{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,9,26]],"date-time":"2022-09-26T04:55:54Z","timestamp":1664168154480},"reference-count":31,"publisher":"IGI Global","issue":"4","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019,10]]},"abstract":"<jats:p>Machine-to-machine (M2M) communication is an emerging technology with unrivaled benefits in the fields of e Health and m-Health. The wireless body area networks (WBANs) consist of a major subdomain of M2M communications. The WBANs coupled with the Cloud Computing (CC) paradigm introduce a supreme infrastructure in terms of performance and Quality of Services (QoS) for the development of eHealth applications. In this article, a risk assessment aiming to disclose potential threats and highlight exploitation of health care services, is introduced. The proposed assessment is based upon the implementation of a series of steps. Initially, the health care WBAN-CC infrastructure is scrutinized; then, its threats' taxonomy is identified. Then, a risk assessment is carried out based on an attack-tree consisting of the most hazardous threats against Personally Identifiable Information (PII) disclosure. Thus, the implementation of several countermeasures is realized as a means to mitigate gaps.<\/jats:p>","DOI":"10.4018\/ijitn.2019100105","type":"journal-article","created":{"date-parts":[[2019,8,13]],"date-time":"2019-08-13T17:04:33Z","timestamp":1565715873000},"page":"63-79","source":"Crossref","is-referenced-by-count":0,"title":["Attack-Tree Based Risk Assessment on Cloud-Oriented Wireless Body Area Network"],"prefix":"10.4018","volume":"11","author":[{"given":"Theodoros","family":"Mavroeidakos","sequence":"first","affiliation":[{"name":"University of Piraeus, Greece"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nikolaos Peter","family":"Tsolis","sequence":"additional","affiliation":[{"name":"University of Piraeus, Piraeus, Greece"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dimitrios D.","family":"Vergados","sequence":"additional","affiliation":[{"name":"University Of Piraeus, Piraeus, Greece"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stavros","family":"Kotsopoulos","sequence":"additional","affiliation":[{"name":"Wireless Telecommunications Laboratory, Department of Electrical and Computer Engineering, University of Patras, Patras, Greece"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"2432","reference":[{"key":"IJITN.2019100105-0","doi-asserted-by":"publisher","DOI":"10.1016\/j.eij.2016.11.001"},{"key":"IJITN.2019100105-1","doi-asserted-by":"publisher","DOI":"10.1109\/CyberC.2017.37"},{"key":"IJITN.2019100105-2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2821445"},{"key":"IJITN.2019100105-3","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.050113.00191"},{"key":"IJITN.2019100105-4","unstructured":"EU Commission. (2006). Communication from the Commission on a European Programme for Critical Infrastructure Protection. COM (2006)."},{"key":"IJITN.2019100105-5","unstructured":"EU Commission. (2017). European Political Strategy Center (EPSC) Strategic Notes. Building an Effective European Cyber Shield Taking EU Cooperation to the Next Level."},{"key":"IJITN.2019100105-6","unstructured":"N.I.S. Directive. (2016). Directive (EU) 2016\/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union."},{"key":"IJITN.2019100105-7","unstructured":"Djalali, A., & Ingrassia, P. (2016). Best practices of health sector and EU hospitals for risk management and reduction against terrorist attacks and interorganizational plans."},{"key":"IJITN.2019100105-8","doi-asserted-by":"publisher","DOI":"10.1109\/VTCFall.2013.6692446"},{"key":"IJITN.2019100105-9","doi-asserted-by":"publisher","DOI":"10.1109\/JSEN.2014.2373388"},{"issue":"6","key":"IJITN.2019100105-10","first-page":"1","article-title":"IEEE Standard for Local and Metropolitan Area Networks\u2014Part 15.6: Wireless Body Area Networks.","volume":"802","year":"2012","journal-title":"IEEE Standard for Information Technology,"},{"key":"IJITN.2019100105-11","unstructured":"Institute of Electrical and Electronics Engineers (IEEE). IEEE Standard for Local and metropolitan area networks- Part 15.6: Wireless Body Area Networks, 151-172. Retrieved from https:\/\/standards.ieee.org\/findstds\/standard\/802.15.6-2012.html ."},{"key":"IJITN.2019100105-12","doi-asserted-by":"publisher","DOI":"10.1007\/s11235-014-9897-0"},{"key":"IJITN.2019100105-13","doi-asserted-by":"publisher","DOI":"10.1109\/MCC.2015.2"},{"key":"IJITN.2019100105-14","doi-asserted-by":"publisher","DOI":"10.1155\/2015\/373474"},{"key":"IJITN.2019100105-15","doi-asserted-by":"publisher","DOI":"10.1016\/j.procs.2014.07.058"},{"key":"IJITN.2019100105-16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36169-2"},{"key":"IJITN.2019100105-17","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-36169-2"},{"key":"IJITN.2019100105-18","author":"D.Liveri","year":"2015","journal-title":"Security and Resilience in eHealth: Security Challenges and Risks"},{"key":"IJITN.2019100105-19","doi-asserted-by":"publisher","DOI":"10.1109\/ISSA.2017.8251776"},{"key":"IJITN.2019100105-20","doi-asserted-by":"publisher","DOI":"10.1109\/SURV.2013.121313.00064"},{"key":"IJITN.2019100105-21","doi-asserted-by":"publisher","DOI":"10.1109\/WiSPNET.2017.8299905"},{"key":"IJITN.2019100105-22","doi-asserted-by":"publisher","DOI":"10.1007\/s11227-013-1021-9"},{"key":"IJITN.2019100105-23","first-page":"1","article-title":"Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95\/46.","volume":"59","author":"G. D. P.Regulation","year":"2016","journal-title":"Official Journal of the European Union"},{"key":"IJITN.2019100105-24","doi-asserted-by":"crossref","unstructured":"Sajjan, R. S., & Ghorpade, V. R. (2017, March). Ransomware attacks: Radical menace for cloud computing. In 2017 International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET) (pp. 1640-1646). IEEE.","DOI":"10.1109\/WiSPNET.2017.8300039"},{"key":"IJITN.2019100105-25","doi-asserted-by":"publisher","DOI":"10.3390\/s110201383"},{"key":"IJITN.2019100105-26","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4419-1153-7_644"},{"key":"IJITN.2019100105-27","doi-asserted-by":"publisher","DOI":"10.1109\/MDM.2015.52"},{"key":"IJITN.2019100105-28","doi-asserted-by":"publisher","DOI":"10.1109\/SCOPES.2016.7955539"},{"key":"IJITN.2019100105-29","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.CSWP.1","author":"K. M.Stine","year":"2014","journal-title":"Framework for Improving Critical Infrastructure Cybersecurity"},{"key":"IJITN.2019100105-30","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134027"}],"container-title":["International Journal of Interdisciplinary Telecommunications and Networking"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=235470","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,25]],"date-time":"2022-09-25T16:03:24Z","timestamp":1664121804000},"score":1,"resource":{"primary":{"URL":"http:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/IJITN.2019100105"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2019,10]]},"references-count":31,"journal-issue":{"issue":"4"},"URL":"https:\/\/doi.org\/10.4018\/ijitn.2019100105","relation":{},"ISSN":["1941-8663","1941-8671"],"issn-type":[{"value":"1941-8663","type":"print"},{"value":"1941-8671","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,10]]}}}