research-article

Secure data storage for mobile data collection systems

Authors:

Federico Mancini,

Khalid A. Mughal,

Remi A. B. Valvik,

Jørn KlungsøyrAuthors Info & Claims

MEDES '12: Proceedings of the International Conference on Management of Emergent Digital EcoSystems

Pages 131 - 144

https://doi.org/10.1145/2457276.2457300

Published: 28 October 2012 Publication History

Abstract

Wireless network infrastructures, notably cellular networks, are becoming a vital element for exchanging electronic data in low income countries. Several key sectors are already leveraging on cellular networks: mobile financial transactions have already gained an enormous success, and the health care sector is also aiming to tackle outstanding challenges like providing basic health care services to remote communities, by using cheap mobile devices. So far, more than ten mobile based health care services are deployed in low-income countries. Among those, mobile data collection is the one used to replace traditional paper form based data collection with electronic digital forms by the use of Mobile Data Collection Systems (MDCS). However, although such systems are often used to collect sensitive health-related data, critical issues like security and privacy of personal data have not been systematically addressed. Particularly, very little has been done to protect data while stored on the phone. This paper focuses on low budget mobile phones with low hardware and software specification, and proposes adequate secure solutions for data storage protection. Our secure storage scheme is flexible enough to be integrated in existing mobile client applications. The solution has been extensively tested and integrated into a production MDCS. For this work, we collaborated with the open-source mobile data collection project, openXdata.

References

[1]

3rd generation mobile telecommunications(3G). http://en.wikipedia.org/wiki/3G. Online, Accessed December 2011.

[2]

CommCareHQ. http://www.commcarehq.org. Online, Accessed November 2011.

[3]

T. Egeberg. Storage of sensitive data in a Java enabled cell phone. Master's thesis, Høgskolen i Gjøvik, 2006.

[4]

Enhanced Data Rates for GSM Evolution(EDGE). http://en.wikipedia.org/wiki/Enhanced_Data_Rates_for_GSM_Evolution. Online, Accessed December 2011.

[5]

Episurveyor. http://www.episurveyor.org/. Online, Accessed March 2011.

[6]

S. Gejibo, K. A. Mughal, F. Mancini, J. Klungsøyrg, and R. B. Valvik. Challenges in implementing end-to-end secure protocol for java ME-based mobile data collection in low-budget settings. In ESSoS, Lecture Notes in Computer Science, pages 38--45. Springer, 2012.

Digital Library

[7]

W. Itani and A. Kayssi. J2ME application-layer end-to-end security for m-commerce. Journal of Network and Computer Applications, 27(1):13--32, January 2004.

Digital Library

[8]

B. Kaliski. RFC 2898 - PKCS #5: Password-based cryptography specification. http://www.ietf.org/rfc/rfc2898.txt, 2000. Online, Accessed April 2011.

Digital Library

[9]

J. Klungsøyr, T. Tylleskar, B. MacLeod, P. Bagyenda, W. Chen, and P. Wakholi. OMEVAC - open mobile electronic vaccine trials, an interdisciplinary project to improve quality of vaccine trials in low resource settings. In Proceedings of M4D '08 - The 1st International Conference on Mobile Communication Technology for Development, pages 36--44. Karlstad University Studies, 2008.

[10]

T. Legion Of the Bouncy Castle. http://www.bouncycastle.org/. Online, Accessed March 2011.

[11]

F. Mancini, K. Mughal, S. Gejibo, and J. Klungsoyr. Adding security to mobile data collection. In Healthcom 2011 - 13th IEEE International Conference on e-Health Networking Applications and Services, pages 86--89, june 2011.

[12]

Nokia 2330c classic. http://www.developer.nokia.com/Devices/Device_specifications/2330_classic. Online, Accessed September 2011.

[13]

Nokia Data Gathering. http://projects.developer.nokia.com/ndg. Online, Accessed November 2011.

[14]

Nokia, Nokia Data Gatherings(NDG). https://github.com/nokiadatagathering/ndg-mobile-client. Online, Accessed September 2011.

[15]

openXdata. http://www.openxdata.org. Online, Accessed March 2011.

