MN502 Overview of Network Security

The purpose of this assignment is to develop skills to independently think of innovation. Students will be able to complete the following ULOs:

1. Explain the majormethodologiesforsecure networks and whatthreats they address;
2. Identify and report network threats,select and implement appropriate Countermeasures for network security.

This assignment includes three parts

1. Literature review on Healthcare Networks. The literature review should be supported by at least three (3) academic (Journal/Conference) papers chosen from the current state of the art.

Your discussion should include:

1. Healthcare network architecture (consider networking devicessuch asrouters, switches, firewalls, servers etc.)


Recent developments in healthcare networks

iii. The importance of security in healthcare networks

2. Analyze critically, three current or possible future potential security issues in Healthcare Networks.

In this section you will analyses critically, three security issues in Healthcare Networks. These issues should be taken from the current state of the art literature. This section must be supported by at least three (3) references.

3. Propose a possible solution for one of the threats identified in section-2. In this part you need to choose one of the issues identified in the previous section and propose a possible solution to the particular security issue.

Answer:

Introduction

This report aims to discuss the security challenges in the emerging networks. A literature review on the healthcare networks is provided in this report. A discussion regarding the architecture of network in healthcare is stated. The recent developments in the healthcare networks is discussed in this report. The importance of security in the networks of healthcare is provided. An analysis of three present or future potential issues in security in healthcare networks is discussed. A suitable solution for one of the three potential issues that can help in mitigating the issue is provided. Lastly, the report concludes with a suitable conclusion for this entire report.

The IOT (Internet of Things) creates smart objects as the major building blocks for the development of pervasive frameworks that are smart and cyber-physical. IoT affects the healthcare domain in a very significant way. Economical, social and technological prospects are redesigned in the modern healthcare with the help of IoT. IoT helps in redesigning several medical applications like remote monitoring of health, fitness plans, prolonged diseases, and care for the elderly [1].

Literature review

Architecture of healthcare network

The demand of Networking is increasing for the large hospitals and its subsidiaries to create a more stable and dependable network solutions. A complex digital hospital networking architecture can be measured as a digital neural network system.  Several tasks in a hospital are accomplished in a clinic with the help of medical information system located in the middle ring, which is integrated to the exterior neural system in the middle ring. The most commonly uses networking devices in a healthcare networking architecture are switches, routers, firewalls and servers [2].

Servers: servers are used to setup databases for the data of patients, which can be used by clients for accessing or inserting data and monitor the developments in the information of the patients. Active directory setup is the first step involved in configuration of a server. Global distribution of the necessities of a management in a healthcare organisation is achieved with this configuration of server.  The information structure confined in such system will match any structure and type of the organisation. Administrative authority allocation and central management system that is used for network governance is offered by an active directory and thus allowing access to all the resources stored in local domain. The fundamental component of a server is the database. The information stored in a healthcare database of the patients ranges from medical history, insurance plans and personal details [3].

Routers: Data packets are transmitted between the computer networks using a router. A router performs the function of directing traffic over the internet. Data is sent over the internet in the form of data packets and these packets are exchanged between the routers with the help of networks constituting an internetwork. Routers are connected between two or more lines of data from various networks. Healthcare organisations commonly use high-speed LAN connections for efficient communication among the various departments. Organisational routers are most effective in these kind of communications [4].

Switches: Switches study every packet in a signal and then process it rather than just repeating that signal to every ports. The Ethernet address of all nodes residing in each segment of network is mapped and then the traffic is allowed to pass through the switches. The mapping of a data packet is done by a switch by examining the source and destination hardware addresses and comparing them to the addresses and network segments table. Switches are used in the healthcare domain to create more possibilities in the sharing of data in the various nodes and lower the collision in the domains [5].

Firewalls: The first line of defense in a healthcare organisation is the firewall.. Firewalls follow a set of established rules and protocols for monitoring incoming and outgoing traffic. The secure network is blocked from the access of internet and enables the pass-through of pre-cleared data. Firewalls are adjusted for allowing remote access as required and it can be combined in the solutions of virtualisation or mobility. It plays an important role in HIPAA compliance as it creates the first defense line against unauthorised access and malicious attacks [6].

