Murugaraj Shanmugam

Enabling Secure Mobile Access for Electronic Health Care Applications

Medical applications have already been integrated into mobile devices (e.g. Tablet PCs, PDAs and smart phones) and are being used by medical personnel in treatment centers, for retrieving and examining patients Electronic Health Records (EHR). In such mobile healthcare applications, specific attention is drawn towards the security requirements since the transmission of sensitive medical data through a public network renders the problem of communication privacy. In this paper we present an approach to transfer the medical records of an individual by using the existing infrastructure of mobile operators. To achieve that, we propose the application of existing technologies in 3G networks such as the generic bootstrapping architecture (GBA) to enable the secure transfer of EHR data. The paper presents the corresponding applicability scenarios, initial results from a prototype test bed and discusses the feasibility of the proposed solution along with its limitations

Protecting First-Level Responder Resources in an IP-based Emergency Services Architecture

Recently, there has been increased interest, shown by the research community and by industry fora, to enable emergency services for voice-over-IP based architectures. In order to provide emergency services functionality over the Internet, several aspects like location determination, dial string configuration, location conveyance, routing to the appropriate public safety answering point (PSAP) and security aspects have to be considered. This paper discusses security threats for the IP-based emergency architecture concentrating on denial-of-service attacks against public safety answering points (PSAPs) by using faked calls that aim to exhaust limited PSAP resources, such as the emergency personnel. We illustrate a number of different approaches that have been mentioned in the past to tackle these threats, including location signing, location-by-reference and authenticated emergency calls.

Emergency Services in Delay Tolerant Environments

There are number of mechanisms and algorithms available to achieve ad hoc communication. However, establishing communication between heterogeneous networks with fragile connectivity, is still a challenging task. Existing transport protocols like TCP are not well suited to networks with instable bandwidth and connectivity. In such environments, services cannot be reliably offered and hence more intelligent protocols and architectures should be used. For such scenarios, we study the feasibility of using opportunistic forwarding to achieve end-to-end communication. In this paper, we investigate the usage of delay tolerant networks based protocols for achieving reliable communication in such scenarios. Specifically, we study the provision of emergency services and show how mobile users could make use of the ad hoc peers to reach an appropriate answering point e.g., public safety answering point using the delay tolerant approach. Moreover, we have extended the usage of DTN for complementary services such as buddy communication.

Traversing middleboxes with the host identity protocol

The limited flexibility of the Internet to support mobility has motivated many researchers to look for alternative architectures. One such effort that combines security and multihoming together is the Host Identity Protocol (HIP). HIP is a signaling protocol that adds a new protocol layer to the Internet stack between the transport and the network layer. HIP establishes IPsec associations to protect subsequent data traffic. Though the security associations are established solely between the communicating end hosts, HIP also aims to interwork with middleboxes such as NATs and firewalls. This paper investigates this interworking aspect and proposes a solution for secure middlebox traversal.