Human-oriented design of secure Machine-to ... - Semantic Scholar

Computers in Human Behavior xxx (2014) xxx–xxx

Contents lists available at ScienceDirect

Computers in Human Behavior journal homepage: www.elsevier.com/locate/comphumbeh

Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society Kashif Saleem a,⇑, Abdelouahid Derhab a, Jalal Al-Muhtadi b, Basit Shahzad b a b

King Saud University (KSU), Riyadh, Saudi Arabia College of Computer and Information Sciences (CCIS), King Saud University (KSU), Riyadh, Saudi Arabia

a r t i c l e

i n f o

Article history: Available online xxxx Keywords: e-Healthcare Machine to Machine communication Malicious Psychological Security Society

a b s t r a c t In this paper, we propose a Machine to Machine (M2M) Low Cost and Secure (LCS) communication system for e-Healthcare society. The system is designed to take into consideration the psychological issues related to all actors in the e-Healthcare society such as: stress due to high workload, anxiety, and loneliness. The system is capable of performing most of the tasks in an autonomous and intelligent manner, which minimizes the workload of medical staffs, and consequently minimizes the associated psychological stress and improves the quality of patient care as well as the system performance. We show how the different actors in the e-Healthcare society can interact with each other in a secure manner. To ensure data privacy, the mechanism involves intelligent authentication based on random distributive key management, electronic certificate distribution, and modified realm Kerberos. The system handles dynamic assignments of doctors to specific patients. It also addresses the need for patients to share their health information with strangers while dealing with the privacy preservation issue. Finally, the simulation type implementation is performed on Visual Basic .net 2013 that shows the success of the proposed Low Cost and Secure (LCS) algorithm. Ó 2014 Elsevier Ltd. All rights reserved.

1. Introduction Providing a high quality patient care has always been a concern for healthcare community. There are many factors, which contribute to the high cost and low-quality of support offered to patients. Nursing facilities that assist patients through caregiver intervention and monitoring of the patient’s health are costly. In addition, it represents a burden on caregiver who is unable to ensure continuous monitoring of the patient, which incurs low quality of care offered to the patients. The appearance of e-Healthcare systems has contributed in improving the quality of patient care and reducing the healthcare costs. By e-Healthcare system, we mean a set of electronic tools: software and hardware designed to manage data in the healthcare system. The main components of the e-Healthcare system include telemedicine, electronic health records, communication protocol among the components of the system. Advances in the fields of sensor technologies, wireless networking technologies such as 3G, Wi-Fi, WiMax, Mesh networking, and personal area technologies such as radio frequency identification ⇑ Corresponding author. E-mail addresses: [email protected] (K. Saleem), [email protected] (A. Derhab), [email protected] (J. Al-Muhtadi), [email protected] (B. Shahzad).

(RFID) and Bluetooth have enabled the creation of a smart e-Healthcare system, in which the medical staff can efficiently manage the health of the patients. Connecting tiny, low-power, and wearable smart medical sensor devices (e.g., pulse oximeters (Inc., 2014), electrocardiographs (Fulford-Jones, Gu-Yeon, & Welsh, 2004), and accelerometers (Mathie, Coster, Lovell, & Celler, 2004)) to a human body has advanced the healthcare systems and allowed the appearance of potential applications such as: home monitoring for chronic and elderly patients (Dishman, 2004), real-time continuous patient monitoring in hospitals (Van Laerhoven et al., 2004), automated vital sign analysis to reduce the incidents due to human error (Ohmura et al., 2006), and emergency situations (Lorincz et al., 2004). In these applications, the data collected by biosensors are transmitted to a server located at the hospital. The doctor can access the patient’s records locally as well as remotely from these servers and thus can real-time monitor patient’s health-conditions. In case of emergency, the doctor is notified by the system, as shown in Fig. 1. Machine to Machine (M2M) communication is a new and emerging paradigm under telecommunication (Chen, Wan, & Li, 2012). In M2M, the devices communicate and share information with each other autonomously without or with limited human intervention (Yan et al., 2011). M2M communication is used in a wide range of applications such as: smart home, smart e-Health,

http://dx.doi.org/10.1016/j.chb.2014.10.010 0747-5632/Ó 2014 Elsevier Ltd. All rights reserved.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

