Security Challenges And Solutions In Healthcare Networks

Literature Review

The specific data network or the computerized network can be defined as the digital telecommunications network, which enables various nodes to share several resources [3]. These computer devices are responsible for exchanging the sensitive information or data with each other by taking the major help of few data connections in the nodes. These data connections can be easily established with the cable media such as wires, optical cables and also the wireless media such as wireless fidelity or Wi-Fi. The basic use of the network technologies are growing rapidly in the sector of health care [8]. The health care could be eventually considered as one of the major applications for the various applications on the basis of networks. The several networks can easily give the effective as well as efficient solutions for the few factors such as accessing the electronic medical record or EMR, online claims submissions, patient accountings, biomedical information, admission information and many more. The several networks of health care are highly vital and important for the health care sector [14]. The following report will be outlining a detailed description about the various security based challenges or issues within the emerging networks in the sector of health care. The report also provides the network architecture, recent development as well as the importance of privacy and security.

1. Architecture of Health Care Networks

 The sector of health care majorly consists of those typical organizations that are responsible for providing the various medical services as well as medical insurances, that also manufacture the medical equipment or drugs and finally facilitate the provision of this health care for the patients [1]. The sector of health care consists of the diversified array of various industries and even with kinds of activities, which are ranging either from the researches to the manufactures or to facilities management. These makers of the medical equipment substantially range from those firms that manufacture the standardized and familiar products such as bandages, gloves, scalpels and forceps. The various experts of health care and the patients get advantages from the sector of health care. The respective networks of the health care sector easily and promptly provide various advantages to the doctors, nurses and patients [11]. The routers, servers, firewalls, gateways, switches and clients are clearly depicted in the provided architecture of a health care network.

This above provided figure has properly demonstrated the clear understanding of gateway, OAM server, clients and server farm. The server selected in this network is from Oracle. These mentioned four components are the main elements of the network architecture and it is absolutely based on the important concept and ideology of service oriented network architectures or SONA [7]. All of these ideologies could be sub divided to three structural elements that are server farm’s level, infrastructure level and client level.

Recent Developments in the Health Care Networks

 The networks of health care sector are eventually bringing out various developments for their users in the entire world [5]. Several important and significant development programs have been deployed within the rural areas. The main purpose of the recent developments is assisting the health care sector for properly develop the integrated network of health care. All of the networks of health care sector can be extremely effective and efficient strategies to achieve the economies of scale and efficiency. The most significant objective is to increment the communication and thus mitigate all the current problems with this communication. Furthermore, the sensitive information is extremely dangerous for the networks and thus is often hacked by various hackers [13]. The lack of data or information loss is the major recent development of health care network.

 The security is the most significant requirement or need in the networks of health care sector. This network security is the perfect protection or prevention from the destruction, misuses, accessing or hacking of the confidential files and directories in the computer based or digitalized networking system [9]. The most important and noteworthy threats or risks to the health care network are identity theft, adware, spyware, worms or computer viruses. The major importance of the network security is that it could easily and promptly detect or prevent the viruses’ entries. Moreover, the other threats are also ceased with this type of security. Various security measures such as encryption and decryption are present for stopping the hacker to get hold or access of the data [3]. Since, these networks of health care sector could store the confidential information like the various details of patients or progress reports of those patients, there is a significant importance of this network security.

Several vulnerable and potential security issues are present in the networks of health care sector. Within them, three most vulnerable issues of security are listed below:

1. Man in the Middle Attack: The first and the most significant issues of security that is present for the networks of health care sector is the man-in-the-middle attack [10]. In this particular attack, the attacker or the hacker would secretly alters or simply relays the sensitive data between two distinct parties, who are having the stronger belief that they are talking each other directly and without any interruption. The best and the most suitable example of the man-in-the-middle attacks would be eavesdropping [12]. This hacker makes certain self-sufficient connection with all the victims and next he is responsible for relaying all the messages within them to make these victims strongly believe that they are communicating to one another privately; however the complete conversation is eventually controlled by the specific attacker. He could even intercept the sensitive message, which is passing between the victims and then inject all the new ones. This attacker within the reception range of all unencrypted WAPS such as wireless fidelity could easily insert himself as the man in the middle [6]. The mutual authentications are circumvented and hence this type of attack can succeed whenever the attacker will be impersonating at all the end points to the respective satisfaction at the legalized ends.
2. Network Manipulation: The second important issue of security in the network of health care is the specific manipulation of network [2]. It is the kind of network resource or media manipulation in the connection of Internet that is generally conducted for either getting the major access of the sensitive data or for destructing the information system for any company. Discreditation is another important and significant type of network manipulation issue. To accomplish all the major goals, the various software professionals, online influencers or hired professionals use few Internet bots such as click bots, social bots and vote bots [4]. The cognitive hackings are being completed when this network manipulation is implemented.
3. Distributed Denial of Service Attack: Another important and significant security issue, which is extremely vulnerable for the attack of DDoS attacks or distributed denial of service attacks. Within this particular attack, the hacker subsequently seeks into the machine or network resource to make the machine absolutely unavailable for all the authorized and intended users [7]. It is eventually done either by the temporary or by the permanent service disruptions within any specific host, which is connected with Internet connectivity. This kind of attack can be easily achieved by simply flooding all the target resources as well as target machine with several superfluous requests and with the major attempt to overload these targeted machines. Next, all the authorized and authenticated members are prevented from getting proper access of the sensitive information or data [12]. In this type of attack of distributed denial of service, the specified incoming traffic is being flooded by an attacker so that this victim is not getting the confidential data from the respective sources.

The three above-mentioned risks are required to be mitigated as soon as possible since they could be extremely dangerous for the users of health care sector.

Among the three mentioned issues of security in heath care network, the distributed denial of service attack is considered as the most vulnerable [5]. This can be easily mitigated with the help of some of the important techniques and these are given below:

The mitigation of distributed-denial-of-service attack can be defined as the collection of some of the tools or techniques, which are helpful to resist and mitigate the significant impact of this particular attack over the network of health care [9]. It is solely attached with the Internet connection after protecting the target networks or relay networks. The respective traffic is then identified to separate the human traffic such as bots as well as the attacked web browser. The specific process is being eventually completed after comparing the signatures and hence testing several attributes of the network traffic such as the Javascript footprints, IP address, cookie variations as well as HTTP headers. These DDoS attacks are highly vulnerable and threatening to each and every user. The next important methodology for mitigating the security issues is by implementing encryption technique [1]. The confidential data is being encrypted to a hidden text and then only the receiver or the sender could access the data. Verification of SSL setups is the next important technique for detecting the attacker and removing DDoS attack.

Importance of Security in Health Care Network

Conclusion

Therefore, from the above discussion, conclusion can be drawn that the computerized networks within the specific sector of health care is extremely important and necessary to get more effective and efficient solutions or accessing the confidential or sensitive data for the various patients as well as the doctors and nurses. This sector of health care is eventually responsible to provide several types of solutions such as imaging, patient accountings, electronic medical record or EMR, online claims submissions, biomedical information, admission information and many more. Since, all of these above mentioned solutions are present in the health care sector; these are subsequently becoming more advanced every day. The specified providers of this health care sector are adopting newer technologies for obtaining extreme efficiency as well as effectiveness. However, although this sector has all of these advantages or solutions, all of the networks are extremely vulnerable for the several kinds of security and privacy challenges or issues. The attackers or the hackers hence can easily and promptly hack or access the sensitive data. This particular report has clearly outlined the entire concept of the networks of health care sector. The architecture of the health care network as well as the current development of these types of networks is being properly explained in this report. Furthermore, three important and significant security issues for these types of health care networks are also provided here. The final part of this report has described the mitigation techniques for mitigating any one of the identified security issues in health care network.

References

[1] Perlman, Radia, Charlie Kaufman, and Mike Speciner. Network security: private communication in a public world. Pearson Education India, 2016.

[2] Kahate, Atul. Cryptography and network security. Tata McGraw-Hill Education, 2013.

[3] Manshaei, Mohammad Hossein, Quanyan Zhu, Tansu Alpcan, Tamer Bac?ar, and Jean-Pierre Hubaux. “Game theory meets network security and privacy.” ACM Computing Surveys (CSUR) 45, no. 3 (2013): 25.

[4] Tokuyoshi, Brian. “The security implications of BYOD.” Network Security 2013, no. 4 (2013): 12-13.

[5] Knapp, Eric D., and Joel Thomas Langill. Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress, 2014.

[6] Chen, Gaojie, Yu Gong, Pei Xiao, and Jonathon A. Chambers. “Physical layer network security in the full-duplex relay system.” IEEE transactions on information forensics and security 10, no. 3 (2015): 574-583.

[7] Liang, Xiannuan, and Yang Xiao. “Game theory for network security.” IEEE Communications Surveys & Tutorials 15, no. 1 (2013): 472-486.

[8] White, Gregory B., Eric A. Fisch, and Udo W. Pooch. Computer system and network security. CRC press, 2017.

[9] Kizza, Joseph Migga. Guide to computer network security. London: Springer, 2013.

[10] Zaalouk, Adel, Rahamatullah Khondoker, Ronald Marx, and Kpatcha Bayarou. “Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions.” In Network Operations and Management Symposium (NOMS), 2014 IEEE, pp. 1-9. IEEE, 2014.

[11] Acemoglu, Daron, Azarakhsh Malekian, and Asu Ozdaglar. “Network security and contagion.” Journal of Economic Theory166 (2016): 536-585.

[12] Suo, Hui, Zhuohua Liu, Jiafu Wan, and Keliang Zhou. “Security and privacy in mobile cloud computing.” In Wireless Communications and Mobile Computing Conference (IWCMC), 2013 9th International, pp. 655-659. IEEE, 2013.

[13] Bejtlich, Richard. The practice of network security monitoring: understanding incident detection and response. No Starch Press, 2013.

[14] Anwar, Raja Waseem, Majid Bakhtiari, Anazida Zainal, Abdul Hanan Abdullah, Kashif Naseer Qureshi, F. Computing, and J. Bahru. “Security issues and attacks in wireless sensor network.” World Applied Sciences Journal 30, no. 10 (2014): 1224-1227.