Design of a secure framework for the implementation of telemedicine, eHealth, and wellness services

Abstract

In both developing and developed countries, the costs of delivering health care are increasingly taking a large proportion of the national gross domestic product (GDP). GDP, is one of several measures of the size of a regions’ economy. While developed countries have a good doctor to patient ratio, in developing countries the ratios are alarming (e.g., in Uganda it is about 1 doctor to 24.725 patients). Thus, with the advent of Information communication Technologies (ICT), researchers are working on ways of using ICT to deliver health care services at low costs. This has led to the development of proprietary Telemedicine, Ehealth, and Wellness (TEW) systems. Because most developments areproprietary, standards are fluid and this rises questions about interoperability. Besides, the applica- tion of ICT to remotely collect and disseminate information in a sensitive domain like health care,rises a number of security related issues especially for TEW systems that rely on wireless sensor networks (WSNs) for data acquisition and transmission (i.e., questions about data confidentiality,system reliability, user authentication, and data integrity arise). Therefore, in this thesis we investigate a number of TEW systems, analyse their technologies and security implementations. Our investigation led us to conclude that most of the wireless sensor based TEW developments have focused on engineering issues of making the technology work at the expense of security. We learn that even those systems that have implemented good security mechanisms may not have modeled appropriate threats. Hence, we present a threat model of TEW-WSNs and propose a polynomial based key management scheme to secure TEW wireless sensor networks. We give conclusions about the application of TEW systems in developing countries and the future trends.