Computers and Security

, volume 75 , pages 191-217

A security framework for mHealth apps on Android platform

Muzammil M. Hussain ^{1, 2}

Ahmed Al Haiqi ³

Danial Nor ⁴

Bilal Bahaa Zaidan ⁴

Miss Laiha Mat Kiah ⁵

Salman Iqbal ⁵

S. Iqbal ¹

Mohamed Abdulnabi ⁶

Hide authors affiliations Show authors affiliations: 6 affiliations

Department of Computer Science, School of Systems and Technology, University of Management and Technology, Lahore, Pakistan |

Faculty of Computer Science and Information Technology, University of Malaya, 50603 Kuala Lumpur, Malaysia |

Department of Electronics and Communication Engineering, College of Engineering, Universiti Tenaga Nasional, Kajang, Malaysia. |

⁴

Department of Computing, Faculty of Arts, Computing and Creative Industry, Universiti Pendidikan Sultan Idris, Tanjong Malim, Perak, Malaysia |

⁵

Faculty of Computer Science and Information Technology, University of Malaya, 50603 Kuala Lumpur Malaysia |

⁶

School of Technology, Faculty of Computing, Engineering & Technology, Asia Pacific University of Technology & Innovation (APU), 57000 Kuala Lumpur, Malaysia |

Publication type: Journal Article

Publication date: 2018-06-01

Elsevier

Computers and Security

scimago Q1

wos Q1

SJR: 1.445

CiteScore: 13.3

Impact factor: 5.4

ISSN: 01674048, 18726208

DOI: 10.1016/j.cose.2018.02.003

Copy DOI

Law

General Computer Science

Abstract

Mobile Health (mHealth) applications are readily accessible to the average users of mobile devices, and despite the potential of mHealth applications to improve the availability, affordability and effectiveness of delivering healthcare services, they handle sensitive medical data, and as such, have also the potential to carry substantial risks to the security and privacy of their users. Developers of applications are usually unknown, and users are unaware of how their data are being managed and used. This is combined with the emergence of new threats due to the deficiency in mobile applications development or the design ambiguities of the current mobile operating systems. A number of mobile operating systems are available in the market, but the Android platform has gained the topmost popularity. However, Android security model is short of completely ensuring the privacy and security of users' data, including the data of mHealth applications. Despite the security mechanisms provided by Android such as permissions and sandboxing, mHealth applications are still plagued by serious privacy and security issues. These security issues need to be addressed in order to improve the acceptance of mHealth applications among users and the efficacy of mHealth applications in the healthcare systems. The focus of this research is on the security of mHealth applications, and the main objective is to propose a coherent, practical and efficient framework to improve the security of medical data associated with Android mHealth applications, as well as to protect the privacy of their users. The proposed framework provides its intended protection mainly through a set of security checks and policies that ensure protection against traditional as well as recently published threats to mHealth applications. The design of the framework comprises two layers: a Security Module Layer (SML) that implements the security-check modules, and a System Interface Layer (SIL) that interfaces SML to the Android OS. SML enforces security and privacy policies at different levels of Android platform through SIL. The proposed framework is validated via a prototypic implementation on actual Android devices to show its practicality and evaluate its performance. The framework is evaluated in terms of effectiveness and efficiency. Effectiveness is evaluated by demonstrating the performance of the framework against a selected set of attacks, while efficiency is evaluated by comparing the performance overhead in terms of energy consumption, memory and CPU utilization, with the performance of a mainline, stock version of Android. Results of the experimental evaluations showed that the proposed framework can successfully protect mHealth applications against a wide range of attacks with negligible overhead, so it is both effective and practical.

