Security and Privacy Issues in Remote Healthcare Systems Using Wireless Body Area Networks

  • R. Nidhya
  • S. Karthik
Part of the EAI/Springer Innovations in Communication and Computing book series (EAISICC)


In recent years, the advancement in wireless sensor networks which has led to body area networks (BAN) has become an emergent research technology. A BAN allows for remote health monitoring of patients. Patient monitoring is possible by deploying the low-power sensor nodes on human body as implant or an external wearable gadget. A huge amount of health data generated during the treatment process has been maintained as electronic healthcare record (EHCR) systems. To enhance the service provided by healthcare sectors, EHCRs could be possibly shared to a variability of users. This process has significant privacy and security issues related to its use in daily life. A large body of research is ongoing to derive standards and solutions to solve the aforementioned problems, by far generating meager solutions. In this chapter, a systematic literature review is conducted on the security and privacy issues of EHCR systems.


Body area network Body sensor network QoS Health monitoring Electronic healthcare records (EHCR) Privacy Security 


  1. 1.
    M. Barua et al., An efficient and secure patient-centric access control scheme for eHealth care system in computer communications workshops, in International IEEE Conference (2011)Google Scholar
  2. 2.
    J.L. Fernández-Alemán et al., Security and privacy in electronic health records: a systematic literature review. J. Biomed. Inform., 541–562 (2013)CrossRefGoogle Scholar
  3. 3.
    K. Zhang, X.S. Shen, Security and Privacy for Mobile Healthcare Networks (Springer, Berlin, 2015)CrossRefGoogle Scholar
  4. 4.
    S.S. Shinde, D. Patil, Review on security and privacy for mobile healthcare networks: from a quality of protection perspective. Int. J. Eng. Res. 3, 6 (2015)Google Scholar
  5. 5.
    S. Om, M. Talib, Wireless ad-hoc network under black-hole attack. Int. J. Digital Inform. Wireless Commun. 2011, 591–596 (2011)Google Scholar
  6. 6.
    K. Habib, A. Torjusen, W. Leister, Security analysis of a patient monitoring system for the Internet of Things in eHealth, in Proceedings of the International Conference on eHealth, Telemedicine, and Social Medicine (2015)Google Scholar
  7. 7.
    S. Saleem, S. Ullah, K.S. Kwak, A study of IEEE 802.15.4 security framework for wireless body area networks. J. Sens., 1383–1395 (2011)CrossRefGoogle Scholar
  8. 8.
    K. Chelli, Security issues in wireless sensor networks: attacks and counter measures, in Proceedings of the World Congress on Engineering (2015)Google Scholar
  9. 9.
    P. Kumar, H.J. Lee, Security issues in healthcare applications using wireless medical sensor networks: a survey. J. Sens., 55–91 (2011)CrossRefGoogle Scholar
  10. 10.
    S. Salee, S. Ullah, H.S. Yoo, On the security issues in wireless body area networks. JDCTA 3, 178–184 (2009)Google Scholar
  11. 11.
    R. Ramli, N. Zakaria, P. Sumari, Privacy issues in pervasive healthcare monitoring system: a review. World Acad Sci Eng Technol 4, 741–747 (2010)Google Scholar
  12. 12.
    J. Partala et al., Security threats against the transmission chain of a medical health monitoring system in e-Health Networking, Applications & Services, in 15th IEEE International Conference (2013)Google Scholar
  13. 13.
    P. Niksaz, M. Branch, Wireless body area networks: attacks and countermeasures. Int. J. Sci. Eng. Res. 6(9), 556–568 (2015)Google Scholar
  14. 14.
    T.H. Bonab, M. Masdari, Security attacks in wireless body area networks: challenges and issues, Academic royale des sciences d outre-mer bulletin des seances, pp. 100–107 (2015)Google Scholar
  15. 15.
    C. Santos-Pereira et al., A secure RBAC mobile agent access control model for healthcare institutions, in Proceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems (2013)Google Scholar
  16. 16.
    R. Zhan, L. Liu, Security models and requirements for healthcare application clouds, in IEEE 3rd International Conference on Cloud Computing (2010)Google Scholar
  17. 17.
    G. Drosatos et al., Towards privacy by design in personal e-Health systems (2016)Google Scholar
  18. 18.
    N. Fatema, R. Brad, Security requirements, counter attacks and projects in healthcare applications using WSNs—a review. arXiv 1406, 1795 (2014)Google Scholar
  19. 19.
    K. Wellington, Cyber-attacks on medical devices and hospital networks: legal gaps and regulatory solutions. Santa Clara High Tech. L. J. 139 (2013)Google Scholar
  20. 20.
