Cyber Security for Remote Patient Monitoring System

The Internet of Things is an emerging topic of technical, social, and economic significance. Consumer products, durable goods, cars and trucks, industrial and utility components, sensors, and other everyday objects are being combined with Internet connectivity and powerful data analytic capabilities that promise to transform the way we work, live, and play. Projections for the impact of IoT on the Internet and economy are impressive, with some anticipating as many as 100 billion connected IoT devices and a global economic impact of more than $11 trillion by 2025. Internet of Things (IoT) devices is rapidly becoming ubiquitous while IoT services are becoming pervasive. Their success has not gone unnoticed and the number of threats and attacks against IoT devices and services are on the increase as well. Cyber-attacks are not new to IoT, but as IoT will be deeply interwoven in our lives and societies, it is becoming necessary to step up and take cyber defense seriously. Currently, most proposed IoT attacks are proof-of-concepts and have yet to generate any profit for attackers. This does not mean that attackers wont target IoT devices in future, even if it is just to misuse the technology or have a persistent anchor in a home network. The use of weak passwords is a security issue that has repeatedly been seen in IoT devices. These devices often do not have a keyboard, so configuration has to be done remotely. Unfortunately, not all vendors force the user to change the devices default passwords and many have unnecessary restrictions which make the implementation of long, complex passwords impossible. The Open Web Application Security Projects (OWASP) Lists Top Ten Internet of Things Vulnerabilities. This thesis has three main contributions. (i) It enables secure communication in the IoT using lightweight compressed yet standard compliant IPsec, DTLS, and IEEE 802.15.4 link layer security, and it discusses the pros and cons of each of these solutions. The proposed security solutions are implemented and evaluated in an IoT setup on real hardware. (ii) This thesis also presents the design, implementation, and evaluation of novel IDS for the IoT. (iii) Last but not least, it also provides mechanisms to protect data inside constrained nodes. This paper mainly focuses on Remote Patient Monitoring Systems. However, deploying new technologies in healthcare applications without considering security makes patient privacy vulnerable. Moreover, the physiological data of an individual are highly sensitive. Therefore, security is a paramount requirement of healthcare applications, especially in the case of patient privacy, if the patient has an embarrassing disease. Security is provided for data which is being fetched from the patients through wearable devices and transferred to the concerned doctors by using a public key encryption technique namely ECC (Elliptic Curve Cryptography) is used.