Security and QoS requirements in Telemedicine Kevin Wang CSCI E-139
Basic idea behind telemedicine
Applications in Telemedicine Tele-Surgery Tele-Diagnosis Tele-Education Tele-Monitoring Exchange of medical information
QoS in Telemedicine Telemedicine needs to be able to provide an experience that is equal to an in person consultation. Applications need to provide video, image and audio capabilities in real-time. Networking applications need to perform with surgical precision Packets need to travel from their origin to their destination with a high degree of reliability and predictability
QoS in Telemedicine QoS defined as the ability of the network to provide a service with an assured service level, and it is building block for reaching quality end-user experience. Delay: maximum delay bound acceptable to the application. Jitter: variations in delay. Throughput: rate at which packets are moved across the network. Packet loss: percentage of packets lost in a given time interval
QoS in Telemedicine
QoS in Telemedicine Transmission of video and audio depend on: Recording Coding Transmission Reproduction Majority of telemedicine systems are IP-based Congestion Lack of connection admission control mechanisms Transmission errors Limited bandwidth
QoS in Telemedicine IntServ, DiffServ and MPLS are three protocols that can ensure QoS in real-time traffic dealing with delay, jitter, packet loss and bandwidth IntServ Guarantees predictable behavior of applications Not scalable DiffServ Able to divide traffic into a smaller number of classes Scalable Cannot direct packet paths MPLS Ability to divert and route traffic to deal with congestion and link failures. Cannot distinguish packets from one another
QoS in Telemedicine DiffServ Traffic differentiation Traffic divided by DSCP mark Assured forwarding, expedited forwarding, class-selector PHB, default PHB Traffic prioritization
QoS in Telemedicine MPLS Traffic engineering Prevents uneven distribution of traffic Packets marked with MPLS headers Next destination determined by the MPLS header which is rewritten each time. DiffServe-aware MPLS traffic engineering allows LSPs to have different priorities Traffic protection Fast reroute
QoS in Telemedicine Limited Bandwidth Cellular Networks Rural areas Compression deals with limited bandwidth in order to provide the QoS required by applications in telemedicine Compression decreases delay and jitter and also increases throughput Allows video and other large files to provide the QoS requirements with limited bandwidth.
QoS in Telemedicine Digital Imaging and Communication in Medicine (DICOM) Lossy and lossless JPEG variants JPEG JPEG-LS JPEG 2000 Digital Video MPEG 2 MPEG 4 H.263 H.264
Security in Telemedicine Telemedical networks are at much higher risk for being attacked than other institutions due to the sensitive nature of medical data. Telemedical networks need to protect medical access against: Unauthorized access Unauthorized disclosure Unauthorized use Unauthorized modification
Security in Telemedicine Abuse case: An individual that interacts with an information system that causes harm to either the system itself or other individuals Attacker characteristics: Resources Skills Objectives Information system characteristics: Harm Privilege range Abusive interactions
Security in Telemedicine
Security in Telemedicine
Security in Telemedicine
Security in Telemedicine
Security in Telemedicine Physical Measures for security: Decentralized data storage Secure data centers Backup data centers Protection against internal attacks Teaching employees Limiting data access
Security in Telemedicine Standard security measures that need to be in place: Firewalls Intrusion detection systems Infrastructure monitoring Virus Scanner and SPAM filtering Data encryption Key certification Password management Log file checking
Summary QoS DiffServ, MPLS Differentiates traffic Prioritizes Traffic Compression Allows traffic to utilize different paths Security Deals with low bandwidth Abuse case model to identify capabilities and attack vectors of intruders Man in the middle attack Physical security measures
Thank you for your time!