PhD Dissertation Defense - Faisal Alsubaei

Security Assessment Framework for the Internet of Medical Things Solutions

Faisal Alsubaei, PhD Candidate

Wednesday, Dec. 4, 2019, 11:00 am-1:00 pm
Dunn Hall 375 Conference Room

Committee Members:

Abstract

The emergence of the Internet of Medical Things (IoMT) has introduced a monumental change in facilitating the management of diseases, improving diseases diagnosis and treatment methods, and reducing healthcare cost and errors. This change has greatly impacted the quality of healthcare for both patients and all frontline healthcare workers. However, the IoMT is far from being immune to security and privacy breaches due to the wide variety IoMT vendors and products available on the market as well as the massive number of devices transmitting sensitive medical data wirelessly to the cloud. The lack of security awareness among healthcare users (e.g., patients, medical staff) aggravates the deficiencies and can facilitate attacks that jeopardize the patients’ lives. Therefore, ensuring the security and privacy of the IoMT becomes an urgent issue worthy of further investigation and resolution. Security cannot be planned for, managed, monitored, or controlled if it cannot be measured. However, security assessment poses problems for novice IoMT adopters when choosing security measures that are both sufficient and robust. Accordingly, I developed a web-based IoMT security assessment framework based on a novel ontological scenario-based approach to recommend security measures in IoMT and assess protection and deterrence in IoMT solutions. The framework supports the selection of an IoMT solution that matches the stakeholder’s security objectives and supports the decision-making process. The novelty of this work lies in its granularity, extensibility, as well as its ability to adapt to new stakeholders, and conformance to technology and medical standards.