    S. Yu et al., Achieving secure, scalable, and fine-grained data access control in cloud computing, in INFOCOM, Proceedings IEEE (2010)Google Scholar
  21. 21.
    K. Zhang et al., Security and privacy for mobile healthcare networks: from a quality of protection perspective. IEEE Wirel. Commun., 104–112 (2015)CrossRefGoogle Scholar
  22. 22.
    K. Zhang et al., Sybil attacks and their defences in the internet of things. IEEE Internet Things J 1, 372–383 (2014)CrossRefGoogle Scholar
  23. 23.
    J. Wang et al., A research on security and privacy issues for patient related data in medical organization system. Int. J. Secur. Appl., 287–298 (2013)Google Scholar
  24. 24.
    L. Sun, H. Wang: A purpose based usage access control model for e-healthcare services, in International Conference on Data and Knowledge Engineering (ICDKE) (2011)Google Scholar
  25. 25.
    A. Altamimi, Sec FHIR: a security specification model for fast healthcare interoperability resources. Int. J. Adv. Comput. Sci. Appl. 7, 350–355 (2016)Google Scholar
  26. 26.
    T. Sahama, L. Simpson, B. Lane: Security and privacy in eHealth: is it possible? In e-Health networking, applications & services, in IEEE 15th International Conference (2013), pp. 249–253Google Scholar
  27. 27.
    N. Leyla, W. Mac Caull, A Personalized Access Control Framework for Workflow-Based Health Care Information. International Conference on Business Process Management (Springer, Berlin, 2011), pp. 273–284Google Scholar
  28. 28.
    A. Boonyarattaphan, A. Bai, S. Chung, A security framework for e-health service authentication and e-health data transmission, in 9th International Symposium IEEE on Communications and Information Technology (2009)Google Scholar
  29. 29.
    O. Garcia-Morchon, W. Wehrle, Efficient and context-aware access control for pervasive medical sensor networks, in 8th IEEE International Conference Pervasive Computing and Communications Workshops (PERCOM Workshops) (2010)Google Scholar
  30. 30.
    S. Amini et al., Toward a security model for a body sensor platform, in IEEE International Conference on Consumer Electronics (ICCE), (2011)Google Scholar
  31. 31.
    H.A. Maw, H. Xiao, B. Christianson, An adaptive access control model for medical data in wireless sensor networks. IEEE 15th International Conference on e-Health Networking, Applications & Services (Healthcom) (2013)Google Scholar
  32. 32.
    T. Linciya, K. Anandkumar, Enhanced three tier security architecture for WSN against mobile sink replication attacks using mutual authentication scheme. Int. J. Wireless Mobile Netw. 5, 81 (2013)CrossRefGoogle Scholar
  33. 33.
    A. Rasheed, R.N. Mahapatra, The three-tier security scheme in wireless sensor networks with mobile sinks, in IEEE Transactions on Parallel and Distributed Systems (2012), pp. 958–965CrossRefGoogle Scholar
  34. 34.
    S.N. Ramli et al., A biometric-based security for data authentication in wireless body area network (WBAN), in IEEE 15th International Conference on Advanced Communication Technology (ICACT) (2013)Google Scholar
  35. 35.
    K. Mu, L. Li, An efficient pair wise key pre distribution scheme for wireless sensor networks. J. Networks, 277–282 (2014)Google Scholar
  36. 36.
    A. Lehab, A.L. Rassan, N. Khan, Secure and energy efficient key management scheme for WBAN-A hybrid approach. Int. J. Comput. Sci. Netw. Secur. 11(6), 169–172 (2011)Google Scholar
  37. 37.
    M. Mohammed, F. Mohammed, A.B. Boucif, Trust key management scheme for wireless body area networks. J. Netw. Secur. 12(2), 75–83 (2011)Google Scholar
  38. 38.
    N. Kahani, K. Elgazzar, J.R. Cordy, Authentication and access control in e-Health systems in the cloudGoogle Scholar
  39. 39.
    Z. Guan, T. Yang, X. Du, Achieving secure and efficient data access control for cloud-integrated body sensor networks. Int. J. Distribut. Sens. Netw. 2015, 142 (2015)Google Scholar
  40. 40.
    M.A. Simplicio et al., Secure health: a delay-tolerant security framework for mobile health data collection. IEEE J. Biomed. Health Inform. 19, 761–772 (2015)CrossRefGoogle Scholar
  41. 41.
    D. Singelée, B. Latré, B. Braem, M. Peeters, M. De Soete, P. De Cleyn, B. Preneel, I. Moerman, C. Blondia, A secure cross-layer protocol for multi-hop wireless body area networks. J. Ad-hoc Mobile Wireless Netw. 2008, 94–107 (2008)Google Scholar
  42. 42.
    S.S. Iyengar, D. Aijan, P. Vamsi, R. Kannan, Data integrity protocol for sensor networks. Int. J. Distribut. Sens. Netw. 1(2), 205–214 (2005)CrossRefGoogle Scholar
  43. 43.
    K.R.R. Syed Muhammad et al., BARIT: a biometric based distributed key management approach for wireless body area networks. J. Sens. 10(4), 3911–3933 (2010)Google Scholar
  44. 44.
