A Secure and Robust Architecture based on Mobile Healthcare Applications for Patient Monitoring Environments

The recent outbreak of COVID-19 pandemic realized the importance of patient monitoring environments, Mobile Healthcare Applications (MHA) plays very crucial role in the successful implementation of patient monitoring environments. Existing MHA’s in the realm of patient monitoring environments are prone to repackaging attacks; do not ensure security, application security and communication security. This paper proposes a secure and robust architecture for mobile healthcare applications in patient monitoring environments ensuring end to end security ensuring all the security properties by overcoming repackaging attacks which are very vital for success of mobile healthcare applications. We implemented our proposed protocol in Android Studio, Kotlin is designed to interoperate fully with Java. ECDH Key exchange algorithm is used for key exchange between MHA in patient’s smart phone and MHA in the hospital TPM. We created an EC key pairs (NIST P-256 aka secp256r1) at patient’s MHA and MHA of hospital TPM by using ECDH and we created a shared AES secret key. AES with GCM mode used for encryption and decryption of patient data. Keywords—Mobile healthcare applications (MHA); UICC (universal integrated circuit card); Kotlin language; android studio; ECDSA (elliptic curve digital signature algorithm); GCM mode; end to end security


I. INTRODUCTION
The speedy development of information and communication technology (ICT) infrastructures are playing very important role in offering innumerous opportunities for efficient and affordable mobile health solutions. Mobile health solutions help in delivering healthcare anywhere and at any time overcoming geographical barriers, these services are a boon for the patients living in remote areas where health care facilities are not accessible. Mobile Healthcare Applications (MHAs) plays vital role in the successful implementation of mobile health solutions. Many Mobile Healthcare Applications (MHAs) are available in the market helping hospitals, doctors and patients. MHAs are available to assist hospitals, doctors in managing and in monitoring patients and in making clinical decisions. Smartphones and MHAs provide the following benefits to all the stakeholders especially patients, doctors and hospital staff as they ensure accuracy and efficiency. The author in [1] systematically assessed the consequences of cyber threats on health care. The security of user privacy information is very important for system deployment and operation [2]. The authentication process of Telecare Medical Information Systems (TMIS) occurs in a public channel, which is prone to attacks. Attackers can disrupt the authentication process through eavesdropping, interception, and forgery method, and launch malicious attacks such as forgery attacks, replay attacks, and sidechannel attacks. These attacks can lead to malicious access and loss of data. Future MHAs are expected to include larger databases helping in making clinical decisions. COVID-19 pandemic realized the importance of patient monitoring environments, Mobile Healthcare Applications (MHA) plays very crucial role in the successful implementation of patient monitoring environments. During COVID-19 pandemic health information system became the primary target of cybersecurity attacks [3]. The health care industry should be prepared to overcome cyberattacks. The system can be protected from attacks by designing a secure identity authentication scheme and intrusion detection technology [4]. Among the main concerns in health monitoring frameworks are: reliability in making clinical decisions and security and privacy of data. Existing MHA's in the realm of patient monitoring environments do not ensure application security and communication security. Existing mobile healthcare monitoring solutions does not ensure Application security and communication security, Patient's privacy, not compliant with HIPAA standard and prone to repackaging attacks. This article's organization is as follows: In Section II discusses related work in the realm of secure mobile healthcare. Section III proposes a Secure Mobile Healthcare framework. Section IV presents an experimental setup and results, and Section V compares our proposed work with the related works. Section VI provides discussion of the proposed framework, and Section VII concludes the paper.
II. RELATED WORK [5] monitors blood pressure, with a unique look and feel for monitoring heart health, which communicates with Bluetooth, so it is easy to share and store patient's records. The Omron HeartAdvisor mobile app [6] allows to transfers blood pressure readings smartphone based healthcare application. But both the solutions have the following limitations a) End to End security is not ensured. b) Patient's privacy is not ensured. c) Not compliant with HIPAA standard. www.ijacsa.thesai.org d) Does not ensure application security e) Does not ensure Communication security f) These solutions are vulnerable to repackaging attacks The author in [7] proposes an authentication scheme in Telecare Medical Information System (TMIS) based on Physical Unclonable Function (PUF) and Elliptic Curve Cryptography (ECC) technology. But this solution has no clarity: a) How the ECC technology can encrypt the messages in the real time.
b) How the healthcare application overcomes reverse engineering attacks?
The author in [8] proposes healthcare systems with mutual authentication protocol thereby ensuring location privacy with low computation and storage costs, but this work also does not ensure application security and communication security. The author in [9] proposes a Cloud-IoT based healthcare system that uses a lightweight user authentication scheme, but this work do not ensure end to end security and prone to repackaging attacks. According to market watch, the Application Security Market will cross US$ 11 billion by 2024 globally [10]. According to marketsandmarkets IoT medical devices are will reach USD 63.43 billion by 2023 globally [11]. IoT medical devices are being used by many patients all around the globe as they make the life of patients easy and is evident from the predictions from marketsandmarkets [12], but these devices should be made secure right from the manufacturing phase of these devices which is the responsibility of the manufacturer. IoT medical devices use healthcare applications and applications need to be portable and secure, the security of these applications is the responsibility of the hospitals and the government. Healthcare data is kept in the hospital database and it is the responsibility of the hospitals and the government to keep the data secure thereby ensuring HIPAA regulations. In order to be HIPAA complaint network security should be ensured, i.e. protecting data at rest and during transit. This is the core motivation for this work. PhysioDroid [13] is an advanced system for remote monitoring of patient's health. The PhysioDroid system has the following: 1) A monitoring device transmits the collected readings.
2) A smartphone, data collector application for medical diagnosis and for health alerts.
3) Stores data from multiple sources.
The author in [14] discusses transport issues in the mobile Healthcare applications, proposes a platform for testing and finally proposes solutions to overcome these attacks. The author in [15] discusses server side security concerns and vulnerabilities in the mHealth apps and compares with the applications in other realms. The author in [16] proposes a data encryption solution for mobile health apps (DE4MHA).  The author in [17] proposes a new self-defending code (SDC) approach which encrypts parts of the app code at compile time and dynamically decrypts the ciphertext code at run-time but this work does not ensure the security of keys.
Following are the contributions made by our research work: a) We have proposed a secure architecture from the UICC (Universal Integrated Circuit Card) of the patient's smart phone and hospital server and a secure protocol is proposed in the realm of Patient Management and Monitoring.
b) In our proposed healthcare framework MHAs overcomes repackaging attacks code obfuscation, code attestation and by enabling self-signing restrictions. c) We have proposed a secure healthcare protocol ensuring all the security properties. d) Compared our proposed healthcare system with the existing real time Mobile Healthcare Application solutions and existing research works in mobile healthcare and found to be better than these solutions and e) We successfully implemented our proposed protocol in Android Studio and found to be better than the existing solutions.
f) Proposed healthcare framework overcomes known attacks.

