Vitenskapelig Kapittel/Artikkel/Konferanseartikkel

Risk-Driven Security Metrics Development for an e-Health IoT Application

Savola, Reijo M.; Savolainen, Antti Evesti; Abie, Habtamu; Sihvonen, Markus


Del av: Proceedings of the 2015 Information Security for South Africa (ISSA 2015) (IEEE Press, 2015)

Sider: 6

År: 2015

År: 2015


Security and privacy for e-health Internet-of-Things
applications is a challenge arising due to the novelty and
openness of the solutions. We analyze the security risks of an envisioned e-health application for elderly persons’ day-to-day support and chronic disease self-care, from the perspectives of the service provider and end-user. In addition, we propose initial heuristics for security objective decomposition aimed at security metrics definition. Systematically defined and managed security metrics enable higher effectiveness of security controls, enabling informed risk-driven security decision-making.