Abstract
This paper presents an idea of using a proxy-based security solution to protect web-based eHealth applications from client-side attacks. In today’s Internet, eHealth services face many challenges related to information security as the users display and input sensitive information using web applications. This information may be spied on or modified by a malicious adversary. By obfuscating the executable code of a web application and by continuously dynamically changing obfuscation, our solution makes it more difficult for a piece of malware to attack its target. We believe it would effectively mitigate automated client-side attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Collberg, C., Thomborson, C., Low, D.: A taxonomy of obfuscation tranformations. Tech. Rep. 148, The University of Auckland (1997)
Eysenbach, G.: What is e-health? Journal of Medical Internet Research 3(2), e20 (2001)
Foster, B., Lejins, Y.: Ehealth security Australia: The solution lies with frameworks and standards. In: Australian eHealth Informatics and Security Conference, pp. 21–28 (2013)
Health Level Seven International: HL7, version 2.3 (1997)
Kreps, G., Neuhauser, L.: New directions in eHealth communication: Opportunities and challenges. Patient Education and Counseling 78(3), 329–336 (2010)
Oladimeji, E., Chung, L., Jung, H., Kim, J.: Managing security and privacy in ubiquitous ehealth information interchange. In: Proceedings of the 5th International Conference on Ubiquitous Information Management, pp. 1–10 (2011)
Omakanta: Omakanta homepage, http://www.omakanta.fi
Peffers, K., Tuunanen, T., Rothenberger, M., Chatterjee, S.: A design science research methodology for information system research. Journal of Management Informration Systems 24(3) (2007)
Rauti, S., Leppänen, V.: Resilient Code Protection by JavaScript and HTML Obfuscation for Ajax Applications against Man-in-the-Browser Attacks (under review)
Rauti, S., Leppänen, V.: Man-in-the-Browser Attacks in Modern Web Browsers. In: Emerging Trends in ICT Security, pp. 469–480 (2014)
Rauti, S., Leppänen, V.: A proxy-like obfuscator for web application protection. International Journal on Information Technologies and Security 6(1) (2014)
Rodwin, M.: Patient Data: Property, Privacy & the Public Interest. American Journal of Law and Medicine (36), 586–618 (2010)
Safenet: Man-in-the-Browser. Understanding Man-in-the-Browser Attacks and Addressing the Problem. Technical report
Dougan, T., Curran, K.: Man-in-the-browser attacks. International Journal of Ambient Computing and Intelligence 4(1), 29–39 (2012)
Taltioni: Taltioni homepage, http://www.taltioni.fi/en/individuals/taltioni
Taltioni: Taltioniin liitettävät palvelut, http://www.taltioni.fi/fi/kansalaiset/palvelut
Taltioni: What is taltioni? http://www.taltioni.fi/en/individuals/taltioni
TheCarrot: TheCarrot homepage, http://www.thecarrot.com
WHO: E-Health (2014), http://www.who.int/trade/glossary/story021/en/
Wilkowska, W., Ziefle, M.: Privacy and data security in E-health: Requirements from the user’s perspective. Health Informatics Journal 18(3), 191–201 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Rauti, S. et al. (2014). A Proxy-Based Security Solution for Web-Based Online eHealth Services. In: Saranto, K., Castrén, M., Kuusela, T., Hyrynsalmi, S., Ojala, S. (eds) Safe and Secure Cities. WIS 2014. Communications in Computer and Information Science, vol 450. Springer, Cham. https://doi.org/10.1007/978-3-319-10211-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-10211-5_17
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10210-8
Online ISBN: 978-3-319-10211-5
eBook Packages: Computer ScienceComputer Science (R0)