Attack-Tree Based Risk Assessment on Cloud-Oriented Wireless Body Area Network

Abstract

Machine-to-machine (M2M) communication is an emerging technology with unrivaled benefits in the fields of e Health and m-Health. The wireless body area networks (WBANs) consist of a major subdomain of M2M communications. The WBANs coupled with the Cloud Computing (CC) paradigm introduce a supreme infrastructure in terms of performance and Quality of Services (QoS) for the development of eHealth applications. In this article, a risk assessment aiming to disclose potential threats and highlight exploitation of health care services, is introduced. The proposed assessment is based upon the implementation of a series of steps. Initially, the health care WBAN-CC infrastructure is scrutinized; then, its threats' taxonomy is identified. Then, a risk assessment is carried out based on an attack-tree consisting of the most hazardous threats against Personally Identifiable Information (PII) disclosure. Thus, the implementation of several countermeasures is realized as a means to mitigate gaps.