined Networking (SDN) paradigm and the distributed Fog architecture, for network slicing and task offloading to provide dynamic, security-aware Vulnerability-Assessment as a service for large ICT infrastructures. The presented system provides seamless assessment for all existing and newly introduced network entities against all known security vulnerabilities, certifies them through a Common Vulnerability Scoring System (CVSS), classifies them according to the cyber-threat they introduce, and finally assigns them to a connectivity-appropriate VLAN. The presented system was preliminarily evaluated under a controlled-conditions simulation environment.


Cloud Fog Vulnerability-Assessment Healthcare 



  1. 1.
    Andreassen HK , Bujnowska-Fedak MM , Chronaki CE, Dumitru RC, Pudule I, Santana S, Voss H, Wynn R (2007) European citizens’ use of E-health services: a study of seven countries. BMC Public Health 7(1):53CrossRefGoogle Scholar
  2. 2.
    Pope J (2016) Ransomware: minimizing the risks. Innovations in Clinical Neuroscience 13(11-12):37–40Google Scholar
  3. 3.
    Stine I, Rice M, Dunlap S, John P (2017) A cyber risk scoring system for medical devices. International Journal of Critical Infrastructure Protection 19:32–46CrossRefGoogle Scholar
  4. 4.
    Nist (2018) Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1. Technical report, National institute of standards and technology, GaithersburgGoogle Scholar
  5. 5.
    Cao C, Yuan L-P, Singhal A, Liu P, Sun X, Zhu S (2018) Assessing attack impact on business processes by interconnecting attack graphs and entity dependency graphs. In: Data and applications security and privacy XXXII, Springer, Cham, pp 330–348Google Scholar
  6. 6.
    ET, Richard Y, Seth D (2017) Barrier free internet access: evaluating the cyber security risk posed by the adoption of bring your own devices to e-learning network infrastructure. Int J Comput Appl 176(3):53–62Google Scholar
  7. 7.
    Ficco M, Choraś M, Kozik R (2017) Simulation platform for cyber-security and vulnerability analysis of critical infrastructures. J Comput Sci 22:179–186CrossRefGoogle Scholar
  8. 8.
    Furfaro A, Argento L, Parise A, Antonio P (2017) Using virtual environments for the assessment of cybersecurity issues in IoT scenarios. Simul Model Pract Theory 73:43–54CrossRefGoogle Scholar
  9. 9.
    Vilalta R, Ciungu R, Mayoral A, Casellas R, Martinez R, Pubill D, Serra J, Munoz R, Christos V (2016) Improving security in internet of things with software defined networking. In: IEEE global communications conference (GLOBECOM), IEEE, pp 1–6Google Scholar
  10. 10.
    Markakis EK, Karras K, Sideris A, Alexiou G, Pallis E (2017) Computing, caching, and communication at the edge: the cornerstone for building a versatile 5G ecosystem. IEEE Commun Mag 55(11):152–157CrossRefGoogle Scholar
  11. 11.
    Stuart J (2011) Engineering Information Security. John Wiley, HobokenGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Information & Communication Systems EngineeringUniversity of the AegeanKarlovasiGreece
  2. 2.Department of Computer ScienceUniversity of NicosiaNicosiaCyprus
  3. 3.Technological Educational Institute of CreteIraklionGreece

Personalised recommendations