SeTTIT 2013 - Workshop on Security Tools and Techniques for Internet of Things

E-health systems have the objective to continuously monitor the state of patients in order to increase knowledge and understanding of their physical status. Being a system of systems, the Internet of Things (IoT) has to master the challenge of integrating heterogeneous systems across technology boundaries. Timely delivery of observation data is a key aspect to identifying potential diseases and anomalies. IoT systems are vulnerable to attacks since communication is mostly wireless and thus vulnerable to eavesdropping, things are usually unattended and thus vulnerable to physical attacks, and most IoT elements are short on both the energy and computing resources necessary for the implementation of complex security-supporting schemes. Among the plethora of applications that can benefit from the IoT, the workshop will have a particular focus on security aspects in e-Health and in the broad-sense of well-being. Security aspects in other application domains of the IoT are also of interest.
The workshop will address security issues that are particular to the context of using IoT for eHealth including threat modeling, risk assessment, privacy, access control, and fault-tolerance. Theoretical, modeling, implementation, and experimentation issues will be discussed to build an accurate general view on the security of medical BANs. One of the major challenges that will be underlined by the workshop participants is the combination of different security models needed for the sub-networks of the IoT (e.g., BAN, PAN, LAN, MANET) with consideration of the severe computational, storage, and energy limitations of the elementary smart nodes. We encourage contributions describing innovative work addressing the use of information and communication technologies in medical applications. Topics of interest include, but are not limited to:
Definition of accurate metrics to assess the threats and the risks associated to IoT for eHealth
Identification and description of new attack scenarios that are specific to IoT architectures
Context-awareness for IoT security in eHealth
Soft trust management in IoT
Risk-based adaptive security for IoT
Analytics and predictive models for adaptive security in IoT
Adaptive security decision-making models for IoT
Evaluation and validation models for adaptive security in IoT
Lightweight cryptographic protocols for IoT
Investigation of the security properties that should be fulfilled by the transmission of patient data across body area networks
Designing secure heterogeneous BAN architectures for eHealth applications
Implementing practical testbeds that allow the analysis of the security performance of BANs
Monitoring the security level of the eHealth applications relying on IoT
Analyzing the results of experiments conducted using real patient data and studying the security performance of the associated architectures