Found

Top-30

Journals

	2 4 6 8 10 12 14
Journal of Medical Systems	Journal of Medical Systems, 13, 15.29% Journal of Medical Systems 13 publications, 15.29%
IEEE Access	IEEE Access, 6, 7.06% IEEE Access 6 publications, 7.06%
Health and Technology	Health and Technology, 4, 4.71% Health and Technology 4 publications, 4.71%
Computer Standards and Interfaces	Computer Standards and Interfaces, 2, 2.35% Computer Standards and Interfaces 2 publications, 2.35%
Security and Communication Networks	Security and Communication Networks, 2, 2.35% Security and Communication Networks 2 publications, 2.35%
AIP Conference Proceedings	AIP Conference Proceedings, 2, 2.35% AIP Conference Proceedings 2 publications, 2.35%
International Journal of E-Services and Mobile Applications	International Journal of E-Services and Mobile Applications, 1, 1.18% International Journal of E-Services and Mobile Applications 1 publication, 1.18%
International Journal of Information Technology and Decision Making	International Journal of Information Technology and Decision Making, 1, 1.18% International Journal of Information Technology and Decision Making 1 publication, 1.18%
JMIR mHealth and uHealth	JMIR mHealth and uHealth, 1, 1.18% JMIR mHealth and uHealth 1 publication, 1.18%
Diagnostics	Diagnostics, 1, 1.18% Diagnostics 1 publication, 1.18%
Sustainability	Sustainability, 1, 1.18% Sustainability 1 publication, 1.18%
Medical Sciences	Medical Sciences, 1, 1.18% Medical Sciences 1 publication, 1.18%
Multimedia Tools and Applications	Multimedia Tools and Applications, 1, 1.18% Multimedia Tools and Applications 1 publication, 1.18%
Cognitive Computation	Cognitive Computation, 1, 1.18% Cognitive Computation 1 publication, 1.18%
Zeitschrift fur Gesundheitswissenschaften	Zeitschrift fur Gesundheitswissenschaften, 1, 1.18% Zeitschrift fur Gesundheitswissenschaften 1 publication, 1.18%
Empirical Software Engineering	Empirical Software Engineering, 1, 1.18% Empirical Software Engineering 1 publication, 1.18%
BMC Public Health	BMC Public Health, 1, 1.18% BMC Public Health 1 publication, 1.18%
Business and Information Systems Engineering	Business and Information Systems Engineering, 1, 1.18% Business and Information Systems Engineering 1 publication, 1.18%
Big Data Research	Big Data Research, 1, 1.18% Big Data Research 1 publication, 1.18%
Computer Methods and Programs in Biomedicine	Computer Methods and Programs in Biomedicine, 1, 1.18% Computer Methods and Programs in Biomedicine 1 publication, 1.18%
Computer Science Review	Computer Science Review, 1, 1.18% Computer Science Review 1 publication, 1.18%
Journal of Network and Computer Applications	Journal of Network and Computer Applications, 1, 1.18% Journal of Network and Computer Applications 1 publication, 1.18%
Egyptian Informatics Journal	Egyptian Informatics Journal, 1, 1.18% Egyptian Informatics Journal 1 publication, 1.18%
Technology in Society	Technology in Society, 1, 1.18% Technology in Society 1 publication, 1.18%
Medical Journal Armed Forces India	Medical Journal Armed Forces India, 1, 1.18% Medical Journal Armed Forces India 1 publication, 1.18%
Procedia Computer Science	Procedia Computer Science, 1, 1.18% Procedia Computer Science 1 publication, 1.18%
Security and Privacy	Security and Privacy, 1, 1.18% Security and Privacy 1 publication, 1.18%
Health Economics (United Kingdom)	Health Economics (United Kingdom), 1, 1.18% Health Economics (United Kingdom) 1 publication, 1.18%
Journal of Experimental and Theoretical Artificial Intelligence	Journal of Experimental and Theoretical Artificial Intelligence, 1, 1.18% Journal of Experimental and Theoretical Artificial Intelligence 1 publication, 1.18%
	2 4 6 8 10 12 14