2

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

Fig. 1. Architecture of e-Healthcare system (Egbogah & Fapojuwo, 2011).

smart grid, and smart harvesting (Booysen, Gilmore, Zeadally, & Van Rooyen, 2012; Yan et al., 2011). In the literature, M2M communication has been proposed in many e-Healthcare systems (Jung, Ahn, Hwang, & Kim, 2012; Jung, Myllyla, & Chung, 2013; Min, Jiafu, Gonzalez, Xiaofei, & Leung, 2014; Park, Jung, Shin, Kim, & Yoon, 2014). The above e-Healthcare systems can significantly benefit both the medical staff and the patients. Firstly, it can ensure continuous and real-time monitoring of patient’s conditions and solve the problem of inability to constantly monitor a patient’s health. Secondly, the patients can minimize the cost of hospitalization while being monitored at their homes as effectively as in hospitals. Thirdly, remote and real-time monitoring helps identifying the emergency conditions for patients in an easy and fast manner. Fourthly, it is possible to resolve the problem of unavailability of beds in hospitals by remotely monitoring some patients at their home instead. All the above benefits offered by the e-Healthcare system focus on the efficiency aspect, which is reducing the work overload on the medical staff and getting early responses in case of emergency. However, the psychological issues, which come along with the illness, are not considered when designing e-Healthcare system. Physical illness is stressful experience and often puts emotional pressure, and burden on all the members of the healthcare society including the medical staff, patients and their families. It is known that physical symptoms often have an underlying psychological component. All illnesses have a psychological impact because illness is a threat to self. Depression loneliness and anxiety are common in illness, especially in chronic or life-threatening illnesses. The patients also need social support and share their feelings and concerns about the illness usually to strangers without the need to reveal their identities. On the other hand, medical staff are experiencing high level of stress caused by the heavy workload. In this paper, we propose a M2M Low Cost and Secure (LCS) communication system, which considers the psychological issues of medical staff and patients when designing the healthcare system. A part of this work as a preliminary report has been presented

previously in (Saleem, Derhab, & Al-Muhtadi, 2014). The main contributions of this paper are the following: Firstly, we define the different interactions in M2M e-Healthcare system, which can interact with each other in a secure manner. The security is ensured by involving intelligent authentication based on random distributive key management scheme, electronic certificate distribution, and modified realm Kerberos, while handling dynamic assignment of doctors to specific patient. Secondly, the M2M system is designed to maximize the automated tasks, which reduces the workload of medical staffs, and further reduces the associated stress. Thirdly, the system also provides access to online support groups and addresses the need for patients to share their health information with strangers while dealing with the privacy preservation issue. The Low Cost and Secure (LCS) Framework is implemented in Visual Basic .net 2013 to analyze the effectiveness of the complete system. The rest of the paper is organized as follows: Section 2 gives an overview of Machine to Machine (M2M) communication and presents related work on secure M2M communication systems. In Section 3, we describe the Human-centered design of our proposed M2M communication system for e-Healthcare society. Section 4 describes the security design of the proposed system. In Section 5, the prototype implementation is described. Finally, Section 6 concludes the paper and outlines perspectives for further works. 2. Machine to Machine (M2M) communication Machine to Machine (M2M) communication is a new and emerging paradigm under telecommunication (Chen et al., 2012). M2M communication is used in a wide range of applications such as: smart home, smart e-Health, smart grid, and smart harvesting (Booysen et al., 2012; Yan et al., 2011). The general architecture of M2M communication is shown in Fig. 2, and is composed of the following components: M2M device, M2M domain, and Internet domain. M2M device can be computers, sensors, actuators, embedded and mobile devices that communicate and share information with each other autonomously without or with limited

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

3

Fig. 2. Machine to Machine (M2M) direct and Internet-integrated communication (Granjal et al., 2013).

human intervention and via wired or wireless network (Yan et al., 2011). M2M domain provides connectivity between the M2M device and the gateway. The Internet domain ensures communication between the gateway and the M2M application at the host. The main advantage of M2M communication is that the devices interact with each other to collect and deliver the required real-time information. Every device in M2M domain almost communicates wirelessly and acts as the server to help overall network in performing the given task as shown in Fig. 2. The wireless un-attendant communication nature opens enormous challenges for M2M. An e-Healthcare scenario as an example of M2M communication is shown in Fig. 3. In the case of remote patient monitoring, sensor devices that are worn by a patient form a body area network (BAN) to record health indicators, e.g., blood pressure, body temperature, heart rate (Saleem, Fisal, & Al-Muhtadi, 2014). The sensors forward the collected data to an M2M gateway that acts as an information aggregator. Then, the aggregator forwards the data to the M2M server via communication networks. The M2M server analyzes the collected data and sends warnings and appropriate medical records to the medical staffs. In emergency cases, an M2M device can directly provide the medical status of a patient and route to the hospital, allowing physicians to prepare for treatment in advance of the arrival of the patient. The real-time communication cannot tolerate any kind of delay or loss. The infrastructure should be reliable to provide guarantee services whether the centralized management is available or not. Specially, when the time is very critical rapid information is required (Zhong & Siok, 2012), like in emergency conditions and disaster situation where top priority and error-free services such as: rescue, transfer, treatment, and stability are required (Lai, Hui, Yueyu, & Jin, 2012). Although, many M2M components related to networking decision and choice of identity have been standardized, little work has done with respect to security. Also the research literature, which tackles M2M security, is very recent and less compared to other networks.

Nguyen and Huh (Mui Van, Al-Saffar, & Eui-Nam, 2010) have proposed an authentication scheme to ensure the privacy property in a health-care application, which considers the mobility of doctors and patients in the hospital. The proposed scheme takes into consideration only the hospital space and does not discuss the possibility of extension to remote patients. Also, the authentication scheme is based on a probabilistic key management scheme, which can reduce the number of secured connections that can be established among the nodes composing the network. Sun, Men, Zhao, and Zhou (2012) have proposed an M2M application that connects a mobile user with its home network. In order to ensure secure communication, password-based authentication and key establishment protocols are used between the nodes of the network. However, the proposed security scheme establishes secure connections with known communicating parties and cannot extend to more complex scenarios with dynamic associations between the users and the M2M devices. Ren, Yu, Ma, and Ren (2013) present a RelIable and SEcure Scheme (RISE) for M2M communication. To protect data confidentiality and integrity, the authors have developed a hash based function. The authors claim that the function under the proposed scheme defends M2M communication only against Target Distinguishing Attack. Furthermore, the given security architecture involves four algorithms, ChooseMedian, ChooseMost, ChooseNearest, and Trust-based Enhancement to provide data and device reliability. With data reliability the reports or data that are authenticated but discovered fake while checking at actuator based on four policies. Attainability of report is enhanced by implementing m repeat-sending and n multiple-reporting. The authors handle the behavior indistinguishability by hiding lasting time and the intervals while transmitting. The theoretical based formal analysis has been performed to show that the scheme is complete and sound. However, the author has not studied the performance evaluation and feasibility.

Fig. 3. Machine to Machine (M2M) architecture.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

4

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

Fig. 4. The proposed M2M communication system.

The authors in (Inshil, Kijoon, Jiyoung, & Min Young, 2012), proposed a security approach for M2M communication in open IPTV system. The given approach provides secure user authentication with Kerberos based key distribution. The authors modify Condition Access System (CAS) to reduce the complexity and enhance the efficiency of authentication process. The process depends on stages that starts by contents information transfer and ticket request, then to access service provider ticket is granted by ticket server (TS), and in the end the Service user authentication and obtaining of service are granted. To perform analysis the authors set up a network with ten users around TS and Authentication Server (AS). The outcomes are compared with traditional user authentication mechanisms for IPTV in terms of processing time. The proposed approach has shown better performance, but the strength against malicious activities has not been tested. 3. Human-oriented design of e-Healthcare system As stated above, the medical staff are experiencing stress caused by heavy workload. This psychological issue can be minimized by maximizing the tasks performed by the M2M communication system. On the other hand, the issues of depression loneliness, and anxiety are handled by providing emotional support through access to online support groups. Health-related Online Supported Groups have become an important source for information and support for patients (Chung, 2013), and these online groups are more advantageous of face-to-face ones. Liang, Barua, Lu, Lin, and Shen (2012) proposed HealthShare, a health social network, which allows