[16]

Oracle. Java ME reference. http://www.oracle.com/technetwork/java/javame/index.html. Online, Accessed March 2011.

[17]

Oracle Inc. Security and Trust Services API for J2ME(SATSA). http://java.sun.com/products/satsa/. Online, Accessed March 2011.

[18]

OWASP. Mobile Security Project. https://www.owasp.org/index.php/OWASP_Mobile_Security_Project. Online, Accessed March 2012.

[19]

S. M. A. Shah, N. Gul, H. F. Ahmad, and R. Bahsoon. Secure storage and communication in J2ME based lightweight multi-agent systems. Proceedings of KES-AMSTA'08 - the 2nd KES International conference on Agent and multi-agent systems: technologies and applications, Incheon, Korea, pages 887--896.

Digital Library

[20]

T. Egeberg. Storage of sensitive data in a Java enabled cell phone. http://egebergweb.com/tommy/masterfiler/masteroppgave2.pdf. Master Thesis, Accessed on March 2012.

[21]

C. Z. G. N. W. unit based multilingual comparative analysis of text corpora. http://speechlab.tmit.bme.hu/publikaciok/. Online, Accessed January 2012.

[22]

Vision Mobile. Global Smartphone Penetration. http://www.visionmobile.com/. Online, Accessed August 2012.

[23]

Vital Wave Consulting. mHealth for Development: The Opportunity of Mobile Technology for Healthcare in the Developing World. Washington, D.C. and Berkshire, UK: UN Foundation-Vodafone Foundation Partnership, February 2009.

[24]

B. Whitaker. Problems with mobile security #1. http://www.masabi.com/2007/07/13/problems-with-mobile-security-1/, July 2007. Online, Accessed March 2011.

Cited By

Kaur J(2024)Generative IntelligenceRevolutionizing the Healthcare Sector with AI10.4018/979-8-3693-3731-8.ch018(365-392)Online publication date: 14-Jun-2024
https://doi.org/10.4018/979-8-3693-3731-8.ch018
Sharma DHabibi Lashkari AParizadeh MSharma DHabibi Lashkari AParizadeh M(2024)Healthcare System and Infra-SecurityUnderstanding Cybersecurity Management in Healthcare10.1007/978-3-031-68034-2_6(97-120)Online publication date: 3-Sep-2024
https://doi.org/10.1007/978-3-031-68034-2_6
Aljedaani BAhmad AZahedi MBabar M(2023)End-users’ knowledge and perception about security of clinical mobile health apps: A case study with two Saudi Arabian mHealth providersJournal of Systems and Software10.1016/j.jss.2022.111519195(111519)Online publication date: Jan-2023
https://doi.org/10.1016/j.jss.2022.111519
Show More Cited By

Index Terms

Secure data storage for mobile data collection systems

Recommendations

Secure Mobile Data Collection Systems for Low-Budget Settings
ARES '12: Proceedings of the 2012 Seventh International Conference on Availability, Reliability and Security

Lack of infrastructures in health care and transportation, combined with the demand for low cost health services and shortage of medical professionals, are some of the known causes for loss of life in low income countries. Mobile Health (a.k.a. mHealth) ...
Challenges in implementing an end-to-end secure protocol for java ME-Based mobile data collection in low-budget settings
ESSoS'12: Proceedings of the 4th international conference on Engineering Secure Software and Systems

Mobile devices are having a profound impact on how services can be delivered and how information can be shared. Sensitive information collected in remote communities can be relayed to local health care centers and from there to the decision makers who ...
Authentication in selected mobile data collection systems: current state, challenges, solutions and gaps
MOBILESoft '17: Proceedings of the 4th International Conference on Mobile Software Engineering and Systems

Mobile data collection systems (MDCS) in the health sector are of great benefit to health care providers and community workers especially in low-resource settings. MDCS enable the extension and provision of health services closer to the community by ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

MEDES '12: Proceedings of the International Conference on Management of Emergent Digital EcoSystems

