Articles producció científica> Enginyeria Informàtica i Matemàtiques

Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice

  • Identification data

    Identifier: imarina:3669826
    Handle: https://hdl.handle.net/20.500.11797/imarina3669826
    Authors:
    Papageorgiou, AchilleasStrigkos, MichaelPolitou, EugeniaAlepis, EfthimiosSolanas, AgustiPatsakis, Constantinos
    Abstract:
    Recent advances in hardware and telecommunications have enabled the development of low cost mobile devices equipped with a variety of sensors. As a result, new functionalities, empowered by emerging mobile platforms, allow millions of applications to take advantage of vast amounts of data. Following this trend, mobile health applications collect users health-related information to help them better comprehend their health status and to promote their overall wellbeing. Nevertheless, health-related information is by nature and by law deemed sensitive and, therefore, its adequate protection is of substantial importance. In this paper we provide an in-depth security and privacy analysis of some of the most popular freeware mobile health applications. We have performed both static and dynamic analysis of selected mobile health applications, along with tailored testing of each application's functionalities. Long term analyses of the life cycle of the reviewed apps and our general data protection regulation compliance auditing procedure are unique features of the present paper. Our findings reveal that the majority of the analyzed applications do not follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.

  • Others:

    Author, as appears in the article.: Papageorgiou, Achilleas; Strigkos, Michael; Politou, Eugenia; Alepis, Efthimios; Solanas, Agusti; Patsakis, Constantinos
    Department: Enginyeria Informàtica i Matemàtiques
    URV's Author/s: Solanas Gómez, Agustín
    Keywords: Security and privacy exposure Security Mobile security Data privacy Communication system security Application security
    Abstract: Recent advances in hardware and telecommunications have enabled the development of low cost mobile devices equipped with a variety of sensors. As a result, new functionalities, empowered by emerging mobile platforms, allow millions of applications to take advantage of vast amounts of data. Following this trend, mobile health applications collect users health-related information to help them better comprehend their health status and to promote their overall wellbeing. Nevertheless, health-related information is by nature and by law deemed sensitive and, therefore, its adequate protection is of substantial importance. In this paper we provide an in-depth security and privacy analysis of some of the most popular freeware mobile health applications. We have performed both static and dynamic analysis of selected mobile health applications, along with tailored testing of each application's functionalities. Long term analyses of the life cycle of the reviewed apps and our general data protection regulation compliance auditing procedure are unique features of the present paper. Our findings reveal that the majority of the analyzed applications do not follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.
    Thematic Areas: Telecommunications Materials science (miscellaneous) Materials science (all) General materials science General engineering General computer science Engineering, electrical & electronic Engineering (miscellaneous) Engineering (all) Engenharias iv Engenharias iii Electrical and electronic engineering Computer science, information systems Computer science (miscellaneous) Computer science (all) Ciência da computação
    licence for use: https://creativecommons.org/licenses/by/3.0/es/
    Author's mail: agusti.solanas@urv.cat
    Author identifier: 0000-0002-4881-6215
    Record's date: 2024-10-26
    Papper version: info:eu-repo/semantics/publishedVersion
    Link to the original source: https://ieeexplore.ieee.org/document/8272037
    Licence document URL: https://repositori.urv.cat/ca/proteccio-de-dades/
    Papper original source: Ieee Access. 6 9390-9403
    APA: Papageorgiou, Achilleas; Strigkos, Michael; Politou, Eugenia; Alepis, Efthimios; Solanas, Agusti; Patsakis, Constantinos (2018). Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice. Ieee Access, 6(), 9390-9403. DOI: 10.1109/ACCESS.2018.2799522
    Article's DOI: 10.1109/ACCESS.2018.2799522
    Entity: Universitat Rovira i Virgili
    Journal publication year: 2018
    Publication Type: Journal Publications

  • Keywords:

    Computer Science (Miscellaneous),Computer Science, Information Systems,Engineering (Miscellaneous),Engineering, Electrical & Electronic,Materials Science (Miscellaneous),Telecommunications
    Security and privacy exposure
    Security
    Mobile security
    Data privacy
    Communication system security
    Application security
    Telecommunications
    Materials science (miscellaneous)
    Materials science (all)
    General materials science
    General engineering
    General computer science
    Engineering, electrical & electronic
    Engineering (miscellaneous)
    Engineering (all)
    Engenharias iv
    Engenharias iii
    Electrical and electronic engineering
    Computer science, information systems
    Computer science (miscellaneous)
    Computer science (all)
    Ciência da computação

  • Documents:

    DocumentPrincipal

  • Cerca a google

    Search to google scholar