patients to share their health information and preserve their privacy. In our M2M communication system, we propose two ways for patients to get online social support: one way is from a social network formed among the patients that are registered at the M2M communication system of the hospital. The second way is to provide information and links about other online groups, which can provide social and psychological support to the patients. The principal members of the e-Healthcare society, which participate in the proposed M2M communication system are shown in Fig. 4 and are as follows:  One or a group of patients: For each patient, there is a primary doctor and alternative doctors who can remotely handle his/her case and intervene in case of emergency.  Patient’s family.  Doctors.  Nurses.  Medical students.  System administrator whose role is to assign doctors and medical students to patients. The assignment can be changed over time.  Ambulance driver.  Pharmacist. The members communicate among them using smartphones. Each smartphone includes a web-application that allows performing the e-Healthcare system functionalities. The system also includes two main components:

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

 M2M decision and management server: This server collects the data received from biosensors worn by the patients. It also, allows the authorized medical staff to access the patient’s data.  Privacy-based social network under the control of the system administrator. In this network, the real identity of patients is not disclosed. We define four scenarios of interactions among the members of the e-Healthcare society: (1) Continuous data collection and data access, (2) emergency detection, (3) prescription management, and (4) accessing privacy-based social network.

5

case of the patient. The system waits for any doctor who received the message to check the current patient’s data and confirm whether the situation requires urgent medical intervention or not. After a short time period, if the M2M server does not receive any confirmation due to doctors’ unavailability, it automatically decides to send message to the web-application of an ambulance driver at the hospital. If there is no response or all the drivers are busy, the server, using GoogleMap, looks for the closest hospital for the patient and contacts the M2M server of this hospital to send an ambulance to the patient. After that, the M2M server informs some doctors and nurses, who are available at the hospital, to prepare for treatment in advance of the arrival of the patient.

3.1. Continuous data collection and data access The biosensors continuously feed the M2M decision and management server with the patient’s status and information. Each doctor, who is authorized to access these information (the current and the previous ones), can check the progress of the patient, send advices to the patients as well as authenticated prescriptions. The medical students can also access the patient’s data to do research and survey studies.

3.3. Prescription management The doctor, who accesses the data of their patient, can judge that there is a need to issue a prescription for this patient. The doctor signs the prescription using their electronic certificate. The M2M server sends the prescription to the patient’s smartphone. When the patient goes to the pharmacy, the pharmacist, by checking the electronic signature, can verify the authenticity of the prescription.

3.2. Emergency detection The emergency alarm is raised by the M2M decision and management server after analyzing the data received from the patient. For example if some data exceed a normal threshold, it is an indication of abnormal activities. Some statistical-based and data mining approaches can be used to take the appropriate decision such as: Markov chains (Mihailidis, Boger, Canido, & Hoey, 2007), Dynamic Bayesian Network (DBN) (Subramanya, Raj, Bilmes, & Fox, 2006; van Kasteren & Krose, 2007; Wilson & Atkeson, 2005), Hidden Markov Model (HMM) (Subramanya et al., 2006), and Conditional Random Fields (CRF) (Liyue, Xi, Sukthankar, & Sukthankar, 2010; Philipose et al., 2004). After detecting an abnormal activity that requires urgent intervention, the M2M server informs the primary doctor, the alternative doctors, as well as the patient’s family member that is registered at the M2M communication system about the critical

3.4. Accessing privacy-based social network The administrator can register the patients on the social network of the M2M communication of the e-Healthcare system. The patients are registered under pseudonyms and their identities are not disclosed. The patients are also provided with a list of online groups that can give social and psychological supports. 4. Security design of the M2M communication e-Healthcare system 4.1. Security requirements of M2M communication For most of the applications using M2M devices, security is one of the critical requirements (Chen & Chang, 2012). Little work is

Fig. 5. Initial concept of LCS.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

6

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

Fig. 6. General Kerberos procedure.