Recent developments in the networks of healthcare

Smart healthcare and connected healthcare is a growing trend in the modern times with the developments of modernised wireless and mobile networking technologies. The modern networking technologies like mobile edge computing (MEC), 5G wireless networks, SDN (software-defined networking), and C-RANs (cloud radio access networks) can introduce smart healthcare facilities by providing better vision of varied healthcare media contents to keep up reasonable and high-quality care of patients.

SDN or Software-Defined Networking is a trending architecture, which is dynamic, adaptable, controllable, and cost-effective. These features of SDN makes it ideal for high-bandwidth and vibrant nature of modern applications [7]. This kind of architecture distributes the control of network and progressing functions. The architecture of SDN is:

1. Directly programmable: the network control is directly programmable as it is distributed from advancing functions.
2. Agile: adjustment of network-wide flow of traffic to meet varying needs are enabled to the administrators by conceptualizing control from forwarding.
3. Programmatically configured: network managers are able to organise, manage, protect, and enhance network properties very easily with the help of vigorous, automated programs of SDN.

C-RAN or Cloud Radio Access Network is an architecture that is based on cloud computing for networks of radio access that supports mobile and wireless communication values [8]. The architecture of C-RAN has the following features:

1. Huge scale integrated deployment: thousands of RRHs are connected to a integrated BBU pool.
2. Local support for collaborative radio technologies: the interdependence of BBUs is enabled in the pool with the help of communication between the BBUs.
3. Capability of real-time constructive created on open stage:  this ensures dynamical allocation to the software tracks on the base station from various vendors according to network requirement.

Significance of network security in healthcare 

Network security refers to the protection from misuse, hacking, and access to the files and folders that are stored in a network system of a healthcare organisation. The most popular threats in a network are worms, viruses, spyware, and adware and theft of identity [8].  The several security layers are the most crucial aspect of network security. The attacks that are targeted in healthcare are theft of medical records, information of billing, authorisation credentials, authentication and password, and research information of clinics. Education of employee and response for incidents are important for protecting data of patients, but the healthcare organisations cannot depend on users to understand and aggressively avoid data breaches [9]. The data of patients will be on risk and the network can be vulnerable to attacks if there is a lack in upgrades of cyber-security. Healthcare organisations implement digital transformation to examine the security budgets as huge amount of tools are implemented to IT infrastructure. Patch management, configuration management, data encryption, and security of website are some of the cyber-security vulnerabilities that are faced by the organisation with outdated network infrastructure [10]. Organisations need to upgrade the digital tools for moving forward with medical research and care initiatives that are value-based.

Analysis of potential security issues in healthcare networks

1. Healthcare ransomware:Ransomware puts a complete lockdown on entire EHR and prevent the providers from gaining access to patient files or any third-party unauthorised user can successfully infiltrate the network when an employee of a hospital unconsciously downloads a malware from the internet or any other external source. The healthcare organisations have encountered a rise in ransomware attacks in the recent years. It leads to the loss of sensitive data and the organisation invests a huge investment to restore these files. Some of the reasons of rise in ransomware attacks are lack of funding, value of medical data, and pay-out. An example of ransomware attack is the NHS WannaCry attack, which forced the organisation from taking any new patients and the treatment of the existing patients was interrupted due to the inability of accessing records [11].
2. Threat to the cloud storage of a healthcare organisation: cloud storage is used in many healthcare organisations to store the patient data and provide better security to the network of the organisation. Some of the threat involving cloud storage are data breach, data loss, hijacked accounts, insecure APIs and hacked interfaces, DDoS and DoS attacks, malicious insiders, abusing of cloud services, insufficient due diligence, and identity management and weak authentication. These attacks can affect the systems and cause major data loss and alteration of data segments [12].
3. Threat to the firewalls: Firewalls are implemented in the network of a healthcare organisation to prevent any unauthorised user from getting access to the network. Some of the threats to the firewalls of an organisation are insider attacks, missing security patches, mistakes in configuration, lack in inspection of deep packet, and DDoS attacks. Insider attacks occur in the situations when the attacker is already in the system. Regular patch management systems is required to make the firewall strong and make it impenetrable. Threats to the firewalls emerge from poor management of the configuration of firewalls. DDoS attacks are very common threat that is faced by a healthcare organisation. These attacks are designed includes protocol attacks, which can drain the firewall and balancer resources are loaded to prevent processing of legitimate attack [13].

