Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in different application domains. Introducing efficient mechanisms for collecting, processing, and delivering data generated by sensors, medical equipment, wearable devices, and humans, is a key enabling factor for advanced healthcare services. The adoption of IoT in smart health, however, opens the doors to some security concerns. In fact, by considering the confidentiality and sensitivity of medical data, a healthcare system must fulfill advanced access control procedures with strict security and data quality requirements. To this end, a flexible policy enforcement framework, based on the IoT paradigm, is defined hereby. It is able to face security and quality threats in dynamic large scale and heterogeneous smart hearth environments. As a key feature of the proposed framework, cross-domain policies have been defined using a specification language based on XML. In this way, it becomes possible to ease the management of interactions across different realms and policy conflicts. Moreover, to demonstrate the usefulness of the proposed approach, a running example, based on a smart health application, is detailed throughout the manuscript. This helps to highlight the different facets of the conceived enforcement framework. A preliminary performance analysis also demonstrates its feasibility in large scale environments.

A Policy Enforcement Framework for Internet of Things Applications in the Smart Health

SICARI, SABRINA SOPHY;RIZZARDI, ALESSANDRA;COEN PORISINI, ALBERTO
2017-01-01

Abstract

Internet of Things (IoT) is characterized by heterogeneous technologies, which concur to the provisioning of innovative services in different application domains. Introducing efficient mechanisms for collecting, processing, and delivering data generated by sensors, medical equipment, wearable devices, and humans, is a key enabling factor for advanced healthcare services. The adoption of IoT in smart health, however, opens the doors to some security concerns. In fact, by considering the confidentiality and sensitivity of medical data, a healthcare system must fulfill advanced access control procedures with strict security and data quality requirements. To this end, a flexible policy enforcement framework, based on the IoT paradigm, is defined hereby. It is able to face security and quality threats in dynamic large scale and heterogeneous smart hearth environments. As a key feature of the proposed framework, cross-domain policies have been defined using a specification language based on XML. In this way, it becomes possible to ease the management of interactions across different realms and policy conflicts. Moreover, to demonstrate the usefulness of the proposed approach, a running example, based on a smart health application, is detailed throughout the manuscript. This helps to highlight the different facets of the conceived enforcement framework. A preliminary performance analysis also demonstrates its feasibility in large scale environments.
2017
http://www.sciencedirect.com/science/article/pii/S2352648316300435
Internet of Things, Smart Health, Security, Policy Enforcement
Sicari, SABRINA SOPHY; Rizzardi, Alessandra; Grieco, Luigi Alfredo; Piro, Giuseppe; COEN PORISINI, Alberto
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11383/2063565
 Attenzione

L'Ateneo sottopone a validazione solo i file PDF allegati

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 44
  • ???jsp.display-item.citation.isi??? ND
social impact