A Comprehensive Assessment Framework for Evaluating Adaptive Security and Privacy Solutions for IoT e-Health Applications

Waqas Aman*, Fatima Najla Mohammed

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)

Abstract

There exist numerous adaptive security and privacy (S&P) solutions to manage potential threats at runtime. However, there is a lack of a comprehensive assessment framework that can holistically validate their effectiveness. Existing Adaptive S&P assessment efforts either focus on privacy or security in general, or are focused on specific adaptive S&P attributes, e.g. authentication, and, at certain times, disregards the architecture in which they should be comprehended. In this paper, we propose a holistic assessment framework for evaluating adaptive S&P solutions for IoT e-health. The framework utilizes a proposed classification of essential attributes necessary to be recognized, evaluated, and incorporated for the effectiveness of adaptive S&P solutions for the most common IoT architectures, fog-based and cloud/server-based architectures. As opposed to the existing related work, the classification comprehensively covers all the major classes of essential attributes, such as S&P objectives, contextual factors, adaptation action aptitude, and the system’s self-* properties. Using this classification, the framework assists to evaluate the existence of a given attribute with respect to the adaptation process and in the context of the architectural layers. Therefore, it stresses the importance of where an essential attribute should be realized in the adaptation phases and in the architecture for an adaptive S&P solution to be effective. We have also presented a comparison of the proposed assessment framework with existing related frameworks and have shown that it exhibits substantial completeness over the existing works to assess the feasibility of a given adaptive S&P solution.
Original languageEnglish
Pages (from-to)613-623
Number of pages11
JournalInternational Journal of Advanced Computer Science and Applications
Volume13
Issue number10
DOIs
Publication statusPublished - Jan 1 2022

Keywords

  • Adaptive security
  • E-health
  • Effectiveness
  • Internet of things
  • Iot architecture
  • Privacy

ASJC Scopus subject areas

  • General Computer Science

Cite this