Threat mitigation techniques for cloud storage

1. Mitigation of Insider threats:the threat related to the malicious insiders can be mitigated by restricting end-user access to delicate data and closely monitoring the user data. The access to sensitive data and usage of private data usage should be audited regularly. The zones of maximum data storage should be mapped and the best security should be provided to ensure safety of data. Effective monitoring of network can help in preventing DoS and DDoS attacks.
2. Mitigation methods for loss of data: the best method to mitigate the threat related to data loss in cloud storage is by implementing DLP system. DLP systems identifies the important data in the cloud and creates indexing of the data. DLP systems are implemented at the various stages of network layer.
3. Confidentiality and privacy: sustaining flexibility of individuality management and providing the users with determined choice and confidentiality protection [14].

Conclusion

Thus, it can be concluded recent development in the field of Information Technology has affected the healthcare domain and several healthcare organisations are progressing towards upgrading the networks. The commonly used network devices in healthcare network architecture are routers, firewalls, switches, and servers. Some of the recent development in the healthcare networks are SDN (Software defined network), 5g wireless network, and C-RAN (cloud radio access network). Some of the potential security issues in the network of the healthcare organisations are threat the cloud storage, breach of firewall, and ransomware attacks on the network.   

References

[1] Bhatt, Y. and Bhatt, C., Internet of things in healthcare. In Internet of things and big data technologies for next generation HealthCare (pp. 13-33). Springer, Cham, 2017.

[2] Catarinucci, L., De Donno, D., Mainetti, L., Palano, L., Patrono, L., Stefanizzi, M.L. and Tarricone, L., An IoT-aware architecture for smart healthcare systems. IEEE Internet of Things Journal, 2(6), pp.515-526, 2015.

[3] Zhang, K., Yang, K., Liang, X., Su, Z., Shen, X. and Luo, H.H., Security and privacy for mobile healthcare networks: from a quality of protection perspective. IEEE Wireless Communications, 22(4), pp.104-112, 2015.

[4] Charani, E., Castro-Sánchez, E., Moore, L.S. and Holmes, A., Do smartphone applications in healthcare require a governance and legal framework? It depends on the application!. BMC medicine, 12(1), p.29, 2014.

[5] Natoli, J.D., Kermanshahche, K.M., Painter, J. and Boucher, A., Intel Corp, Healthcare semantic interoperability platform. U.S. Patent 8,850,057, 2014. 

[6] Agyapong, P.K., Iwamura, M., Staehle, D., Kiess, W. and Benjebbour, A., Design considerations for a 5G network architecture. IEEE Communications Magazine, 52(11), pp.65-75, 2014.

[7] Jo, M., Maksymyuk, T., Strykhalyuk, B. and Cho, C.H., Device-to-device-based heterogeneous radio access network architecture for mobile cloud computing. IEEE Wireless Communications, 22(3), pp.50-58, 2015.

[8] Cai, W. and Shi, F., High performance SOI RF switch for healthcare application. Int. J. of Enhanced Research in Sci., Tech. & Eng, 5(10), 2016.

[9] Khan, F.A., Ali, A., Abbas, H. and Haldar, N.A.H., A cloud-based healthcare framework for security and patients’ data privacy using wireless body area networks. Procedia Computer Science, 34, pp.511-517, 2014.

[10] Salehi, S.A., Razzaque, M.A., Naraei, P. and Farrokhtala, A., July. Security in wireless sensor networks: Issues and challanges. In Space Science and Communication (IconSpace), 2013 IEEE International Conference on (pp. 356-360). IEEE, 2013.

[11] Patil, H.K. and Seshadri, R., June. Big data security and privacy issues in healthcare. In Big Data (BigData Congress), 2014 IEEE International Congress on (pp. 762-765). IEEE, 2014.

[12] Kim, J.T., Privacy and security issues for healthcare system with embedded RFID system on Internet of Things. Advanced Science and Technology Letters, 72, pp.109-112, 2014.

[13] Kumar, J.S. and Patel, D.R., A survey on internet of things: Security and privacy issues. International Journal of Computer Applications, 90(11), 2014.

[14] Abbas, A. and Khan, S.U., E-Health cloud: privacy concerns and mitigation strategies. In Medical Data Privacy Handbook (pp. 389-421). Springer, Cham, 2015.