Enhancing the security of mobile health monitoring systems through trust negotiations

There are clear advantages in using remote monitoring systems for elderly care. They help with improving the efficiency in providing higher quality of care. These systems collect relevant data and transmit them to the healthcare provider, to be stored on their servers in the form of patients' Electronic Health Records (EHRs). The EHR may then be used by healthcare professional, either at provider locations or remotely through mobile devices. Among of the main concerns in acceptance of these systems, ensuring the privacy of personally sensitive information and securing EHRs during the transmission can be named. This paper, reports a trust negotiation approach that we have developed to address these concerns. It complements the strengths of the Transport Layer Security (TLS) as the underlying protocol. This combination results in significant improvements in overcoming security related concerns compared to the traditional identity-based only access control techniques. We also report the experimental works that demonstrate the ease of application of the proposed approach in typical mobile environments.