Publishers

	5 10 15 20 25 30
Springer Nature	Springer Nature, 27, 31.76% Springer Nature 27 publications, 31.76%
Institute of Electrical and Electronics Engineers (IEEE)	Institute of Electrical and Electronics Engineers (IEEE), 25, 29.41% Institute of Electrical and Electronics Engineers (IEEE) 25 publications, 29.41%
Elsevier	Elsevier, 12, 14.12% Elsevier 12 publications, 14.12%
IGI Global	IGI Global, 3, 3.53% IGI Global 3 publications, 3.53%
MDPI	MDPI, 3, 3.53% MDPI 3 publications, 3.53%
Wiley	Wiley, 3, 3.53% Wiley 3 publications, 3.53%
Hindawi Limited	Hindawi Limited, 3, 3.53% Hindawi Limited 3 publications, 3.53%
JMIR Publications	JMIR Publications, 2, 2.35% JMIR Publications 2 publications, 2.35%
AIP Publishing	AIP Publishing, 2, 2.35% AIP Publishing 2 publications, 2.35%
World Scientific	World Scientific, 1, 1.18% World Scientific 1 publication, 1.18%
Taylor & Francis	Taylor & Francis, 1, 1.18% Taylor & Francis 1 publication, 1.18%
Association for Computing Machinery (ACM)	Association for Computing Machinery (ACM), 1, 1.18% Association for Computing Machinery (ACM) 1 publication, 1.18%
IOS Press	IOS Press, 1, 1.18% IOS Press 1 publication, 1.18%
SAGE	SAGE, 1, 1.18% SAGE 1 publication, 1.18%
	5 10 15 20 25 30

We do not take into account publications without a DOI.
Statistics recalculated weekly.

Are you a researcher?

Create a profile to get free access to personal recommendations for colleagues and new articles.

Metrics

Cite this

GOST |

Cite this

GOST Copy

Hussain M. M. et al. A security framework for mHealth apps on Android platform // Computers and Security. 2018. Vol. 75. pp. 191-217.

GOST all authors (up to 50) Copy

Hussain M. M., Al Haiqi A., Nor D., Zaidan B. B., Kiah M. L. M., Iqbal S., Iqbal S., Abdulnabi M. A security framework for mHealth apps on Android platform // Computers and Security. 2018. Vol. 75. pp. 191-217.

RIS |

Cite this

RIS Copy

TY - JOUR

DO - 10.1016/j.cose.2018.02.003

UR - https://doi.org/10.1016/j.cose.2018.02.003

TI - A security framework for mHealth apps on Android platform

T2 - Computers and Security

AU - Hussain, Muzammil M.

AU - Al Haiqi, Ahmed

AU - Nor, Danial

AU - Zaidan, Bilal Bahaa

AU - Kiah, Miss Laiha Mat

AU - Iqbal, Salman

AU - Iqbal, S.

AU - Abdulnabi, Mohamed

PY - 2018

DA - 2018/06/01

PB - Elsevier

SP - 191-217

VL - 75

SN - 0167-4048

SN - 1872-6208

ER -

BibTex

Cite this

BibTex (up to 50 authors) Copy

@article{2018_Hussain,

author = {Muzammil M. Hussain and Ahmed Al Haiqi and Danial Nor and Bilal Bahaa Zaidan and Miss Laiha Mat Kiah and Salman Iqbal and S. Iqbal and Mohamed Abdulnabi},

title = {A security framework for mHealth apps on Android platform},

journal = {Computers and Security},

year = {2018},

volume = {75},

publisher = {Elsevier},

month = {jun},

url = {https://doi.org/10.1016/j.cose.2018.02.003},

pages = {191--217},

doi = {10.1016/j.cose.2018.02.003}

}

Publisher

Elsevier

Journal

Computers and Security

scimago Q1

wos Q1

SJR

1.445

CiteScore

13.3

Impact factor

5.4

ISSN

01674048 (Print)

18726208