Articles producció científica> Enginyeria Informàtica i Matemàtiques

Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice

  • Dades identificatives

    Identificador: imarina:3669826
    Autors:
    Papageorgiou, AchilleasStrigkos, MichaelPolitou, EugeniaAlepis, EfthimiosSolanas, AgustiPatsakis, Constantinos
    Resum:
    Recent advances in hardware and telecommunications have enabled the development of low cost mobile devices equipped with a variety of sensors. As a result, new functionalities, empowered by emerging mobile platforms, allow millions of applications to take advantage of vast amounts of data. Following this trend, mobile health applications collect users health-related information to help them better comprehend their health status and to promote their overall wellbeing. Nevertheless, health-related information is by nature and by law deemed sensitive and, therefore, its adequate protection is of substantial importance. In this paper we provide an in-depth security and privacy analysis of some of the most popular freeware mobile health applications. We have performed both static and dynamic analysis of selected mobile health applications, along with tailored testing of each application's functionalities. Long term analyses of the life cycle of the reviewed apps and our general data protection regulation compliance auditing procedure are unique features of the present paper. Our findings reveal that the majority of the analyzed applications do not follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.
  • Altres:

    Autor segons l'article: Papageorgiou, Achilleas; Strigkos, Michael; Politou, Eugenia; Alepis, Efthimios; Solanas, Agusti; Patsakis, Constantinos
    Departament: Enginyeria Informàtica i Matemàtiques
    Autor/s de la URV: Solanas Gómez, Agustín
    Paraules clau: Security and privacy exposure Security Mobile security Data privacy Communication system security Application security
    Resum: Recent advances in hardware and telecommunications have enabled the development of low cost mobile devices equipped with a variety of sensors. As a result, new functionalities, empowered by emerging mobile platforms, allow millions of applications to take advantage of vast amounts of data. Following this trend, mobile health applications collect users health-related information to help them better comprehend their health status and to promote their overall wellbeing. Nevertheless, health-related information is by nature and by law deemed sensitive and, therefore, its adequate protection is of substantial importance. In this paper we provide an in-depth security and privacy analysis of some of the most popular freeware mobile health applications. We have performed both static and dynamic analysis of selected mobile health applications, along with tailored testing of each application's functionalities. Long term analyses of the life cycle of the reviewed apps and our general data protection regulation compliance auditing procedure are unique features of the present paper. Our findings reveal that the majority of the analyzed applications do not follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.
    Àrees temàtiques: Telecommunications Materials science (miscellaneous) Materials science (all) General materials science General engineering General computer science Engineering, electrical & electronic Engineering (miscellaneous) Engineering (all) Engenharias iv Engenharias iii Electrical and electronic engineering Computer science, information systems Computer science (miscellaneous) Computer science (all) Ciência da computação
    Accès a la llicència d'ús: https://creativecommons.org/licenses/by/3.0/es/
    Adreça de correu electrònic de l'autor: agusti.solanas@urv.cat
    Identificador de l'autor: 0000-0002-4881-6215
    Data d'alta del registre: 2024-10-26
    Versió de l'article dipositat: info:eu-repo/semantics/publishedVersion
    URL Document de llicència: https://repositori.urv.cat/ca/proteccio-de-dades/
    Referència a l'article segons font original: Ieee Access. 6 9390-9403
    Referència de l'ítem segons les normes APA: Papageorgiou, Achilleas; Strigkos, Michael; Politou, Eugenia; Alepis, Efthimios; Solanas, Agusti; Patsakis, Constantinos (2018). Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice. Ieee Access, 6(), 9390-9403. DOI: 10.1109/ACCESS.2018.2799522
    Entitat: Universitat Rovira i Virgili
    Any de publicació de la revista: 2018
    Tipus de publicació: Journal Publications
  • Paraules clau:

    Computer Science (Miscellaneous),Computer Science, Information Systems,Engineering (Miscellaneous),Engineering, Electrical & Electronic,Materials Science (Miscellaneous),Telecommunications
    Security and privacy exposure
    Security
    Mobile security
    Data privacy
    Communication system security
    Application security
    Telecommunications
    Materials science (miscellaneous)
    Materials science (all)
    General materials science
    General engineering
    General computer science
    Engineering, electrical & electronic
    Engineering (miscellaneous)
    Engineering (all)
    Engenharias iv
    Engenharias iii
    Electrical and electronic engineering
    Computer science, information systems
    Computer science (miscellaneous)
    Computer science (all)
    Ciência da computação
  • Documents:

  • Cerca a google

    Search to google scholar