    V. Raghav, D. Saurabh, R. Shalini, S. Srinivas, A security suite for wireless body area networks. arXiv:1202.2171 4, 97 (2012)Google Scholar
  45. 45.
    W. Steve et al., Interoperability and security in wireless body area network infrastructures, in 27th Annual International Conference of Engineering in Medicine and Biology Society (2005), pp. 3837–3840Google Scholar
  46. 46.
    M.K.R.R. Syed, L. Young-Koo, H. Lee, S. Lee, BARI: a distributed key management approach for wireless body area networks. Int. Conf. Comput. Intell. Secur. 2, 324–329 (2009)Google Scholar
  47. 47.
    B. Mriimioy et al.: Secure and quality of service assurance scheduling scheme for wban with application to ehealth, in IEEE Conference on Wireless Communications and Networking (2011), pp. 1102–1106Google Scholar
  48. 48.
    L. Guo et al., Paas: a privacy-preserving attribute-based authentication system for ehealth networks, in International Conference of Distributed Computing Systems (ICDCS) (2012)Google Scholar
  49. 49.
    R. Gajanayake, R. Iannella, T. Sahama, Privacy oriented access control for electronic health records. J. Health Informat. 8, 15 (2014)Google Scholar
  50. 50.
    M. Barua, R. Lu, X. Shen, SPS: secure personal health information sharing with patient-centric access control in cloud computing, in IEEE Global Communications Conference (2013)Google Scholar
  51. 51.
    M.R. Kumar, M.D. Fathima, M. Mahendran, Personal health data storage protection on cloud using MA-ABE. Int. J. Comput. Appl. 75, 11–16 (2013)Google Scholar
  52. 52.
    H. Zhu et al., SPEMR: a new secure personal electronic medical record scheme with privilege separation, in IEEE International Conference on Communications Workshops (ICC) (2014)Google Scholar
  53. 53.
    V. Sunagar, C. Biradar, Securing Public Health Records in Cloud Computing Patient Centric and Fine Grained Data Access Control in Multi Owner Settings (2014)Google Scholar
  54. 54.
    W. Liu et al., Auditing and revocation enabled role-based access control over outsourced private EHRs in high performance computing and communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security (CSS), 2015 IEEE 12th International Conference on Embedded Software and Systems (ICESS) (2015)Google Scholar
  55. 55.
    J. Katz, Y. Lindell, Introduction to modern cryptography (CRC Press, Boca Raton, FL, 2014)zbMATHGoogle Scholar
  56. 56.
    L. Jingwei, S.K. Kyung, Hybrid security mechanisms for wireless body area networks, in 2nd International Conference on Ubiquitous and Future Networks, (2010), pp. 98–103Google Scholar
  57. 57.
    F. Zubaydi et al., Security of mobile health (mHealth) systems, in IEEE 15th International Conference on Bioinformatics and Bioengineering (BIBE) (2015)Google Scholar
  58. 58.
    K.A. Nagaty, Mobile health care on a secured hybrid cloud. Cyber J 4, 1–9 (2014)Google Scholar
  59. 59.
    D. Kotz, A threat taxonomy for mHealth privacy in COMSNETS (2011)Google Scholar
  60. 60.
    S. Mare et al., Adapt-lite: privacy-aware, secure, and efficient mhealth sensing, in Proceedings of the 10th Annual ACM Workshop on Privacy in the Electronic Society (2011)Google Scholar
  61. 61.
    J. Sun et al., Security and privacy for mobile healthcare (m-Health) systems (Elsevier, Amsterdam, 2011)Google Scholar
  62. 62.
    L. Ren-Guey, C. Kuei-Chien, C. Shao-Shan, L. Hsin-Sheng, L. Chien-Chih, W. Ming-Shyan, A backup routing with wireless sensor network for bridge monitoring system. Measurement 40(1), 55–63 (2007)CrossRefGoogle Scholar
  63. 63.
    B. Jinsuk, S. Paul, J. Minho, H.-H. Fisher, A lightweight SCTP for partially reliable overlay video multicast service for mobile terminals. IEEE Trans. Multimedia 12(7), 754–766 (2010)CrossRefGoogle Scholar
  64. 64.
    L. Xiaohui, L. Xu, L. Rongxing, S. Qinghua, L. Xiaodong, Z. Weihua, Exploiting prediction to enable secure and reliable routing in wireless body area networks, in Proceedings of IEEE INFOCOM (2012), pp. 388–396Google Scholar
  65. 65.
    B. Julio et al., Using artificial intelligence in routing schemes for wireless networks. J. Comput. Commun. 30(14), 2802–2811 (2007)Google Scholar
  66. 66.
    Z. Xiuming, H. Song, M. Aloysius, H. Pei-Chi Huang, C. Deji, Mbstar: a real-time communication protocol for wireless body area networks, in 23rd Euro Micro Conferene on Real-Time System (2011), pp. 57–66Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • R. Nidhya
    • 1
  • S. Karthik
    • 2
  1. 1.Madanapalle Institute of Technology and Science (Affiliated to Jawaharlal Nehru Technical University, Anantapuram)AngalluIndia
  2. 2.SNS College of Technology (Affiliated to Anna University, Chennai)CoimbatoreIndia

Personalised recommendations