پديدآورندگان :
Kermani Farzaneh Iran University of Medical Sciences , Orooji Azam Iran University of Medical Sciences , Borhani Alireza Tehran University of Medical Science
چكيده فارسي :
Background: Mobile health (mHealth) is a current technology transformation in which mobile devices are employ to support medicine and public health practices. security refers to the safeguards, tools and techniques used to preserve against the unsuitable access or disclosure of information. While, implementing the security issue is mHealth domain is challenging. Without security or control plans in place, data might be subjected to passive or active attacks and networks are vulnerable to any types of attacks like eavesdropping, identity IP address spoofing, password-based compromised-key, sniffer and other kind of attacks.
Objectives: This study focuses on some important issues concerning security in mobile health care.
Methods: In order to identify related studies in this topics, “security” in combination to “mobile health”, “mhealth” or “mobile app/application” keywords were searched in Pubmed and Google scholar database between 2004 to 2016 years.
Results: Specification and general security services for avoiding mobile systems threats are: confidentiality, integrity, authenticity, non-repudiation, availability, reliability, accountability, access control and secure data storage. These features are implemented by using digital signature technology based on asymmetrical cryptographic algorithms. Besides, the confidentiality and privacy protection of transferred data must be kept during transmission and done by using symmetrical cryptographic algorithms. Also, strong user authentication techniques could be implemented based on smart cards. In order to preserve the potential attacks to the special network, the multilayered security architecture has to be implemented. Modern computer networks security systems consist of security mechanisms on three different ISO/OSI reference model layers: Application layer security (end-to-end security), transport level security based on establishment of a symmetric cryptography and network IP level security.
Conclusion: This paper presents the security principle required for mobile health services. It is necessary for mobile devices to be safe from electrical, electronic, and personal bad intention. Effective health protections require effective data security plan. The issue of security is more important in the medical domain that deals with patient data. Therefore, special security protocols and mechanisms are needed for mobile health applications.