III. PROPOSED HEALTHCARE FRAMEWORK
In order to overcome the existing MHA and research works in the realm of Mobile Healthcare we propose a secure interaction between the MHA in the UICC of the patient's smartphone and the TPM of the hospital. Patient (P), Doctor (D), Hospital (H), Sensor (S), MHA in sensor, UICC in Smartphone and MHA in the UICC are the entities involved in the proposed framework. Existing MHAs are installed in the smart phone which can be compromised by malware, so we propose our secure framework in the SE of the patient's smartphone referred as UICC. Sensor (S) contains a SE, SE contains MHA collecting health information. This Sensor (S) MHA shares a symmetric key with the MHA in UICC of the patient's smartphone as shown in [12] and MHA of patient's smartphone shares a symmetric key with the MHA of TPM at hospital. UICC and MHAs in the UICC of the patient's smartphone are personalized by the TPM at hospital as shown in [18] Over-The-Air (OTA). TPM of the hospital is personalized by the hospital. and TPM at hospital. HTTPS encrypts all the messages exchanged between patient's smartphone and TPM at hospital. Communication security is ensured using TLS a secure tunnel is established between patients.
UICC of smartphone and Hospital TPM, TCP ensures end to end reliability, IP is a protocol used at the network layer and BIP is a mechanism at the interface between the UICC and the smartphone providing access to the data bearers supported by the smartphone. ISO and the IEC jointly manages ISO/IEC 7816 standard. By using our proposed secure architecture end to end security and reliability is ensured in the information exchange between the patient and the hospital. Table I shows the notations used in the paper. Fig. 2 shows the steps involved in patient monitoring protocol.
Step 1: Sensor (S) collects patient's readings and sends it to the UICC of the patient's smartphone at regular intervals via Bluetooth Low Energy (BLE); in order to overcome BLE vulnerabilities, MHA in Sensor (S) encrypts the data sent to the MHA in the UICC of the smartphone (patient (P)). Patient's readings are encrypted with the shared symmetric key between the MHA of the Sensor (S) and MHA in UICC (P). Our proposed framework overcomes BLE vulnerabilities as our MHA's code is obfuscated by the MHA manufacturer and attested by the Certifying Authority (CA) and imposes self-signing restrictions, in addition to these data transmitted from the sensor (S) is encrypted using the symmetric key shared between sensor's MHA and the MHA of the patient (P). Data encryption prevents MITM and eavesdropping attacks. A secure link is established between the sensor's MHA and MHA in the UICC of the patient ensuring application security (symmetric key) and communication security (using SSL/TLS).
Step 2: UICC (P) forwards the received message to the hospital's Trusted Platform Module (TPM) after decrypting the received message.
Step 3: If the readings are abnormal then -H‖ shares patient's location to the ambulance

IV. EXPERIMENTAL SETUP AND RESULTS
We implemented our proposed protocol in Android Studio using Kotlin language; it was designed to interoperate fully with Java. ECDH Key exchange algorithm is used for key exchange between MHA in patient's smart phone and MHA in the hospital TPM. ECDSA, digest algorithm used is SHA-256 and AES symmetric encryption algorithm are used to ensure all the security properties. We created an EC key pairs (NIST P-256 aka secp256r1) at patient's MHA and MHA of hospital TPM by using ECDH and we created a shared AES secret key. AES with GCM mode used for encryption and decryption of patient data, Fig. 3

V. COMPARISON WITH RELATED WORK
We have proposed a secure architecture from the UICC of the patient's smart phone and hospital server and a secure protocol is proposed in the realm of Patient Management and Monitoring. Proposed healthcare framework MHAs overcomes repackaging attacks code obfuscation, code attestation and by enabling self-signing restrictions. In addition to these proposed secure healthcare protocol ensuring all the security properties. Finally, we have carried out our experiments in Android Studio and found to be better than the existing solutions by overcoming all the known attacks. This section highlights the comparative analysis of the proposed system with the eight existing real time MHA solutions and existing research works. Table II compares our proposed framework with the existing research works in this realm with the following features and found to be better than the existing research works. a) Confidentiality: Confidentiality is ensured using a symmetric key at the application level which is shared between the entities. b) Authentication: MHAs are authenticated using their respective certificates and moreover symmetric keys are shared among the entities involved in the framework.
c) Overcomes Tampering of Messages: Messages are encrypted using the shared symmetric key and data is hashed thereby ensuring the integrity of the exchanged messages.
d) Compliant to HIPAA Standard: Messages are encrypted using the shared symmetric key and communication security is also ensured using SSL/TLS protocol e) Application Security: MHAs in both the sensor and UICC (of the patient) are protected by password. In addition to this MHAs are protected from repackaging attacks by implementing code obfuscation, code attestation and by enabling self-signing restrictions. www.ijacsa.thesai.org Our proposed framework overcomes BLE vulnerabilities as our MHA's code is obfuscated by the MHA manufacturer and attested by the Certifying Authority (CA) and imposes self-signing restrictions. So our proposed system overcomes BLE vulnerabilities.
i) Overcomes Replay Attacks: Encrypted messages containing timestamps and nonce helps in s overcoming replay attacks j) Overcomes Man-in-The Middle Attacks: Encrypted messages containing timestamps and nonce helps in s overcoming MITM attacks. k) Overcomes Impersonation Attacks: Our proposed system overcomes an impersonation attack as the attacker will be unsuccessful in generating session keys. l) Overcomes Reverse Engineering Attacks: MHAs are protected from repackaging attacks by implementing code obfuscation, code attestation and by enabling self-signing restrictions on MHAs.

VI. DISCUSSION
Health care industry is the main target of attackers as the existing healthcare solutions are very vulnerable. MHAs are updated through unreliable sources, so the security of these solutions is compromised putting patent's data in risk. So MHAs should be personalized and updated by the hospital after authenticating each other. Following are the recommendations for secure patient monitoring environments: f) Healthcare solutions should overcome BLE and heartbleed vulnerabilities.

VII. CONCLUSION
Health care industry became the primary target of attackers during COVID-19 pandemic, so health care industry should overcome all the cybersecurity attacks. This paper proposes a secure and robust architecture for mobile healthcare framework in patient monitoring environment which is compliant to HIPAA standard, ensures all the security properties. Mobile Healthcare Applications (MHA) in our proposed healthcare framework overcomes reverseengineering attacks. We implemented our proposed protocol in Android Studio, Kotlin using Kotlin language. ECDH Key exchange algorithm is used for key exchange between MHA in patient's smart phone and MHA in the hospital TPM. ECDSA, digest algorithm used is SHA-256 and AES symmetric encryption algorithm are used to ensure all the security properties. We created an EC key pairs (NIST P-256 aka secp256r1) at patient's MHA and MHA of hospital TPM by using ECDH and we created a shared AES secret key. AES with GCM mode used for encryption and decryption of patient data. Our proposed mobile healthcare framework overcomes all the known attacks. www.ijacsa.thesai.org