Savola, Reijo M.; Savolainen, Antti Evesti; Abie, Habtamu; Sihvonen, Markus
Security and privacy for e-health Internet-of-Things
applications is a challenge arising due to the novelty and
openness of the solutions. We analyze the security risks of an envisioned e-health application for elderly persons’ day-to-day support and chronic disease self-care, from the perspectives of the service provider and end-user. In addition, we propose initial heuristics for security objective decomposition aimed at security metrics definition. Systematically defined and managed security metrics enable higher effectiveness of security controls, enabling informed risk-driven security decision-making.