October 2012

199 pages

ISBN:9781450317559

DOI:10.1145/2457276

General Chair:
Janusz Kacprzyk
Systems Research Institute/Polish Academy of Sciences, Poland
,
Program Chair:
Dominique Laurent
University of Cergy-Pontoise, France
,
Publications Chair:
Richard Chbeir
LIUPPA Laboratory - Pau University, Anglet, France

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Association de Promotion de la Recherche ScIentifique en eMErgen: Association de Promotion de la Recherche ScIentifique en eMErgen

In-Cooperation

SIGAPP: ACM Special Interest Group on Applied Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

MEDES '12

Sponsor:

Association de Promotion de la Recherche ScIentifique en eMErgen

MEDES '12: International Conference on Management of Emergent Digital EcoSystems

October 28 - 31, 2012

Addis Ababa, Ethiopia

Acceptance Rates

MEDES '12 Paper Acceptance Rate 16 of 50 submissions, 32%;

Overall Acceptance Rate 267 of 682 submissions, 39%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

14
Total Citations
View Citations
362
Total Downloads

Downloads (Last 12 months)23
Downloads (Last 6 weeks)2

Reflects downloads up to 25 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kaur J(2024)Generative IntelligenceRevolutionizing the Healthcare Sector with AI10.4018/979-8-3693-3731-8.ch018(365-392)Online publication date: 14-Jun-2024
https://doi.org/10.4018/979-8-3693-3731-8.ch018
Sharma DHabibi Lashkari AParizadeh MSharma DHabibi Lashkari AParizadeh M(2024)Healthcare System and Infra-SecurityUnderstanding Cybersecurity Management in Healthcare10.1007/978-3-031-68034-2_6(97-120)Online publication date: 3-Sep-2024
https://doi.org/10.1007/978-3-031-68034-2_6
Aljedaani BAhmad AZahedi MBabar M(2023)End-users’ knowledge and perception about security of clinical mobile health apps: A case study with two Saudi Arabian mHealth providersJournal of Systems and Software10.1016/j.jss.2022.111519195(111519)Online publication date: Jan-2023
https://doi.org/10.1016/j.jss.2022.111519
Aljedaani BBabar M(2021)Challenges With Developing Secure Mobile Health Applications: Systematic ReviewJMIR mHealth and uHealth10.2196/156549:6(e15654)Online publication date: 21-Jun-2021
https://doi.org/10.2196/15654
Haq IKhan T(2021)Penetration Frameworks and Development Issues in Secure Mobile Application Development: A Systematic Literature ReviewIEEE Access10.1109/ACCESS.2021.30882299(87806-87825)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3088229
Aljedaani BAhmad AZahedi MBabar M(2020)An Empirical Study on Developing Secure Mobile Health Apps: The Developers' Perspective2020 27th Asia-Pacific Software Engineering Conference (APSEC)10.1109/APSEC51365.2020.00029(208-217)Online publication date: Dec-2020
https://doi.org/10.1109/APSEC51365.2020.00029
Srivastava MThamilarasu G(2019)MSF: A Comprehensive Security Framework for mHealth Applications2019 7th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW)10.1109/FiCloudW.2019.00026(70-75)Online publication date: Aug-2019
https://doi.org/10.1109/FiCloudW.2019.00026
Miswar Suhardi Kurniawan N(2018)A Systematic Literature Review on Survey Data Collection System2018 International Conference on Information Technology Systems and Innovation (ICITSI)10.1109/ICITSI.2018.8696036(177-181)Online publication date: Oct-2018
https://doi.org/10.1109/ICITSI.2018.8696036
Katarahweire MBainomugisha EMughal KGrundy JHalfond WBuhnova BAutili MMuccini H(2017)Authentication in selected mobile data collection systemsProceedings of the 4th International Conference on Mobile Software Engineering and Systems10.1109/MOBILESoft.2017.9(177-178)Online publication date: 20-May-2017
https://dl.acm.org/doi/10.1109/MOBILESoft.2017.9
Thamilarasu GLakin C(2017)A Security Framework for Mobile Health Applications2017 5th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW)10.1109/FiCloudW.2017.96(221-226)Online publication date: Aug-2017
https://doi.org/10.1109/FiCloudW.2017.96
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents