Asynchronous telemedicine systems face many challenges related to information security as the patient’s sensitive information and data on medicine dosage is transmitted over a network when monitoring patients and controlling asynchronous telemedical IoT devices. This information may be modified or spied on by a malicious adversary. To make asynchronous telemedicine systems more secure, the authors present a proxy-based solution against data modification and spying attacks in web-based telemedical applications. By obfuscating the executable code of a web application and by continuously dynamically changing obfuscation, the authors’ solution makes it more difficult for a piece of malware to attack its target. They use a constructive research approach. They characterize the threat and present an outline of a proposed solution. The benefits and limitations of the proposed solution are discussed. Cyber-attacks targeted at the information related to patient’s care are a serious threat in today’s telemedicine. If disregarded, these attacks have negative implications on patient safety and quality of care.
Sampsa Rauti (University of Turku, Turku, Finland), Janne Lahtiranta (University of Turku, Turku, Finland), Heidi Parisod (University of Turku, Turku, Finland), Sami Hyrynsalmi (Tampere University of Technology, Pori, Finland), Sanna Salanterä (University of Turku, Turku, Finland), Minna Elisabeth Aromaa (University of Turku, Turku, Finland), Jouni Smed (University of Turku, Turku, Finland) and Ville Leppänen (Department of Information Technology, University of Turku, Turku, Finland): A Proxy-Based Solution for Asynchronous Telemedical Systems