Fig. 7. Kerberos Realm.

focusing on the security aspects of the M2M communication, and how to integrate security in M2M environments (Granjal, Monteiro, & Silva, 2013). Due to the characteristics of the M2M communication such as heterogeneity, security issues must be addressed differently, and hence new security challenges are raised (Inhyok, Shah, Schmidt, Leicher, & Meyerstein, 2009). M2M systems need the integration of many technologies such as: smart meters, sensing devices, mobile devices, RFID, Wi-Fi network, Low-Power Personal Area Networks, cellular network. This heterogeneity of communication technologies imposes on M2M applications to adopt new security design solutions to ensure privacy and data confidentiality (Lai et al., 2012). As the M2M applications include lowsize and self-powered energy constrained devices, the security solution needs to take into consideration the size of the

cryptographic keys, the complexity of the cryptographic algorithm and the key management algorithms employed for the authentication, in order to optimize energy consumption (Granjal et al., 2013). The current standards can handle or provide reliable communication in the specific mediums for what they built up for. These standardized protocols (Saleem, 2006; Saleem & Fisal, 2012; Saleem et al., 2009; Zubair, Fisal, Baguda, & Saleem, 2013) and security mechanisms (Saleem, Fisal, Hafizah, & Rashid, 2011; Saleem, Khalil, Fisal, Ahmed, & Orgun, 2013) can be used in M2M communication scenario, but after revision according to the application requirements, analysis and evaluation from all aspects (Lai et al., 2012). Therefore, novel mechanisms are required to ensure the security of critical and confidential information over Machine to Machine (M2M) communication.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

Start

Check server

 How to design an authentication scheme between two unknown communicating nodes in the M2M network.  How to make the authentication scheme in the health-care scenario, which supports dynamic associations between the doctors and the patients.

No

no

7

Check local certificate

4.3. Design concept of Low Cost and Secure (LCS) framework yes Authenticate Get updated certificate

No Yes

Yes

Transfer Encrypted Information

Exchange key Successful

Exchange Keys

Stop

Fig. 8. State machine diagram of packet encryption and decryption.

4.2. Research gap Security of M2M communication is an emerging and recent research topic and there is a plenty of rooms for contributions. In this section, we are going to tackle some original security issues such as:  How to design a low-cost architecture for the authentication scheme in the M2M networks.

The aspects that will be focused more are the initial design concept of the proposed security mechanism, security architecture, its performance evaluation and validation. The initial concept of Low Cost and Secure (LCS) Framework for M2M communication in health care scenario (Zhong & Siok, 2012) is shown in Fig. 5. Every connection between machines is based on public and private key mechanism (Stallings, 2005; Sun et al., 2012) as shown in Fig. 5, to validate and to transfer data securely. The key management system and information are mainly taken care by the centralized servers, and modified Kerberos (Inshil et al., 2012; Stallings, 2005) as shown in Fig. 6, will be employed according to application. If the main server is not available and/or machines are very near to each other then certificate based authentication will be performed directly between the two machines to completely secure M2M communication (Zhong & Siok, 2012). The direct communication will reduce the delay and is online. For instance, if the authorized doctor is with the patient, his mobile application will directly communicate with the patient handheld device to acquire the current readings. As soon as the server becomes available, the doctors mobile will be updated with the other details of the current patient. Devices can be equipped on the body of the patient or/and can be deployed around in the overall structure to monitor the patient’s environment. The distributive mechanism will be managed with the help of the modified concept based on Kerberos Realm (Stallings, 2005) according to application requirements as shown in Fig. 7.

Fig. 9. Backend functioning.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

8

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

Fig. 10. M2M communication system prototype.

4.4. LCS design approach The design of the proposed LCS Security mechanism is shown in Fig. 8. The process begins when two devices or machines need to exchange the information. First the algorithm checks the server availability, if it is available it will check for the updated certificates and security information from server. Otherwise, the current node will authenticate based on the local certificate. After the authentication process completed, the exchange key process will be invoked. If the keys are exchanged successfully, the encrypted information will start transferring, else again the authentication will be re-performed. 5. Prototype implementation We have implemented Fig. 5 scenario under Visual Basic .net 2013 and the screenshot is shown in Fig. 10. The simulation type based implementation is performed to analyze the output of applied algorithms. Under analysis, we study whether the LCS based on Kerberos is working and giving output according to required expectations or not. In the programme, we enable a database with some entities as Patient ID, ECG and blood pressure and other databases as shown in Fig. 9 with Kerberos Key Distribution Center (KDC). On frontend the frame based mobile display is authenticated by the database. The certificate is given to the frontend mobile display and stored in the variable. Onward, the mobile display frame is authenticated by the communicator based on offline certificate in variable and can acquire the data directly from the patient embedded devices. The main database updates all the certificates when the KDC database is updated. The remote patient’s data (randomly

