| Revista: | Computación y Sistemas |
| Base de datos: | PERIÓDICA |
| Número de sistema: | 000456943 |
| ISSN: | 1405-5546 |
| Autors: | Escamilla Ambrosio, Ponciano J1 Robles Ramírez, David1 Alsalamah, Shada3 Tryfonas, Theo4 Orantes Jiménez, Sandra1 Rodríguez Mota, Abraham1 AlQahtani, Sakher5 Nouh, Thamer6 Alsalamah, Hessah2 Almutawaa, Shahad2 Alkabani, Hend2 Alsmari, Mshael2 Alashgar, Nouf2 Alrajeh, Abeer2 Kurdi, Heba7 |
| Institucions: | 1Instituto Politécnico Nacional, Centro de Investigación en Computación, Ciudad de México. México 2King Saud University, College of Computer and Information Sciences, Riyadh. Arabia Saudita 3Massachusetts Institute of Technology, Media Lab, Cambridge, Massachusetts. Estados Unidos de América 4University of Bristol, Faculty of Engineering, Bristol, Avon. Reino Unido 5King Saud University, College of Dentistry, Riyadh. Arabia Saudita 6King Saud University, College of Medicine, Riyadh. Arabia Saudita 7Massachusetts Institute of Technology, Mechanical Engineering Department, Cambridge, Massachusetts. Estados Unidos de América |
| Any: | 2019 |
| Període: | Oct-Dic |
| Volum: | 23 |
| Número: | 4 |
| Paginació: | 1139-1158 |
| País: | México |
| Idioma: | Inglés |
| Tipo de documento: | Artículo |
| Enfoque: | Aplicado, descriptivo |
| Resumen en inglés | Mobile devices and the Internet of Things (IoT) are revolutionizing today's digital sectors, including healthcare. eHealth services delivery enables integrated mHealth care and informed-decision making for emergency medical services, especially in the event of disasters when every second could mean the difference between life or death. The risk of cyber-attacks directed to mHealth applications can compromise the availability and integrity of patient information, crippling care mobility and sometimes threatening patients' lives if decisions are made based on invalid information. Such risks can be treated by considering appropriate information security controls at the early stages of the mobile Application (mApp) development lifecycle for mHealth model of care. However, most developers consider security at a later stage, and even if they do, there is a lack of an appropriate tool to help them represent security requirements in design models. This has proven to be bad practice, resulting in insecure mApp development. This paper aims to bridge this gap by equipping analysts with the tool necessary to identify risks and treat them while designing the application. Therefore, we propose the approach referred to as Internet of Things Security Modelling (IoTsecM) for mApp security modelling in mHealth. IoTsecM is a UML extension to model identified security controls against possible attacks to guarantee the existence of a security analysis and security mechanisms. Results show that IoTsecM, first, allows mHealth designers to apply and depict non-functional security requirements with the functional requirements. Second, its annotation illustrates meaningful information security requirements at early design stages as part of the mHealth application development lifecycle and not afterwards |
| Disciplines | Ciencias de la computación |
| Paraules clau: | Programación, Procesamiento de datos, Diseño, Aplicaciones móviles, Seguridad de la información, Internet de las cosas, Modelado, Controles de seguridad, Gestión de desastres, Servicios de salud |
| Keyword: | Programming, Data processing, Design, Mobile applications, Information security, Internet of things, Modelling, Security controls, Disasters management, Health services |
| Text complet: | Texto completo (Ver HTML) Texto completo (Ver PDF) |
