Abstract
The tsunami of Internet-of-Things and mobile applications for healthcare is giving hackers an easy way to burrow deeper into our lives as never before. In this paper we argue that this security disaster is mainly due to a lack of consideration by the healthcare IT industry in security and privacy issues. By means of a representative healthcare mobile app, we analyse the main vulnerabilities that eHealth applications should deal with in order to protect user data and related privacy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
OWASP: Authentication Cheat Sheet, May 2015. https://www.owasp.org/index.php/Authentication_Cheat_Sheet
Charles proxy, May 2015. https://www.charlesproxy.com/
Conti, M., Dragoni, N., Lesyk, V.: A survey of man in the middle attacks. IEEE Commun. Surv. Tutorials (2016). doi:10.1109/COMST.2016.2548426
Cross-site Scripting (XSS), May 2015. https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)
Description of the Server Authentication Process During the SSL Handshake, May 2015. https://support.microsoft.com/en-us/kb/257587
Gemalto: First Half Review 2015, May 2015. http://www.gemalto.com/brochures-site/download-site/Documents/Gemalto_H1_2015_BLI_Report.pdf
Jaensson, M., et al.: The development of the recovery assessments by phone points (RAPP): a mobile phone app for postoperative recovery monitoring and assessment. JMIR mHealth uHealth 3(3), e86 (2015)
To, H.: Protect Forms Authentication in ASP.NET 2.0, May 2015. https://msdn.microsoft.com/en-us/library/ff648341.aspx
HTML5 Security Cheat Sheet, May 2015. https://www.owasp.org/index.php/HTML5_Security_Cheat_Sheet
HTTPS protocol, May 2015. https://en.wikipedia.org/wiki/HTTPS
Password strength, May 2015. https://www.grc.com/haystack.htm
PKI (Public Key Infrastructure), May 2015. http://searchsecurity.techtarget.com/definition/PKI
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Goyal, R., Dragoni, N. (2016). Why Hackers Love eHealth Applications. In: Ahmed, M., Begum, S., Raad, W. (eds) Internet of Things Technologies for HealthCare. HealthyIoT 2016. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 187. Springer, Cham. https://doi.org/10.1007/978-3-319-51234-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-51234-1_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-51233-4
Online ISBN: 978-3-319-51234-1
eBook Packages: Computer ScienceComputer Science (R0)