generated numbers) are periodically (after every 5 min) coming in based on (Saleem, Fisal, Hafizah, Kamilah, & Rashid, 2009; Saleem et al., 2014) and recorded in the main database as shown in Fig. 9. The records that are coming to the database are encrypted and decrypted based on the key assigned to the user, otherwise the record is discarded. The doctors at remote locations can acquire the data of remote patient directly, if the mobile application is pre-authenticated and offline certificate is stored in it. Otherwise, the connection to main server is essential to complete the authorization and authentication processes. At the end we perform the risk assessment based on the phases given in (Mathkour, Shahzad, & Al-Wakeel, 2011; Shahzad & Al-Mudimigh, 2010; Basit Shahzad, Iqbal, ul Haq, & Raza, 2006; Basit Shahzad & Safvi, 2010) to assure the quality of the software. 6. Conclusion and future work In this paper, we have proposed a Machine to Machine (M2M) communication system that takes into consideration the psychological issues related to the actors of the e-Healthcare society such as: stress due to high workload, anxiety, loneliness. The system aims at performing most of the tasks automatically in an autonomous and intelligent manner and without human intervention, which minimizes the workload of medical staffs as well as the associated stress. This leads to an improvement of the patient care quality and the system performance in terms of execution durations of the tasks. We have shown the members composing the e-Healthcare society as well as the interactions among the members in a secure manner. To ensure data privacy, the mechanism involves intelligent authentication based on random distributive key management scheme and

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010

K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

modified realm Kerberos while handling dynamic assignment of doctors to specific patient. The system also addresses the need for patients to share their health information with strangers while dealing with the privacy preservation issue. This is achieved by registering the patients to the privacy-based social support group managed by the system administrator and providing them with a list of online groups that can provide such supports. The given scenario is implemented in Visual Basic .net 2013 that shows the effectiveness of the proposed Low Cost and Secure (LCS) Framework. Due to the fact that M2M communication makes the interconnection between devices more complex, new security threats have been emerged. As a future work, we are going to study the effect of these threats on the decision process in the healthcare society and analyze the security resilience of LCS. In addition, we plan to study how LCS can be integrated in other application fields such as: industrial automation, smart home, and smart grid. Acknowledgment This work is supported by the Research Center of College of Computer and Information Sciences, King Saud University, Grant Number RC140224. The authors are grateful for this support. References Booysen, M. J., Gilmore, J. S., Zeadally, S., & Van Rooyen, G. J. (2012). Machine-toMachine (M2M) communications in vehicular networks. KSII Transactions on Internet and Information Systems, 6(2), 529–546. Chen, D., & Chang, G. (2012). A survey on security issues of M2M communications in cyber-physical systems. KSII Transactions on Internet and Information Systems, 6(1), 24–45. Chen, M., Wan, J., & Li, F. (2012). Machine-to-machine communications: Architectures, standards and applications. KSII Transactions on Internet and Information Systems, 6(2), 480–497. Chung, J. E. (2013). Social interaction in online support groups: Preference for online social interaction over offline social interaction. Computers in Human Behavior, 29(4), 1408–1414. Dishman, E. (2004). Inventing wellness systems for aging in place. Computer, 37(5), 34–41. Egbogah, E. E., & Fapojuwo, A. O. (2011). A survey of system architecture requirements for health care-based wireless sensor networks. Sensors (Basel), 11(5), 4875–4898. Fulford-Jones, T. R. F., Gu-Yeon, W., & Welsh, M. (2004). A portable, low-power, wireless two-lead EKG system. In 26th Annual international conference of the IEEE engineering in medicine and biology society, 2004. IEMBS ’04 (Vol. 1, pp. 2141– 2144). Granjal, J., Monteiro, E., & Silva, J. (2013). Security issues and approaches on wireless M2M systems. In S. Khan & A.-S. Khan Pathan (Eds.), Wireless networks and security (pp. 133–164). Berlin Heidelberg: Springer. Inc., N. M. (2014). Avant 4000 wireless wearable pulse oximeter. A1 207–408. In (Vol. 2014). Del City, Menomonee Falls, WI 53051, USA . Inhyok, C., Shah, Y., Schmidt, A. U., Leicher, A., & Meyerstein, M. V. (2009). Trust in M2M communication. IEEE Vehicular Technology Magazine, 4(3), 69–75. Inshil, D., Kijoon, C., Jiyoung, L., & Min Young, C. (2012). An improved security approach based on Kerberos for M2M open IPTV system. In 15th International conference on network-based information systems (NBiS), 2012 (pp. 754–759). Jung, S., Ahn, J. Y., Hwang, D.-J., & Kim, S. (2012). An optimization scheme for M2Mbased patient monitoring in ubiquitous healthcare domain. International Journal of Distributed Sensor Networks, 2012, 9. Jung, S. J., Myllyla, R., & Chung, W. Y. (2013). Wireless machine-to-machine healthcare solution using android mobile devices in global networks. IEEE Sensors Journal, 13(5), 1419–1424. Lai, C., Hui, L., Yueyu, Z., & Jin, C. (2012). Security issues on machine to machine communications. KSII Transactions on Internet and Information Systems, 6(2), 498–514. Liang, X., Barua, M., Lu, R., Lin, X., & Shen, X. (2012). HealthShare: Achieving secure and privacy-preserving health information sharing through health social networks. Computer Communications, 35(15), 1910–1920. Liyue, Z., Xi, W., Sukthankar, G., & Sukthankar, R. (2010). Motif discovery and feature selection for CRF-based activity recognition. In 20th International conference on Pattern Recognition (ICPR), 2010 (pp. 3826–3829). Lorincz, K., Malan, D. J., Fulford-Jones, T. R. F., Nawoj, A., Clavel, A., Shnayder, V., et al. (2004). Sensor networks for emergency response: Challenges and opportunities. IEEE Pervasive Computing, 3(4), 16–23. Mathie, M. J., Coster, A. C., Lovell, N. H., & Celler, B. G. (2004). Accelerometry: Providing an integrated, practical method for long-term, ambulatory monitoring of human movement. Physiological Measurement, 25(2), R1–20.

