Security Specification and Implementation for Mobile e-Health Services

Different IT applications require different Security Services. We have been working in the area of ehealth applications in a mobile environment, and we have needed to integrate specific Security Services. The paper presents those Security Services for Mobile e-Health Services and how we have implemented them. First, the different security threats specially oriented to the e-health applications are described, like patients’ data eavesdropping and manipulation. Afterwards, the different security mechanisms to address these specific security threats are described, e.g. data confidentiality and integrity, together with the restrictions of dynamic IP addresses. Following, the specification of security services requirements and the implementation possibilities to address them in the Mobile e-Health Services are described. As an example of security services integrated into an ehealth system, the paper includes the description of the mobile e-health service MobiHealth, an application developed under the MobiHealth Project, co-funded by the European Commission (IST-200136006), focused on the security services added to it.