Security analysis of mobile applications: A case study of a collaboration tool in healthcare

Abstract

Mobile-based collaboration tools are increasingly used for communication and information sharing in delivering healthcare services that need collaboration across different geographical locations. Some of the typical features found in the collaboration tools include video conferencing facility, images/documents exchange in real-time, and annotations to point and draw on shared rich media content. Though the innovations and conveniences of such collaboration tools are well understood, security implications of such systems are often overlooked. As a result, necessary security mechanisms are not supported by them. This can lead to serious security threats and privacy violations. In this paper, we first present a collaboration tool which was developed to facilitate the collaborations among health care providers using pervasive mobile devices for delivering health services to remote and regional areas. We provide a comprehensive security analysis of the tool. The aim of the analysis is to understand a variety of end-to-end security mechanisms needed in different layers of the system. We also provide security recommendations which can improve the overall security of the system.