9

Mathkour, H. I., Shahzad, B., & Al-Wakeel, S. (2011). Software risk management and avoidance strategy. In International conference on machine learning and computing, IPCSIT (Vol. 3). Mihailidis, A., Boger, J., Canido, M., & Hoey, J. (2007). The use of an intelligent prompting system for people with dementia. Interactions, 14(4), 34–37. Min, C., Jiafu, W., Gonzalez, S., Xiaofei, L., & Leung, V. C. M. (2014). A survey of recent developments in home M2M networks. IEEE Communications Surveys and Tutorials, 16(1), 98–114. Mui Van, N., Al-Saffar, A., & Eui-Nam, H. (2010). A dynamic ID-based authentication scheme. In Sixth international conference on networked computing and advanced information management (NCM), 2010 (pp. 248–253). Ohmura, R., Naya, F., Noma, H., Kuwahara, N., Toriyama, T., & Kogure, K. (2006). Practical design of a sensor network for understanding nursing activities. In Proceedings 2006 31st IEEE conference on local computer networks (pp. 615–622). Park, R., Jung, H., Shin, D.-K., Kim, G.-J., & Yoon, K.-H. (2014). M2M-based smart health service for human UI/UX using motion recognition. Cluster Computing, 1–12. Philipose, M., Fishkin, K. P., Perkowitz, M., Patterson, D. J., Fox, D., Kautz, H., et al. (2004). Inferring activities from interactions with objects. IEEE Pervasive Computing, 3(4), 50–57. Ren, W., Yu, L., Ma, L., & Ren, Y. (2013). RISE: A reliable and secure scheme for wireless machine to machine communications. Tsinghua Science and Technology, 18(1), 100–117. Saleem, K., Derhab, A., & Al-Muhtadi, J. (2014). Low delay and secure M2M communication mechanism for eHealthcare. IEEE HealthCom, 2014, 498–503. Saleem, K. (2006). QoS provisioning for real time services in MPLS diffserv aware IPv6 network using IXP-2xxx (Intel Network Processor). Universiti Teknologi Malaysia, Faculty of Electrical Engineering. Saleem, K., & Fisal, N. (2012). Enhanced ant colony algorithm for self-optimized data assured routing in wireless sensor networks. In 18th IEEE international conference on networks (ICON), 2012 (pp. 422–427). Saleem, K., Fisal, N., Hafizah, S., Kamilah, S., & Rashid, R. (2009). Biological inspired self-optimized routing algorithm for wireless sensor networks. In IEEE 9th Malaysia international conference on communications (MICC), 2009 (pp. 305– 309). IEEE. Saleem, K., Fisal, N., Hafizah, S., Kamilah, S., Rashid, R., & Baguda, Y. (2009). Cross layer based biological inspired self-organized routing protocol for wireless sensor network. In TENCON 2009. Singapore: IEEE. Saleem, K., Khalil, M. S., Fisal, N., Ahmed, A. A., & Orgun, M. A. (2013). Efficient random key based encryption system for data packet confidentiality in WSNs. In IEEE international conference on trust, security and privacy in computing and communications (TrustCom2013) (pp. 1662–1668). Melbourne, Australia: IEEE. Saleem, K., Fisal, N., & Al-Muhtadi, J. (2014). Empirical studies of bio-inspired selforganized secure autonomous routing protocol. IEEE Sensors Journal, 14(7), 2232–2239. Saleem, K., Fisal, N., Hafizah, S., & Rashid, R. (2011). An intelligent information security mechanism for the network layer of WSN: BIOSARP. In Á. Herrero & E. Corchado (Eds.). Computational intelligence in security for information systems (Vol. 6694, pp. 118–126). Berlin/Heidelberg: Springer. Shahzad, B., & Al-Mudimigh, A. S. (2010). Risk identification, mitigation and avoidance model for handling software risk. In Second international conference on computational intelligence, communication systems and networks (CICSyN), 2010 (pp. 191–196). Shahzad, B., Iqbal, J., ul Haq, Z., & Raza, S. (2006). Distributed risk analysis using relative impact technique. In 3rd Asian conference on intelligent systems and networks (pp. 433–439). Shahzad, B., & Safvi, S. (2010). Risk mitigation and management scheme based on risk priority. Global Journal of Computer Science and Technology, 10(4). Stallings, W. (2005). Cryptography and network security (4th ed.). Prentice Hall. Subramanya, A., Raj, A., Bilmes, J. A., & Fox, D. (2006). Recognizing activities and spatial context using wearable sensors. In UAI. AUAI Press. Sun, X., Men, S., Zhao, C., & Zhou, Z. (2012). A security authentication scheme in machine-to-machine home network service. Security and Communication Networks. http://dx.doi.org/10.1002/sec.551. van Kasteren, T., & Krose, B. (2007). Bayesian activity recognition in residence for elders. In 3rd IET international conference on intelligent environments, 2007. IE 07 (pp. 209–212). Van Laerhoven, K., Lo, B. P., Ng, J. W., Thiemjarus, S., King, R., Kwan, S., et al. (2004). Medical healthcare monitoring with wearable and implantable sensors. In Proc. of the 3rd international workshop on ubiquitous computing for healthcare applications: Citeseer. Wilson, D. H., & Atkeson, C. (2005). Simultaneous tracking and activity recognition (STAR) using many anonymous, binary sensors. In H.-W. Gellersen, R. Want, & A. Schmidt (Eds.). Pervasive computing (Vol. 3468, pp. 62–79). Berlin Heidelberg: Springer. Yan, Z., Rong, Y., Shengli, X., Wenqing, Y., Yang, X., & Guizani, M. (2011). Home M2M networks: Architectures, standards, and QoS improvement. IEEE Communications Magazine, 49(4), 44–52. Zhong, F., & Siok, T. (2012). M2M communications for e-Health: Standards, enabling technologies, and research challenges. In 2012 6th International symposium on medical information and communication technology (ISMICT) (pp. 1–4). Zubair, S., Fisal, N., Baguda, Y. S., & Saleem, K. (2013). Assessing routing strategies for cognitive radio sensor networks. Sensors, 13(10), 13005–13038.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society. Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010